Sleep only *between* life cycles
This commit is contained in:
parent
2bbd5d4824
commit
65f5dbeaaf
|
@ -173,6 +173,8 @@ class Configuration(object):
|
||||||
# addresses of internet servers to ping and check if the monkey has internet acccess.
|
# addresses of internet servers to ping and check if the monkey has internet acccess.
|
||||||
internet_services = ["monkey.guardicore.com", "www.google.com"]
|
internet_services = ["monkey.guardicore.com", "www.google.com"]
|
||||||
|
|
||||||
|
keep_tunnel_open_time = 60
|
||||||
|
|
||||||
###########################
|
###########################
|
||||||
# scanners config
|
# scanners config
|
||||||
###########################
|
###########################
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
"monkey.guardicore.com",
|
"monkey.guardicore.com",
|
||||||
"www.google.com"
|
"www.google.com"
|
||||||
],
|
],
|
||||||
|
"keep_tunnel_open_time": 60,
|
||||||
"range_class": "RelativeRange",
|
"range_class": "RelativeRange",
|
||||||
"range_fixed": [
|
"range_fixed": [
|
||||||
""
|
""
|
||||||
|
|
|
@ -1,17 +1,18 @@
|
||||||
import sys
|
|
||||||
import os
|
|
||||||
import time
|
|
||||||
import logging
|
|
||||||
import tunnel
|
|
||||||
import argparse
|
import argparse
|
||||||
|
import logging
|
||||||
|
import os
|
||||||
import subprocess
|
import subprocess
|
||||||
from system_singleton import SystemSingleton
|
import sys
|
||||||
from network.firewall import app as firewall
|
import time
|
||||||
from control import ControlClient
|
|
||||||
|
import tunnel
|
||||||
from config import WormConfiguration
|
from config import WormConfiguration
|
||||||
from network.network_scanner import NetworkScanner
|
from control import ControlClient
|
||||||
from model import DELAY_DELETE_CMD
|
from model import DELAY_DELETE_CMD
|
||||||
|
from network.firewall import app as firewall
|
||||||
|
from network.network_scanner import NetworkScanner
|
||||||
from system_info import SystemInfoCollector
|
from system_info import SystemInfoCollector
|
||||||
|
from system_singleton import SystemSingleton
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
|
@ -101,7 +102,7 @@ class ChaosMonkey(object):
|
||||||
else:
|
else:
|
||||||
LOG.debug("Running with depth: %d" % WormConfiguration.depth)
|
LOG.debug("Running with depth: %d" % WormConfiguration.depth)
|
||||||
|
|
||||||
for _ in xrange(WormConfiguration.max_iterations):
|
for iteration_index in xrange(WormConfiguration.max_iterations):
|
||||||
ControlClient.keepalive()
|
ControlClient.keepalive()
|
||||||
ControlClient.load_control_config()
|
ControlClient.load_control_config()
|
||||||
|
|
||||||
|
@ -146,7 +147,6 @@ class ChaosMonkey(object):
|
||||||
LOG.debug("Skipping %r - exploitation failed before", machine)
|
LOG.debug("Skipping %r - exploitation failed before", machine)
|
||||||
continue
|
continue
|
||||||
|
|
||||||
|
|
||||||
if monkey_tunnel:
|
if monkey_tunnel:
|
||||||
monkey_tunnel.set_tunnel_for_host(machine)
|
monkey_tunnel.set_tunnel_for_host(machine)
|
||||||
if self._default_server:
|
if self._default_server:
|
||||||
|
@ -196,8 +196,10 @@ class ChaosMonkey(object):
|
||||||
else:
|
else:
|
||||||
self._fail_exploitation_machines.add(machine)
|
self._fail_exploitation_machines.add(machine)
|
||||||
|
|
||||||
if not is_empty:
|
if (not is_empty) and (WormConfiguration.max_iterations > iteration_index + 1):
|
||||||
time.sleep(WormConfiguration.timeout_between_iterations)
|
time_to_sleep = WormConfiguration.timeout_between_iterations
|
||||||
|
LOG.info("Sleeping %d seconds before next life cycle iteration", time_to_sleep)
|
||||||
|
time.sleep(time_to_sleep)
|
||||||
|
|
||||||
if self._keep_running and WormConfiguration.alive:
|
if self._keep_running and WormConfiguration.alive:
|
||||||
LOG.info("Reached max iterations (%d)", WormConfiguration.max_iterations)
|
LOG.info("Reached max iterations (%d)", WormConfiguration.max_iterations)
|
||||||
|
@ -206,8 +208,10 @@ class ChaosMonkey(object):
|
||||||
|
|
||||||
# if host was exploited, before continue to closing the tunnel ensure the exploited host had its chance to
|
# if host was exploited, before continue to closing the tunnel ensure the exploited host had its chance to
|
||||||
# connect to the tunnel
|
# connect to the tunnel
|
||||||
if last_exploit_time and (time.time() - last_exploit_time < 60):
|
if last_exploit_time and (time.time() - last_exploit_time < WormConfiguration.keep_tunnel_open_time):
|
||||||
time.sleep(time.time() - last_exploit_time)
|
time_to_sleep = WormConfiguration.keep_tunnel_open_time - (time.time() - last_exploit_time)
|
||||||
|
LOG.info("Sleeping %d seconds for exploited machines to connect to tunnel", time_to_sleep)
|
||||||
|
time.sleep(time_to_sleep)
|
||||||
|
|
||||||
if monkey_tunnel:
|
if monkey_tunnel:
|
||||||
monkey_tunnel.stop()
|
monkey_tunnel.stop()
|
||||||
|
@ -242,7 +246,7 @@ class ChaosMonkey(object):
|
||||||
close_fds=True, startupinfo=startupinfo)
|
close_fds=True, startupinfo=startupinfo)
|
||||||
else:
|
else:
|
||||||
os.remove(sys.executable)
|
os.remove(sys.executable)
|
||||||
except Exception, exc:
|
except Exception as exc:
|
||||||
LOG.error("Exception in self delete: %s", exc)
|
LOG.error("Exception in self delete: %s", exc)
|
||||||
|
|
||||||
LOG.info("Monkey is shutting down")
|
LOG.info("Monkey is shutting down")
|
||||||
|
|
|
@ -277,6 +277,12 @@ SCHEMA = {
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"default": "{2384ec59-0df8-4ab9-918c-843740924a28}",
|
"default": "{2384ec59-0df8-4ab9-918c-843740924a28}",
|
||||||
"description": "The name of the mutex used to determine whether the monkey is already running"
|
"description": "The name of the mutex used to determine whether the monkey is already running"
|
||||||
|
},
|
||||||
|
"keep_tunnel_open_time": {
|
||||||
|
"title": "Keep tunnel open time",
|
||||||
|
"type": "integer",
|
||||||
|
"default": 60,
|
||||||
|
"description": "Time to keep tunnel open before going down since last exploit (in seconds)"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in New Issue