p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Merge branch 'attack_comand_line_interface' into attack_powershell 

# Conflicts:
#	monkey/infection_monkey/exploit/hadoop.py
This commit is contained in:
VakarisZ 2019-06-19 15:55:20 +03:00
parent 7c41d1e2c9 e38410a232
commit 17d08c7883
10 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/exploit/__init__.py
View File

@ -59,7 +59,7 @@ class HostExploiter(object):
def add_vuln_port(self, port): def add_vuln_port(self, port):
self._exploit_info['vulnerable_ports'].append(port) self._exploit_info['vulnerable_ports'].append(port)
def add_example_cmd(self, cmd): def set_example_cmd(self, cmd):
self._exploit_info['executed_cmds']['example'] = cmd self._exploit_info['executed_cmds']['example'] = cmd
def add_powershell_cmd(self, cmd): def add_powershell_cmd(self, cmd):

2
monkey/infection_monkey/exploit/hadoop.py
View File

@ -50,7 +50,7 @@ class HadoopExploiter(WebRCE):
http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop() http_thread.stop()
self.add_powershell_cmd(command) self.add_powershell_cmd(command)
self.add_example_cmd(command) self.set_example_cmd(command)
return True return True
def exploit(self, url, command): def exploit(self, url, command):

2
monkey/infection_monkey/exploit/mssqlexec.py
View File

@ -77,7 +77,7 @@ class MSSQLExploiter(HostExploiter):
commands.extend(monkey_args) commands.extend(monkey_args)
MSSQLExploiter.execute_command(cursor, commands) MSSQLExploiter.execute_command(cursor, commands)
MSSQLExploiter.run_file(cursor, tmp_file_path) MSSQLExploiter.run_file(cursor, tmp_file_path)
self.add_example_cmd(commands[-1]) self.set_example_cmd(commands[-1])
return True return True
@staticmethod @staticmethod

2
monkey/infection_monkey/exploit/rdpgrinder.py
View File

@ -343,5 +343,5 @@ class RdpExploiter(HostExploiter):
LOG.info("Executed monkey '%s' on remote victim %r", LOG.info("Executed monkey '%s' on remote victim %r",
os.path.basename(src_path), self.host) os.path.basename(src_path), self.host)
self.add_example_cmd(command) self.set_example_cmd(command)
return True return True

2
monkey/infection_monkey/exploit/shellshock.py
View File

@ -144,7 +144,7 @@ class ShellShockExploiter(HostExploiter):
if not (self.check_remote_file_exists(url, header, exploit, self._config.monkey_log_path_linux)): if not (self.check_remote_file_exists(url, header, exploit, self._config.monkey_log_path_linux)):
LOG.info("Log file does not exist, monkey might not have run") LOG.info("Log file does not exist, monkey might not have run")
continue continue
self.add_example_cmd(cmdline) self.set_example_cmd(cmdline)
return True return True
return False return False

2
monkey/infection_monkey/exploit/sshexec.py
View File

@ -178,7 +178,7 @@ class SSHExploiter(HostExploiter):
self._config.dropper_target_path_linux, self.host, cmdline) self._config.dropper_target_path_linux, self.host, cmdline)
ssh.close() ssh.close()
self.add_example_cmd(cmdline) self.set_example_cmd(cmdline)
return True return True
except Exception as exc: except Exception as exc:

2
monkey/infection_monkey/exploit/vsftpd.py
View File

@ -138,7 +138,7 @@ class VSFTPDExploiter(HostExploiter):
if backdoor_socket.send(run_monkey): if backdoor_socket.send(run_monkey):
LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", self._config.dropper_target_path_linux, LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", self._config.dropper_target_path_linux,
self.host, run_monkey) self.host, run_monkey)
self.add_example_cmd(run_monkey) self.set_example_cmd(run_monkey)
return True return True
else: else:
return False return False

4
monkey/infection_monkey/exploit/web_rce.py
View File

@ -408,7 +408,7 @@ class WebRCE(HostExploiter):
# If exploiter returns True / False # If exploiter returns True / False
if type(resp) is bool: if type(resp) is bool:
LOG.info("Execution attempt successfully finished") LOG.info("Execution attempt successfully finished")
self.add_example_cmd(command) self.set_example_cmd(command)
return resp return resp
# If exploiter returns command output, we can check for execution errors # If exploiter returns command output, we can check for execution errors
if 'is not recognized' in resp or 'command not found' in resp: if 'is not recognized' in resp or 'command not found' in resp:
@ -422,7 +422,7 @@ class WebRCE(HostExploiter):
return False return False
LOG.info("Execution attempt finished") LOG.info("Execution attempt finished")
self.add_example_cmd(command) self.set_example_cmd(command)
return resp return resp
def get_monkey_upload_path(self, url_to_monkey): def get_monkey_upload_path(self, url_to_monkey):

2
monkey/infection_monkey/exploit/wmiexec.py
View File

@ -114,7 +114,7 @@ class WmiExploiter(HostExploiter):
result.RemRelease() result.RemRelease()
wmi_connection.close() wmi_connection.close()
self.add_example_cmd(cmdline) self.set_example_cmd(cmdline)
return success return success
return False return False

2
monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
View File

@ -9,7 +9,7 @@ class T1003(AttackTechnique):
tech_id = "T1003" tech_id = "T1003"
unscanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed." unscanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
scanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed." scanned_msg = ""
used_msg = "Monkey successfully obtained some credentials from systems on the network." used_msg = "Monkey successfully obtained some credentials from systems on the network."
query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}}, query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},