Island: Reimplement PropagationCredentials resource
This commit is contained in:
Mike Salvatore
parent
703ba4f1c4
commit
8ecf328b4c
|
|
@ -170,7 +170,7 @@ def init_api_resources(api):
|
||||||
"/api/fileUpload/<string:file_type>?load=<string:filename>",
|
"/api/fileUpload/<string:file_type>?load=<string:filename>",
|
||||||
"/api/fileUpload/<string:file_type>?restore=<string:filename>",
|
"/api/fileUpload/<string:file_type>?restore=<string:filename>",
|
||||||
)
|
)
|
||||||
api.add_resource(PropagationCredentials, "/api/propagation-credentials")
|
api.add_resource(PropagationCredentials, "/api/propagation-credentials/<string:guid>")
|
||||||
api.add_resource(RemoteRun, "/api/remote-monkey", "/api/remote-monkey/")
|
api.add_resource(RemoteRun, "/api/remote-monkey", "/api/remote-monkey/")
|
||||||
api.add_resource(VersionUpdate, "/api/version-update", "/api/version-update/")
|
api.add_resource(VersionUpdate, "/api/version-update", "/api/version-update/")
|
||||||
api.add_resource(RemotePortCheck, "/api/monkey_control/check_remote_port/<string:port>")
|
api.add_resource(RemotePortCheck, "/api/monkey_control/check_remote_port/<string:port>")
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,16 @@
|
||||||
import flask_restful
|
import flask_restful
|
||||||
|
|
||||||
|
from monkey_island.cc.database import mongo
|
||||||
from monkey_island.cc.services.config import ConfigService
|
from monkey_island.cc.services.config import ConfigService
|
||||||
|
|
||||||
|
|
||||||
class PropagationCredentials(flask_restful.Resource):
|
class PropagationCredentials(flask_restful.Resource):
|
||||||
def get(self):
|
def get(self, guid: str):
|
||||||
|
monkey_json = mongo.db.monkey.find_one_or_404({"guid": guid})
|
||||||
|
ConfigService.decrypt_flat_config(monkey_json)
|
||||||
|
|
||||||
return {"propagation_credentials": ConfigService.get_config_propagation_credentials()}
|
propagation_credentials = ConfigService.get_config_propagation_credentials_from_flat_config(
|
||||||
|
monkey_json["config"]
|
||||||
|
)
|
||||||
|
|
||||||
|
return {"propagation_credentials": propagation_credentials}
|
||||||
|
|
|
||||||
|
|
@ -410,21 +410,13 @@ class ConfigService:
|
||||||
ConfigService.set_config_value(STARTED_ON_ISLAND_PATH, value)
|
ConfigService.set_config_value(STARTED_ON_ISLAND_PATH, value)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_config_propagation_credentials():
|
def get_config_propagation_credentials_from_flat_config(config):
|
||||||
return {
|
return {
|
||||||
"exploit_user_list": ConfigService.get_config_value(
|
"exploit_user_list": config["exploit_user_list"],
|
||||||
USER_LIST_PATH, should_decrypt=False
|
"exploit_password_list": config["exploit_password_list"],
|
||||||
),
|
"exploit_lm_hash_list": config["exploit_lm_hash_list"],
|
||||||
"exploit_password_list": ConfigService.get_config_value(
|
"exploit_ntlm_hash_list": config["exploit_ntlm_hash_list"],
|
||||||
PASSWORD_LIST_PATH, should_decrypt=False
|
"exploit_ssh_keys": config["exploit_ssh_keys"],
|
||||||
),
|
|
||||||
"exploit_lm_hash_list": ConfigService.get_config_value(
|
|
||||||
LM_HASH_LIST_PATH, should_decrypt=False
|
|
||||||
),
|
|
||||||
"exploit_ntlm_hash_list": ConfigService.get_config_value(
|
|
||||||
NTLM_HASH_LIST_PATH, should_decrypt=False
|
|
||||||
),
|
|
||||||
"exploit_ssh_keys": ConfigService.get_config_value(SSH_KEYS_PATH, should_decrypt=False),
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
|
||||||
|
|
@ -29,18 +29,18 @@
|
||||||
"dropper_target_path_linux": "/tmp/monkey",
|
"dropper_target_path_linux": "/tmp/monkey",
|
||||||
"dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe",
|
"dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe",
|
||||||
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
|
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
|
||||||
"exploit_lm_hash_list": [],
|
"exploit_lm_hash_list": ["lm_hash_1", "lm_hash_2"],
|
||||||
"exploit_ntlm_hash_list": [],
|
"exploit_ntlm_hash_list": ["nt_hash_1", "nt_hash_2", "nt_hash_3"],
|
||||||
"exploit_password_list": [
|
"exploit_password_list": [
|
||||||
"root",
|
"test",
|
||||||
"123456",
|
"iloveyou",
|
||||||
"password",
|
"12345"
|
||||||
"123456789",
|
|
||||||
"qwerty",
|
|
||||||
"111111",
|
|
||||||
"iloveyou"
|
|
||||||
],
|
],
|
||||||
"exploit_ssh_keys": [
|
"exploit_ssh_keys": [
|
||||||
|
{
|
||||||
|
"public_key": "my_public_key",
|
||||||
|
"private_key": "my_private_key"
|
||||||
|
}
|
||||||
],
|
],
|
||||||
"exploit_user_list": [
|
"exploit_user_list": [
|
||||||
"Administrator",
|
"Administrator",
|
||||||
|
|
|
||||||
|
|
@ -80,3 +80,16 @@ def test_format_config_for_agent__pbas(flat_monkey_config):
|
||||||
assert "PBA_linux_filename" not in flat_monkey_config
|
assert "PBA_linux_filename" not in flat_monkey_config
|
||||||
assert "custom_PBA_windows_cmd" not in flat_monkey_config
|
assert "custom_PBA_windows_cmd" not in flat_monkey_config
|
||||||
assert "PBA_windows_filename" not in flat_monkey_config
|
assert "PBA_windows_filename" not in flat_monkey_config
|
||||||
|
|
||||||
|
|
||||||
|
def test_get_config_propagation_credentials_from_flat_config(flat_monkey_config):
|
||||||
|
expected_creds = {
|
||||||
|
"exploit_lm_hash_list": ["lm_hash_1", "lm_hash_2"],
|
||||||
|
"exploit_ntlm_hash_list": ["nt_hash_1", "nt_hash_2", "nt_hash_3"],
|
||||||
|
"exploit_password_list": ["test", "iloveyou", "12345"],
|
||||||
|
"exploit_ssh_keys": [{"private_key": "my_private_key", "public_key": "my_public_key"}],
|
||||||
|
"exploit_user_list": ["Administrator", "root", "user", "ubuntu"],
|
||||||
|
}
|
||||||
|
|
||||||
|
creds = ConfigService.get_config_propagation_credentials_from_flat_config(flat_monkey_config)
|
||||||
|
assert creds == expected_creds
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue