Brute force implementation started
This commit is contained in:
parent
b465c27e20
commit
1eac0f5665
|
@ -1,6 +1,7 @@
|
|||
from abc import ABCMeta, abstractmethod, abstractproperty
|
||||
import infection_monkey.config
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from datetime import datetime
|
||||
|
||||
__author__ = 'itamar'
|
||||
|
||||
|
@ -20,11 +21,20 @@ class HostExploiter(object):
|
|||
def __init__(self, host):
|
||||
self._config = infection_monkey.config.WormConfiguration
|
||||
self._exploit_info = {'display_name': self._EXPLOITED_SERVICE,
|
||||
'exploit_type': self.EXPLOIT_TYPE.name,
|
||||
'started': '',
|
||||
'finished': '',
|
||||
'vulnerable_urls': [],
|
||||
'vulnerable_ports': []}
|
||||
self._exploit_attempts = []
|
||||
self.host = host
|
||||
|
||||
def set_start_time(self):
|
||||
self._exploit_info['started'] = datetime.now().isoformat()
|
||||
|
||||
def set_finish_time(self):
|
||||
self._exploit_info['finished'] = datetime.now().isoformat()
|
||||
|
||||
def is_os_supported(self):
|
||||
return self.host.os.get('type') in self._TARGET_OS_TYPE
|
||||
|
||||
|
|
|
@ -286,7 +286,9 @@ class InfectionMonkey(object):
|
|||
|
||||
result = False
|
||||
try:
|
||||
exploiter.set_start_time()
|
||||
result = exploiter.exploit_host()
|
||||
exploiter.set_finish_time()
|
||||
if result:
|
||||
self.successfully_exploited(machine, exploiter)
|
||||
return True
|
||||
|
|
|
@ -2,7 +2,6 @@ import os
|
|||
import sys
|
||||
import shutil
|
||||
import struct
|
||||
import datetime
|
||||
from infection_monkey.config import WormConfiguration
|
||||
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
import logging
|
||||
from monkey_island.cc.services.attack.technique_reports import T1210, T1197
|
||||
from monkey_island.cc.services.attack.technique_reports import T1210, T1197, T1110
|
||||
from monkey_island.cc.services.attack.attack_telem import AttackTelemService
|
||||
from monkey_island.cc.services.attack.attack_config import AttackConfig
|
||||
from monkey_island.cc.database import mongo
|
||||
|
@ -10,7 +10,8 @@ __author__ = "VakarisZ"
|
|||
LOG = logging.getLogger(__name__)
|
||||
|
||||
TECHNIQUES = {'T1210': T1210.T1210,
|
||||
'T1197': T1197.T1197}
|
||||
'T1197': T1197.T1197,
|
||||
'T1110': T1110.T1110}
|
||||
|
||||
REPORT_NAME = 'new_report'
|
||||
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
from monkey_island.cc.database import mongo
|
||||
from monkey_island.cc.services.attack.technique_reports import AttackTechnique
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
|
||||
__author__ = "VakarisZ"
|
||||
|
||||
|
||||
class T1110(AttackTechnique):
|
||||
tech_id = "T1110"
|
||||
unscanned_msg = "Monkey didn't try to brute force any services."
|
||||
scanned_msg = "Monkey tried to brute force some services, but failed."
|
||||
used_msg = "Monkey successfully used brute force in the network."
|
||||
|
||||
@staticmethod
|
||||
def get_report_data():
|
||||
data = {'title': T1110.technique_title(T1110.tech_id)}
|
||||
results = mongo.db.telemetry.find({'telem_type': 'exploit', 'data.info.exploit_type': ExploitType.BRUTE_FORCE.name, 'data.attempts': {'$ne': '[]'}},
|
||||
{'data.machine': 1, 'data.info': 1, 'data.attempts': 1})
|
||||
results = [result['data'] for result in results]
|
||||
data.update({'services': results})
|
||||
return data
|
|
@ -4,13 +4,6 @@ from monkey_island.cc.database import mongo
|
|||
|
||||
__author__ = "VakarisZ"
|
||||
|
||||
TECHNIQUE = "T1210"
|
||||
MESSAGES = {
|
||||
'unscanned': "Monkey didn't scan any remote services. Maybe it didn't find any machines on the network?",
|
||||
'scanned': "Monkey scanned for remote services on the network, but couldn't exploit any of them.",
|
||||
'used': "Monkey scanned for remote services and exploited some on the network."
|
||||
}
|
||||
|
||||
|
||||
class T1210(AttackTechnique):
|
||||
|
||||
|
@ -21,7 +14,7 @@ class T1210(AttackTechnique):
|
|||
|
||||
@staticmethod
|
||||
def get_report_data():
|
||||
data = {'title': T1210.technique_title(TECHNIQUE)}
|
||||
data = {'title': T1210.technique_title(T1210.tech_id)}
|
||||
scanned_services = T1210.get_scanned_services()
|
||||
exploited_services = T1210.get_exploited_services()
|
||||
if exploited_services:
|
||||
|
|
|
@ -57,8 +57,8 @@ class ReportService:
|
|||
STRUTS2 = 8
|
||||
WEBLOGIC = 9
|
||||
HADOOP = 10
|
||||
PTH_CRIT_SERVICES_ACCESS = 11,
|
||||
MSSQL = 12,
|
||||
PTH_CRIT_SERVICES_ACCESS = 11
|
||||
MSSQL = 12
|
||||
VSFTPD = 13
|
||||
|
||||
class WARNINGS_DICT(Enum):
|
||||
|
@ -296,7 +296,7 @@ class ReportService:
|
|||
def process_vsftpd_exploit(exploit):
|
||||
processed_exploit = ReportService.process_general_creds_exploit(exploit)
|
||||
processed_exploit['type'] = 'vsftp'
|
||||
return processed_exploit
|
||||
return processed_exploit
|
||||
|
||||
@staticmethod
|
||||
def process_sambacry_exploit(exploit):
|
||||
|
|
|
@ -0,0 +1,64 @@
|
|||
import React from 'react';
|
||||
import '../../../styles/Collapse.scss'
|
||||
import ReactTable from "react-table";
|
||||
|
||||
|
||||
class T1110 extends React.Component {
|
||||
|
||||
constructor(props) {
|
||||
super(props);
|
||||
}
|
||||
|
||||
static getServiceColumns() {
|
||||
return ([{
|
||||
columns: [
|
||||
{Header: 'Machine', id: 'machine', accessor: x => this.renderMachine(x.machine),
|
||||
style: { 'whiteSpace': 'unset' }, width: 200},
|
||||
{Header: 'Service', id: 'service', accessor: x => x.info.display_name, style: { 'whiteSpace': 'unset' }, width: 170},
|
||||
{Header: 'Started', id: 'started', accessor: x => x.info.started, style: { 'whiteSpace': 'unset' }},
|
||||
{Header: 'Finished', id: 'finished', accessor: x => x.info.finished, style: { 'whiteSpace': 'unset' }},
|
||||
{Header: 'Attempts', id: 'attempts', accessor: x => x.attempts.length, style: { 'whiteSpace': 'unset' }},
|
||||
{Header: 'Successful credentials', id: 'credentials', accessor: x => this.renderCredentials(x.attempts), style: { 'whiteSpace': 'unset' }},
|
||||
]
|
||||
}])};
|
||||
|
||||
static renderMachine(val){
|
||||
return (
|
||||
<span>{val.ip_addr} {(val.domain_name ? " (".concat(val.domain_name, ")") : "")}</span>
|
||||
)
|
||||
};
|
||||
|
||||
static renderCredentials(creds){
|
||||
let content = '';
|
||||
creds.forEach((cred) => {
|
||||
if (cred.result){
|
||||
if (cred.ntlm_hash){
|
||||
content += <span>{cred.user} ; NTLM hash: {cred.ntlm_hash}</span>
|
||||
} else if (cred.ssh_key){
|
||||
content += <span>{cred.user} ; SSH key: {cred.ssh_key}</span>
|
||||
} else if (cred.lm_hash){
|
||||
content += <span>{cred.user} ; LM hash: {cred.lm_hash}</span>
|
||||
} else if (cred.password){
|
||||
content += <span>{cred.user} : {cred.password}</span>
|
||||
}
|
||||
content += <span>{cred.user} : {cred.password}</span>
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
render() {
|
||||
return (
|
||||
<div>
|
||||
<div>{this.props.data.message}</div>
|
||||
<ReactTable
|
||||
columns={T1110.getServiceColumns()}
|
||||
data={this.props.data.services}
|
||||
showPagination={false}
|
||||
defaultPageSize={this.props.data.services.length}
|
||||
/>
|
||||
</div>
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
export default T1110;
|
|
@ -6,11 +6,13 @@ import AuthComponent from '../AuthComponent';
|
|||
import Collapse from '@kunukn/react-collapse';
|
||||
import T1210 from '../attack/techniques/T1210';
|
||||
import T1197 from '../attack/techniques/T1197';
|
||||
import T1110 from '../attack/techniques/T1110';
|
||||
import '../../styles/Collapse.scss'
|
||||
|
||||
const tech_components = {
|
||||
'T1210': T1210,
|
||||
'T1197': T1197
|
||||
'T1197': T1197,
|
||||
'T1110': T1110
|
||||
};
|
||||
|
||||
const classNames = require('classnames');
|
||||
|
|
Loading…
Reference in New Issue