Merge pull request #1400 from guardicore/1368/bb-performance-fingerprints
1368/bb performance fingerprints
This commit is contained in:
commit
57d97d0083
|
@ -36,6 +36,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- `server_config.json` puts environment config options in a separate section
|
||||
named "environment". #1161
|
||||
- BlackBox tests can now register if they are ran on a fresh installation. #1180
|
||||
- Limit the ports used for scanning in blackbox tests. #1368
|
||||
- Limit the propagation depth of most blackbox tests. #1400
|
||||
- Blackbox tests wait less time for monkeys to die. #1400
|
||||
- Improved the structure of unit tests by scoping fixtures only to relevant modules
|
||||
instead of having a one huge fixture file, improved and renamed the directory
|
||||
structure of unit tests and unit test infrastructure. #1178
|
||||
|
|
|
@ -7,6 +7,7 @@ class BaseTemplate(ConfigTemplate):
|
|||
config_values = {
|
||||
"basic.exploiters.exploiter_classes": [],
|
||||
"basic_network.scope.local_network_scan": False,
|
||||
"basic_network.scope.depth": 1,
|
||||
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger"],
|
||||
"internal.monkey.system_info.system_info_collector_classes": [
|
||||
"EnvironmentCollector",
|
||||
|
|
|
@ -12,5 +12,7 @@ class Drupal(ConfigTemplate):
|
|||
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger"],
|
||||
"basic.exploiters.exploiter_classes": ["DrupalExploiter"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.28"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [80],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -14,5 +14,7 @@ class Elastic(ConfigTemplate):
|
|||
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger", "ElasticFinger"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.4", "10.2.2.5"],
|
||||
"basic_network.scope.depth": 1,
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [9200],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -12,5 +12,7 @@ class Hadoop(ConfigTemplate):
|
|||
{
|
||||
"basic.exploiters.exploiter_classes": ["HadoopExploiter"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.2", "10.2.2.3"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [8088],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -10,6 +10,7 @@ class Mssql(ConfigTemplate):
|
|||
config_values.update(
|
||||
{
|
||||
"basic.exploiters.exploiter_classes": ["MSSQLExploiter"],
|
||||
"internal.classes.finger_classes": ["PingScanner"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.16"],
|
||||
"basic.credentials.exploit_password_list": [
|
||||
"Password1!",
|
||||
|
@ -18,5 +19,7 @@ class Mssql(ConfigTemplate):
|
|||
"12345678",
|
||||
],
|
||||
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [3389],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -11,5 +11,7 @@ class ShellShock(ConfigTemplate):
|
|||
{
|
||||
"basic.exploiters.exploiter_classes": ["ShellShockExploiter"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.8"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [80, 8080],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -14,6 +14,8 @@ class SmbMimikatz(ConfigTemplate):
|
|||
"basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"],
|
||||
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
|
||||
"internal.classes.finger_classes": ["SMBFinger", "PingScanner", "HTTPFinger"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [445],
|
||||
"monkey.system_info.system_info_collector_classes": [
|
||||
"EnvironmentCollector",
|
||||
"HostnameCollector",
|
||||
|
|
|
@ -7,14 +7,18 @@ from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemp
|
|||
class SmbPth(ConfigTemplate):
|
||||
config_values = copy(BaseTemplate.config_values)
|
||||
|
||||
config_value_list = {
|
||||
config_values.update(
|
||||
{
|
||||
"basic.exploiters.exploiter_classes": ["SmbExploiter"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.15"],
|
||||
"basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"],
|
||||
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
|
||||
"internal.classes.finger_classes": ["SMBFinger", "PingScanner", "HTTPFinger"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [445],
|
||||
"internal.classes.exploits.exploit_ntlm_hash_list": [
|
||||
"5da0889ea2081aa79f6852294cba4a5e",
|
||||
"50c9987a6bf1ac59398df9f911122c9b",
|
||||
],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -12,7 +12,10 @@ class Ssh(ConfigTemplate):
|
|||
"basic.exploiters.exploiter_classes": ["SSHExploiter"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.11", "10.2.2.12"],
|
||||
"basic.credentials.exploit_password_list": ["Password1!", "12345678", "^NgDvY59~8"],
|
||||
"basic_network.scope.depth": 2,
|
||||
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
|
||||
"internal.classes.finger_classes": ["SSHFinger", "PingScanner", "HTTPFinger"],
|
||||
"internal.classes.finger_classes": ["SSHFinger", "PingScanner"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [22],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -11,6 +11,9 @@ class Struts2(ConfigTemplate):
|
|||
config_values.update(
|
||||
{
|
||||
"basic.exploiters.exploiter_classes": ["Struts2Exploiter"],
|
||||
"basic_network.scope.depth": 2,
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.23", "10.2.2.24"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [80, 8080],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [80, 8080],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -12,5 +12,7 @@ class Weblogic(ConfigTemplate):
|
|||
{
|
||||
"basic.exploiters.exploiter_classes": ["WebLogicExploiter"],
|
||||
"basic_network.scope.subnet_scan_list": ["10.2.2.18", "10.2.2.19"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [7001],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -13,6 +13,8 @@ class WmiMimikatz(ConfigTemplate):
|
|||
"basic_network.scope.subnet_scan_list": ["10.2.2.14", "10.2.2.15"],
|
||||
"basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"],
|
||||
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [135],
|
||||
"monkey.system_info.system_info_collector_classes": [
|
||||
"EnvironmentCollector",
|
||||
"HostnameCollector",
|
||||
|
|
|
@ -14,6 +14,8 @@ class WmiPth(ConfigTemplate):
|
|||
"basic.credentials.exploit_password_list": ["Password1!"],
|
||||
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
|
||||
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger"],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [135],
|
||||
"internal.exploits.exploit_ntlm_hash_list": [
|
||||
"5da0889ea2081aa79f6852294cba4a5e",
|
||||
"50c9987a6bf1ac59398df9f911122c9b",
|
||||
|
|
|
@ -14,5 +14,7 @@ class Zerologon(ConfigTemplate):
|
|||
"basic_network.scope.subnet_scan_list": ["10.2.2.25"],
|
||||
# Empty list to make sure ZeroLogon adds "Administrator" username
|
||||
"basic.credentials.exploit_user_list": [],
|
||||
"internal.network.tcp_scanner.HTTP_PORTS": [],
|
||||
"internal.network.tcp_scanner.tcp_target_ports": [135, 445],
|
||||
}
|
||||
)
|
||||
|
|
|
@ -171,7 +171,7 @@ class TestMonkeyBlackbox:
|
|||
TestMonkeyBlackbox.run_exploitation_test(island_client, Elastic, "Elastic_exploiter")
|
||||
|
||||
def test_struts_exploiter(self, island_client):
|
||||
TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Strtuts2_exploiter")
|
||||
TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Struts2_exploiter")
|
||||
|
||||
def test_weblogic_exploiter(self, island_client):
|
||||
TestMonkeyBlackbox.run_exploitation_test(island_client, Weblogic, "Weblogic_exploiter")
|
||||
|
|
|
@ -6,8 +6,8 @@ from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
|||
from envs.monkey_zoo.blackbox.utils.test_timer import TestTimer
|
||||
|
||||
MAX_TIME_FOR_MONKEYS_TO_DIE = 5 * 60
|
||||
WAIT_TIME_BETWEEN_REQUESTS = 10
|
||||
TIME_FOR_MONKEY_PROCESS_TO_FINISH = 40
|
||||
WAIT_TIME_BETWEEN_REQUESTS = 5
|
||||
TIME_FOR_MONKEY_PROCESS_TO_FINISH = 10
|
||||
DELAY_BETWEEN_ANALYSIS = 3
|
||||
LOGGER = logging.getLogger(__name__)
|
||||
|
||||
|
|
Loading…
Reference in New Issue