Merge pull request #2082 from guardicore/1965-add-credentials-ui-form

1965 add credentials UI form
2022-07-15 07:47:22 -04:00 · 2022-07-15 07:47:22 -04:00 · 3c4883b304
parent 8e332e5285 ec9a654fdf
commit 3c4883b304
27 changed files with 326 additions and 193 deletions
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/PropagationConfig.tsx
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/PropagationConfig.tsx
@ -0,0 +1,98 @@
+import Form from 'react-jsonschema-form-bs4';
+import React, {useState, useEffect} from 'react';
+import {Nav} from 'react-bootstrap';
+import _ from 'lodash';
+
+const sectionOrder = [
+  'exploitation',
+  'network_scan',
+  'credentials',
+  'maximum_depth'
+];
+
+const initialSection = sectionOrder[0];
+
+export default function PropagationConfig(props) {
+  const {
+    schema,
+    uiSchema,
+    onChange,
+    customFormats,
+    className,
+    formData
+  } = props;
+  const [selectedSection, setSelectedSection] = useState(initialSection);
+  const [displayedSchema, setDisplayedSchema] = useState(getSchemaByKey(schema, initialSection));
+  const [displayedSchemaUi, setDisplayedSchemaUi] = useState(getUiSchemaByKey(uiSchema, initialSection));
+  const [localFormData, setLocalFormData] = useState(formData[initialSection]);
+
+  useEffect(() => {
+    setLocalFormData(formData[selectedSection]);
+    setDisplayedSchema(getSchemaByKey(schema, selectedSection));
+    setDisplayedSchemaUi(getUiSchemaByKey(uiSchema, selectedSection));
+    setLocalFormData(formData[selectedSection]);
+  }, [selectedSection])
+
+  useEffect(() => {
+    setLocalFormData(formData[selectedSection]);
+  }, [formData])
+
+  const onInnerDataChange = (innerData) => {
+    let innerDataClone = _.clone(innerData);
+    let formDataClone = _.clone(formData);
+
+    formDataClone[selectedSection] = innerDataClone.formData;
+    onChange({formData: formDataClone});
+  }
+
+  const setSection = (sectionKey) => {
+    setSelectedSection(sectionKey);
+  }
+
+  const renderNav = () => {
+    return (<Nav variant='tabs'
+                 fill
+                 activeKey={selectedSection} onSelect={setSection}
+                 style={{'marginBottom': '2em'}}
+                 className={'config-nav'}>
+      {sectionOrder.map(section => {
+        return (
+          <Nav.Item key={section}>
+            <Nav.Link eventKey={section}>{getNavTitle(schema, section)}</Nav.Link>
+          </Nav.Item>);
+      })}
+    </Nav>)
+  }
+
+
+  return (<div>
+    {renderNav()}
+    <Form schema={displayedSchema}
+          uiSchema={displayedSchemaUi}
+          formData={localFormData}
+          onChange={onInnerDataChange}
+          customFormats={customFormats}
+          className={className}
+          liveValidate>
+      <button type='submit' className={'hidden'}>Submit</button>
+    </Form>
+  </div>)
+}
+
+function getSchemaByKey(schema, key) {
+  return schema['properties'][key];
+}
+
+function getUiSchemaByKey(uiSchema, key) {
+  return uiSchema[key];
+}
+
+function getNavTitle(schema, key) {
+  if (key === 'maximum_depth') {
+    return 'General';
+  }
+  if (key === 'credentials') {
+    return 'Credentials';
+  }
+  return schema['properties'][key].title;
+}
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
@ -30,6 +30,16 @@ export default function UiSchema(props) {
          }
        }
      },
+      credentials: {
+        exploit_ssh_keys: {
+          items: {
+            public_key: {
+            },
+            private_key: {
+            }
+          }
+        }
+      },
      network_scan: {
        targets: {
          info_box: {
--- a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js
+++ b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js
@ -8,6 +8,7 @@ import {faCheck} from '@fortawesome/free-solid-svg-icons/faCheck';
 import {faExclamationCircle} from '@fortawesome/free-solid-svg-icons/faExclamationCircle';
 import {formValidationFormats} from '../configuration-components/ValidationFormats';
 import transformErrors from '../configuration-components/ValidationErrorMessages';
+import PropagationConfig from '../configuration-components/PropagationConfig'
 import UnsafeConfigOptionsConfirmationModal
  from '../configuration-components/UnsafeConfigOptionsConfirmationModal.js';
 import isUnsafeOptionSelected from '../utils/SafeOptionValidator.js';
@ -16,7 +17,7 @@ import ConfigImportModal from '../configuration-components/ImportConfigModal';
 import applyUiSchemaManipulators from '../configuration-components/UISchemaManipulators.tsx';
 import HtmlFieldDescription from '../configuration-components/HtmlFieldDescription.js';
 import CONFIGURATION_TABS_PER_MODE from '../configuration-components/ConfigurationTabs.js';
-import {SCHEMA} from '../../services/configuration/config_schema.js';
+import {SCHEMA} from '../../services/configuration/configSchema.js';
 import {reformatConfig} from '../configuration-components/ReformatHook';

 const CONFIG_URL = '/api/agent-configuration';
@ -296,13 +297,17 @@ class ConfigurePageComponent extends AuthComponent {
      formProperties['formData'],
      formProperties['uiSchema']);

-    return (
-      <div>
-        <Form {...formProperties} key={displayedSchema.title}>
-          <button type='submit' className={'hidden'}>Submit</button>
-        </Form>
-      </div>
-    )
+    if (this.state.selectedSection === 'propagation') {
+        return (<PropagationConfig {...formProperties}/>)
+    } else {
+      return (
+        <div>
+          <Form {...formProperties} key={displayedSchema.title}>
+            <button type='submit' className={'hidden'}>Submit</button>
+          </Form>
+        </div>
+      )
+    }
  };

  setPbaFilenameWindows = (filename) => {
--- a/monkey/monkey_island/cc/ui/src/components/ui-components/AdvancedMultiSelect.js
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/AdvancedMultiSelect.js
@ -6,7 +6,7 @@ import {cloneDeep} from 'lodash';
 import {getDefaultPaneParams, InfoPane, WarningType} from './InfoPane';
 import {MasterCheckbox, MasterCheckboxState} from './MasterCheckbox';
 import ChildCheckboxContainer from './ChildCheckbox';
-import {getFullDefinitionByKey, getObjectFromRegistryByRef} from './JsonSchemaHelpers';
+import {getFullDefinitionByKey} from './JsonSchemaHelpers';

 function AdvancedMultiSelectHeader(props) {
  const {
@ -38,14 +38,12 @@ class AdvancedMultiSelect extends React.Component {

    this.state = {
      infoPaneParams: getDefaultPaneParams(
-        this.props.schema.items.$ref,
-        this.props.registry,
+        this.props.schema.items,
        this.isUnsafeOptionSelected(selectedPluginNames)
      ),
      allPluginNames: allPluginNames,
      masterCheckboxState: this.getMasterCheckboxState(selectedPluginNames),
-      pluginDefinitions: getObjectFromRegistryByRef(this.props.schema.items.$ref,
-        this.props.registry).pluginDefs,
+      pluginDefinitions: this.props.schema.items.pluginDefs,
      selectedPluginNames: selectedPluginNames
    };
  }
@ -55,23 +53,17 @@ class AdvancedMultiSelect extends React.Component {
  }

  onChange = (strValues) => {
-    let newValues = [];
-    for (let j = 0; j < strValues.length; j++) {
-      let found = false;
-      for (let i = 0; i < this.state.allPluginNames.length; i++) {
-        if (strValues[j] === this.state.allPluginNames[i]['name']) {
-          newValues.push(JSON.parse(JSON.stringify(this.props.value[i])))
-          found = true;
-          break;
-        }
-      }
-      if (!found) {
-        newValues.push(this.state.pluginDefinitions[strValues[j]]);
-      }
+    let pluginArray = this.namesToPlugins(strValues, this.state.pluginDefinitions);
+    this.props.onChange(pluginArray)
+    this.setState({selectedPluginNames: pluginArray.map(v => v.name)});
+  }
+
+  namesToPlugins = (names, allPlugins) => {
+    let plugins = [];
+    for (let i = 0; i < names.length; i++){
+      plugins.push(cloneDeep(allPlugins[names[i]]));
    }
-    newValues = JSON.parse(JSON.stringify(newValues));
-    this.props.onChange(newValues)
-    this.setState({selectedPluginNames: newValues.map(v => v.name)});
+    return plugins
  }

  // Sort options alphabetically. "Unsafe" options float to the top so that they
@ -146,14 +138,12 @@ class AdvancedMultiSelect extends React.Component {
  }

  isSafe = (itemKey) => {
-    let fullDef = getFullDefinitionByKey(this.props.schema.items.$ref,
-      this.props.registry, itemKey);
+    let fullDef = getFullDefinitionByKey(this.props.schema.items, itemKey);
    return fullDef.safe;
  }

  setPaneInfo = (itemKey) => {
-    let definitionObj = getFullDefinitionByKey(this.props.schema.items.$ref,
-      this.props.registry, itemKey);
+    let definitionObj = getFullDefinitionByKey(this.props.schema.items, itemKey);
    this.setState(
      {
        infoPaneParams: {
--- a/monkey/monkey_island/cc/ui/src/components/ui-components/InfoPane.js
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/InfoPane.js
@ -1,9 +1,7 @@
-import {Card, Button} from 'react-bootstrap';
+import {Button, Card} from 'react-bootstrap';
 import React from 'react';
 import {FontAwesomeIcon} from '@fortawesome/react-fontawesome';
 import {faQuestionCircle} from '@fortawesome/free-solid-svg-icons';
-
-import {getObjectFromRegistryByRef} from './JsonSchemaHelpers';
 import WarningIcon from './WarningIcon';

 const WarningType = {
@ -12,8 +10,8 @@ const WarningType = {
  MULTIPLE: 2
 }

-function getDefaultPaneParams(refString, registry, isUnsafeOptionSelected) {
-  let configSection = getObjectFromRegistryByRef(refString, registry);
+function getDefaultPaneParams(items, isUnsafeOptionSelected) {
+  let configSection = items;
  return (
    {
      title: configSection.title,
--- a/monkey/monkey_island/cc/ui/src/components/ui-components/JsonSchemaHelpers.js
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/JsonSchemaHelpers.js
@ -1,19 +1,6 @@
-import {resolveObjectPath} from './utils/ObjectPathResolver';
-
-function getFullDefinitionByKey(refString, registry, itemKey) {
-  let fullArray = getFullDefinitionsFromRegistry(refString, registry);
+function getFullDefinitionByKey(items, itemKey) {
+  let fullArray = items.anyOf;
  return fullArray.filter(e => (e.enum[0] === itemKey))[0];
 }

-// Definitions passed to components only contains value and label,
-// custom fields like "info" or "links" must be pulled from registry object using this function
-function getFullDefinitionsFromRegistry(refString, registry) {
-  return getObjectFromRegistryByRef(refString, registry).anyOf;
-}
-
-function getObjectFromRegistryByRef(refString, registry) {
-  let refArray = refString.replace('#', '').split('/');
-  return resolveObjectPath(refArray, registry);
-}
-
-export {getFullDefinitionByKey, getObjectFromRegistryByRef};
+export {getFullDefinitionByKey};
--- a/monkey/monkey_island/cc/ui/src/components/ui-components/utils/ObjectPathResolver.js
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/utils/ObjectPathResolver.js
@ -1,11 +0,0 @@
-
-// Resolves object's path if it's specified in a dot notation.
-// (e.g. params: "firstLevel.secondLevel.property", myObject)
-export function resolveObjectPath(pathArray, obj) {
-    return pathArray.reduce(function(prev, curr) {
-        if(curr === '')
-          return prev;
-        else
-          return prev ? prev[curr] : null;
-    }, obj || self)
-}
--- a/monkey/monkey_island/cc/ui/src/components/utils/SafeOptionValidator.js
+++ b/monkey/monkey_island/cc/ui/src/components/utils/SafeOptionValidator.js
@ -2,27 +2,27 @@ function getPluginDescriptors(schema, config) {
  return ([
    {
      name: 'Brute force exploiters',
-      allPlugins: schema.definitions.brute_force_classes.anyOf,
+      allPlugins: schema.properties.propagation.properties.exploitation.properties.brute_force.items.anyOf,
      selectedPlugins: config.propagation.exploitation.brute_force
    },
    {
      name: 'Vulnerability exploiters',
-      allPlugins: schema.definitions.vulnerability_classes.anyOf,
+      allPlugins: schema.properties.propagation.properties.exploitation.properties.vulnerability.items.anyOf,
      selectedPlugins: config.propagation.exploitation.vulnerability
    },
    {
      name: 'Fingerprinters',
-      allPlugins: schema.definitions.fingerprinter_classes.anyOf,
+      allPlugins: schema.properties.propagation.properties.network_scan.properties.fingerprinters.items.anyOf,
      selectedPlugins: config.propagation.network_scan.fingerprinters
    },
    {
      name: 'PostBreachActions',
-      allPlugins: schema.definitions.post_breach_actions.anyOf,
+      allPlugins: schema.properties.post_breach_actions.items.anyOf,
      selectedPlugins: config.post_breach_actions
    },
    {
      name: 'CredentialCollectors',
-      allPlugins: schema.definitions.credential_collectors_classes.anyOf,
+      allPlugins: schema.properties.credential_collectors.items.anyOf,
      selectedPlugins: config.credential_collectors
    }
  ]);
--- a/monkey/monkey_island/cc/ui/src/services/configuration/configSchema.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/configSchema.js
@ -0,0 +1,40 @@
+import PROPAGATION_CONFIGURATION_SCHEMA from './propagation/propagation.js';
+import CREDENTIAL_COLLECTORS from './credentialCollectors.js';
+import POST_BREACH_ACTIONS from './postBreachActions.js';
+import RANSOMWARE_SCHEMA from './ransomware';
+import CUSTOM_PBA_CONFIGURATION_SCHEMA from './customPBAs';
+
+export const SCHEMA = {
+  'title': 'Monkey',
+  'type': 'object',
+  'properties': {
+    'propagation': PROPAGATION_CONFIGURATION_SCHEMA,
+    'post_breach_actions': {
+      'title': 'Post-breach actions',
+      'type': 'array',
+      'uniqueItems':  true,
+      'items': POST_BREACH_ACTIONS
+    },
+    'custom_pbas': CUSTOM_PBA_CONFIGURATION_SCHEMA,
+    'payloads': RANSOMWARE_SCHEMA,
+    'credential_collectors': {
+      'title': 'Credential collectors',
+      'type': 'array',
+      'uniqueItems': true,
+      'items': CREDENTIAL_COLLECTORS
+    },
+    'advanced': {
+      'title': 'Advanced',
+      'type': 'object',
+      'properties':{
+        'keep_tunnel_open_time': {
+          'title': 'Keep tunnel open time',
+          'type': 'number',
+          'default': 30,
+          'description': 'Time to keep tunnel open before going down after last exploit (in seconds)'
+        }
+      }
+    }
+  },
+  'options': {'collapsed': true}
+}
--- a/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
@ -1,58 +0,0 @@
-import {customPBAConfigurationSchema} from './definitions/custom_pbas.js';
-import {ransomwareSchema} from './definitions/ransomware.js';
-import {propagationConfigurationSchema} from './definitions/propagation.js';
-import {bruteForceExploiters, vulnerabilityExploiters} from './definitions/exploiter_classes.js';
-import {credentialCollectors} from './definitions/credential_collectors.js';
-import {postBreachActions} from './definitions/post_breach_actions.js';
-import {fingerprinterClasses} from './definitions/fingerprinter_classes.js'
-
-export const SCHEMA = {
-  'title': 'Monkey',
-  'type': 'object',
-  'definitions': {
-    'brute_force_classes': bruteForceExploiters,
-    'vulnerability_classes': vulnerabilityExploiters,
-    'credential_collectors_classes': credentialCollectors,
-    'post_breach_actions': postBreachActions,
-    'fingerprinter_classes': fingerprinterClasses
-  },
-  'properties': {
-    'propagation': propagationConfigurationSchema,
-    'post_breach_actions': {
-      'title': 'Post-breach actions',
-      'type': 'array',
-      'uniqueItems':  true,
-      'items': {
-        '$ref': '#/definitions/post_breach_actions'
-      }
-    },
-    'custom_pbas': customPBAConfigurationSchema,
-    'payloads': ransomwareSchema,
-    'credential_collectors': {
-      'title': 'Credential collectors',
-      'type': 'array',
-      'uniqueItems': true,
-      'items': {
-        '$ref': '#/definitions/credential_collectors_classes'
-      },
-      'default': [
-        'MimikatzCollector',
-        'SSHCollector'
-      ]
-    },
-    'advanced': {
-      'title': 'Advanced',
-      'type': 'object',
-      'properties':{
-        'keep_tunnel_open_time': {
-          'title': 'Keep tunnel open time',
-          'format': 'float',
-          'type': 'number',
-          'default': 30,
-          'description': 'Time to keep tunnel open before going down after last exploit (in seconds)'
-        }
-      }
-    }
-  },
-  'options': {'collapsed': true}
-}
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/credential_collectors.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/credential_collectors.js
@ -1,4 +1,4 @@
-export const credentialCollectors = {
+const CREDENTIAL_COLLECTORS = {
    'title': 'Credential Collectors',
    'description': 'Click on a credential collector to find out what it collects.',
    'type': 'string',
@ -23,3 +23,4 @@ export const credentialCollectors = {
        }
    ]
 }
+export default CREDENTIAL_COLLECTORS
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/custom_pbas.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/custom_pbas.js
@ -1,4 +1,4 @@
-export const customPBAConfigurationSchema = {
+const CUSTOM_PBA_CONFIGURATION_SCHEMA = {
  'title': 'Custom PBA',
  'properties': {
    'linux_command': {
@ -49,3 +49,4 @@ export const customPBAConfigurationSchema = {
    }
  }
 }
+export default CUSTOM_PBA_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
@ -1,26 +0,0 @@
-import {exploitationOptionsConfigurationSchema} from './exploitation_options.js';
-
-export const exploitationConfigurationSchema = {
-  'title': 'Exploiters',
-  'type': 'object',
-  'description': 'Choose which exploiters the Monkey will attempt.',
-  'properties': {
-    'brute_force': {
-      'title': 'Brute force exploiters',
-      'type': 'array',
-      'uniqueItems': true,
-      'items': {
-        '$ref': '#/definitions/brute_force_classes'
-      }
-    },
-    'vulnerability': {
-      'title': 'Vulnerability Exploiters',
-      'type': 'array',
-      'uniqueItems': true,
-      'items': {
-        '$ref': '#/definitions/vulnerability_classes'
-      }
-    },
-    'options': exploitationOptionsConfigurationSchema
-  }
-};
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/network_scan.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/network_scan.js
@ -1,21 +0,0 @@
-import {icmpScanConfigurationSchema} from './icmp_scan.js';
-import {scanTargetConfigurationSchema} from './scan_target.js';
-import {tcpScanConfigurationSchema} from './tcp_scan.js';
-
-export const networkScanConfigurationSchema  = {
-  'title': 'Network analysis',
-  'type': 'object',
-  'properties': {
-    'fingerprinters': {
-      'title': 'Fingerprinters',
-      'type': 'array',
-      'uniqueItems': true,
-      'items': {
-        '$ref': '#/definitions/fingerprinter_classes'
-      }
-    },
-    'icmp': icmpScanConfigurationSchema,
-    'targets': scanTargetConfigurationSchema,
-    'tcp': tcpScanConfigurationSchema
-  }
-}
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation_options.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation_options.js
@ -1,4 +1,4 @@
-export const exploitationOptionsConfigurationSchema = {
+const EXPLOITATION_OPTIONS_CONFIGURATION_SCHEMA = {
  'title': 'Exploiters Options',
  'type': 'object',
  'properties': {
@ -13,3 +13,4 @@ export const exploitationOptionsConfigurationSchema = {
    }
  }
 }
+export default EXPLOITATION_OPTIONS_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
@ -1,4 +1,4 @@
-export const bruteForceExploiters = {
+export const BRUTE_FORCE_EXPLOITERS = {
    'title': 'Brute force exploiters',
    'description': 'Click on exploiter to get more information about it.'
    + '\u26A0'
@ -68,7 +68,7 @@ export const bruteForceExploiters = {
    ]
 }

-export const vulnerabilityExploiters = {
+export const VULNERABILITY_EXPLOITERS = {
  'title': 'Vulnerability exploiters',
  'description': 'Click on exploiter to get more information about it.' +
  '\u26A0 Note that using unsafe exploits may cause craches of the exploited ' +
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/plugins.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/plugins.js
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/post_breach_actions.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/post_breach_actions.js
@ -1,4 +1,4 @@
-export const postBreachActions = {
+const POST_BREACH_ACTIONS = {
  'title': 'Post-Breach Actions',
  'description': 'Runs scripts/commands on infected machines. These actions safely simulate what ' +
  'an adversary might do after breaching a new machine. Used in ATT&CK and Zero trust reports.',
@ -109,3 +109,4 @@ export const postBreachActions = {


 }
+export default POST_BREACH_ACTIONS;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/propagation/credentials.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/propagation/credentials.js
@ -0,0 +1,62 @@
+const CREDENTIALS = {
+  'title': 'Credentials',
+  'type': 'object',
+  'properties': {
+    'exploit_user_list': {
+      'title': 'Exploit user list',
+      'type': 'array',
+      'uniqueItems': true,
+      'items': {'type': 'string'},
+      'default': [],
+      'description': 'List of usernames that will be used by exploiters that need ' +
+        'credentials, like SSH brute-forcing.'
+    },
+    'exploit_password_list': {
+      'title': 'Exploit password list',
+      'type': 'array',
+      'uniqueItems': true,
+      'items': {'type': 'string'},
+      'default': [],
+      'description': 'List of passwords that will be used by exploiters that need ' +
+        'credentials, like SSH brute-forcing.'
+    },
+    'exploit_lm_hash_list': {
+      'title': 'Exploit LM hash list',
+      'type': 'array',
+      'uniqueItems': true,
+      'items': {'type': 'string'},
+      'default': [],
+      'description': 'List of LM hashes to use on exploits using credentials'
+    },
+    'exploit_ntlm_hash_list': {
+      'title': 'Exploit NTLM hash list',
+      'type': 'array',
+      'uniqueItems': true,
+      'items': {'type': 'string'},
+      'default': [],
+      'description': 'List of NTLM hashes to use on exploits using credentials'
+    },
+    'exploit_ssh_keys': {
+      'title': 'SSH key pairs list',
+      'type': 'array',
+      'uniqueItems': true,
+      'default': [],
+      'items': {
+        'type': 'object',
+        'properties': {
+          'public_key': {
+            'title': 'Public Key',
+            'type': 'string'
+          },
+          'private_key': {
+            'title': 'Private Key',
+            'type': 'string'
+          }
+        }
+      },
+      'description': 'List of SSH key pairs to use, when trying to ssh into servers'
+    }
+  }
+}
+
+export default CREDENTIALS;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/propagation/exploitation.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/propagation/exploitation.js
@ -0,0 +1,24 @@
+import EXPLOITATION_OPTIONS_CONFIGURATION_SCHEMA from '../exploitationOptions.js';
+import {BRUTE_FORCE_EXPLOITERS, VULNERABILITY_EXPLOITERS} from '../exploiterClasses';
+
+const EXPLOITATION_CONFIGURATION_SCHEMA = {
+  'title': 'Exploiters',
+  'properties': {
+    'brute_force': {
+      'items': BRUTE_FORCE_EXPLOITERS,
+      'title': 'Brute force exploiters',
+      'type': 'array',
+      'uniqueItems': true
+    },
+    'vulnerability': {
+      'items': VULNERABILITY_EXPLOITERS,
+      'title': 'Vulnerability Exploiters',
+      'type': 'array',
+      'uniqueItems': true
+    }
+  },
+  'options': EXPLOITATION_OPTIONS_CONFIGURATION_SCHEMA,
+  'type': 'object'
+};
+
+export default EXPLOITATION_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/fingerprinter_classes.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/fingerprinter_classes.js
@ -1,4 +1,4 @@
-export const fingerprinterClasses = {
+const FINGERPRINTER_CLASSES = {
  'title': 'Fingerprinters',
  'description': 'Fingerprint modules collect info about external services ' +
  'Infection Monkey scans.',
@ -50,3 +50,5 @@ export const fingerprinterClasses = {
  ]

 }
+
+export default FINGERPRINTER_CLASSES;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/icmp_scan.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/icmp_scan.js
@ -1,12 +1,13 @@
-export const icmpScanConfigurationSchema = {
+const ICMP_SCAN_CONFIGURATION_SCHEMA = {
  'title': 'Ping scanner',
  'type': 'object',
  'properties': {
    'timeout': {
-      'format': 'float',
      'title': 'Ping scan timeout',
      'type': 'number',
      'description': 'Maximum time to wait for ping response'
    }
  }
 }
+
+export default ICMP_SCAN_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/propagation/networkScan.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/propagation/networkScan.js
@ -0,0 +1,22 @@
+import ICMP_SCAN_CONFIGURATION_SCHEMA from './icmpScan.js';
+import SCAN_TARGET_CONFIGURATION_SCHEMA from './scanTarget.js';
+import FINGERPRINTER_CLASSES from './fingerprinterClasses';
+import TCP_SCAN_CONFIGURATION_SCHEMA from './tcpScan';
+
+const NETWORK_SCAN_CONFIGURATION_SCHEMA  = {
+  'title': 'Network analysis',
+  'type': 'object',
+  'properties': {
+    'fingerprinters': {
+      'title': 'Fingerprinters',
+      'type': 'array',
+      'uniqueItems': true,
+      'items': FINGERPRINTER_CLASSES
+    },
+    'icmp': ICMP_SCAN_CONFIGURATION_SCHEMA,
+    'targets': SCAN_TARGET_CONFIGURATION_SCHEMA,
+    'tcp': TCP_SCAN_CONFIGURATION_SCHEMA
+  }
+}
+
+export default NETWORK_SCAN_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/propagation/propagation.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/propagation/propagation.js
@ -1,11 +1,13 @@
-import {exploitationConfigurationSchema} from './exploitation.js';
-import {networkScanConfigurationSchema} from './network_scan.js';
+import NETWORK_SCAN_CONFIGURATION_SCHEMA from './networkScan.js';
+import CREDENTIALS from './credentials';
+import EXPLOITATION_CONFIGURATION_SCHEMA from './exploitation';

-export const propagationConfigurationSchema = {
+const PROPAGATION_CONFIGURATION_SCHEMA = {
  'title': 'Propagation',
  'type': 'object',
  'properties': {
-    'exploitation': exploitationConfigurationSchema,
+    'exploitation': EXPLOITATION_CONFIGURATION_SCHEMA,
+    'credentials': CREDENTIALS,
    'maximum_depth': {
      'title': 'Maximum scan depth',
      'type': 'integer',
@ -18,6 +20,7 @@ export const propagationConfigurationSchema = {
      'Monkey propagating too far, '+
      'if the "Local network scan" is enabled'
    },
-    'network_scan': networkScanConfigurationSchema
+    'network_scan': NETWORK_SCAN_CONFIGURATION_SCHEMA
  }
 }
+export default PROPAGATION_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/scan_target.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/scan_target.js
@ -1,4 +1,4 @@
-export const scanTargetConfigurationSchema = {
+const SCAN_TARGET_CONFIGURATION_SCHEMA = {
  'title': 'Network',
  'type': 'object',
  'properties': {
@ -68,3 +68,4 @@ export const scanTargetConfigurationSchema = {

  }
 }
+export default SCAN_TARGET_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/tcp_scan.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/tcp_scan.js
@ -1,4 +1,4 @@
-export const tcpScanConfigurationSchema = {
+const TCP_SCAN_CONFIGURATION_SCHEMA = {
  'title': 'TCP scanner',
  'type': 'object',
  'properties': {
@ -13,9 +13,9 @@ export const tcpScanConfigurationSchema = {
    },
    'timeout': {
      'title': 'TCP scan timeout',
-      'format': 'float',
      'type': 'number',
      'description': 'Maximum time to wait for TCP response.'
    }
  }
 }
+export default TCP_SCAN_CONFIGURATION_SCHEMA;
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/ransomware.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/ransomware.js
@ -1,4 +1,4 @@
-export const ransomwareSchema = {
+const RANSOMWARE_SCHEMA = {
   'title': 'Payloads',
    'properties': {
        'encryption': {
@ -63,3 +63,5 @@ export const ransomwareSchema = {
        }
    }
 }
+
+export default RANSOMWARE_SCHEMA;