p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Merge branch 'develop' into snyk-upgrade-a73b21ca3d3b12638dce5cc24f064d49

This commit is contained in:
Shay Nehmad 2020-08-09 14:30:24 +03:00 committed by GitHub
parent 50e1838ef6 f0428d09d2
commit 767a5f9200
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 69 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@ -51,17 +51,16 @@ The Infection Monkey uses the following techniques and exploits to propagate to
* SambaCry
* Elastic Search (CVE-2015-1427)
* Weblogic server
* and more
* and more, see our [Documentation hub](https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/) for more information about our RCE exploiters.
## Setup
Check out the [Setup](https://github.com/guardicore/monkey/wiki/setup) page in the Wiki or a quick getting [started guide](https://www.guardicore.com/infectionmonkey/wt/).
Check out the [Setup](https://www.guardicore.com/infectionmonkey/docs/setup/) page in the Wiki or a quick getting [started guide](https://www.guardicore.com/infectionmonkey/docs/usage/getting-started/).
The Infection Monkey supports a variety of platforms, documented [in the wiki](https://github.com/guardicore/monkey/wiki/OS-compatibility).
The Infection Monkey supports a variety of platforms, documented [in our documentation hub](https://www.guardicore.com/infectionmonkey/docs/reference/operating_systems_support/).
## Building the Monkey from source
To deploy development version of monkey you should refer to readme in the [deployment scripts](deployment_scripts) folder.
If you only want to build the monkey from source, see [Setup](https://github.com/guardicore/monkey/wiki/Setup#compile-it-yourself)
and follow the instructions at the readme files under [infection_monkey](monkey/infection_monkey) and [monkey_island](monkey/monkey_island).
To deploy development version of monkey you should refer to readme in the [deployment scripts](deployment_scripts)
folder or follow documentation in [documentation hub](https://www.guardicore.com/infectionmonkey/docs/development/setup-development-environment/).
### Build status
| Branch | Status |

4
docs/content/setup/docker.md
View File

@ -14,11 +14,11 @@ To extract the `tar.gz` file, run `tar -xvzf monkey-island-docker.tar.gz`.
Once youve extracted the container from the tar.gz file, run the following commands:
```sh
sudo docker load -i dk.monkeyisland.latest.tar
sudo docker load -i dk.monkeyisland.1.9.0.tar
sudo docker pull mongo
sudo mkdir -p /var/monkey-mongo/data/db
sudo docker run --name monkey-mongo --network=host -v /var/monkey-mongo/data/db:/data/db -d mongo
sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.8.2
sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.9.0
```
## Upgrading

36
docs/content/usage/file-checksums.md
View File

@ -35,6 +35,24 @@ sha256sum monkey-linux-64
## Latest version checksums
| Filename | Type | Version | SHA256 hash |
|-|-|-|-|
monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068`
monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8`
monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956`
monkey-linux-32 | Linux Agent | 1.9.0 | `4c24318026239530ed2437bfef1a01147bb1f3479696eb4eee6009326ce6b380`
infection_monkey_deb.tgz | Debian Package | 1.9.0 | `33c23ddae283e3aafe965d264bc88464b66db3dd6874fd7e5cbcd4e931b3bb25`
infection_monkey_debzt.tgz | Debian Package | 1.9.0 | `cc53fe9632f44248357d6bd20cf8629be9baf8688468fa6d3e186dcebf10cef6`
Monkey Island v1.9.0_3546_windows.exe | Windows Installer | 1.9.0 | `371f6d25e8cb16ea7ebdfd367092ee65b33db2ec35b44d96705716641eaa59e8`
Monkey Island v1.9.0_3546_windowszt.exe | Windows Installer | 1.9.0 | `662c611fb83bb8c7ef5f99c5d5ae04f5758727c688238d6a3cd4c58675581695`
infection_monkey_docker_docker_20200806_153913.tgz | Docker | 1.9.0 | `5da11c539045a395ced5dd572d331c4f0e9315a3ee192c06279ff4fef668b96e`
infection_monkey_docker_dockerzt_20200806_154742.tgz | Docker | 1.9.0 | `a84dbaad32ae42cc2d359ffbe062aec493a7253cf706a2d45f0d0b1c230f9348`
monkey-island-vmware.ova | OVA | 1.9.0 | `3861d46518e8a92e49992b26dbff9fe8e8a4ac5fd24d68e68b13e7fd3fa22247`
monkey-island-vmwarezt.ova | OVA | 1.9.0 | `03d356eb35e6515146f5bd798bb62cb15c56fcdf83a5281cf6cdc9b901586026`
## Older checksums
| Filename | Type | Version | SHA256 hash |
|-|-|-|-|
monkey-windows-64.exe | Windows Agent | 1.8.2 | `2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550`
@ -46,9 +64,15 @@ Monkey Island v1.8.2_3536_windows.exe | Windows Installer | 1.8.2 | `2be528685d6
Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | `f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a`
infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | `0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d`
infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | `0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75`
## All checksums
### 1.8.0 and older
You can find all these checksums in [this page](https://www.guardicore.com/infectionmonkey/checksums.html).
monkey-windows-64.exe | Windows Agent | 1.8.0 | `f0bc144ba4ff46094225adaf70d3e92e9aaddb13b59e4e47aa3c2b26fd7d9ad7`
monkey-windows-32.exe | Windows Agent | 1.8.0 | `1ddb093f9088a4d4c0af289ff568bbe7a0d057e725e6447055d4fe6c5f4e2c08`
monkey-linux-64 | Linux Agent | 1.8.0 | `d41314e5df72d5a470974522935c0b03dcb1c1e6b094d4ab700b04d5fec59ae6`
monkey-linux-32 | Linux Agent | 1.8.0 | `217cc2b9481f6454fa0a13adf12d9b29ce4e1e6a319971c8db9b446952ce3fb2`
infection_monkey_deb.tgz | Debian Package | 1.8.0 | `9c5254583ce786768ea55df8063152bd19e0f21a83e6f4f873c5dccc5a1c9d5e`
infection_monkey_debzt.tgz | Debian Package | 1.8.0 | `90A0824EC98680944B15B86CF5CFA09D48EDA406300C4CAE54432DB05F486D07`
Monkey Island v1.8.0_3513_windows.exe | Windows Installer | 1.8.0 | `ce9a9d0539c14ebe2a10cf3b36991b309abd7b62dd7fb7522a549d8987b0f0f4`
Monkey Island v1.8.0_3514_windowszt.exe | Windows Installer | 1.8.0 | `0b535a802ac43455d702b45673859b940c1feb7702b46a6a2cbc699672b0c89d`
infection_monkey_docker_docker_20200330_201419.tgz | Docker | 1.8.0 | `4f15a5008e43d8c5184456771dd9e8d70104b4ec79e34b53d230662604a7d190`
infection_monkey_docker_dockerzt_20200401_174529.tgz | Docker | 1.8.0 | `d94404134d879f3d859c77454df4abd0dbca00b8cae4b1c52d3b38e847f34e4c`
monkey-island-vmware.ova | OVA | 1.8.0 | `6BC4E85A0EA81045BD88E2D5A9F98F0DD40DE99E94D1E343D13FA418045A6915`
monkey-island-vmwarezt.ova | OVA | 1.8.0 | `79A043D85521F94024F8B0428A7A33B4D3F5B13F9D2B83F72C73C8D0BB12ED91`

12
monkey/monkey_island/cc/services/attack/attack_schema.py
View File

@ -88,7 +88,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1156",
"description": "Adversaries may abuse shell scripts by "
"inserting arbitrary shell commands to gain persistence, which "
"would be executed every time the user logs in or opens a new shell."
"would be executed every time the user logs in or opens a new shell.",
"depends_on": ["T1504"]
},
"T1136": {
"title": "Create account",
@ -117,7 +118,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1168/",
"description": "Linux supports multiple methods for creating pre-scheduled and "
"periodic background jobs. Job scheduling can be used by adversaries to "
"schedule running malicious code at some specified date and time."
"schedule running malicious code at some specified date and time.",
"depends_on": ["T1053"]
},
"T1504": {
"title": "PowerShell profile",
@ -127,7 +129,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1504",
"description": "Adversaries may gain persistence and elevate privileges "
"in certain situations by abusing PowerShell profiles which "
"are scripts that run when PowerShell starts."
"are scripts that run when PowerShell starts.",
"depends_on": ["T1156"]
},
"T1053": {
"title": "Scheduled task",
@ -137,7 +140,8 @@ SCHEMA = {
"link": "https://attack.mitre.org/techniques/T1053",
"description": "Windows utilities can be used to schedule programs or scripts to "
"be executed at a date and time. An adversary may use task scheduling to "
"execute programs at system startup or on a scheduled basis for persistence."
"execute programs at system startup or on a scheduled basis for persistence.",
"depends_on": ["T1168"]
},
"T1166": {
"title": "Setuid and Setgid",

44
monkey/monkey_island/cc/ui/package-lock.json generated
View File

@ -1310,9 +1310,9 @@
}
},
"@sindresorhus/is": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.0.0.tgz",
"integrity": "sha512-kqA5I6Yun7PBHk8WN9BBP1c7FfN2SrD05GuVSEYPqDb4nerv7HqYfgBfMIKmT/EuejURkJKLZuLyGKGs6WEG9w=="
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.0.tgz",
"integrity": "sha512-n4J+zu52VdY43kdi/XdI9DzuMr1Mur8zFL5ZRG2opCans9aiFwkPxHYFEb5Xgy7n1Z4K6WfI4FpqUqsh3E8BPQ=="
},
"@snyk/cli-interface": {
"version": "2.8.0",
@ -3726,9 +3726,9 @@
"integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw=="
},
"clipanion": {
"version": "2.4.2",
"resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.2.tgz",
"integrity": "sha512-kBCYtQKI4/R/zjierdwoDAsNUSvoh4pX2tseYxgLYQcKIpdPsHZrFWiQOfbe2Scd/btsqJEc4q6g55q0p5DZAw=="
"version": "2.4.4",
"resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.4.tgz",
"integrity": "sha512-KjyCBz8xplftHjIK/nOqq/9b3hPlXbAAo/AxoITrO4yySpQ6a9QSJDAfOx9PfcRUHteeqbdNxZKSPfeFqQ7plg=="
},
"cliui": {
"version": "5.0.0",
@ -6550,9 +6550,9 @@
}
},
"got": {
"version": "11.5.0",
"resolved": "https://registry.npmjs.org/got/-/got-11.5.0.tgz",
"integrity": "sha512-vOZEcEaK0b6x11uniY0HcblZObKPRO75Jvz53VKuqGSaKCM/zEt0sj2LGYVdqDYJzO3wYdG+FPQQ1hsgoXy7vQ==",
"version": "11.5.1",
"resolved": "https://registry.npmjs.org/got/-/got-11.5.1.tgz",
"integrity": "sha512-reQEZcEBMTGnujmQ+Wm97mJs/OK6INtO6HmLI+xt3+9CvnRwWjXutUvb2mqr+Ao4Lu05Rx6+udx9sOQAmExMxA==",
"requires": {
"@sindresorhus/is": "^3.0.0",
"@szmarczak/http-timer": "^4.0.5",
@ -6561,7 +6561,7 @@
"cacheable-lookup": "^5.0.3",
"cacheable-request": "^7.0.1",
"decompress-response": "^6.0.0",
"http2-wrapper": "^1.0.0-beta.4.8",
"http2-wrapper": "^1.0.0-beta.5.0",
"lowercase-keys": "^2.0.0",
"p-cancelable": "^2.0.0",
"responselike": "^2.0.0"
@ -7497,9 +7497,9 @@
}
},
"is-docker": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz",
"integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ=="
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.1.1.tgz",
"integrity": "sha512-ZOoqiXfEwtGknTiuDEy8pN2CfE3TxMHprvNer1mXiqwkOT77Rw3YVrUQ52EqAOU3QAWDQ+bQdx7HJzrv7LS2Hw=="
},
"is-extendable": {
"version": "0.1.1",
@ -8170,9 +8170,9 @@
}
},
"macos-release": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.4.0.tgz",
"integrity": "sha512-ko6deozZYiAkqa/0gmcsz+p4jSy3gY7/ZsCEokPaYd8k+6/aXGkiTgr61+Owup7Sf+xjqW8u2ElhoM9SEcEfuA=="
"version": "2.4.1",
"resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.4.1.tgz",
"integrity": "sha512-H/QHeBIN1fIGJX517pvK8IEK53yQOW7YcEI55oYtgjDdoCQQz7eJS94qt5kNrscReEyuD/JcdFCm2XBEcGOITg=="
},
"make-dir": {
"version": "2.1.0",
@ -12302,9 +12302,9 @@
}
},
"open": {
"version": "7.0.4",
"resolved": "https://registry.npmjs.org/open/-/open-7.0.4.tgz",
"integrity": "sha512-brSA+/yq+b08Hsr4c8fsEW2CRzk1BmfN3SAK/5VCHQ9bdoZJ4qa/+AfR0xHjlbbZUyPkUHs1b8x1RqdyZdkVqQ==",
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/open/-/open-7.1.0.tgz",
"integrity": "sha512-lLPI5KgOwEYCDKXf4np7y1PBEkj7HYIyP2DY8mVDRnx0VIIu6bNrRB0R66TuO7Mack6EnTNLm4uvcl1UoklTpA==",
"requires": {
"is-docker": "^2.0.0",
"is-wsl": "^2.1.1"
@ -14844,9 +14844,9 @@
}
},
"snyk": {
"version": "1.361.3",
"resolved": "https://registry.npmjs.org/snyk/-/snyk-1.361.3.tgz",
"integrity": "sha512-93SxV9WD+pN/9bGRizfoiYwfKHy5mDyTCdOYtWcVbTFMi7Gf+I4Q5YprunHBTeJLLh0+qsD6l77QBo9GiYyiaA==",
"version": "1.362.0",
"resolved": "https://registry.npmjs.org/snyk/-/snyk-1.362.0.tgz",
"integrity": "sha512-NT6OH1aPjDv9MvXriB0GVok7hmmWmo/TrTrUOKQsmKJi6ILqEAmDFk2EhaSHP2Niz5lrrFkSetYUmHAlWela6w==",
"requires": {
"@snyk/cli-interface": "2.8.0",
"@snyk/dep-graph": "1.18.3",

2
monkey/monkey_island/cc/ui/package.json
View File

@ -105,7 +105,7 @@
"react-tooltip-lite": "^1.12.0",
"redux": "^4.0.4",
"sha3": "^2.1.3",
"snyk": "^1.361.3"
"snyk": "^1.362.0"
},
"snyk": true
}

2
monkey/monkey_island/cc/ui/src/components/report-components/security/PostBreachParser.js
View File

@ -23,7 +23,7 @@ function aggregateShellStartupPba(results) {
failedOutputs += results[i].result[0];
}
}
if(aggregatedPbaResult === undefined) return;
if(aggregatedPbaResult === undefined) return results;
results = results.filter(result => result.name !== SHELL_STARTUP_NAME);
aggregatedPbaResult.result[0] = successfulOutputs + failedOutputs;