p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Organize and improve documentation of config

This commit is contained in:
Itay Mizeretz 2017-10-08 15:36:12 +03:00
parent e29f95b28e
commit a807e3f8b6
2 changed files with 84 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
monkey_island/cc/services/config.py
View File

@ -21,56 +21,56 @@ SCHEMA = {
"enum": [ "enum": [
"SmbExploiter" "SmbExploiter"
], ],
"title": "SmbExploiter" "title": "SMB Exploiter"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"WmiExploiter" "WmiExploiter"
], ],
"title": "WmiExploiter" "title": "WMI Exploiter"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"RdpExploiter" "RdpExploiter"
], ],
"title": "RdpExploiter (UNSAFE)" "title": "RDP Exploiter (UNSAFE)"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"Ms08_067_Exploiter" "Ms08_067_Exploiter"
], ],
"title": "Ms08-067 Exploiter (UNSAFE)" "title": "MS08-067 Exploiter (UNSAFE)"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"SSHExploiter" "SSHExploiter"
], ],
"title": "SSHExploiter" "title": "SSH Exploiter"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"ShellShockExploiter" "ShellShockExploiter"
], ],
"title": "ShellShockExploiter" "title": "ShellShock Exploiter"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"SambaCryExploiter" "SambaCryExploiter"
], ],
"title": "SambaCryExploiter" "title": "SambaCry Exploiter"
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"ElasticGroovyExploiter" "ElasticGroovyExploiter"
], ],
"title": "ElasticGroovyExploiter" "title": "ElasticGroovy Exploiter"
}, },
] ]
}, },
@ -125,7 +125,7 @@ SCHEMA = {
}, },
"properties": { "properties": {
"basic": { "basic": {
"title": "Basic", "title": "Basic - Credentials",
"type": "object", "type": "object",
"properties": { "properties": {
"credentials": { "credentials": {
@ -188,7 +188,7 @@ SCHEMA = {
"title": "Local network scan", "title": "Local network scan",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"description": "Determines whether monkey should scan its subnets additionally" "description": "Determines whether the monkey should scan its subnets additionally"
}, },
"depth": { "depth": {
"title": "Depth" + WARNING_SIGN, "title": "Depth" + WARNING_SIGN,
@ -212,17 +212,23 @@ SCHEMA = {
"ClassCRange" "ClassCRange"
], ],
"enumNames": [ "enumNames": [
"FixedRange", "Fixed Range",
"RelativeRange", "Relative Range",
"ClassCRange" "Class C Range"
], ],
"description": "Determines which class to use to determine scan range" "description":
"Determines which class to use to determine scan range."
" Fixed Range will scan only specific IPs listed under Fixed range IP list."
" Relative Range will scan the <Relative range size> closest ips to the machine's IP."
" Class C Range will scan machines in the Class C network the monkey's on."
}, },
"range_size": { "range_size": {
"title": "Relative range size", "title": "Relative range size",
"type": "integer", "type": "integer",
"default": 1, "default": 1,
"description": "Determines the size of the RelativeRange - amount of IPs to include" "description":
"Determines the size of the RelativeRange - amount of IPs to scan"
" (Only relevant for Relative Range)"
}, },
"range_fixed": { "range_fixed": {
"title": "Fixed range IP list", "title": "Fixed range IP list",
@ -233,7 +239,9 @@ SCHEMA = {
}, },
"default": [ "default": [
], ],
"description": "List of IPs to include when using FixedRange" "description":
"List of IPs to include when using FixedRange"
" (Only relevant for Fixed Range)"
} }
} }
} }
@ -293,25 +301,30 @@ SCHEMA = {
"title": "Max victims to find", "title": "Max victims to find",
"type": "integer", "type": "integer",
"default": 30, "default": 30,
"description": "Determines after how many discovered machines should the monkey stop scanning" "description": "Determines the maximum number of machines the monkey is allowed to scan"
}, },
"victims_max_exploit": { "victims_max_exploit": {
"title": "Max victims to exploit" + WARNING_SIGN, "title": "Max victims to exploit" + WARNING_SIGN,
"type": "integer", "type": "integer",
"default": 7, "default": 7,
"description": "Determines after how many infected machines should the monkey stop infecting" "description":
"Determines the maximum number of machines the monkey"
" is allowed to successfully exploit"
}, },
"timeout_between_iterations": { "timeout_between_iterations": {
"title": "Wait time between iterations", "title": "Wait time between iterations",
"type": "integer", "type": "integer",
"default": 100, "default": 100,
"description": "Determines for how long (in seconds) should the monkey wait between iterations" "description":
"Determines for how long (in seconds) should the monkey wait between iterations"
}, },
"retry_failed_explotation": { "retry_failed_explotation": {
"title": "Retry failed exploitation", "title": "Retry failed exploitation",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"description": "Determines whether the monkey should retry exploiting machines it didn't successfuly exploit on previous iterations" "description":
"Determines whether the monkey should retry exploiting machines"
" it didn't successfuly exploit on previous iterations"
} }
} }
} }
@ -329,7 +342,8 @@ SCHEMA = {
"title": "Singleton mutex name", "title": "Singleton mutex name",
"type": "string", "type": "string",
"default": "{2384ec59-0df8-4ab9-918c-843740924a28}", "default": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"description": "The name of the mutex used to determine whether the monkey is already running" "description":
"The name of the mutex used to determine whether the monkey is already running"
}, },
"collect_system_info": { "collect_system_info": {
"title": "Collect system info", "title": "Collect system info",
@ -371,23 +385,6 @@ SCHEMA = {
"ElasticFinger" "ElasticFinger"
], ],
"description": "Determines which classes to use for fingerprinting" "description": "Determines which classes to use for fingerprinting"
},
"exploiter_classes": {
"title": "Exploiter classes" + WARNING_SIGN,
"type": "array",
"uniqueItems": True,
"items": {
"$ref": "#/definitions/exploiter_classes"
},
"default": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter"
],
"description": "Determines which classes to use for exploiting"
} }
} }
}, },
@ -417,19 +414,25 @@ SCHEMA = {
"title": "Dropper sets date", "title": "Dropper sets date",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"description": "Determines whether the dropper should set the monkey's file date to be the same as another file" "description":
"Determines whether the dropper should set the monkey's file date to be the same as"
" another file"
}, },
"dropper_date_reference_path_windows": { "dropper_date_reference_path_windows": {
"title": "Dropper date reference path (Windows)", "title": "Dropper date reference path (Windows)",
"type": "string", "type": "string",
"default": "%windir%\\system32\\kernel32.dll", "default": "%windir%\\system32\\kernel32.dll",
"description": "Determines which file the dropper should copy the date from if it's configured to do so on Windows (use fullpath)" "description":
"Determines which file the dropper should copy the date from if it's configured to do"
" so on Windows (use fullpath)"
}, },
"dropper_date_reference_path_linux": { "dropper_date_reference_path_linux": {
"title": "Dropper date reference path (Linux)", "title": "Dropper date reference path (Linux)",
"type": "string", "type": "string",
"default": "/bin/sh", "default": "/bin/sh",
"description": "Determines which file the dropper should copy the date from if it's configured to do so on Linux (use fullpath)" "description":
"Determines which file the dropper should copy the date from if it's configured to do"
" so on Linux (use fullpath)"
}, },
"dropper_target_path_linux": { "dropper_target_path_linux": {
"title": "Dropper target path on Linux", "title": "Dropper target path on Linux",
@ -447,7 +450,9 @@ SCHEMA = {
"title": "Try to move first", "title": "Try to move first",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"description": "Determines whether the dropper should try to move itself instead of copying itself to target path" "description":
"Determines whether the dropper should try to move itsel instead of copying itself"
" to target path"
} }
} }
}, },
@ -515,7 +520,8 @@ SCHEMA = {
"title": "Mimikatz DLL name", "title": "Mimikatz DLL name",
"type": "string", "type": "string",
"default": "mk.dll", "default": "mk.dll",
"description": "Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)" "description":
"Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)"
} }
} }
} }
@ -552,7 +558,9 @@ SCHEMA = {
"monkey.guardicore.com", "monkey.guardicore.com",
"www.google.com" "www.google.com"
], ],
"description": "List of internet services to try and communicate with to determine internet connectivity (use either ip or domain)" "description":
"List of internet services to try and communicate with to determine internet"
" connectivity (use either ip or domain)"
}, },
"current_server": { "current_server": {
"title": "Current server", "title": "Current server",
@ -572,11 +580,29 @@ SCHEMA = {
"title": "General", "title": "General",
"type": "object", "type": "object",
"properties": { "properties": {
"exploiter_classes": {
"title": "Exploits" + WARNING_SIGN,
"type": "array",
"uniqueItems": True,
"items": {
"$ref": "#/definitions/exploiter_classes"
},
"default": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter"
],
"description": "Determines which exploits to use"
},
"skip_exploit_if_file_exist": { "skip_exploit_if_file_exist": {
"title": "Skip exploit if file exists", "title": "Skip exploit if file exists",
"type": "boolean", "type": "boolean",
"default": False, "default": False,
"description": "Determines whether the monkey should skip the exploit if the monkey's file is already on the remote machine" "description": "Determines whether the monkey should skip the exploit if the monkey's file"
" is already on the remote machine"
} }
} }
}, },
@ -612,7 +638,8 @@ SCHEMA = {
"title": "Use VBS download", "title": "Use VBS download",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"description": "Determines whether to use VBS or BITS to download monkey to remote machine (true=VBS, false=BITS)" "description": "Determines whether to use VBS or BITS to download monkey to remote machine"
" (true=VBS, false=BITS)"
} }
} }
}, },
@ -667,7 +694,8 @@ SCHEMA = {
"title": "SMB download timeout", "title": "SMB download timeout",
"type": "integer", "type": "integer",
"default": 300, "default": 300,
"description": "Timeout (in seconds) for SMB download operation (used in various exploits using SMB)" "description":
"Timeout (in seconds) for SMB download operation (used in various exploits using SMB)"
}, },
"smb_service_name": { "smb_service_name": {
"title": "SMB service name", "title": "SMB service name",

10
monkey_island/cc/ui/src/components/pages/ConfigurePage.js
View File

@ -116,7 +116,15 @@ class ConfigurePageComponent extends React.Component {
<NavItem key={section.key} eventKey={section.key}>{section.title}</NavItem> <NavItem key={section.key} eventKey={section.key}>{section.title}</NavItem>
)} )}
</Nav> </Nav>
{
this.state.selectedSection === 'basic_network' ?
<div className="alert alert-info">
<i className="glyphicon glyphicon-info-sign" style={{'marginRight': '5px'}}/>
The Monkey scans its subnet if "Local network scan" is ticked. Additionally the monkey will scan machines
according to its range class.
</div>
: <div />
}
{ this.state.selectedSection ? { this.state.selectedSection ?
<Form schema={displayedSchema} <Form schema={displayedSchema}
formData={this.state.configuration[this.state.selectedSection]} formData={this.state.configuration[this.state.selectedSection]}