p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Agent: Replace ExploiterConfig with PluginConfig 

ExploiterConfig was exact match of PluginConfig, so they got merged
This commit is contained in:
vakarisz 2022-06-27 14:25:35 +03:00 committed by Mike Salvatore
parent 44a6197422
commit 4ef17ccc9b
7 changed files with 22 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
monkey/common/configuration/__init__.py
View File

@ -7,7 +7,6 @@ from .agent_sub_configurations import (
TCPScanConfiguration, TCPScanConfiguration,
NetworkScanConfiguration, NetworkScanConfiguration,
ExploitationOptionsConfiguration, ExploitationOptionsConfiguration,
ExploiterConfiguration,
ExploitationConfiguration, ExploitationConfiguration,
PropagationConfiguration, PropagationConfiguration,
) )

14
monkey/common/configuration/agent_sub_configuration_schemas.py
View File

@ -4,7 +4,6 @@ from .agent_sub_configurations import (
CustomPBAConfiguration, CustomPBAConfiguration,
ExploitationConfiguration, ExploitationConfiguration,
ExploitationOptionsConfiguration, ExploitationOptionsConfiguration,
ExploiterConfiguration,
ICMPScanConfiguration, ICMPScanConfiguration,
NetworkScanConfiguration, NetworkScanConfiguration,
PluginConfiguration, PluginConfiguration,
@ -81,19 +80,10 @@ class ExploitationOptionsConfigurationSchema(Schema):
return ExploitationOptionsConfiguration(**data) return ExploitationOptionsConfiguration(**data)
class ExploiterConfigurationSchema(Schema):
name = fields.Str()
options = fields.Mapping()
@post_load
def _make_exploiter_configuration(self, data, **kwargs):
return ExploiterConfiguration(**data)
class ExploitationConfigurationSchema(Schema): class ExploitationConfigurationSchema(Schema):
options = fields.Nested(ExploitationOptionsConfigurationSchema) options = fields.Nested(ExploitationOptionsConfigurationSchema)
brute_force = fields.List(fields.Nested(ExploiterConfigurationSchema)) brute_force = fields.List(fields.Nested(PluginConfigurationSchema))
vulnerability = fields.List(fields.Nested(ExploiterConfigurationSchema)) vulnerability = fields.List(fields.Nested(PluginConfigurationSchema))
@post_load @post_load
def _make_exploitation_options_configuration(self, data, **kwargs): def _make_exploitation_options_configuration(self, data, **kwargs):

10
monkey/common/configuration/agent_sub_configurations.py
View File

@ -48,17 +48,11 @@ class ExploitationOptionsConfiguration:
http_ports: List[int] http_ports: List[int]
@dataclass(frozen=True)
class ExploiterConfiguration:
name: str
options: Dict
@dataclass(frozen=True) @dataclass(frozen=True)
class ExploitationConfiguration: class ExploitationConfiguration:
options: ExploitationOptionsConfiguration options: ExploitationOptionsConfiguration
brute_force: List[ExploiterConfiguration] brute_force: List[PluginConfiguration]
vulnerability: List[ExploiterConfiguration] vulnerability: List[PluginConfiguration]
@dataclass(frozen=True) @dataclass(frozen=True)

15
monkey/common/configuration/default_agent_configuration.py
View File

@ -3,7 +3,6 @@ from .agent_sub_configurations import (
CustomPBAConfiguration, CustomPBAConfiguration,
ExploitationConfiguration, ExploitationConfiguration,
ExploitationOptionsConfiguration, ExploitationOptionsConfiguration,
ExploiterConfiguration,
ICMPScanConfiguration, ICMPScanConfiguration,
NetworkScanConfiguration, NetworkScanConfiguration,
PluginConfiguration, PluginConfiguration,
@ -83,16 +82,16 @@ NETWORK_SCAN_CONFIGURATION = NetworkScanConfiguration(
EXPLOITATION_OPTIONS_CONFIGURATION = ExploitationOptionsConfiguration(HTTP_PORTS) EXPLOITATION_OPTIONS_CONFIGURATION = ExploitationOptionsConfiguration(HTTP_PORTS)
BRUTE_FORCE_EXPLOITERS = [ BRUTE_FORCE_EXPLOITERS = [
ExploiterConfiguration("MSSQLExploiter", {}), PluginConfiguration("MSSQLExploiter", {}),
ExploiterConfiguration("PowerShellExploiter", {}), PluginConfiguration("PowerShellExploiter", {}),
ExploiterConfiguration("SSHExploiter", {}), PluginConfiguration("SSHExploiter", {}),
ExploiterConfiguration("SmbExploiter", {"smb_download_timeout": 30}), PluginConfiguration("SmbExploiter", {"smb_download_timeout": 30}),
ExploiterConfiguration("WmiExploiter", {"smb_download_timeout": 30}), PluginConfiguration("WmiExploiter", {"smb_download_timeout": 30}),
] ]
VULNERABILITY_EXPLOITERS = [ VULNERABILITY_EXPLOITERS = [
ExploiterConfiguration("Log4ShellExploiter", {}), PluginConfiguration("Log4ShellExploiter", {}),
ExploiterConfiguration("HadoopExploiter", {}), PluginConfiguration("HadoopExploiter", {}),
] ]
EXPLOITATION_CONFIGURATION = ExploitationConfiguration( EXPLOITATION_CONFIGURATION = ExploitationConfiguration(

10
monkey/infection_monkey/master/exploiter.py
View File

@ -10,7 +10,7 @@ from typing import Callable, Dict, Sequence
from common import OperatingSystems from common import OperatingSystems
from common.configuration.agent_sub_configurations import ( from common.configuration.agent_sub_configurations import (
ExploitationConfiguration, ExploitationConfiguration,
ExploiterConfiguration, PluginConfiguration,
) )
from infection_monkey.custom_types import PropagationCredentials from infection_monkey.custom_types import PropagationCredentials
from infection_monkey.i_puppet import ExploiterResultData, IPuppet from infection_monkey.i_puppet import ExploiterResultData, IPuppet
@ -81,7 +81,7 @@ class Exploiter:
@staticmethod @staticmethod
def _process_exploiter_config( def _process_exploiter_config(
exploiter_config: ExploitationConfiguration, exploiter_config: ExploitationConfiguration,
) -> Sequence[ExploiterConfiguration]: ) -> Sequence[PluginConfiguration]:
# Run vulnerability exploiters before brute force exploiters to minimize the effect of # Run vulnerability exploiters before brute force exploiters to minimize the effect of
# account lockout due to invalid credentials # account lockout due to invalid credentials
ordered_exploiters = chain(exploiter_config.vulnerability, exploiter_config.brute_force) ordered_exploiters = chain(exploiter_config.vulnerability, exploiter_config.brute_force)
@ -92,13 +92,13 @@ class Exploiter:
# This order allows exploiter-specific options to # This order allows exploiter-specific options to
# override general options for all exploiters. # override general options for all exploiters.
options = {**exploiter_config.options.__dict__, **exploiter.options} options = {**exploiter_config.options.__dict__, **exploiter.options}
extended_exploiters.append(ExploiterConfiguration(exploiter.name, options)) extended_exploiters.append(PluginConfiguration(exploiter.name, options))
return extended_exploiters return extended_exploiters
def _exploit_hosts_on_queue( def _exploit_hosts_on_queue(
self, self,
exploiters_to_run: Sequence[ExploiterConfiguration], exploiters_to_run: Sequence[PluginConfiguration],
hosts_to_exploit: Queue, hosts_to_exploit: Queue,
current_depth: int, current_depth: int,
results_callback: Callback, results_callback: Callback,
@ -125,7 +125,7 @@ class Exploiter:
def _run_all_exploiters( def _run_all_exploiters(
self, self,
exploiters_to_run: Sequence[ExploiterConfiguration], exploiters_to_run: Sequence[PluginConfiguration],
victim_host: VictimHost, victim_host: VictimHost,
current_depth: int, current_depth: int,
results_callback: Callback, results_callback: Callback,

3
monkey/tests/unit_tests/common/configuration/test_agent_configuration.py
View File

@ -33,7 +33,6 @@ from common.configuration.agent_sub_configuration_schemas import (
CustomPBAConfigurationSchema, CustomPBAConfigurationSchema,
ExploitationConfigurationSchema, ExploitationConfigurationSchema,
ExploitationOptionsConfigurationSchema, ExploitationOptionsConfigurationSchema,
ExploiterConfigurationSchema,
ICMPScanConfigurationSchema, ICMPScanConfigurationSchema,
NetworkScanConfigurationSchema, NetworkScanConfigurationSchema,
PluginConfigurationSchema, PluginConfigurationSchema,
@ -126,7 +125,7 @@ def test_exploitation_options_configuration_schema():
def test_exploiter_configuration_schema(): def test_exploiter_configuration_schema():
name = "bond" name = "bond"
options = {"gun": "Walther PPK", "car": "Aston Martin DB5"} options = {"gun": "Walther PPK", "car": "Aston Martin DB5"}
schema = ExploiterConfigurationSchema() schema = PluginConfigurationSchema()
config = schema.load({"name": name, "options": options}) config = schema.load({"name": name, "options": options})

10
monkey/tests/unit_tests/infection_monkey/master/test_exploiter.py
View File

@ -10,7 +10,7 @@ from tests.unit_tests.infection_monkey.master.mock_puppet import MockPuppet
from common import OperatingSystems from common import OperatingSystems
from common.configuration.agent_sub_configurations import ( from common.configuration.agent_sub_configurations import (
ExploitationConfiguration, ExploitationConfiguration,
ExploiterConfiguration, PluginConfiguration,
) )
from infection_monkey.master import Exploiter from infection_monkey.master import Exploiter
from infection_monkey.model import VictimHost from infection_monkey.model import VictimHost
@ -41,11 +41,11 @@ def callback():
@pytest.fixture @pytest.fixture
def exploiter_config(default_agent_configuration): def exploiter_config(default_agent_configuration):
brute_force = [ brute_force = [
ExploiterConfiguration(name="MSSQLExploiter", options={"timeout": 10}), PluginConfiguration(name="MSSQLExploiter", options={"timeout": 10}),
ExploiterConfiguration(name="SSHExploiter", options={}), PluginConfiguration(name="SSHExploiter", options={}),
ExploiterConfiguration(name="WmiExploiter", options={"timeout": 10}), PluginConfiguration(name="WmiExploiter", options={"timeout": 10}),
] ]
vulnerability = [ExploiterConfiguration(name="ZerologonExploiter", options={})] vulnerability = [PluginConfiguration(name="ZerologonExploiter", options={})]
return ExploitationConfiguration( return ExploitationConfiguration(
options=default_agent_configuration.propagation.exploitation.options, options=default_agent_configuration.propagation.exploitation.options,
brute_force=brute_force, brute_force=brute_force,