BB fixes: updated struts2 configuration and increased tunneling timeout

This commit is contained in:
VakarisZ 2020-04-09 16:22:07 +03:00
parent b701375236
commit 1ed4b29786
2 changed files with 35 additions and 19 deletions

View File

@ -1,8 +1,18 @@
{
"basic": {
"credentials": {
"exploit_password_list": [],
"exploit_user_list": []
"exploit_password_list": [
"Password1!",
"1234",
"password",
"12345678"
],
"exploit_user_list": [
"Administrator",
"root",
"user",
"vakaris_zilius"
]
},
"general": {
"should_exploit": true
@ -38,17 +48,14 @@
"general": {
"exploiter_classes": [
"Struts2Exploiter"
],
"skip_exploit_if_file_exist": true
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
@ -98,7 +105,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 1,
"keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},
@ -126,24 +133,32 @@
},
"general": {
"alive": true,
"post_breach_actions": []
"post_breach_actions": [
"CommunicateAsNewUser"
]
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 30,
"victims_max_exploit": 7,
"victims_max_find": 30
"timeout_between_iterations": 100,
"victims_max_exploit": 15,
"victims_max_find": 100
},
"system_info": {
"collect_system_info": false,
"extract_azure_creds": false,
"should_use_mimikatz": false
"collect_system_info": true,
"extract_azure_creds": true,
"should_use_mimikatz": true,
"system_info_collectors_classes": [
"EnvironmentCollector",
"AwsCollector",
"HostnameCollector",
"ProcessListCollector"
]
}
},
"network": {
"ping_scanner": {
"ping_scan_timeout": 100
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
@ -155,7 +170,7 @@
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 300,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
@ -168,7 +183,8 @@
8008,
3306,
9200,
7001
7001,
8088
]
}
}

View File

@ -120,7 +120,7 @@ class TestMonkeyBlackbox(object):
@pytest.mark.xfail(reason="Test fails randomly - still investigating.")
def test_tunneling(self, island_client):
TestMonkeyBlackbox.run_basic_test(island_client, "TUNNELING.conf", "Tunneling_exploiter", 10*60)
TestMonkeyBlackbox.run_basic_test(island_client, "TUNNELING.conf", "Tunneling_exploiter", 15*60)
def test_wmi_and_mimikatz_exploiters(self, island_client):
TestMonkeyBlackbox.run_basic_test(island_client, "WMI_MIMIKATZ.conf", "WMI_exploiter,_mimikatz")