From e92665a4278630a6c72a118db2671755fd455033 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:39:47 +0200 Subject: [PATCH 01/10] Random PEP8 cleanups --- .../blackbox/island_client/monkey_island_requests.py | 3 ++- monkey/infection_monkey/network/tools.py | 2 +- .../infection_monkey/system_info/windows_info_collector.py | 6 +++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 8ac53996b..8ff3d3667 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -27,10 +27,11 @@ class MonkeyIslandRequests(object): @classmethod def refresh_jwt_token(cls, request_function): @functools.wraps(request_function) - def request_function_wrapper(self, *args,**kwargs): + def request_function_wrapper(self, *args, **kwargs): self.token = self.try_get_jwt_from_server() # noinspection PyArgumentList return request_function(self, *args, **kwargs) + return request_function_wrapper def get_jwt_from_server(self): diff --git a/monkey/infection_monkey/network/tools.py b/monkey/infection_monkey/network/tools.py index 7a029e5dd..5e95e20be 100644 --- a/monkey/infection_monkey/network/tools.py +++ b/monkey/infection_monkey/network/tools.py @@ -308,4 +308,4 @@ def get_interface_to_target(dst): return None paths.sort() ret = paths[-1][1] - return ret[1] \ No newline at end of file + return ret[1] diff --git a/monkey/infection_monkey/system_info/windows_info_collector.py b/monkey/infection_monkey/system_info/windows_info_collector.py index 1419478db..857b42303 100644 --- a/monkey/infection_monkey/system_info/windows_info_collector.py +++ b/monkey/infection_monkey/system_info/windows_info_collector.py @@ -3,11 +3,15 @@ import logging import sys sys.coinit_flags = 0 # needed for proper destruction of the wmi python module - +# noinspection PyPep8 import infection_monkey.config +# noinspection PyPep8 from infection_monkey.system_info.mimikatz_collector import MimikatzCollector +# noinspection PyPep8 from infection_monkey.system_info import InfoCollector +# noinspection PyPep8 from infection_monkey.system_info.wmi_consts import WMI_CLASSES +# noinspection PyPep8 from common.utils.wmi_utils import WMIUtils LOG = logging.getLogger(__name__) From 052e853b20ccc5d7db89e3cabf57e022d9d9d4fd Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:41:02 +0200 Subject: [PATCH 02/10] Convert terraform to modern style --- envs/monkey_zoo/terraform/config.tf | 2 +- envs/monkey_zoo/terraform/firewalls.tf | 16 ++-- envs/monkey_zoo/terraform/images.tf | 44 +++++------ envs/monkey_zoo/terraform/monkey_zoo.tf | 98 ++++++++++++------------- envs/monkey_zoo/terraform/templates.tf | 4 +- 5 files changed, 82 insertions(+), 82 deletions(-) diff --git a/envs/monkey_zoo/terraform/config.tf b/envs/monkey_zoo/terraform/config.tf index 3a2bf0fc4..5396f424c 100644 --- a/envs/monkey_zoo/terraform/config.tf +++ b/envs/monkey_zoo/terraform/config.tf @@ -2,7 +2,7 @@ provider "google" { project = "test-000000" region = "europe-west3" zone = "europe-west3-b" - credentials = "${file("../gcp_keys/gcp_key.json")}" + credentials = file("../gcp_keys/gcp_key.json") } locals { resource_prefix = "" diff --git a/envs/monkey_zoo/terraform/firewalls.tf b/envs/monkey_zoo/terraform/firewalls.tf index afd99a347..a331125c4 100644 --- a/envs/monkey_zoo/terraform/firewalls.tf +++ b/envs/monkey_zoo/terraform/firewalls.tf @@ -1,6 +1,6 @@ resource "google_compute_firewall" "islands-in" { name = "${local.resource_prefix}islands-in" - network = "${google_compute_network.monkeyzoo.name}" + network = google_compute_network.monkeyzoo.name allow { protocol = "tcp" @@ -14,7 +14,7 @@ resource "google_compute_firewall" "islands-in" { resource "google_compute_firewall" "islands-out" { name = "${local.resource_prefix}islands-out" - network = "${google_compute_network.monkeyzoo.name}" + network = google_compute_network.monkeyzoo.name allow { protocol = "tcp" @@ -27,7 +27,7 @@ resource "google_compute_firewall" "islands-out" { resource "google_compute_firewall" "monkeyzoo-in" { name = "${local.resource_prefix}monkeyzoo-in" - network = "${google_compute_network.monkeyzoo.name}" + network = google_compute_network.monkeyzoo.name allow { protocol = "all" @@ -40,7 +40,7 @@ resource "google_compute_firewall" "monkeyzoo-in" { resource "google_compute_firewall" "monkeyzoo-out" { name = "${local.resource_prefix}monkeyzoo-out" - network = "${google_compute_network.monkeyzoo.name}" + network = google_compute_network.monkeyzoo.name allow { protocol = "all" @@ -53,7 +53,7 @@ resource "google_compute_firewall" "monkeyzoo-out" { resource "google_compute_firewall" "tunneling-in" { name = "${local.resource_prefix}tunneling-in" - network = "${google_compute_network.tunneling.name}" + network = google_compute_network.tunneling.name allow { protocol = "all" @@ -65,7 +65,7 @@ resource "google_compute_firewall" "tunneling-in" { resource "google_compute_firewall" "tunneling-out" { name = "${local.resource_prefix}tunneling-out" - network = "${google_compute_network.tunneling.name}" + network = google_compute_network.tunneling.name allow { protocol = "all" @@ -77,7 +77,7 @@ resource "google_compute_firewall" "tunneling-out" { resource "google_compute_firewall" "tunneling2-in" { name = "${local.resource_prefix}tunneling2-in" - network = "${google_compute_network.tunneling2.name}" + network = google_compute_network.tunneling2.name allow { protocol = "all" @@ -89,7 +89,7 @@ resource "google_compute_firewall" "tunneling2-in" { resource "google_compute_firewall" "tunneling2-out" { name = "${local.resource_prefix}tunneling2-out" - network = "${google_compute_network.tunneling2.name}" + network = google_compute_network.tunneling2.name allow { protocol = "all" diff --git a/envs/monkey_zoo/terraform/images.tf b/envs/monkey_zoo/terraform/images.tf index dccbe16dd..4c01ff4d2 100644 --- a/envs/monkey_zoo/terraform/images.tf +++ b/envs/monkey_zoo/terraform/images.tf @@ -1,19 +1,19 @@ //Custom cloud images data "google_compute_image" "hadoop-2" { name = "hadoop-2" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "hadoop-3" { name = "hadoop-3" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "elastic-4" { name = "elastic-4" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "elastic-5" { name = "elastic-5" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } /* @@ -23,73 +23,73 @@ data "google_compute_image" "sambacry-6" { */ data "google_compute_image" "shellshock-8" { name = "shellshock-8" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "tunneling-9" { name = "tunneling-9" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "tunneling-10" { name = "tunneling-10" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "tunneling-11" { name = "tunneling-11" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "sshkeys-11" { name = "sshkeys-11" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "sshkeys-12" { name = "sshkeys-12" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "mimikatz-14" { name = "mimikatz-14" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "mimikatz-15" { name = "mimikatz-15" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "mssql-16" { name = "mssql-16" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "weblogic-18" { name = "weblogic-18" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "weblogic-19" { name = "weblogic-19" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "smb-20" { name = "smb-20" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "scan-21" { name = "scan-21" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "scan-22" { name = "scan-22" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "struts2-23" { name = "struts2-23" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "struts2-24" { name = "struts2-24" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "island-linux-250" { name = "island-linux-250" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } data "google_compute_image" "island-windows-251" { name = "island-windows-251" - project = "${local.monkeyzoo_project}" + project = local.monkeyzoo_project } diff --git a/envs/monkey_zoo/terraform/monkey_zoo.tf b/envs/monkey_zoo/terraform/monkey_zoo.tf index cf45d93e0..30602f237 100644 --- a/envs/monkey_zoo/terraform/monkey_zoo.tf +++ b/envs/monkey_zoo/terraform/monkey_zoo.tf @@ -1,8 +1,8 @@ // Local variables locals { - default_ubuntu="${google_compute_instance_template.ubuntu16.self_link}" - default_windows="${google_compute_instance_template.windows2016.self_link}" + default_ubuntu=google_compute_instance_template.ubuntu16.self_link + default_windows=google_compute_instance_template.windows2016.self_link } resource "google_compute_network" "monkeyzoo" { @@ -23,27 +23,27 @@ resource "google_compute_network" "tunneling2" { resource "google_compute_subnetwork" "monkeyzoo-main" { name = "${local.resource_prefix}monkeyzoo-main" ip_cidr_range = "10.2.2.0/24" - network = "${google_compute_network.monkeyzoo.self_link}" + network = google_compute_network.monkeyzoo.self_link } resource "google_compute_subnetwork" "tunneling-main" { name = "${local.resource_prefix}tunneling-main" ip_cidr_range = "10.2.1.0/28" - network = "${google_compute_network.tunneling.self_link}" + network = google_compute_network.tunneling.self_link } resource "google_compute_subnetwork" "tunneling2-main" { name = "${local.resource_prefix}tunneling2-main" ip_cidr_range = "10.2.0.0/27" - network = "${google_compute_network.tunneling2.self_link}" + network = google_compute_network.tunneling2.self_link } resource "google_compute_instance_from_template" "hadoop-2" { name = "${local.resource_prefix}hadoop-2" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.hadoop-2.self_link}" + image = data.google_compute_image.hadoop-2.self_link } auto_delete = true } @@ -57,10 +57,10 @@ resource "google_compute_instance_from_template" "hadoop-2" { resource "google_compute_instance_from_template" "hadoop-3" { name = "${local.resource_prefix}hadoop-3" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.hadoop-3.self_link}" + image = data.google_compute_image.hadoop-3.self_link } auto_delete = true } @@ -72,10 +72,10 @@ resource "google_compute_instance_from_template" "hadoop-3" { resource "google_compute_instance_from_template" "elastic-4" { name = "${local.resource_prefix}elastic-4" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.elastic-4.self_link}" + image = data.google_compute_image.elastic-4.self_link } auto_delete = true } @@ -87,10 +87,10 @@ resource "google_compute_instance_from_template" "elastic-4" { resource "google_compute_instance_from_template" "elastic-5" { name = "${local.resource_prefix}elastic-5" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.elastic-5.self_link}" + image = data.google_compute_image.elastic-5.self_link } auto_delete = true } @@ -135,10 +135,10 @@ resource "google_compute_instance_from_template" "sambacry-7" { resource "google_compute_instance_from_template" "shellshock-8" { name = "${local.resource_prefix}shellshock-8" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.shellshock-8.self_link}" + image = data.google_compute_image.shellshock-8.self_link } auto_delete = true } @@ -150,10 +150,10 @@ resource "google_compute_instance_from_template" "shellshock-8" { resource "google_compute_instance_from_template" "tunneling-9" { name = "${local.resource_prefix}tunneling-9" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.tunneling-9.self_link}" + image = data.google_compute_image.tunneling-9.self_link } auto_delete = true } @@ -169,10 +169,10 @@ resource "google_compute_instance_from_template" "tunneling-9" { resource "google_compute_instance_from_template" "tunneling-10" { name = "${local.resource_prefix}tunneling-10" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.tunneling-10.self_link}" + image = data.google_compute_image.tunneling-10.self_link } auto_delete = true } @@ -188,10 +188,10 @@ resource "google_compute_instance_from_template" "tunneling-10" { resource "google_compute_instance_from_template" "tunneling-11" { name = "${local.resource_prefix}tunneling-11" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.tunneling-11.self_link}" + image = data.google_compute_image.tunneling-11.self_link } auto_delete = true } @@ -203,10 +203,10 @@ resource "google_compute_instance_from_template" "tunneling-11" { resource "google_compute_instance_from_template" "sshkeys-11" { name = "${local.resource_prefix}sshkeys-11" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.sshkeys-11.self_link}" + image = data.google_compute_image.sshkeys-11.self_link } auto_delete = true } @@ -218,10 +218,10 @@ resource "google_compute_instance_from_template" "sshkeys-11" { resource "google_compute_instance_from_template" "sshkeys-12" { name = "${local.resource_prefix}sshkeys-12" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.sshkeys-12.self_link}" + image = data.google_compute_image.sshkeys-12.self_link } auto_delete = true } @@ -249,10 +249,10 @@ resource "google_compute_instance_from_template" "rdpgrinder-13" { resource "google_compute_instance_from_template" "mimikatz-14" { name = "${local.resource_prefix}mimikatz-14" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.mimikatz-14.self_link}" + image = data.google_compute_image.mimikatz-14.self_link } auto_delete = true } @@ -264,10 +264,10 @@ resource "google_compute_instance_from_template" "mimikatz-14" { resource "google_compute_instance_from_template" "mimikatz-15" { name = "${local.resource_prefix}mimikatz-15" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.mimikatz-15.self_link}" + image = data.google_compute_image.mimikatz-15.self_link } auto_delete = true } @@ -279,10 +279,10 @@ resource "google_compute_instance_from_template" "mimikatz-15" { resource "google_compute_instance_from_template" "mssql-16" { name = "${local.resource_prefix}mssql-16" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.mssql-16.self_link}" + image = data.google_compute_image.mssql-16.self_link } auto_delete = true } @@ -314,10 +314,10 @@ resource "google_compute_instance_from_template" "upgrader-17" { resource "google_compute_instance_from_template" "weblogic-18" { name = "${local.resource_prefix}weblogic-18" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.weblogic-18.self_link}" + image = data.google_compute_image.weblogic-18.self_link } auto_delete = true } @@ -329,10 +329,10 @@ resource "google_compute_instance_from_template" "weblogic-18" { resource "google_compute_instance_from_template" "weblogic-19" { name = "${local.resource_prefix}weblogic-19" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.weblogic-19.self_link}" + image = data.google_compute_image.weblogic-19.self_link } auto_delete = true } @@ -344,10 +344,10 @@ resource "google_compute_instance_from_template" "weblogic-19" { resource "google_compute_instance_from_template" "smb-20" { name = "${local.resource_prefix}smb-20" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.smb-20.self_link}" + image = data.google_compute_image.smb-20.self_link } auto_delete = true } @@ -359,10 +359,10 @@ resource "google_compute_instance_from_template" "smb-20" { resource "google_compute_instance_from_template" "scan-21" { name = "${local.resource_prefix}scan-21" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.scan-21.self_link}" + image = data.google_compute_image.scan-21.self_link } auto_delete = true } @@ -374,10 +374,10 @@ resource "google_compute_instance_from_template" "scan-21" { resource "google_compute_instance_from_template" "scan-22" { name = "${local.resource_prefix}scan-22" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.scan-22.self_link}" + image = data.google_compute_image.scan-22.self_link } auto_delete = true } @@ -389,10 +389,10 @@ resource "google_compute_instance_from_template" "scan-22" { resource "google_compute_instance_from_template" "struts2-23" { name = "${local.resource_prefix}struts2-23" - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.struts2-23.self_link}" + image = data.google_compute_image.struts2-23.self_link } auto_delete = true } @@ -404,10 +404,10 @@ resource "google_compute_instance_from_template" "struts2-23" { resource "google_compute_instance_from_template" "struts2-24" { name = "${local.resource_prefix}struts2-24" - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.struts2-24.self_link}" + image = data.google_compute_image.struts2-24.self_link } auto_delete = true } @@ -421,10 +421,10 @@ resource "google_compute_instance_from_template" "island-linux-250" { name = "${local.resource_prefix}island-linux-250" machine_type = "n1-standard-2" tags = ["island", "linux", "ubuntu16"] - source_instance_template = "${local.default_ubuntu}" + source_instance_template = local.default_ubuntu boot_disk{ initialize_params { - image = "${data.google_compute_image.island-linux-250.self_link}" + image = data.google_compute_image.island-linux-250.self_link } auto_delete = true } @@ -442,10 +442,10 @@ resource "google_compute_instance_from_template" "island-windows-251" { name = "${local.resource_prefix}island-windows-251" machine_type = "n1-standard-2" tags = ["island", "windows", "windowsserver2016"] - source_instance_template = "${local.default_windows}" + source_instance_template = local.default_windows boot_disk{ initialize_params { - image = "${data.google_compute_image.island-windows-251.self_link}" + image = data.google_compute_image.island-windows-251.self_link } auto_delete = true } diff --git a/envs/monkey_zoo/terraform/templates.tf b/envs/monkey_zoo/terraform/templates.tf index 6ae6dafdc..2659c31be 100644 --- a/envs/monkey_zoo/terraform/templates.tf +++ b/envs/monkey_zoo/terraform/templates.tf @@ -18,7 +18,7 @@ resource "google_compute_instance_template" "ubuntu16" { } } service_account { - email ="${local.service_account_email}" + email =local.service_account_email scopes=["cloud-platform"] } } @@ -39,7 +39,7 @@ resource "google_compute_instance_template" "windows2016" { subnetwork="monkeyzoo-main" } service_account { - email="${local.service_account_email}" + email=local.service_account_email scopes=["cloud-platform"] } } From 65436ad5d6a9478ff6c26260ee56e8284190da66 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:54:48 +0200 Subject: [PATCH 03/10] Use exception info --- .../cc/services/telemetry/processing/system_info.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/monkey/monkey_island/cc/services/telemetry/processing/system_info.py b/monkey/monkey_island/cc/services/telemetry/processing/system_info.py index ed1ea4e86..9ab0b45f0 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/system_info.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/system_info.py @@ -33,8 +33,9 @@ def safe_process_telemetry(processing_function, telemetry_json): try: processing_function(telemetry_json) except Exception as err: - logger.error("Error while in {} stage of processing telemetry.".format(processing_function.func_name), - exc_info=True) + logger.error( + "Error {} while in {} stage of processing telemetry.".format(str(err), processing_function.func_name), + exc_info=True) def process_ssh_info(telemetry_json): From 1393c88277643a55a246d6f9641d134b288b8b30 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:55:39 +0200 Subject: [PATCH 04/10] Move out of try, can't realistically fail --- monkey/infection_monkey/transport/tcp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/infection_monkey/transport/tcp.py b/monkey/infection_monkey/transport/tcp.py index 22cff5d4a..9b017aa41 100644 --- a/monkey/infection_monkey/transport/tcp.py +++ b/monkey/infection_monkey/transport/tcp.py @@ -61,8 +61,8 @@ class TcpProxy(TransportProxyBase): except socket.timeout: continue + dest = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: - dest = socket.socket(socket.AF_INET, socket.SOCK_STREAM) dest.connect((self.dest_host, self.dest_port)) except socket.error as ex: source.close() From c8e2de62240ac714a54a692fde99743ae86c6c22 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:56:37 +0200 Subject: [PATCH 05/10] Avoid mutable default parameter. --- monkey/infection_monkey/exploit/shellshock.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py index f65974dbd..0da543a69 100644 --- a/monkey/infection_monkey/exploit/shellshock.py +++ b/monkey/infection_monkey/exploit/shellshock.py @@ -172,10 +172,13 @@ class ShellShockExploiter(HostExploiter): LOG.info("File %s exists on remote host" % file_path) return resp - def attempt_exploit(self, url, attacks=_attacks): + def attempt_exploit(self, url, attacks=None): # Flag used to identify whether the exploit has successfully caused the # server to return a useful response + if not attacks: + attacks = self._attacks + LOG.debug("Attack Flag is: %s" % self.success_flag) LOG.debug("Trying exploit for %s" % url) From 9a40bfa211d9ec55ef44eae22ca91e45610b7025 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:57:41 +0200 Subject: [PATCH 06/10] Rename variable to avoid parameter reuse --- monkey/monkey_island/cc/services/attack/attack_config.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/monkey/monkey_island/cc/services/attack/attack_config.py b/monkey/monkey_island/cc/services/attack/attack_config.py index 9f6b5d2d9..0e57609b3 100644 --- a/monkey/monkey_island/cc/services/attack/attack_config.py +++ b/monkey/monkey_island/cc/services/attack/attack_config.py @@ -26,9 +26,9 @@ class AttackConfig(object): :return: Technique object or None if technique is not found """ attack_config = AttackConfig.get_config() - for key, attack_type in list(attack_config['properties'].items()): - for key, technique in list(attack_type['properties'].items()): - if key == technique_id: + for config_key, attack_type in list(attack_config['properties'].items()): + for type_key, technique in list(attack_type['properties'].items()): + if type_key == technique_id: return technique return None From bf44f2355f4c8cd8be81daec80603925b30c92ea Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 27 Nov 2019 13:58:46 +0200 Subject: [PATCH 07/10] Remove property decorator, it's not a property. --- monkey/infection_monkey/network/HostScanner.py | 1 - 1 file changed, 1 deletion(-) diff --git a/monkey/infection_monkey/network/HostScanner.py b/monkey/infection_monkey/network/HostScanner.py index c6e730c3f..4f7b850c1 100644 --- a/monkey/infection_monkey/network/HostScanner.py +++ b/monkey/infection_monkey/network/HostScanner.py @@ -2,7 +2,6 @@ from abc import ABCMeta, abstractmethod class HostScanner(metaclass=ABCMeta): - @property @abstractmethod def is_host_alive(self, host): raise NotImplementedError() From 58b775cfb56e04eb231b0f0e98dde44ce3d69638 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Thu, 28 Nov 2019 12:41:37 +0100 Subject: [PATCH 08/10] Try to avoid flake warnings on not checking SSL --- .../island_client/monkey_island_requests.py | 8 ++++---- monkey/infection_monkey/control.py | 20 +++++++++---------- monkey/infection_monkey/exploit/shellshock.py | 4 ++-- monkey/infection_monkey/exploit/weblogic.py | 4 ++-- monkey/infection_monkey/network/httpfinger.py | 2 +- monkey/infection_monkey/network/info.py | 2 +- 6 files changed, 20 insertions(+), 20 deletions(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 8ff3d3667..780821c3b 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -35,28 +35,28 @@ class MonkeyIslandRequests(object): return request_function_wrapper def get_jwt_from_server(self): - resp = requests.post(self.addr + "api/auth", + resp = requests.post(self.addr + "api/auth", # noqa: DUO123 json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS}, verify=False) return resp.json()["access_token"] @_Decorators.refresh_jwt_token def get(self, url, data=None): - return requests.get(self.addr + url, + return requests.get(self.addr + url, # noqa: DUO123 headers=self.get_jwt_header(), params=data, verify=False) @_Decorators.refresh_jwt_token def post(self, url, data): - return requests.post(self.addr + url, + return requests.post(self.addr + url, # noqa: DUO123 data=data, headers=self.get_jwt_header(), verify=False) @_Decorators.refresh_jwt_token def post_json(self, url, dict_data): - return requests.post(self.addr + url, + return requests.post(self.addr + url, # noqa: DUO123 json=dict_data, headers=self.get_jwt_header(), verify=False) diff --git a/monkey/infection_monkey/control.py b/monkey/infection_monkey/control.py index b063744ad..1d4220975 100644 --- a/monkey/infection_monkey/control.py +++ b/monkey/infection_monkey/control.py @@ -53,7 +53,7 @@ class ControlClient(object): if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') - requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,), + requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, @@ -76,7 +76,7 @@ class ControlClient(object): if ControlClient.proxies: debug_message += " through proxies: %s" % ControlClient.proxies LOG.debug(debug_message) - requests.get("https://%s/api?action=is-up" % (server,), + requests.get("https://%s/api?action=is-up" % (server,), # noqa: DUO123 verify=False, proxies=ControlClient.proxies, timeout=TIMEOUT_IN_SECONDS) @@ -112,7 +112,7 @@ class ControlClient(object): monkey = {} if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') - requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), + requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, @@ -129,7 +129,7 @@ class ControlClient(object): return try: telemetry = {'monkey_guid': GUID, 'telem_category': telem_category, 'data': data} - requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,), + requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(telemetry), headers={'content-type': 'application/json'}, verify=False, @@ -144,7 +144,7 @@ class ControlClient(object): return try: telemetry = {'monkey_guid': GUID, 'log': json.dumps(log)} - requests.post("https://%s/api/log" % (WormConfiguration.current_server,), + requests.post("https://%s/api/log" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(telemetry), headers={'content-type': 'application/json'}, verify=False, @@ -158,7 +158,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return try: - reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), + reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 verify=False, proxies=ControlClient.proxies) @@ -185,7 +185,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return try: - requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), + requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 data=json.dumps({'config_error': True}), headers={'content-type': 'application/json'}, verify=False, @@ -247,7 +247,7 @@ class ControlClient(object): if (monkeyfs.isfile(dest_file)) and (size == monkeyfs.getsize(dest_file)): return dest_file else: - download = requests.get("https://%s/api/monkey/download/%s" % + download = requests.get("https://%s/api/monkey/download/%s" % # noqa: DUO123 (WormConfiguration.current_server, filename), verify=False, proxies=ControlClient.proxies) @@ -273,7 +273,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return None, None try: - reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), + reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(host_dict), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies) @@ -315,7 +315,7 @@ class ControlClient(object): @staticmethod def get_pba_file(filename): try: - return requests.get(PBA_FILE_DOWNLOAD % + return requests.get(PBA_FILE_DOWNLOAD % # noqa: DUO123 (WormConfiguration.current_server, filename), verify=False, proxies=ControlClient.proxies) diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py index 0da543a69..0e03c3252 100644 --- a/monkey/infection_monkey/exploit/shellshock.py +++ b/monkey/infection_monkey/exploit/shellshock.py @@ -209,7 +209,7 @@ class ShellShockExploiter(HostExploiter): try: LOG.debug("Header is: %s" % header) LOG.debug("Attack is: %s" % attack) - r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) + r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) # noqa: DUO123 result = r.content.decode() return result except requests.exceptions.RequestException as exc: @@ -232,7 +232,7 @@ class ShellShockExploiter(HostExploiter): attack_urls = [attack_path + url for url in url_list] for u in attack_urls: try: - reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) + reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) # noqa: DUO123 except requests.Timeout: timeout = True break diff --git a/monkey/infection_monkey/exploit/weblogic.py b/monkey/infection_monkey/exploit/weblogic.py index 08b642942..2ff9edbc9 100644 --- a/monkey/infection_monkey/exploit/weblogic.py +++ b/monkey/infection_monkey/exploit/weblogic.py @@ -80,7 +80,7 @@ class WebLogic201710271(WebRCE): else: payload = self.get_exploit_payload('cmd', '/c', command + ' 1> NUL 2> NUL') try: - post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) + post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) # noqa: DUO123 except Exception as e: LOG.error("Connection error: %s" % e) return False @@ -116,7 +116,7 @@ class WebLogic201710271(WebRCE): def check_if_exploitable_weblogic(self, url, httpd): payload = self.get_test_payload(ip=httpd.local_ip, port=httpd.local_port) try: - post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) + post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) # noqa: DUO123 except exceptions.ReadTimeout: # Our request will not get response thus we get ReadTimeout error pass diff --git a/monkey/infection_monkey/network/httpfinger.py b/monkey/infection_monkey/network/httpfinger.py index c6590b9db..66e720609 100644 --- a/monkey/infection_monkey/network/httpfinger.py +++ b/monkey/infection_monkey/network/httpfinger.py @@ -32,7 +32,7 @@ class HTTPFinger(HostFinger): # try http, we don't optimise for 443 for url in (https, http): # start with https and downgrade try: - with closing(head(url, verify=False, timeout=1)) as req: + with closing(head(url, verify=False, timeout=1)) as req: # noqa: DUO123 server = req.headers.get('Server') ssl = True if 'https://' in url else False self.init_service(host.services, ('tcp-' + port[1]), port[0]) diff --git a/monkey/infection_monkey/network/info.py b/monkey/infection_monkey/network/info.py index 6b9c5811e..3efa8e68d 100644 --- a/monkey/infection_monkey/network/info.py +++ b/monkey/infection_monkey/network/info.py @@ -125,7 +125,7 @@ def check_internet_access(services): """ for host in services: try: - requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) + requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) # noqa: DUO123 return True except ConnectionError: # Failed connecting From 6bef096e713a7d1555488a34f9df427dc4654733 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Thu, 28 Nov 2019 12:46:33 +0100 Subject: [PATCH 09/10] Fix spacing --- .../blackbox/island_client/monkey_island_requests.py | 8 ++++---- monkey/infection_monkey/control.py | 10 +++++----- monkey/infection_monkey/exploit/shellshock.py | 4 ++-- monkey/infection_monkey/exploit/weblogic.py | 4 ++-- monkey/infection_monkey/network/httpfinger.py | 2 +- monkey/infection_monkey/network/info.py | 5 ++++- 6 files changed, 18 insertions(+), 15 deletions(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 780821c3b..388115463 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -35,28 +35,28 @@ class MonkeyIslandRequests(object): return request_function_wrapper def get_jwt_from_server(self): - resp = requests.post(self.addr + "api/auth", # noqa: DUO123 + resp = requests.post(self.addr + "api/auth", # noqa: DUO123 json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS}, verify=False) return resp.json()["access_token"] @_Decorators.refresh_jwt_token def get(self, url, data=None): - return requests.get(self.addr + url, # noqa: DUO123 + return requests.get(self.addr + url, # noqa: DUO123 headers=self.get_jwt_header(), params=data, verify=False) @_Decorators.refresh_jwt_token def post(self, url, data): - return requests.post(self.addr + url, # noqa: DUO123 + return requests.post(self.addr + url, # noqa: DUO123 data=data, headers=self.get_jwt_header(), verify=False) @_Decorators.refresh_jwt_token def post_json(self, url, dict_data): - return requests.post(self.addr + url, # noqa: DUO123 + return requests.post(self.addr + url, # noqa: DUO123 json=dict_data, headers=self.get_jwt_header(), verify=False) diff --git a/monkey/infection_monkey/control.py b/monkey/infection_monkey/control.py index 1d4220975..8b45bab2c 100644 --- a/monkey/infection_monkey/control.py +++ b/monkey/infection_monkey/control.py @@ -144,7 +144,7 @@ class ControlClient(object): return try: telemetry = {'monkey_guid': GUID, 'log': json.dumps(log)} - requests.post("https://%s/api/log" % (WormConfiguration.current_server,), # noqa: DUO123 + requests.post("https://%s/api/log" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(telemetry), headers={'content-type': 'application/json'}, verify=False, @@ -158,7 +158,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return try: - reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 + reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 verify=False, proxies=ControlClient.proxies) @@ -185,7 +185,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return try: - requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 + requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 data=json.dumps({'config_error': True}), headers={'content-type': 'application/json'}, verify=False, @@ -247,7 +247,7 @@ class ControlClient(object): if (monkeyfs.isfile(dest_file)) and (size == monkeyfs.getsize(dest_file)): return dest_file else: - download = requests.get("https://%s/api/monkey/download/%s" % # noqa: DUO123 + download = requests.get("https://%s/api/monkey/download/%s" % # noqa: DUO123 (WormConfiguration.current_server, filename), verify=False, proxies=ControlClient.proxies) @@ -273,7 +273,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return None, None try: - reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), # noqa: DUO123 + reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(host_dict), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies) diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py index 0e03c3252..21237e2ab 100644 --- a/monkey/infection_monkey/exploit/shellshock.py +++ b/monkey/infection_monkey/exploit/shellshock.py @@ -209,7 +209,7 @@ class ShellShockExploiter(HostExploiter): try: LOG.debug("Header is: %s" % header) LOG.debug("Attack is: %s" % attack) - r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) # noqa: DUO123 + r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) # noqa: DUO123 result = r.content.decode() return result except requests.exceptions.RequestException as exc: @@ -232,7 +232,7 @@ class ShellShockExploiter(HostExploiter): attack_urls = [attack_path + url for url in url_list] for u in attack_urls: try: - reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) # noqa: DUO123 + reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) # noqa: DUO123 except requests.Timeout: timeout = True break diff --git a/monkey/infection_monkey/exploit/weblogic.py b/monkey/infection_monkey/exploit/weblogic.py index 2ff9edbc9..ba2fbb352 100644 --- a/monkey/infection_monkey/exploit/weblogic.py +++ b/monkey/infection_monkey/exploit/weblogic.py @@ -80,7 +80,7 @@ class WebLogic201710271(WebRCE): else: payload = self.get_exploit_payload('cmd', '/c', command + ' 1> NUL 2> NUL') try: - post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) # noqa: DUO123 + post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) # noqa: DUO123 except Exception as e: LOG.error("Connection error: %s" % e) return False @@ -116,7 +116,7 @@ class WebLogic201710271(WebRCE): def check_if_exploitable_weblogic(self, url, httpd): payload = self.get_test_payload(ip=httpd.local_ip, port=httpd.local_port) try: - post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) # noqa: DUO123 + post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) # noqa: DUO123 except exceptions.ReadTimeout: # Our request will not get response thus we get ReadTimeout error pass diff --git a/monkey/infection_monkey/network/httpfinger.py b/monkey/infection_monkey/network/httpfinger.py index 66e720609..ec9f619da 100644 --- a/monkey/infection_monkey/network/httpfinger.py +++ b/monkey/infection_monkey/network/httpfinger.py @@ -32,7 +32,7 @@ class HTTPFinger(HostFinger): # try http, we don't optimise for 443 for url in (https, http): # start with https and downgrade try: - with closing(head(url, verify=False, timeout=1)) as req: # noqa: DUO123 + with closing(head(url, verify=False, timeout=1)) as req: # noqa: DUO123 server = req.headers.get('Server') ssl = True if 'https://' in url else False self.init_service(host.services, ('tcp-' + port[1]), port[0]) diff --git a/monkey/infection_monkey/network/info.py b/monkey/infection_monkey/network/info.py index 3efa8e68d..15d9b0d73 100644 --- a/monkey/infection_monkey/network/info.py +++ b/monkey/infection_monkey/network/info.py @@ -51,15 +51,18 @@ if is_windows_os(): local_hostname = socket.gethostname() return socket.gethostbyname_ex(local_hostname)[2] + def get_routes(): raise NotImplementedError() else: from fcntl import ioctl + def local_ips(): valid_ips = [network['addr'] for network in get_host_subnets()] return valid_ips + def get_routes(): # based on scapy implementation for route parsing try: f = open("/proc/net/route", "r") @@ -125,7 +128,7 @@ def check_internet_access(services): """ for host in services: try: - requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) # noqa: DUO123 + requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) # noqa: DUO123 return True except ConnectionError: # Failed connecting From 037fac942355422a1300ee3acce7ee3c8a5093ac Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Thu, 28 Nov 2019 13:56:02 +0100 Subject: [PATCH 10/10] Whitespace and imports --- monkey/infection_monkey/exploit/weblogic.py | 2 +- monkey/infection_monkey/utils/plugins/pluginTests/BadImport.py | 2 +- .../monkey_island/cc/models/zero_trust/segmentation_finding.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/monkey/infection_monkey/exploit/weblogic.py b/monkey/infection_monkey/exploit/weblogic.py index f98cad534..04eb43c79 100644 --- a/monkey/infection_monkey/exploit/weblogic.py +++ b/monkey/infection_monkey/exploit/weblogic.py @@ -299,7 +299,7 @@ class WebLogic20192725(WebRCE): :return: Formatted payload """ empty_payload = ''' - xx diff --git a/monkey/infection_monkey/utils/plugins/pluginTests/BadImport.py b/monkey/infection_monkey/utils/plugins/pluginTests/BadImport.py index 14508aec1..ffd3ebb2d 100644 --- a/monkey/infection_monkey/utils/plugins/pluginTests/BadImport.py +++ b/monkey/infection_monkey/utils/plugins/pluginTests/BadImport.py @@ -1,4 +1,4 @@ -from infection_monkey.utils.plugins.pluginTests.PluginTestClass import TestPlugin +from infection_monkey.utils.plugins.pluginTests.PluginTestClass import TestPlugin # noqa: F401 class SomeDummyPlugin: diff --git a/monkey/monkey_island/cc/models/zero_trust/segmentation_finding.py b/monkey/monkey_island/cc/models/zero_trust/segmentation_finding.py index 7633ed31f..60262fbfd 100644 --- a/monkey/monkey_island/cc/models/zero_trust/segmentation_finding.py +++ b/monkey/monkey_island/cc/models/zero_trust/segmentation_finding.py @@ -17,7 +17,7 @@ class SegmentationFinding(Finding): """ Creates a segmentation finding. If a segmentation finding with the relevant subnets already exists, adds the event to the existing finding, and the "worst" status is chosen (i.e. if the existing one is "Failed" it will - remain so). + remain so). :param subnets: the 2 subnets of this finding. :param status: STATUS_PASSED or STATUS_FAILED