From 2d960fc4d29d6d6b964c7da3436b91aea105929e Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 28 Jun 2022 15:48:39 -0700 Subject: [PATCH] Island: Remove old configuration schema's properties --- .../cc/services/config_schema/basic.py | 65 --------- .../services/config_schema/basic_network.py | 96 ------------- .../cc/services/config_schema/internal.py | 135 ------------------ .../cc/services/config_schema/monkey.py | 93 ------------ .../cc/services/config_schema/ransomware.py | 71 --------- 5 files changed, 460 deletions(-) delete mode 100644 monkey/monkey_island/cc/services/config_schema/basic.py delete mode 100644 monkey/monkey_island/cc/services/config_schema/basic_network.py delete mode 100644 monkey/monkey_island/cc/services/config_schema/internal.py delete mode 100644 monkey/monkey_island/cc/services/config_schema/monkey.py delete mode 100644 monkey/monkey_island/cc/services/config_schema/ransomware.py diff --git a/monkey/monkey_island/cc/services/config_schema/basic.py b/monkey/monkey_island/cc/services/config_schema/basic.py deleted file mode 100644 index 0ce28a3d1..000000000 --- a/monkey/monkey_island/cc/services/config_schema/basic.py +++ /dev/null @@ -1,65 +0,0 @@ -BASIC = { - "title": "Exploits", - "type": "object", - "primary": True, - "properties": { - "exploiters": { - "title": "Exploiters", - "type": "object", - "description": "Choose which exploiters the Monkey will attempt.", - "properties": { - "exploiter_classes": { - "title": "Exploiters", - "type": "array", - "uniqueItems": True, - "items": {"$ref": "#/definitions/exploiter_classes"}, - "default": [ - "SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "Log4ShellExploiter", - "HadoopExploiter", - "MSSQLExploiter", - "PowerShellExploiter", - ], - } - }, - }, - "credentials": { - "title": "Credentials", - "type": "object", - "properties": { - "exploit_user_list": { - "title": "Exploit user list", - "type": "array", - "uniqueItems": True, - "items": {"type": "string"}, - "default": ["Administrator", "root", "user"], - "description": "List of user names that will be used by exploiters that need " - "credentials, like " - "SSH brute-forcing.", - }, - "exploit_password_list": { - "title": "Exploit password list", - "type": "array", - "uniqueItems": True, - "items": { - "type": "string", - }, - "default": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou", - ], - "description": "List of passwords that will be used by exploiters that need " - "credentials, like " - "SSH brute-forcing.", - }, - }, - }, - }, -} diff --git a/monkey/monkey_island/cc/services/config_schema/basic_network.py b/monkey/monkey_island/cc/services/config_schema/basic_network.py deleted file mode 100644 index eceda4828..000000000 --- a/monkey/monkey_island/cc/services/config_schema/basic_network.py +++ /dev/null @@ -1,96 +0,0 @@ -from common.common_consts.validation_formats import IP, IP_RANGE -from monkey_island.cc.services.utils.typographic_symbols import WARNING_SIGN - -BASIC_NETWORK = { - "title": "Network", - "type": "object", - "properties": { - "scope": { - "title": "Scope", - "type": "object", - "properties": { - "info_box": { - "info": 'The Monkey scans its subnet if "Local network scan" is checked. ' - 'Additionally, the Monkey scans machines according to "Scan ' - 'target list".', - }, - "blocked_ips": { - "title": "Blocked IPs", - "type": "array", - "uniqueItems": True, - "items": { - "type": "string", - "format": IP, - }, - "default": [], - "description": "List of IPs that the Monkey will not scan.", - }, - "local_network_scan": { - "title": "Local network scan", - "type": "boolean", - "default": True, - "description": "Determines whether the Monkey will scan the local subnets of " - "machines it runs on, " - "in addition to the IPs that are configured manually in the " - '"Scan target list".', - }, - "depth": { - "title": "Scan depth", - "type": "integer", - "minimum": 1, - "default": 2, - "description": "Amount of hops allowed for the Monkey to spread from the " - "Island server. \n" - + WARNING_SIGN - + " Note that setting this value too high may result in the " - "Monkey propagating too far, " - 'if the "Local network scan" is enabled.', - }, - "subnet_scan_list": { - "title": "Scan target list", - "type": "array", - "uniqueItems": True, - "items": {"type": "string", "format": IP_RANGE}, - "default": [], - "description": "List of targets the Monkey will try to scan. Targets can be " - "IPs, subnets or hosts." - " Examples:\n" - '\tTarget a specific IP: "192.168.0.1"\n' - "\tTarget a subnet using a network range: " - '"192.168.0.5-192.168.0.20"\n' - '\tTarget a subnet using an IP mask: "192.168.0.5/24"\n' - '\tTarget a specific host: "printer.example"', - }, - }, - }, - "network_analysis": { - "title": "Network Analysis", - "type": "object", - "properties": { - "inaccessible_subnets": { - "title": "Network segmentation testing", - "type": "array", - "uniqueItems": True, - "items": {"type": "string", "format": IP_RANGE}, - "default": [], - "description": "Test for network segmentation by providing a list of network " - "segments " - "that should NOT be accessible to each other.\n\n" - "For example, if you configured the following three segments: " - '"10.0.0.0/24", "11.0.0.2/32", and "12.2.3.0/24", ' - "a Monkey running on 10.0.0.5 will try to access machines in " - "the following subnets: " - "11.0.0.2/32, 12.2.3.0/24. An alert on successful cross-segment " - "connections " - "will be shown in the reports. \n\n" - "Network segments can be IPs, subnets or hosts. Examples:\n" - '\tDefine a single-IP segment: "192.168.0.1"\n' - "\tDefine a segment using a network range: " - '"192.168.0.5-192.168.0.20"\n' - '\tDefine a segment using an subnet IP mask: "192.168.0.5/24"\n' - '\tDefine a single-host segment: "printer.example"', - } - }, - }, - }, -} diff --git a/monkey/monkey_island/cc/services/config_schema/internal.py b/monkey/monkey_island/cc/services/config_schema/internal.py deleted file mode 100644 index e0575ab36..000000000 --- a/monkey/monkey_island/cc/services/config_schema/internal.py +++ /dev/null @@ -1,135 +0,0 @@ -INTERNAL = { - "title": "Internal", - "type": "object", - "properties": { - "general": { - "title": "General", - "type": "object", - "properties": { - "keep_tunnel_open_time": { - "title": "Keep tunnel open time", - "type": "integer", - "default": 30, - "description": "Time to keep tunnel open before going down after last exploit " - "(in seconds)", - }, - }, - }, - "network": { - "title": "Network", - "type": "object", - "properties": { - "tcp_scanner": { - "title": "TCP scanner", - "type": "object", - "properties": { - "HTTP_PORTS": { - "title": "HTTP ports", - "type": "array", - "uniqueItems": True, - "items": {"type": "integer"}, - "default": [80, 8080, 443, 8008, 7001, 9200, 8983, 9600], - "description": "List of ports the monkey will check if are being used " - "for HTTP", - }, - "tcp_target_ports": { - "title": "TCP target ports", - "type": "array", - "uniqueItems": True, - "items": {"type": "integer"}, - "default": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 7001, - 8088, - 5985, - 5986, - ], - "description": "List of TCP ports the monkey will check whether " - "they're open", - }, - "tcp_scan_timeout": { - "title": "TCP scan timeout", - "type": "integer", - "default": 3000, - "description": "Maximum time (in milliseconds) " - "to wait for TCP response", - }, - }, - }, - "ping_scanner": { - "title": "Ping scanner", - "type": "object", - "properties": { - "ping_scan_timeout": { - "title": "Ping scan timeout", - "type": "integer", - "default": 1000, - "description": "Maximum time (in milliseconds) to wait for ping " - "response", - } - }, - }, - }, - }, - "classes": { - "title": "Classes", - "type": "object", - "properties": { - "finger_classes": { - "title": "Fingerprint classes", - "type": "array", - "uniqueItems": True, - "items": {"$ref": "#/definitions/finger_classes"}, - "default": [ - "SMBFinger", - "SSHFinger", - "HTTPFinger", - "MSSQLFinger", - "ElasticFinger", - ], - } - }, - }, - "exploits": { - "title": "Exploits", - "type": "object", - "properties": { - "exploit_lm_hash_list": { - "title": "Exploit LM hash list", - "type": "array", - "uniqueItems": True, - "items": {"type": "string"}, - "default": [], - "description": "List of LM hashes to use on exploits using credentials", - "related_attack_techniques": ["T1075"], - }, - "exploit_ntlm_hash_list": { - "title": "Exploit NTLM hash list", - "type": "array", - "uniqueItems": True, - "items": {"type": "string"}, - "default": [], - "description": "List of NTLM hashes to use on exploits using credentials", - "related_attack_techniques": ["T1075"], - }, - "exploit_ssh_keys": { - "title": "SSH key pairs list", - "type": "array", - "uniqueItems": True, - "default": [], - "items": {"type": "string"}, - "description": "List of SSH key pairs to use, when trying to ssh into servers", - }, - }, - }, - }, -} diff --git a/monkey/monkey_island/cc/services/config_schema/monkey.py b/monkey/monkey_island/cc/services/config_schema/monkey.py deleted file mode 100644 index ed30a3c89..000000000 --- a/monkey/monkey_island/cc/services/config_schema/monkey.py +++ /dev/null @@ -1,93 +0,0 @@ -from common.common_consts.credential_collector_names import MIMIKATZ_COLLECTOR, SSH_COLLECTOR - -MONKEY = { - "title": "Monkey", - "type": "object", - "properties": { - "post_breach": { - "title": "Post breach", - "type": "object", - "properties": { - "custom_PBA_linux_cmd": { - "title": "Linux post-breach command", - "type": "string", - "default": "", - "description": "Command to be executed after breaching. " - "Use this field to run custom commands or execute uploaded " - "files on exploited machines.\nExample: " - '"chmod +x ./my_script.sh; ./my_script.sh ; rm ./my_script.sh"', - }, - "PBA_linux_file": { - "title": "Linux post-breach file", - "type": "string", - "format": "data-url", - "description": "File to be uploaded after breaching. " - "Use the 'Linux post-breach command' field to " - "change permissions, run, or delete the file. " - "Reference your file by filename.", - }, - "custom_PBA_windows_cmd": { - "title": "Windows post-breach command", - "type": "string", - "default": "", - "description": "Command to be executed after breaching. " - "Use this field to run custom commands or execute uploaded " - "files on exploited machines.\nExample: " - '"my_script.bat & del my_script.bat"', - }, - "PBA_windows_file": { - "title": "Windows post-breach file", - "type": "string", - "format": "data-url", - "description": "File to be uploaded after breaching. " - "Use the 'Windows post-breach command' field to " - "change permissions, run, or delete the file. " - "Reference your file by filename.", - }, - "PBA_windows_filename": { - "title": "Windows PBA filename", - "type": "string", - "default": "", - }, - "PBA_linux_filename": { - "title": "Linux PBA filename", - "type": "string", - "default": "", - }, - "post_breach_actions": { - "title": "Post breach actions", - "type": "array", - "uniqueItems": True, - "items": {"$ref": "#/definitions/post_breach_actions"}, - "default": [ - "CommunicateAsBackdoorUser", - "ModifyShellStartupFiles", - "HiddenFiles", - "TrapCommand", - "ChangeSetuidSetgid", - "ScheduleJobs", - "Timestomping", - "AccountDiscovery", - "ProcessListCollection", - ], - }, - }, - }, - "credential_collectors": { - "title": "Credential collection", - "type": "object", - "properties": { - "credential_collectors": { - "title": "Credential collectors", - "type": "array", - "uniqueItems": True, - "items": {"$ref": "#/definitions/credential_collectors"}, - "default": [ - MIMIKATZ_COLLECTOR, - SSH_COLLECTOR, - ], - }, - }, - }, - }, -} diff --git a/monkey/monkey_island/cc/services/config_schema/ransomware.py b/monkey/monkey_island/cc/services/config_schema/ransomware.py deleted file mode 100644 index dd77a175d..000000000 --- a/monkey/monkey_island/cc/services/config_schema/ransomware.py +++ /dev/null @@ -1,71 +0,0 @@ -from common.common_consts.validation_formats import ( - VALID_RANSOMWARE_TARGET_PATH_LINUX, - VALID_RANSOMWARE_TARGET_PATH_WINDOWS, -) - -RANSOMWARE = { - "title": "Ransomware", - "type": "object", - "properties": { - "encryption": { - "title": "Simulation", - "type": "object", - "description": "To simulate ransomware encryption, you'll need to provide Infection " - "Monkey with files that it can safely encrypt. On each machine where you would like " - "the ransomware simulation to run, create a directory and put some files in it." - "\n\nProvide the path to the directory that was created on each machine.", - "properties": { - "enabled": { - "title": "Encrypt files", - "type": "boolean", - "default": True, - "description": "Ransomware encryption will be simulated by flipping every bit " - "in the files contained within the target directories.", - }, - "info_box": { - "info": "No files will be encrypted if a directory is not specified or doesn't " - "exist on a victim machine.", - }, - "directories": { - "title": "Directories to encrypt", - "type": "object", - "properties": { - "linux_target_dir": { - "title": "Linux target directory", - "type": "string", - "format": VALID_RANSOMWARE_TARGET_PATH_LINUX, - "default": "", - "description": "A path to a directory on Linux systems that contains " - "files that you will allow Infection Monkey to encrypt. If no " - "directory is specified, no files will be encrypted.", - }, - "windows_target_dir": { - "title": "Windows target directory", - "type": "string", - "format": VALID_RANSOMWARE_TARGET_PATH_WINDOWS, - "default": "", - "description": "A path to a directory on Windows systems that contains " - "files that you will allow Infection Monkey to encrypt. If no " - "directory is specified, no files will be encrypted.", - }, - }, - }, - "text_box": { - "text": "Note: A README.txt will be left in the specified target " "directory.", - }, - }, - }, - "other_behaviors": { - "title": "Other behavior", - "type": "object", - "properties": { - "readme": { - "title": "Create a README.txt file", - "type": "boolean", - "default": True, - "description": "Creates a README.txt ransomware note on infected systems.", - } - }, - }, - }, -}