ZL BB tests: Renamed "ZeroLogon" to "Zerologon" for cinsistency, extracted relevant credential extortion from island config into a separate method.

This commit is contained in:
VakarisZ 2021-03-08 13:58:11 +02:00
parent 70ec513f51
commit f43d9fe035
3 changed files with 17 additions and 12 deletions

View File

@ -14,7 +14,7 @@ TELEM_QUERY = {'telem_category': 'exploit',
'data.info.password_restored': True}
class ZeroLogonAnalyzer(Analyzer):
class ZerologonAnalyzer(Analyzer):
def __init__(self, island_client: MonkeyIslandClient, expected_credentials: List[str]):
self.island_client = island_client
@ -28,12 +28,17 @@ class ZeroLogonAnalyzer(Analyzer):
return is_creds_gathered and is_creds_restored
def _analyze_credential_gathering(self) -> bool:
credentials_on_island = []
config = self.island_client.get_config()
credentials_on_island = ZerologonAnalyzer._get_relevant_credentials(config)
return self._is_all_credentials_in_list(credentials_on_island)
@staticmethod
def _get_relevant_credentials(config: dict):
credentials_on_island = []
credentials_on_island.extend(dpath.util.get(config['configuration'], USER_LIST_PATH))
credentials_on_island.extend(dpath.util.get(config['configuration'], NTLM_HASH_LIST_PATH))
credentials_on_island.extend(dpath.util.get(config['configuration'], LM_HASH_LIST_PATH))
return self._is_all_credentials_in_list(credentials_on_island)
return credentials_on_island
def _is_all_credentials_in_list(self,
all_creds: List[str]) -> bool:
@ -43,10 +48,10 @@ class ZeroLogonAnalyzer(Analyzer):
def _log_creds_not_gathered(self, missing_creds: List[str]):
if not missing_creds:
self.log.add_entry("ZeroLogon exploiter gathered all credentials expected.")
self.log.add_entry("Zerologon exploiter gathered all credentials expected.")
else:
for cred in missing_creds:
self.log.add_entry(f"Credential ZeroLogon exploiter failed to gathered:{cred}.")
self.log.add_entry(f"Credential Zerologon exploiter failed to gathered:{cred}.")
def _analyze_credential_restore(self) -> bool:
cred_restore_telems = self.island_client.find_telems_in_db(TELEM_QUERY)
@ -55,7 +60,7 @@ class ZeroLogonAnalyzer(Analyzer):
def _log_credential_restore(self, telem_list: List[dict]):
if telem_list:
self.log.add_entry("ZeroLogon exploiter telemetry contains indicators that credentials "
self.log.add_entry("Zerologon exploiter telemetry contains indicators that credentials "
"were successfully restored.")
else:
self.log.add_entry("Credential restore failed or credential restore "

View File

@ -3,7 +3,7 @@ from copy import copy
from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate
class ZeroLogon(BaseTemplate):
class Zerologon(BaseTemplate):
config_values = copy(BaseTemplate.config_values)

View File

@ -7,7 +7,7 @@ from typing_extensions import Type
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \
CommunicationAnalyzer
from envs.monkey_zoo.blackbox.analyzers.zerologon_analyzer import ZeroLogonAnalyzer
from envs.monkey_zoo.blackbox.analyzers.zerologon_analyzer import ZerologonAnalyzer
from envs.monkey_zoo.blackbox.island_client.island_config_parser import \
IslandConfigParser
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
@ -26,7 +26,7 @@ from envs.monkey_zoo.blackbox.island_configs.tunneling import Tunneling
from envs.monkey_zoo.blackbox.island_configs.weblogic import Weblogic
from envs.monkey_zoo.blackbox.island_configs.wmi_mimikatz import WmiMimikatz
from envs.monkey_zoo.blackbox.island_configs.wmi_pth import WmiPth
from envs.monkey_zoo.blackbox.island_configs.zerologon import ZeroLogon
from envs.monkey_zoo.blackbox.island_configs.zerologon import Zerologon
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \
TestLogsHandler
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
@ -163,12 +163,12 @@ class TestMonkeyBlackbox:
TestMonkeyBlackbox.run_exploitation_test(island_client, WmiPth, "WMI_PTH")
def test_zerologon_exploiter(self, island_client):
test_name = "ZeroLogon_exploiter"
test_name = "Zerologon_exploiter"
expected_creds = ["Administrator",
"aad3b435b51404eeaad3b435b51404ee",
"2864b62ea4496934a5d6e86f50b834a5"]
raw_config = IslandConfigParser.get_raw_config(ZeroLogon, island_client)
analyzer = ZeroLogonAnalyzer(island_client, expected_creds)
raw_config = IslandConfigParser.get_raw_config(Zerologon, island_client)
analyzer = ZerologonAnalyzer(island_client, expected_creds)
log_handler = TestLogsHandler(test_name, island_client, TestMonkeyBlackbox.get_log_dir_path())
ExploitationTest(
name=test_name,