Merge branch 'release/1.11.0' into develop
72
CHANGELOG.md
|
@ -1,11 +1,12 @@
|
||||||
# Changelog
|
# Changelog
|
||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this
|
||||||
|
file.
|
||||||
|
|
||||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
The format is based on [Keep a
|
||||||
|
Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
|
|
||||||
## [Unreleased]
|
## [1.11.0] - 2021-08-XX
|
||||||
### Added
|
### Added
|
||||||
- PostgreSQL fingerprinter. #892
|
|
||||||
- A runtime-configurable option to specify a data directory where runtime
|
- A runtime-configurable option to specify a data directory where runtime
|
||||||
configuration and other artifacts can be stored. #994
|
configuration and other artifacts can be stored. #994
|
||||||
- Scripts to build an AppImage for Monkey Island. #1069, #1090, #1136, #1381
|
- Scripts to build an AppImage for Monkey Island. #1069, #1090, #1136, #1381
|
||||||
|
@ -13,53 +14,58 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- A ransomware simulation payload. #1238
|
- A ransomware simulation payload. #1238
|
||||||
- The capability for a user to specify their own SSL certificate. #1208
|
- The capability for a user to specify their own SSL certificate. #1208
|
||||||
- API endpoint for ransomware report. #1297
|
- API endpoint for ransomware report. #1297
|
||||||
- Add ransomware report. #1240
|
- A ransomware report. #1240
|
||||||
- A script to build a docker image locally. #1140
|
- A script to build a docker image locally. #1140
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- server_config.json can be selected at runtime. #963
|
- Select server_config.json at runtime. #963
|
||||||
- Logger configuration can be selected at runtime. #971
|
- Select Logger configuration at runtime. #971
|
||||||
- `mongo_key.bin` file location can be selected at runtime. #994
|
- Select `mongo_key.bin` file location at runtime. #994
|
||||||
- Monkey agents are stored in the configurable data_dir when monkey is "run
|
- Store Monkey agents in the configurable data_dir when monkey is "run from the
|
||||||
from the island". #997
|
island". #997
|
||||||
- Reformated all code using black. #1070
|
- Reformat all code using black. #1070
|
||||||
- Sorted all imports usind isort. #1081
|
- Sort all imports using isort. #1081
|
||||||
- Addressed all flake8 issues. #1071
|
- Address all flake8 issues. #1071
|
||||||
- Use pipenv for python dependency management. #1091
|
- Use pipenv for python dependency management. #1091
|
||||||
- Moved unit tests to a dedicated `tests/` directory to improve pytest
|
- Move unit tests to a dedicated `tests/` directory to improve pytest collection
|
||||||
collection time. #1102
|
time. #1102
|
||||||
- Default BB test suite behavior: if `--run-performance-tests` flag is not
|
- Skip BB performance tests by default. Run them if `--run-performance-tests`
|
||||||
specified, performance tests are skipped.
|
flag is specified.
|
||||||
- Zerologon exploiter writes runtime artifacts to a secure temporary directory
|
- Write Zerologon exploiter's runtime artifacts to a secure temporary directory
|
||||||
instead of $HOME. #1143
|
instead of $HOME. #1143
|
||||||
- Authentication mechanism to use bcrypt on server side. #1139
|
- Put environment config options in `server_config.json` into a separate
|
||||||
- `server_config.json` puts environment config options in a separate section
|
section named "environment". #1161
|
||||||
named "environment". #1161
|
- Automatically register if BlackBox tests are run on a fresh installation.
|
||||||
- BlackBox tests can now register if they are ran on a fresh installation. #1180
|
#1180
|
||||||
- Limit the ports used for scanning in blackbox tests. #1368
|
- Limit the ports used for scanning in blackbox tests. #1368
|
||||||
- Limit the propagation depth of most blackbox tests. #1400
|
- Limit the propagation depth of most blackbox tests. #1400
|
||||||
- Blackbox tests wait less time for monkeys to die. #1400
|
- Wait less time for monkeys to die when running BlackBox tests. #1400
|
||||||
- Improved the structure of unit tests by scoping fixtures only to relevant modules
|
- Improve the structure of unit tests by scoping fixtures only to relevant
|
||||||
instead of having a one huge fixture file, improved and renamed the directory
|
modules instead of having a one huge fixture file. #1178
|
||||||
structure of unit tests and unit test infrastructure. #1178
|
- Improve and rename the directory structure of unit tests and unit test
|
||||||
- MongoDb now gets launched by the Island via python. #1148
|
infrastructure. #1178
|
||||||
- Create/check data directory on Island init. #1170
|
- Launch MongoDB when the Island starts via python. #1148
|
||||||
- The formatting of some log messages to make them more readable. #1283
|
- Create/check data directory on Island initialization. #1170
|
||||||
- Some unit tests to run faster. #1125
|
- Format some log messages to make them more readable. #1283
|
||||||
|
- Improve runtime of some unit tests. #1125
|
||||||
|
- Run curl OR wget (not both) when attempting to communicate as a new user on
|
||||||
|
Linux. #1407
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
- Relevant dead code as reported by Vulture. #1149
|
- Relevant dead code as reported by Vulture. #1149
|
||||||
- Island logger config and --logger-config CLI option. #1151
|
- Island logger config and --logger-config CLI option. #1151
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- Attempted to delete a directory when monkey config reset was called. #1054
|
- Attempt to delete a directory when monkey config reset was called. #1054
|
||||||
- An errant space in the windows commands to run monkey manually. #1153
|
- An errant space in the windows commands to run monkey manually. #1153
|
||||||
- gevent tracebacks in console output. #859
|
- Gevent tracebacks in console output. #859
|
||||||
- Crash and failure to run PBAs if max depth reached. #1374
|
- Crash and failure to run PBAs if max depth reached. #1374
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
- Address minor issues discovered by Dlint. #1075
|
- Address minor issues discovered by Dlint. #1075
|
||||||
- Generate random passwords when creating a new user (create user PBA, ms08_67 exploit). #1174
|
- Hash passwords on server-side instead of client side. #1139
|
||||||
|
- Generate random passwords when creating a new user (create user PBA, ms08_67
|
||||||
|
exploit). #1174
|
||||||
- Implemented configuration encryption/decryption. #1189, #1204
|
- Implemented configuration encryption/decryption. #1189, #1204
|
||||||
- Create local custom PBA directory with secure permissions. #1270
|
- Create local custom PBA directory with secure permissions. #1270
|
||||||
- Create encryption key file for MongoDB with secure permissions. #1232
|
- Create encryption key file for MongoDB with secure permissions. #1232
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
title: "MITRE ATT&CK report"
|
title: "MITRE ATT&CK report"
|
||||||
description: "Maps the Monkey's actions to the MITRE ATT&CK knowledge base"
|
description: "Maps the Monkey's actions to the MITRE ATT&CK knowledge base"
|
||||||
date: 2020-06-24T21:17:18+03:00
|
date: 2020-06-24T21:17:18+03:00
|
||||||
|
weight: 3
|
||||||
draft: false
|
draft: false
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,49 @@
|
||||||
|
---
|
||||||
|
title: "Ransomware report"
|
||||||
|
date: 2021-08-05T13:23:10+03:00
|
||||||
|
weight: 4
|
||||||
|
draft: false
|
||||||
|
description: "Provides information about ransomware simulation on your network"
|
||||||
|
---
|
||||||
|
|
||||||
|
{{% notice info %}}
|
||||||
|
Check out [the Infection Monkey's ransomware simulation documentation]({{< ref
|
||||||
|
"/usage/scenarios/ransomware-simulation" >}}) and [the documentation for other
|
||||||
|
available reports]({{< ref "/reports" >}}).
|
||||||
|
{{% /notice %}}
|
||||||
|
|
||||||
|
The Infection Monkey can be configured to [simulate a ransomware
|
||||||
|
attack](/usage/scenarios/ransomware-simulation) on your network. After running,
|
||||||
|
it generates a **Ransomware Report** that provides you with insight into how
|
||||||
|
ransomware might behave within your environment.
|
||||||
|
|
||||||
|
The report is split into three sections:
|
||||||
|
|
||||||
|
- [Breach](#breach)
|
||||||
|
- [Lateral Movement](#lateral-movement)
|
||||||
|
- [Attack](#attack)
|
||||||
|
|
||||||
|
## Breach
|
||||||
|
|
||||||
|
The breach section shows when and where the ransomware infection began.
|
||||||
|
|
||||||
|
![Breach](/images/usage/reports/ransomware_report_1_breach.png "Breach")
|
||||||
|
|
||||||
|
|
||||||
|
## Lateral movement
|
||||||
|
|
||||||
|
The lateral movement section provides information about how the simulated
|
||||||
|
ransomware was able to propagate through your network.
|
||||||
|
|
||||||
|
|
||||||
|
![Lateral
|
||||||
|
Movement](/images/usage/reports/ransomware_report_2_lateral_movement.png
|
||||||
|
"Lateral Movement")
|
||||||
|
|
||||||
|
|
||||||
|
## Attack
|
||||||
|
|
||||||
|
The attack section shows the details of what the simulated ransomware
|
||||||
|
successfully encrypted, including a list of specific files.
|
||||||
|
|
||||||
|
![Attack](/images/usage/reports/ransomware_report_3_attack.png "Attack")
|
|
@ -1,6 +1,7 @@
|
||||||
---
|
---
|
||||||
title: "Security report"
|
title: "Security report"
|
||||||
date: 2020-06-24T21:16:10+03:00
|
date: 2020-06-24T21:16:10+03:00
|
||||||
|
weight: 1
|
||||||
draft: false
|
draft: false
|
||||||
description: "Provides actionable recommendations and insight into an attacker's view of your network"
|
description: "Provides actionable recommendations and insight into an attacker's view of your network"
|
||||||
---
|
---
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
---
|
---
|
||||||
title: "Zero Trust report"
|
title: "Zero Trust report"
|
||||||
date: 2020-06-24T21:16:18+03:00
|
date: 2020-06-24T21:16:18+03:00
|
||||||
|
weight: 2
|
||||||
draft: false
|
draft: false
|
||||||
description: "Generates a status report with detailed explanations of Zero Trust security gaps and prescriptive instructions on how to rectify them"
|
description: "Generates a status report with detailed explanations of Zero Trust security gaps and prescriptive instructions on how to rectify them"
|
||||||
---
|
---
|
||||||
|
@ -28,7 +29,7 @@ This diagram provides you with a quick glance at how your organization scores on
|
||||||
|
|
||||||
## Test Results
|
## Test Results
|
||||||
|
|
||||||
This section shows how your network fared against each of the tests the Infection Monkey ran. The tests are ordered by Zero Trust pillar, so you can quickly navigate to the category you want to prioritize.
|
This section shows how your network fared against each of the tests the Infection Monkey ran. The tests are ordered by Zero Trust pillar, so you can quickly navigate to the category you want to prioritize.
|
||||||
|
|
||||||
![Zero Trust Report test results](/images/usage/reports/ztreport2.png "Zero Trust Report test results")
|
![Zero Trust Report test results](/images/usage/reports/ztreport2.png "Zero Trust Report test results")
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,7 @@ The Infection Monkey Docker container works on Linux only. It is not compatible
|
||||||
1. Load the Monkey Island Docker image:
|
1. Load the Monkey Island Docker image:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo docker load -i dk.monkeyisland.1.10.0.tar
|
sudo docker load -i dk.monkeyisland.VERSION.tar
|
||||||
```
|
```
|
||||||
|
|
||||||
### 2. Start MongoDB
|
### 2. Start MongoDB
|
||||||
|
@ -58,7 +58,7 @@ been signed by a private certificate authority.
|
||||||
sudo docker run \
|
sudo docker run \
|
||||||
--name monkey-island \
|
--name monkey-island \
|
||||||
--network=host \
|
--network=host \
|
||||||
guardicore/monkey-island:1.10.0
|
guardicore/monkey-island:VERSION
|
||||||
```
|
```
|
||||||
|
|
||||||
### 3b. Start Monkey Island with user-provided certificate
|
### 3b. Start Monkey Island with user-provided certificate
|
||||||
|
@ -81,7 +81,7 @@ been signed by a private certificate authority.
|
||||||
--network=host \
|
--network=host \
|
||||||
--user "$(id -u ${USER}):$(id -g ${USER})" \
|
--user "$(id -u ${USER}):$(id -g ${USER})" \
|
||||||
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
|
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
|
||||||
guardicore/monkey-island:1.10.0 --setup-only
|
guardicore/monkey-island:VERSION --setup-only
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Move your `.crt` and `.key` files to `./monkey_island_data`.
|
1. Move your `.crt` and `.key` files to `./monkey_island_data`.
|
||||||
|
@ -122,7 +122,7 @@ been signed by a private certificate authority.
|
||||||
--network=host \
|
--network=host \
|
||||||
--user "$(id -u ${USER}):$(id -g ${USER})" \
|
--user "$(id -u ${USER}):$(id -g ${USER})" \
|
||||||
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
|
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
|
||||||
guardicore/monkey-island:1.10.0
|
guardicore/monkey-island:VERSION
|
||||||
```
|
```
|
||||||
|
|
||||||
### 4. Accessing Monkey Island
|
### 4. Accessing Monkey Island
|
||||||
|
@ -152,7 +152,7 @@ to store data in the `monkey-mongo` container.
|
||||||
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xee in position 0: invalid continuation byte
|
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xee in position 0: invalid continuation byte
|
||||||
```
|
```
|
||||||
|
|
||||||
Starting a new container from the `guardicore/monkey-island:1.10.0` image
|
Starting a new container from the `guardicore/monkey-island:VERSION` image
|
||||||
generates a new secret key for storing sensitive information in MongoDB. If you
|
generates a new secret key for storing sensitive information in MongoDB. If you
|
||||||
have an old database instance running (from a previous instance of Infection
|
have an old database instance running (from a previous instance of Infection
|
||||||
Monkey), the data stored in the `monkey-mongo` container has been encrypted
|
Monkey), the data stored in the `monkey-mongo` container has been encrypted
|
||||||
|
|
|
@ -18,10 +18,10 @@ installed, but the ones that we've tested are:
|
||||||
- Kali 2021.2
|
- Kali 2021.2
|
||||||
- Parrot 4.11
|
- Parrot 4.11
|
||||||
- Rocky 8
|
- Rocky 8
|
||||||
- Suse Leap 15.3
|
- openSUSE Leap 15.3
|
||||||
- Ubuntu 18.04
|
- Ubuntu Bionic 18.04
|
||||||
- Ubuntu 20.04
|
- Ubuntu Focal 20.04
|
||||||
- Ubuntu 21.04
|
- Ubuntu Hirsute 21.04
|
||||||
|
|
||||||
## Deployment
|
## Deployment
|
||||||
|
|
||||||
|
|
|
@ -1,75 +0,0 @@
|
||||||
---
|
|
||||||
title: "VMware"
|
|
||||||
date: 2020-05-26T20:57:14+03:00
|
|
||||||
draft: false
|
|
||||||
pre: '<i class="fas fa-laptop-code"></i> '
|
|
||||||
weight: 3
|
|
||||||
tags: ["setup", "vmware"]
|
|
||||||
---
|
|
||||||
|
|
||||||
## Deployment
|
|
||||||
|
|
||||||
1. Deploy the Infection Monkey OVA by choosing **Deploy OVF Template** and
|
|
||||||
following the wizard instructions. *Note: make sure ports 5000 and 5001 on
|
|
||||||
the machine are accessible for inbound TCP traffic.*
|
|
||||||
1. Turn on the Infection Monkey VM.
|
|
||||||
1. Log in to the machine with the following credentials:
|
|
||||||
1. Username: **monkeyuser**
|
|
||||||
1. Password: **Noon.Earth.Always**
|
|
||||||
1. For security purposes, it's recommended that you change the machine
|
|
||||||
passwords by running the following commands: `sudo passwd monkeyuser`, `sudo
|
|
||||||
passwd root`.
|
|
||||||
|
|
||||||
## OVA network modes
|
|
||||||
|
|
||||||
You can use the OVA in one of two modes:
|
|
||||||
|
|
||||||
1. In a network with the DHCP configured — In this case, the Monkey Island will
|
|
||||||
automatically query and receive an IP address from the network.
|
|
||||||
1. With a static IP address — In this case, you should log in to the VM console
|
|
||||||
with the username `monkeyuser` and the password `Noon.Earth.Always`. After logging
|
|
||||||
in, edit the Netplan configuration by entering the following command in the
|
|
||||||
prompt:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo nano /etc/netplan/00-installer-config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
Make the following changes:
|
|
||||||
|
|
||||||
```diff
|
|
||||||
# This is the network config written by 'subiquity'
|
|
||||||
network:
|
|
||||||
ethernets:
|
|
||||||
ens160:
|
|
||||||
- dhcp4: true
|
|
||||||
+ dhcp4: false
|
|
||||||
+ addresses: [XXX.XXX.XXX.XXX/24]
|
|
||||||
+ gateway4: YYY.YYY.YYY.YYY
|
|
||||||
+ nameservers:
|
|
||||||
+ addresses: [1.1.1.1]
|
|
||||||
version: 2
|
|
||||||
```
|
|
||||||
|
|
||||||
Replace `XXX.XXX.XXX.XXX` with the desired IP addess of the VM. Replace
|
|
||||||
`YYY.YYY.YYY.YYY` with the default gateway.
|
|
||||||
|
|
||||||
Save the changes then run the command:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo netplan apply
|
|
||||||
```
|
|
||||||
|
|
||||||
If this configuration does not suit your needs, see
|
|
||||||
https://netplan.io/examples/ for more information about how to configure
|
|
||||||
Netplan.
|
|
||||||
|
|
||||||
## Upgrading
|
|
||||||
|
|
||||||
Currently, there's no "upgrade-in-place" option when a new version is released.
|
|
||||||
To get an updated version, download the updated OVA file.
|
|
||||||
|
|
||||||
If you'd like to keep your existing configuration, you can export it to a file
|
|
||||||
using the *Export config* button and then import it to the new Monkey Island.
|
|
||||||
|
|
||||||
![Export configuration](../../images/setup/export-configuration.png "Export configuration")
|
|
|
@ -20,7 +20,7 @@ After running the installer, the following prompt should appear on the screen:
|
||||||
1. Follow the steps to complete the installation.
|
1. Follow the steps to complete the installation.
|
||||||
1. Run the Monkey Island by clicking on the desktop shortcut.
|
1. Run the Monkey Island by clicking on the desktop shortcut.
|
||||||
|
|
||||||
### Start Monkey Island with user-provided certificcate
|
### Start Monkey Island with user-provided certificate
|
||||||
|
|
||||||
By default, Infection Monkey comes with a [self-signed SSL certificate](https://aboutssl.org/what-is-self-sign-certificate/). In
|
By default, Infection Monkey comes with a [self-signed SSL certificate](https://aboutssl.org/what-is-self-sign-certificate/). In
|
||||||
enterprise or other security-sensitive environments, it is recommended that the
|
enterprise or other security-sensitive environments, it is recommended that the
|
||||||
|
|
|
@ -37,24 +37,31 @@ $ sha256sum monkey-linux-64
|
||||||
|
|
||||||
| Filename | Type | Version | SHA256 |
|
| Filename | Type | Version | SHA256 |
|
||||||
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
||||||
| monkey-windows-64.exe | Windows Agent | 1.10.0 | `3b499a4cf1a67a33a91c73b05884e4d6749e990e444fa1d2a3281af4db833fa1` |
|
| monkey-windows-64.exe | Windows Agent | 1.11.0 | `12c55377381a8fc7d8ff731db52302ef2f8bb894d8712769e5a91a140ba22b0a` |
|
||||||
| monkey-windows-32.exe | Windows Agent | 1.10.0 | `8e891e90b11b97fbbef27f1408c1fcad486b19c612773f2d6a9edac5d4cdb47f` |
|
| monkey-windows-32.exe | Windows Agent | 1.11.0 | `e006b26663f59b92bad8d49b034cd8101dd481f881e3c4839a9c1e64fd99e849` |
|
||||||
| monkey-linux-64 | Linux Agent | 1.10.0 | `932f703510b6484c3824fc797f90f99722e38a7f8956cf6fa58fdecb3790ab93` |
|
| monkey-linux-64 | Linux Agent | 1.11.0 | `fb4c979ce6c29bb458be50a44cc6839650826b831da849da69a05dfefdc66462` |
|
||||||
| monkey-linux-32 | Linux Agent | 1.10.0 | `a6de7d571051292b9db966afe025413dc20b214c4aab53e48d90d8e04264f4f5` |
|
| monkey-linux-32 | Linux Agent | 1.11.0 | `88d6d717f99047ae6f8ff9527b41ff004217c99b1b027f112d062dd9e66d11ab` |
|
||||||
| infection_monkey_deb.tgz | Debian Package | 1.10.0 | `534d85c4abc78e2c86a74d8b88759b091b62077dd9e32f02eeb43d716d359ff6` |
|
| Infection_Monkey-1.11.0-x86_64.AppImage | Linux Package | 1.11.0 | `6312b6bff18c11c7db694f42cf5a41e894786c39e3e093b6b15abcbff80337f2` |
|
||||||
| infection_monkey_debzt.tgz | Debian Package | 1.10.0 | `bd01d8482f80990e6cc0ed654c07dbd80da71eebe3dd244365e9bc00f86b1c03` |
|
| infection_monkey_docker_20210811_211212.tgz | Docker | 1.11.0 | `40f203387cadd153f97c6a21dfdddacd4d4eeea334a9300d862bfb4ba528e2e6` |
|
||||||
| Monkey Island v1.10.0_3593_windows.exe | Windows Installer | 1.10.0 | `ebd2c5627d21dd8670def02c3a5a995f9e799ba567cf4caacd702654264ddf06` |
|
| Monkey Island v1.11.0_3789.exe | Windows Installer | 1.11.0 | `20633c1993ea5f86b57b3a48d6875e8f72881f856f4713d747f07a559da05ccc` |
|
||||||
| Monkey Island v1.10.0_3593_windowszt.exe | Windows Installer | 1.10.0 | `60aaf3b32e5d06c91fe0d4f1b950529517ac33796f67e9ccfef0e8ce1c5372d8` |
|
|
||||||
| infection_monkey_docker_docker_20210326_171631.tgz | Docker | 1.10.0 | `e4f9c7c5aafe7e38b33d2927a9c0cf6a3ac27858d3d0e3f2252c2e91809a78db` |
|
|
||||||
| infection_monkey_docker_dockerzt_20210326_172035.tgz | Docker | 1.10.0 | `248640e9eaa18e4c27f67237f0594d9533732f372ba4674d5d1bea43ab498cf5` |
|
|
||||||
| monkey-island-vmware.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
|
|
||||||
| monkey-island-vmwarezt.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
|
|
||||||
|
|
||||||
|
|
||||||
## Older checksums
|
## Older checksums
|
||||||
|
|
||||||
| Filename | Type | Version | SHA256 |
|
| Filename | Type | Version | SHA256 |
|
||||||
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
|
||||||
|
| monkey-windows-64.exe | Windows Agent | 1.10.0 | `3b499a4cf1a67a33a91c73b05884e4d6749e990e444fa1d2a3281af4db833fa1` |
|
||||||
|
| monkey-windows-32.exe | Windows Agent | 1.10.0 | `8e891e90b11b97fbbef27f1408c1fcad486b19c612773f2d6a9edac5d4cdb47f` |
|
||||||
|
| monkey-linux-64 | Linux Agent | 1.10.0 | `932f703510b6484c3824fc797f90f99722e38a7f8956cf6fa58fdecb3790ab93` |
|
||||||
|
| monkey-linux-32 | Linux Agent | 1.10.0 | `a6de7d571051292b9db966afe025413dc20b214c4aab53e48d90d8e04264f4f5` |
|
||||||
|
| infection_monkey_deb.tgz | Debian Package | 1.10.0 | `534d85c4abc78e2c86a74d8b88759b091b62077dd9e32f02eeb43d716d359ff6` |
|
||||||
|
| infection_monkey_debzt.tgz | Debian Package | 1.10.0 | `bd01d8482f80990e6cc0ed654c07dbd80da71eebe3dd244365e9bc00f86b1c03` |
|
||||||
|
| Monkey Island v1.10.0_3593_windows.exe | Windows Installer | 1.10.0 | `ebd2c5627d21dd8670def02c3a5a995f9e799ba567cf4caacd702654264ddf06` |
|
||||||
|
| Monkey Island v1.10.0_3593_windowszt.exe | Windows Installer | 1.10.0 | `60aaf3b32e5d06c91fe0d4f1b950529517ac33796f67e9ccfef0e8ce1c5372d8` |
|
||||||
|
| infection_monkey_docker_docker_20210326_171631.tgz | Docker | 1.10.0 | `e4f9c7c5aafe7e38b33d2927a9c0cf6a3ac27858d3d0e3f2252c2e91809a78db` |
|
||||||
|
| infection_monkey_docker_dockerzt_20210326_172035.tgz | Docker | 1.10.0 | `248640e9eaa18e4c27f67237f0594d9533732f372ba4674d5d1bea43ab498cf5` |
|
||||||
|
| monkey-island-vmware.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
|
||||||
|
| monkey-island-vmwarezt.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
|
||||||
| monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068` |
|
| monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068` |
|
||||||
| monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8` |
|
| monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8` |
|
||||||
| monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956` |
|
| monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956` |
|
||||||
|
|
|
@ -74,10 +74,10 @@
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="col-lg-3 col-sm-6 mb-3">
|
<div class="col-lg-3 col-sm-6 mb-3">
|
||||||
<a href="usage/use-cases" class="px-4 py-5 bg-white shadow text-center d-block">
|
<a href="usage/scenarios" class="px-4 py-5 bg-white shadow text-center d-block">
|
||||||
<i class="fas fa-map-marked-alt d-block mb-4" style="font-size: x-large;"></i>
|
<i class="fas fa-map-marked-alt d-block mb-4" style="font-size: x-large;"></i>
|
||||||
<h4 class="mb-3 mt-0">Use Cases</h4>
|
<h4 class="mb-3 mt-0">Scenarios</h4>
|
||||||
<p class="mb-0">Learn about use cases of the Infection Monkey.</p>
|
<p class="mb-0">Learn about scenarios of the Infection Monkey.</p>
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="col-lg-3 col-sm-6 mb-3">
|
<div class="col-lg-3 col-sm-6 mb-3">
|
||||||
|
|
After Width: | Height: | Size: 135 KiB |
After Width: | Height: | Size: 138 KiB |
After Width: | Height: | Size: 257 KiB |
Before Width: | Height: | Size: 310 KiB After Width: | Height: | Size: 278 KiB |
Before Width: | Height: | Size: 296 KiB After Width: | Height: | Size: 283 KiB |
Before Width: | Height: | Size: 136 KiB After Width: | Height: | Size: 140 KiB |
|
@ -1 +1 @@
|
||||||
dev
|
release
|
||||||
|
|
|
@ -4,7 +4,7 @@ import argparse
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
MAJOR = "1"
|
MAJOR = "1"
|
||||||
MINOR = "10"
|
MINOR = "11"
|
||||||
PATCH = "0"
|
PATCH = "0"
|
||||||
build_file_path = Path(__file__).parent.joinpath("BUILD")
|
build_file_path = Path(__file__).parent.joinpath("BUILD")
|
||||||
with open(build_file_path, "r") as build_file:
|
with open(build_file_path, "r") as build_file:
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import logging
|
import logging
|
||||||
import random
|
import random
|
||||||
|
import shutil
|
||||||
import string
|
import string
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
|
@ -64,11 +65,13 @@ class CommunicateAsNewUser(PBA):
|
||||||
'Invoke-WebRequest {url} -UseBasicParsing"'
|
'Invoke-WebRequest {url} -UseBasicParsing"'
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
# true || false -> 0. false || true -> 0. false || false -> 1. So:
|
|
||||||
# if curl works, we're good.
|
# if curl works, we're good.
|
||||||
# If curl doesn't exist or fails and wget work, we're good.
|
# If curl doesn't exist or fails and wget work, we're good.
|
||||||
# And if both don't exist: we'll call it a win.
|
# And if both don't exist: we'll call it a win.
|
||||||
format_string = "curl {url} || wget -O/dev/null -q {url}"
|
if shutil.which("curl") is not None:
|
||||||
|
format_string = "curl {url}"
|
||||||
|
else:
|
||||||
|
format_string = "wget -O/dev/null -q {url}"
|
||||||
return format_string.format(url=url)
|
return format_string.format(url=url)
|
||||||
|
|
||||||
def send_result_telemetry(self, exit_status, commandline, username):
|
def send_result_telemetry(self, exit_status, commandline, username):
|
||||||
|
|
|
@ -2,7 +2,7 @@ import os
|
||||||
|
|
||||||
from infection_monkey.control import ControlClient
|
from infection_monkey.control import ControlClient
|
||||||
|
|
||||||
TEMP_COMSPEC = os.path.join(os.getcwd(), "random_executable.exe")
|
TEMP_COMSPEC = os.path.join(os.getcwd(), "T1216_random_executable.exe")
|
||||||
|
|
||||||
|
|
||||||
def get_windows_commands_to_proxy_execution_using_signed_script():
|
def get_windows_commands_to_proxy_execution_using_signed_script():
|
||||||
|
|
|
@ -16,5 +16,5 @@ class T1216PBAFileDownload(flask_restful.Resource):
|
||||||
executable_file_name = "T1216_random_executable.exe"
|
executable_file_name = "T1216_random_executable.exe"
|
||||||
return send_from_directory(
|
return send_from_directory(
|
||||||
directory=os.path.join(MONKEY_ISLAND_ABS_PATH, "cc", "resources", "pba"),
|
directory=os.path.join(MONKEY_ISLAND_ABS_PATH, "cc", "resources", "pba"),
|
||||||
filename=executable_file_name,
|
path=executable_file_name,
|
||||||
)
|
)
|
||||||
|
|
|
@ -18,7 +18,7 @@ def setup_data_dir(island_args: IslandCmdArgs) -> Tuple[IslandConfigOptions, str
|
||||||
def _setup_config_by_cmd_arg(server_config_path) -> Tuple[IslandConfigOptions, str]:
|
def _setup_config_by_cmd_arg(server_config_path) -> Tuple[IslandConfigOptions, str]:
|
||||||
server_config_path = expand_path(server_config_path)
|
server_config_path = expand_path(server_config_path)
|
||||||
config = server_config_handler.load_server_config_from_file(server_config_path)
|
config = server_config_handler.load_server_config_from_file(server_config_path)
|
||||||
create_secure_directory(config.data_dir)
|
create_secure_directory(str(config.data_dir))
|
||||||
return config, server_config_path
|
return config, server_config_path
|
||||||
|
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ def _setup_default_config() -> Tuple[IslandConfigOptions, str]:
|
||||||
default_config = server_config_handler.load_server_config_from_file(DEFAULT_SERVER_CONFIG_PATH)
|
default_config = server_config_handler.load_server_config_from_file(DEFAULT_SERVER_CONFIG_PATH)
|
||||||
default_data_dir = default_config.data_dir
|
default_data_dir = default_config.data_dir
|
||||||
|
|
||||||
create_secure_directory(default_data_dir)
|
create_secure_directory(str(default_data_dir))
|
||||||
|
|
||||||
server_config_path = server_config_handler.create_default_server_config_file(default_data_dir)
|
server_config_path = server_config_handler.create_default_server_config_file(default_data_dir)
|
||||||
config = server_config_handler.load_server_config_from_file(server_config_path)
|
config = server_config_handler.load_server_config_from_file(server_config_path)
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "infection-monkey",
|
"name": "infection-monkey",
|
||||||
"version": "1.10.0",
|
"version": "1.11.0",
|
||||||
"lockfileVersion": 1,
|
"lockfileVersion": 1,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"private": true,
|
"private": true,
|
||||||
"version": "1.10.0",
|
"version": "1.11.0",
|
||||||
"name": "infection-monkey",
|
"name": "infection-monkey",
|
||||||
"description": "Infection Monkey C&C UI",
|
"description": "Infection Monkey C&C UI",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
|
|
@ -10,7 +10,7 @@ const LATERAL_MOVEMENT_DESCRIPTION = 'After the initial breach, the attacker wil
|
||||||
<br /> \
|
<br /> \
|
||||||
<br /> \
|
<br /> \
|
||||||
<a \
|
<a \
|
||||||
href="https://www.guardicore.com/blog/stopping-ransomware-with-segmentation/" \
|
href="https://www.guardicore.com/blog/stopping-ransomware-with-segmentation/?utm_medium=monkey-request&utm_source=web-report&utm_campaign=monkey-security-report" \
|
||||||
target="_blank" \
|
target="_blank" \
|
||||||
> \
|
> \
|
||||||
See some real-world examples on Guardicore\'s blog. \
|
See some real-world examples on Guardicore\'s blog. \
|
||||||
|
|