Merge pull request #2101 from guardicore/2092-rebuild-test-configurations
2092 rebuild test configurations
This commit is contained in:
commit
9acc249d48
|
@ -0,0 +1,8 @@
|
|||
from .test_configuration import TestConfiguration
|
||||
from .zerologon import zerologon_test_configuration
|
||||
from .depth_1_a import depth_1_a_test_configuration
|
||||
from .depth_2_a import depth_2_a_test_configuration
|
||||
from .depth_3_a import depth_3_a_test_configuration
|
||||
from .powershell_credentials_reuse import powershell_credentials_reuse_test_configuration
|
||||
from .smb_pth import smb_pth_test_configuration
|
||||
from .wmi_mimikatz import wmi_mimikatz_test_configuration
|
|
@ -0,0 +1,91 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
from common.credentials import Credentials, Password, Username
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_credential_collectors,
|
||||
add_exploiters,
|
||||
add_http_ports,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
replace_propagation_credentials,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
# Tests:
|
||||
# Hadoop (10.2.2.2, 10.2.2.3)
|
||||
# Log4shell (10.2.3.55, 10.2.3.56, 10.2.3.49, 10.2.3.50, 10.2.3.51, 10.2.3.52)
|
||||
# MSSQL (10.2.2.16)
|
||||
# SMB mimikatz password stealing and brute force (10.2.2.14 and 10.2.2.15)
|
||||
|
||||
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [
|
||||
PluginConfiguration(name="MSSQLExploiter", options={}),
|
||||
PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}),
|
||||
PluginConfiguration(name="SSHExploiter", options={}),
|
||||
]
|
||||
vulnerability = [
|
||||
PluginConfiguration(name="HadoopExploiter", options={}),
|
||||
PluginConfiguration(name="Log4ShellExploiter", options={}),
|
||||
]
|
||||
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability)
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = [
|
||||
"10.2.2.2",
|
||||
"10.2.2.3",
|
||||
"10.2.3.55",
|
||||
"10.2.3.56",
|
||||
"10.2.3.49",
|
||||
"10.2.3.50",
|
||||
"10.2.3.51",
|
||||
"10.2.3.52",
|
||||
"10.2.2.16",
|
||||
"10.2.2.14",
|
||||
"10.2.2.15",
|
||||
]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
return add_credential_collectors(
|
||||
agent_configuration, [PluginConfiguration("MimikatzCollector", {})]
|
||||
)
|
||||
|
||||
|
||||
HTTP_PORTS = [8080, 8983, 9600]
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
ports = [22, 445] + HTTP_PORTS
|
||||
return add_tcp_ports(agent_configuration, ports)
|
||||
|
||||
|
||||
def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
return add_http_ports(agent_configuration, HTTP_PORTS)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
agent_configuration = _add_credential_collectors(agent_configuration)
|
||||
agent_configuration = _add_http_ports(agent_configuration)
|
||||
|
||||
depth_1_a_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
||||
|
||||
|
||||
CREDENTIALS = (
|
||||
Credentials(Username("m0nk3y"), None),
|
||||
Credentials(None, Password("Ivrrw5zEzs")),
|
||||
Credentials(None, Password("Xk8VDTsC")),
|
||||
)
|
||||
depth_1_a_test_configuration = replace_propagation_credentials(
|
||||
depth_1_a_test_configuration, CREDENTIALS
|
||||
)
|
|
@ -0,0 +1,53 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
from common.credentials import Credentials, Password, Username
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_exploiters,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
replace_propagation_credentials,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
|
||||
# Tests:
|
||||
# SSH password and key brute-force, key stealing (10.2.2.11, 10.2.2.12)
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [
|
||||
PluginConfiguration(name="SSHExploiter", options={}),
|
||||
]
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = [
|
||||
"10.2.2.11",
|
||||
"10.2.2.12",
|
||||
]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
ports = [22]
|
||||
return add_tcp_ports(agent_configuration, ports)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 2)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
|
||||
depth_2_a_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
||||
|
||||
|
||||
CREDENTIALS = (
|
||||
Credentials(Username("m0nk3y"), None),
|
||||
Credentials(None, Password("^NgDvY59~8")),
|
||||
)
|
||||
depth_2_a_test_configuration = replace_propagation_credentials(
|
||||
depth_2_a_test_configuration, CREDENTIALS
|
||||
)
|
|
@ -0,0 +1,75 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
from common.credentials import Credentials, NTHash, Password, Username
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_exploiters,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
replace_propagation_credentials,
|
||||
set_keep_tunnel_open_time,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
# Tests:
|
||||
# Powershell (10.2.3.45, 10.2.3.46, 10.2.3.47, 10.2.3.48)
|
||||
# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.11)
|
||||
# WMI pass the hash (10.2.2.15)
|
||||
|
||||
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [
|
||||
PluginConfiguration(name="PowerShellExploiter", options={}),
|
||||
PluginConfiguration(name="SSHExploiter", options={}),
|
||||
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
|
||||
]
|
||||
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = [
|
||||
"10.2.2.9",
|
||||
"10.2.3.45",
|
||||
"10.2.3.46",
|
||||
"10.2.3.47",
|
||||
"10.2.3.48",
|
||||
"10.2.1.10",
|
||||
"10.2.0.12",
|
||||
"10.2.0.11",
|
||||
"10.2.2.15",
|
||||
]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
ports = [22, 135, 5985, 5986]
|
||||
return add_tcp_ports(agent_configuration, ports)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
|
||||
agent_configuration = set_keep_tunnel_open_time(noop_test_configuration.agent_configuration, 20)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
|
||||
depth_3_a_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
||||
|
||||
|
||||
CREDENTIALS = (
|
||||
Credentials(Username("m0nk3y"), None),
|
||||
Credentials(Username("m0nk3y-user"), None),
|
||||
Credentials(None, Password("Passw0rd!")),
|
||||
Credentials(None, Password("3Q=(Ge(+&w]*")),
|
||||
Credentials(None, Password("`))jU7L(w}")),
|
||||
Credentials(None, Password("t67TC5ZDmz")),
|
||||
Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")),
|
||||
Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")),
|
||||
Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")),
|
||||
)
|
||||
depth_3_a_test_configuration = replace_propagation_credentials(
|
||||
depth_3_a_test_configuration, CREDENTIALS
|
||||
)
|
|
@ -0,0 +1,53 @@
|
|||
from common.configuration import (
|
||||
AgentConfiguration,
|
||||
CustomPBAConfiguration,
|
||||
ExploitationConfiguration,
|
||||
ExploitationOptionsConfiguration,
|
||||
ICMPScanConfiguration,
|
||||
NetworkScanConfiguration,
|
||||
PropagationConfiguration,
|
||||
ScanTargetConfiguration,
|
||||
TCPScanConfiguration,
|
||||
)
|
||||
|
||||
from . import TestConfiguration
|
||||
|
||||
_custom_pba_configuration = CustomPBAConfiguration("", "", "", "")
|
||||
|
||||
_tcp_scan_configuration = TCPScanConfiguration(timeout=3.0, ports=[])
|
||||
_icmp_scan_configuration = ICMPScanConfiguration(timeout=1.0)
|
||||
_scan_target_configuration = ScanTargetConfiguration(
|
||||
blocked_ips=[], inaccessible_subnets=[], local_network_scan=False, subnets=[]
|
||||
)
|
||||
_network_scan_configuration = NetworkScanConfiguration(
|
||||
tcp=_tcp_scan_configuration,
|
||||
icmp=_icmp_scan_configuration,
|
||||
fingerprinters=[],
|
||||
targets=_scan_target_configuration,
|
||||
)
|
||||
|
||||
_exploitation_options_configuration = ExploitationOptionsConfiguration(http_ports=[])
|
||||
_exploitation_configuration = ExploitationConfiguration(
|
||||
options=_exploitation_options_configuration, brute_force=[], vulnerability=[]
|
||||
)
|
||||
|
||||
_propagation_configuration = PropagationConfiguration(
|
||||
maximum_depth=0,
|
||||
network_scan=_network_scan_configuration,
|
||||
exploitation=_exploitation_configuration,
|
||||
)
|
||||
|
||||
_agent_configuration = AgentConfiguration(
|
||||
keep_tunnel_open_time=0,
|
||||
custom_pbas=_custom_pba_configuration,
|
||||
post_breach_actions=[],
|
||||
credential_collectors=[],
|
||||
payloads=[],
|
||||
propagation=_propagation_configuration,
|
||||
)
|
||||
_propagation_credentials = tuple()
|
||||
|
||||
# This is an empty, NOOP configuration from which other configurations can be built
|
||||
noop_test_configuration = TestConfiguration(
|
||||
agent_configuration=_agent_configuration, propagation_credentials=_propagation_credentials
|
||||
)
|
|
@ -0,0 +1,40 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_exploiters,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [
|
||||
PluginConfiguration(name="PowerShellExploiter", options={}),
|
||||
]
|
||||
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = [
|
||||
"10.2.3.46",
|
||||
]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
ports = [5985, 5986]
|
||||
return add_tcp_ports(agent_configuration, ports)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
|
||||
powershell_credentials_reuse_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
|
@ -0,0 +1,59 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
from common.credentials import Credentials, NTHash, Password, Username
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_exploiters,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
replace_propagation_credentials,
|
||||
set_keep_tunnel_open_time,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [
|
||||
PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}),
|
||||
]
|
||||
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = [
|
||||
"10.2.2.15",
|
||||
]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
ports = [445]
|
||||
return add_tcp_ports(agent_configuration, ports)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
|
||||
agent_configuration = set_keep_tunnel_open_time(noop_test_configuration.agent_configuration, 20)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
|
||||
smb_pth_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
||||
|
||||
|
||||
CREDENTIALS = (
|
||||
Credentials(Username("Administrator"), None),
|
||||
Credentials(Username("m0nk3y"), None),
|
||||
Credentials(Username("user"), None),
|
||||
Credentials(None, Password("Ivrrw5zEzs")),
|
||||
Credentials(None, Password("Password1!")),
|
||||
Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")),
|
||||
Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")),
|
||||
Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")),
|
||||
)
|
||||
smb_pth_test_configuration = replace_propagation_credentials(
|
||||
smb_pth_test_configuration, CREDENTIALS
|
||||
)
|
|
@ -0,0 +1,11 @@
|
|||
from dataclasses import dataclass
|
||||
from typing import Tuple
|
||||
|
||||
from common.configuration import AgentConfiguration
|
||||
from common.credentials import Credentials
|
||||
|
||||
|
||||
@dataclass
|
||||
class TestConfiguration:
|
||||
agent_configuration: AgentConfiguration
|
||||
propagation_credentials: Tuple[Credentials, ...]
|
|
@ -0,0 +1,142 @@
|
|||
from dataclasses import replace
|
||||
from typing import Sequence, Tuple
|
||||
|
||||
from common.configuration import (
|
||||
AgentConfiguration,
|
||||
ExploitationConfiguration,
|
||||
ExploitationOptionsConfiguration,
|
||||
NetworkScanConfiguration,
|
||||
PluginConfiguration,
|
||||
PropagationConfiguration,
|
||||
ScanTargetConfiguration,
|
||||
)
|
||||
from common.credentials import Credentials
|
||||
|
||||
from . import TestConfiguration
|
||||
|
||||
|
||||
def add_exploiters(
|
||||
agent_configuration: AgentConfiguration,
|
||||
brute_force: Sequence[PluginConfiguration] = [],
|
||||
vulnerability: Sequence[PluginConfiguration] = [],
|
||||
) -> AgentConfiguration:
|
||||
exploitation_configuration = replace(
|
||||
agent_configuration.propagation.exploitation,
|
||||
brute_force=brute_force,
|
||||
vulnerability=vulnerability,
|
||||
)
|
||||
return replace_exploitation_configuration(agent_configuration, exploitation_configuration)
|
||||
|
||||
|
||||
def add_tcp_ports(
|
||||
agent_configuration: AgentConfiguration, tcp_ports: Sequence[int]
|
||||
) -> AgentConfiguration:
|
||||
tcp_scan_configuration = replace(
|
||||
agent_configuration.propagation.network_scan.tcp, ports=tuple(tcp_ports)
|
||||
)
|
||||
network_scan_configuration = replace(
|
||||
agent_configuration.propagation.network_scan, tcp=tcp_scan_configuration
|
||||
)
|
||||
|
||||
return replace_network_scan_configuration(agent_configuration, network_scan_configuration)
|
||||
|
||||
|
||||
def add_subnets(
|
||||
agent_configuration: AgentConfiguration, subnets: Sequence[str]
|
||||
) -> AgentConfiguration:
|
||||
scan_target_configuration = replace(
|
||||
agent_configuration.propagation.network_scan.targets, subnets=subnets
|
||||
)
|
||||
return replace_scan_target_configuration(agent_configuration, scan_target_configuration)
|
||||
|
||||
|
||||
def add_credential_collectors(
|
||||
agent_configuration: AgentConfiguration, credential_collectors: Sequence[PluginConfiguration]
|
||||
) -> AgentConfiguration:
|
||||
return replace(agent_configuration, credential_collectors=tuple(credential_collectors))
|
||||
|
||||
|
||||
def add_http_ports(
|
||||
agent_configuration: AgentConfiguration, http_ports: Sequence[int]
|
||||
) -> AgentConfiguration:
|
||||
exploitation_options_configuration = agent_configuration.propagation.exploitation.options
|
||||
exploitation_options_configuration = replace(
|
||||
exploitation_options_configuration, http_ports=http_ports
|
||||
)
|
||||
|
||||
return replace_exploitation_options_configuration(
|
||||
agent_configuration, exploitation_options_configuration
|
||||
)
|
||||
|
||||
|
||||
def set_keep_tunnel_open_time(
|
||||
agent_configuration: AgentConfiguration, keep_tunnel_open_time: int
|
||||
) -> AgentConfiguration:
|
||||
return replace(agent_configuration, keep_tunnel_open_time=keep_tunnel_open_time)
|
||||
|
||||
|
||||
def set_maximum_depth(
|
||||
agent_configuration: AgentConfiguration, maximum_depth: int
|
||||
) -> AgentConfiguration:
|
||||
propagation_configuration = replace(
|
||||
agent_configuration.propagation, maximum_depth=maximum_depth
|
||||
)
|
||||
return replace_propagation_configuration(agent_configuration, propagation_configuration)
|
||||
|
||||
|
||||
def replace_exploitation_configuration(
|
||||
agent_configuration: AgentConfiguration, exploitation_configuration: ExploitationConfiguration
|
||||
) -> AgentConfiguration:
|
||||
propagation_configuration = replace(
|
||||
agent_configuration.propagation, exploitation=exploitation_configuration
|
||||
)
|
||||
|
||||
return replace_propagation_configuration(agent_configuration, propagation_configuration)
|
||||
|
||||
|
||||
def replace_scan_target_configuration(
|
||||
agent_configuration: AgentConfiguration, scan_target_configuration: ScanTargetConfiguration
|
||||
) -> AgentConfiguration:
|
||||
network_scan_configuration = replace(
|
||||
agent_configuration.propagation.network_scan, targets=scan_target_configuration
|
||||
)
|
||||
|
||||
return replace_network_scan_configuration(agent_configuration, network_scan_configuration)
|
||||
|
||||
|
||||
def replace_network_scan_configuration(
|
||||
agent_configuration: AgentConfiguration, network_scan_configuration: NetworkScanConfiguration
|
||||
) -> AgentConfiguration:
|
||||
propagation_configuration = replace(
|
||||
agent_configuration.propagation, network_scan=network_scan_configuration
|
||||
)
|
||||
return replace_propagation_configuration(agent_configuration, propagation_configuration)
|
||||
|
||||
|
||||
def replace_propagation_configuration(
|
||||
agent_configuration: AgentConfiguration, propagation_configuration: PropagationConfiguration
|
||||
) -> AgentConfiguration:
|
||||
return replace(agent_configuration, propagation=propagation_configuration)
|
||||
|
||||
|
||||
def replace_exploitation_options_configuration(
|
||||
agent_configuration: AgentConfiguration,
|
||||
exploitation_options_configuration: ExploitationOptionsConfiguration,
|
||||
) -> AgentConfiguration:
|
||||
exploitation_configuration = agent_configuration.propagation.exploitation
|
||||
exploitation_configuration = replace(
|
||||
exploitation_configuration, options=exploitation_options_configuration
|
||||
)
|
||||
return replace_exploitation_configuration(agent_configuration, exploitation_configuration)
|
||||
|
||||
|
||||
def replace_agent_configuration(
|
||||
test_configuration: TestConfiguration, agent_configuration: AgentConfiguration
|
||||
) -> TestConfiguration:
|
||||
return replace(test_configuration, agent_configuration=agent_configuration)
|
||||
|
||||
|
||||
def replace_propagation_credentials(
|
||||
test_configuration: TestConfiguration, propagation_credentials: Tuple[Credentials, ...]
|
||||
):
|
||||
return replace(test_configuration, propagation_credentials=propagation_credentials)
|
|
@ -0,0 +1,64 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
from common.credentials import Credentials, Password, Username
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_credential_collectors,
|
||||
add_exploiters,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
replace_propagation_credentials,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [
|
||||
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
|
||||
]
|
||||
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = [
|
||||
"10.2.2.14",
|
||||
"10.2.2.15",
|
||||
]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
return add_credential_collectors(
|
||||
agent_configuration, [PluginConfiguration("MimikatzCollector", {})]
|
||||
)
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
ports = [135]
|
||||
return add_tcp_ports(agent_configuration, ports)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
agent_configuration = _add_credential_collectors(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
agent_configuration = _add_credential_collectors(agent_configuration)
|
||||
|
||||
wmi_mimikatz_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
||||
|
||||
|
||||
CREDENTIALS = (
|
||||
Credentials(Username("Administrator"), None),
|
||||
Credentials(Username("m0nk3y"), None),
|
||||
Credentials(Username("user"), None),
|
||||
Credentials(None, Password("Ivrrw5zEzs")),
|
||||
Credentials(None, Password("Password1!")),
|
||||
)
|
||||
wmi_mimikatz_test_configuration = replace_propagation_credentials(
|
||||
wmi_mimikatz_test_configuration, CREDENTIALS
|
||||
)
|
|
@ -0,0 +1,37 @@
|
|||
from common.configuration import AgentConfiguration, PluginConfiguration
|
||||
|
||||
from .noop import noop_test_configuration
|
||||
from .utils import (
|
||||
add_exploiters,
|
||||
add_subnets,
|
||||
add_tcp_ports,
|
||||
replace_agent_configuration,
|
||||
set_maximum_depth,
|
||||
)
|
||||
|
||||
|
||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
brute_force = [PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30})]
|
||||
vulnerability = [PluginConfiguration(name="ZerologonExploiter", options={})]
|
||||
|
||||
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability)
|
||||
|
||||
|
||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
tcp_ports = [135, 445]
|
||||
return add_tcp_ports(agent_configuration, tcp_ports)
|
||||
|
||||
|
||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||
subnets = ["10.2.2.25"]
|
||||
return add_subnets(agent_configuration, subnets)
|
||||
|
||||
|
||||
agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
|
||||
agent_configuration = _add_exploiters(agent_configuration)
|
||||
agent_configuration = _add_tcp_ports(agent_configuration)
|
||||
agent_configuration = _add_subnets(agent_configuration)
|
||||
|
||||
zerologon_test_configuration = replace_agent_configuration(
|
||||
noop_test_configuration, agent_configuration
|
||||
)
|
Loading…
Reference in New Issue