Merge pull request #1400 from guardicore/1368/bb-performance-fingerprints

1368/bb performance fingerprints
This commit is contained in:
Mike Salvatore 2021-08-05 07:24:22 -04:00 committed by GitHub
commit 57d97d0083
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 50 additions and 15 deletions

View File

@ -36,6 +36,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- `server_config.json` puts environment config options in a separate section
named "environment". #1161
- BlackBox tests can now register if they are ran on a fresh installation. #1180
- Limit the ports used for scanning in blackbox tests. #1368
- Limit the propagation depth of most blackbox tests. #1400
- Blackbox tests wait less time for monkeys to die. #1400
- Improved the structure of unit tests by scoping fixtures only to relevant modules
instead of having a one huge fixture file, improved and renamed the directory
structure of unit tests and unit test infrastructure. #1178

View File

@ -7,6 +7,7 @@ class BaseTemplate(ConfigTemplate):
config_values = {
"basic.exploiters.exploiter_classes": [],
"basic_network.scope.local_network_scan": False,
"basic_network.scope.depth": 1,
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger"],
"internal.monkey.system_info.system_info_collector_classes": [
"EnvironmentCollector",

View File

@ -12,5 +12,7 @@ class Drupal(ConfigTemplate):
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger"],
"basic.exploiters.exploiter_classes": ["DrupalExploiter"],
"basic_network.scope.subnet_scan_list": ["10.2.2.28"],
"internal.network.tcp_scanner.HTTP_PORTS": [80],
"internal.network.tcp_scanner.tcp_target_ports": [],
}
)

View File

@ -14,5 +14,7 @@ class Elastic(ConfigTemplate):
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger", "ElasticFinger"],
"basic_network.scope.subnet_scan_list": ["10.2.2.4", "10.2.2.5"],
"basic_network.scope.depth": 1,
"internal.network.tcp_scanner.HTTP_PORTS": [9200],
"internal.network.tcp_scanner.tcp_target_ports": [],
}
)

View File

@ -12,5 +12,7 @@ class Hadoop(ConfigTemplate):
{
"basic.exploiters.exploiter_classes": ["HadoopExploiter"],
"basic_network.scope.subnet_scan_list": ["10.2.2.2", "10.2.2.3"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [8088],
}
)

View File

@ -10,6 +10,7 @@ class Mssql(ConfigTemplate):
config_values.update(
{
"basic.exploiters.exploiter_classes": ["MSSQLExploiter"],
"internal.classes.finger_classes": ["PingScanner"],
"basic_network.scope.subnet_scan_list": ["10.2.2.16"],
"basic.credentials.exploit_password_list": [
"Password1!",
@ -18,5 +19,7 @@ class Mssql(ConfigTemplate):
"12345678",
],
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [3389],
}
)

View File

@ -11,5 +11,7 @@ class ShellShock(ConfigTemplate):
{
"basic.exploiters.exploiter_classes": ["ShellShockExploiter"],
"basic_network.scope.subnet_scan_list": ["10.2.2.8"],
"internal.network.tcp_scanner.HTTP_PORTS": [80, 8080],
"internal.network.tcp_scanner.tcp_target_ports": [],
}
)

View File

@ -14,6 +14,8 @@ class SmbMimikatz(ConfigTemplate):
"basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"],
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
"internal.classes.finger_classes": ["SMBFinger", "PingScanner", "HTTPFinger"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [445],
"monkey.system_info.system_info_collector_classes": [
"EnvironmentCollector",
"HostnameCollector",

View File

@ -7,14 +7,18 @@ from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemp
class SmbPth(ConfigTemplate):
config_values = copy(BaseTemplate.config_values)
config_value_list = {
config_values.update(
{
"basic.exploiters.exploiter_classes": ["SmbExploiter"],
"basic_network.scope.subnet_scan_list": ["10.2.2.15"],
"basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"],
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
"internal.classes.finger_classes": ["SMBFinger", "PingScanner", "HTTPFinger"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [445],
"internal.classes.exploits.exploit_ntlm_hash_list": [
"5da0889ea2081aa79f6852294cba4a5e",
"50c9987a6bf1ac59398df9f911122c9b",
],
}
)

View File

@ -12,7 +12,10 @@ class Ssh(ConfigTemplate):
"basic.exploiters.exploiter_classes": ["SSHExploiter"],
"basic_network.scope.subnet_scan_list": ["10.2.2.11", "10.2.2.12"],
"basic.credentials.exploit_password_list": ["Password1!", "12345678", "^NgDvY59~8"],
"basic_network.scope.depth": 2,
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
"internal.classes.finger_classes": ["SSHFinger", "PingScanner", "HTTPFinger"],
"internal.classes.finger_classes": ["SSHFinger", "PingScanner"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [22],
}
)

View File

@ -11,6 +11,9 @@ class Struts2(ConfigTemplate):
config_values.update(
{
"basic.exploiters.exploiter_classes": ["Struts2Exploiter"],
"basic_network.scope.depth": 2,
"basic_network.scope.subnet_scan_list": ["10.2.2.23", "10.2.2.24"],
"internal.network.tcp_scanner.HTTP_PORTS": [80, 8080],
"internal.network.tcp_scanner.tcp_target_ports": [80, 8080],
}
)

View File

@ -12,5 +12,7 @@ class Weblogic(ConfigTemplate):
{
"basic.exploiters.exploiter_classes": ["WebLogicExploiter"],
"basic_network.scope.subnet_scan_list": ["10.2.2.18", "10.2.2.19"],
"internal.network.tcp_scanner.HTTP_PORTS": [7001],
"internal.network.tcp_scanner.tcp_target_ports": [],
}
)

View File

@ -13,6 +13,8 @@ class WmiMimikatz(ConfigTemplate):
"basic_network.scope.subnet_scan_list": ["10.2.2.14", "10.2.2.15"],
"basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"],
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [135],
"monkey.system_info.system_info_collector_classes": [
"EnvironmentCollector",
"HostnameCollector",

View File

@ -14,6 +14,8 @@ class WmiPth(ConfigTemplate):
"basic.credentials.exploit_password_list": ["Password1!"],
"basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"],
"internal.classes.finger_classes": ["PingScanner", "HTTPFinger"],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [135],
"internal.exploits.exploit_ntlm_hash_list": [
"5da0889ea2081aa79f6852294cba4a5e",
"50c9987a6bf1ac59398df9f911122c9b",

View File

@ -14,5 +14,7 @@ class Zerologon(ConfigTemplate):
"basic_network.scope.subnet_scan_list": ["10.2.2.25"],
# Empty list to make sure ZeroLogon adds "Administrator" username
"basic.credentials.exploit_user_list": [],
"internal.network.tcp_scanner.HTTP_PORTS": [],
"internal.network.tcp_scanner.tcp_target_ports": [135, 445],
}
)

View File

@ -171,7 +171,7 @@ class TestMonkeyBlackbox:
TestMonkeyBlackbox.run_exploitation_test(island_client, Elastic, "Elastic_exploiter")
def test_struts_exploiter(self, island_client):
TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Strtuts2_exploiter")
TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Struts2_exploiter")
def test_weblogic_exploiter(self, island_client):
TestMonkeyBlackbox.run_exploitation_test(island_client, Weblogic, "Weblogic_exploiter")

View File

@ -6,8 +6,8 @@ from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.utils.test_timer import TestTimer
MAX_TIME_FOR_MONKEYS_TO_DIE = 5 * 60
WAIT_TIME_BETWEEN_REQUESTS = 10
TIME_FOR_MONKEY_PROCESS_TO_FINISH = 40
WAIT_TIME_BETWEEN_REQUESTS = 5
TIME_FOR_MONKEY_PROCESS_TO_FINISH = 10
DELAY_BETWEEN_ANALYSIS = 3
LOGGER = logging.getLogger(__name__)