From b20de39ce08b6256fa4e3110c0dec5b18d495970 Mon Sep 17 00:00:00 2001 From: vakaris_zilius Date: Wed, 13 Apr 2022 13:10:02 +0000 Subject: [PATCH] BB: Split depth_1_b into separate tests, add SMB_PTH --- .../config_templates/grouped/depth_1_a.py | 1 - .../config_templates/grouped/depth_1_b.py | 22 --------------- envs/monkey_zoo/blackbox/test_blackbox.py | 28 ++++++++++++++----- .../utils/config_generation_script.py | 7 +++-- 4 files changed, 26 insertions(+), 32 deletions(-) delete mode 100644 envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py diff --git a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py index 1895f2bbe..842e33a2d 100644 --- a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py +++ b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py @@ -6,7 +6,6 @@ from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemp class Depth1A(ConfigTemplate): config_values = copy(BaseTemplate.config_values) - # TODO ADD SMB PTH machine # Tests: # Hadoop (10.2.2.2, 10.2.2.3) # Log4shell (10.2.3.55, 10.2.3.56, 10.2.3.49, 10.2.3.50, 10.2.3.51, 10.2.3.52) diff --git a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py deleted file mode 100644 index 3df42389a..000000000 --- a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py +++ /dev/null @@ -1,22 +0,0 @@ -from copy import copy - -from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate - - -class Depth1B(ConfigTemplate): - config_values = copy(BaseTemplate.config_values) - # Tests: - # WMI password login and mimikatz credential stealing (10.2.2.14 and 10.2.2.15) - # Zerologon - config_values.update( - { - "basic.exploiters.exploiter_classes": ["WmiExploiter", "ZerologonExploiter"], - "basic_network.scope.subnet_scan_list": ["10.2.2.25", "10.2.2.14", "10.2.2.15"], - "basic.credentials.exploit_password_list": ["Ivrrw5zEzs"], - "basic.credentials.exploit_user_list": ["m0nk3y"], - "monkey.system_info.system_info_collector_classes": [ - "MimikatzCollector", - ], - } - ) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index fec5664b1..fcf723c8e 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -9,9 +9,11 @@ from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import Communicat from envs.monkey_zoo.blackbox.analyzers.zerologon_analyzer import ZerologonAnalyzer from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate from envs.monkey_zoo.blackbox.config_templates.grouped.depth_1_a import Depth1A -from envs.monkey_zoo.blackbox.config_templates.grouped.depth_1_b import Depth1B from envs.monkey_zoo.blackbox.config_templates.grouped.depth_2_a import Depth2A from envs.monkey_zoo.blackbox.config_templates.grouped.depth_3_a import Depth3A +from envs.monkey_zoo.blackbox.config_templates.single_tests.smb_pth import SmbPth +from envs.monkey_zoo.blackbox.config_templates.single_tests.wmi_mimikatz import WmiMimikatz +from envs.monkey_zoo.blackbox.config_templates.single_tests.zerologon import Zerologon from envs.monkey_zoo.blackbox.gcp_test_machine_list import GCP_TEST_MACHINE_LIST from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient @@ -108,14 +110,21 @@ class TestMonkeyBlackbox: def test_depth_1_a(self, island_client): TestMonkeyBlackbox.run_exploitation_test(island_client, Depth1A, "Depth1A test suite") - def test_depth_1_b(self, island_client): + def test_depth_2_a(self, island_client): + TestMonkeyBlackbox.run_exploitation_test(island_client, Depth2A, "Depth2A test suite") + + def test_depth_3_a(self, island_client): + TestMonkeyBlackbox.run_exploitation_test(island_client, Depth3A, "Depth4A test suite") + + # Not grouped because it's slow + def test_zerologon_exploiter(self, island_client): test_name = "Zerologon_exploiter" expected_creds = [ "Administrator", "aad3b435b51404eeaad3b435b51404ee", "2864b62ea4496934a5d6e86f50b834a5", ] - raw_config = IslandConfigParser.get_raw_config(Depth1B, island_client) + raw_config = IslandConfigParser.get_raw_config(Zerologon, island_client) zero_logon_analyzer = ZerologonAnalyzer(island_client, expected_creds) communication_analyzer = CommunicationAnalyzer( island_client, IslandConfigParser.get_ips_of_targets(raw_config) @@ -132,8 +141,13 @@ class TestMonkeyBlackbox: log_handler=log_handler, ).run() - def test_depth_2_a(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, Depth2A, "Depth2A test suite") + # Not grouped because conflicts with SMB. + # Consider grouping when more depth 1 exploiters collide with group depth_1_a + def test_wmi_and_mimikatz_exploiters(self, island_client): + TestMonkeyBlackbox.run_exploitation_test( + island_client, WmiMimikatz, "WMI_exploiter,_mimikatz" + ) - def test_depth_3_a(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, Depth3A, "Depth4A test suite") + # Not grouped because it's depth 1 but conflicts with SMB exploiter in group depth_1_a + def test_smb_pth(self, island_client): + TestMonkeyBlackbox.run_exploitation_test(island_client, SmbPth, "SMB_PTH") diff --git a/envs/monkey_zoo/blackbox/utils/config_generation_script.py b/envs/monkey_zoo/blackbox/utils/config_generation_script.py index 320ae8c57..2d799b275 100644 --- a/envs/monkey_zoo/blackbox/utils/config_generation_script.py +++ b/envs/monkey_zoo/blackbox/utils/config_generation_script.py @@ -4,8 +4,11 @@ from typing import Type from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate from envs.monkey_zoo.blackbox.config_templates.grouped.depth_1_a import Depth1A -from envs.monkey_zoo.blackbox.config_templates.grouped.depth_1_b import Depth1B +from envs.monkey_zoo.blackbox.config_templates.grouped.depth_2_a import Depth2A from envs.monkey_zoo.blackbox.config_templates.grouped.depth_3_a import Depth3A +from envs.monkey_zoo.blackbox.config_templates.single_tests.smb_pth import SmbPth +from envs.monkey_zoo.blackbox.config_templates.single_tests.wmi_mimikatz import WmiMimikatz +from envs.monkey_zoo.blackbox.config_templates.single_tests.zerologon import Zerologon from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient @@ -23,7 +26,7 @@ args = parser.parse_args() island_client = MonkeyIslandClient(args.island_ip) -CONFIG_TEMPLATES = [Depth1A, Depth1B, Depth3A] +CONFIG_TEMPLATES = [Depth1A, Depth2A, Depth3A, Zerologon, SmbPth, WmiMimikatz] def generate_templates():