From 0517f3e06fd6d3d3a8bf8edbfc3653e3ff78e935 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Wed, 16 Jun 2021 20:56:51 +0200 Subject: [PATCH 01/20] Added string templating functions for infection monkey dropper. --- monkey/infection_monkey/dropper.py | 19 +++++++------------ monkey/infection_monkey/utils/commands.py | 15 +++++++++++++++ 2 files changed, 22 insertions(+), 12 deletions(-) create mode 100644 monkey/infection_monkey/utils/commands.py diff --git a/monkey/infection_monkey/dropper.py b/monkey/infection_monkey/dropper.py index 902d30280..2b6987cf4 100644 --- a/monkey/infection_monkey/dropper.py +++ b/monkey/infection_monkey/dropper.py @@ -4,7 +4,6 @@ import filecmp import logging import os import pprint -import shlex import shutil import subprocess import sys @@ -17,6 +16,7 @@ from infection_monkey.exploit.tools.helpers import build_monkey_commandline_expl from infection_monkey.model import MONKEY_CMDLINE_LINUX, MONKEY_CMDLINE_WINDOWS from infection_monkey.system_info import OperatingSystem, SystemInfoCollector from infection_monkey.telemetry.attack.t1106_telem import T1106Telem +from infection_monkey.utils.commands import get_monkey_cmd_lines_linux, get_monkey_cmd_lines_windows if "win32" == sys.platform: from win32process import DETACHED_PROCESS @@ -145,13 +145,9 @@ class MonkeyDrops(object): if OperatingSystem.Windows == SystemInfoCollector.get_os(): # TODO: Replace all of this string templating with a function that accepts # the necessary parameters and returns a list of arguments. - monkey_cmdline = ( - MONKEY_CMDLINE_WINDOWS % {"monkey_path": self._config["destination_path"]} - + monkey_options - ) - monkey_cmdline_split = shlex.split( - monkey_cmdline, - posix=False, # won't try resolving "\" in paths as part of escape sequences + + monkey_cmdline, monkey_cmdline_split = get_monkey_cmd_lines_windows( + MONKEY_CMDLINE_WINDOWS, self._config["destination_path"], monkey_options ) monkey_process = subprocess.Popen( @@ -168,11 +164,10 @@ class MonkeyDrops(object): # using thw `cwd` argument in `subprocess.Popen` below # TODO: Replace all of this string templating with a function that accepts # the necessary parameters and returns a list of arguments. - monkey_cmdline = ( - MONKEY_CMDLINE_LINUX % {"monkey_filename": dest_path.split("/")[-1]} - + monkey_options + + monkey_cmdline, monkey_cmdline_split = get_monkey_cmd_lines_linux( + MONKEY_CMDLINE_LINUX, dest_path, monkey_options ) - monkey_cmdline_split = shlex.split(monkey_cmdline) monkey_process = subprocess.Popen( monkey_cmdline_split, diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py new file mode 100644 index 000000000..451f03f86 --- /dev/null +++ b/monkey/infection_monkey/utils/commands.py @@ -0,0 +1,15 @@ +import shlex + + +def get_monkey_cmd_lines_windows(monkey_cmdline_windows, destination_path, monkey_options): + monkey_cmdline = monkey_cmdline_windows % {"monkey_path": destination_path} + monkey_options + + return monkey_cmdline, shlex.split(monkey_cmdline, posix=False) + + +def get_monkey_cmd_lines_linux(monkey_cmdline_linux, destination_path, monkey_options): + monkey_cmdline = ( + monkey_cmdline_linux % {"monkey_filename": destination_path.split("/")[-1]} + monkey_options + ) + + return monkey_cmdline, shlex.split(monkey_cmdline, posix=False) From 9fd27141f2ed092c7f9844043e638e812506db6d Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 17 Jun 2021 19:50:34 +0200 Subject: [PATCH 02/20] Resolved string templating in dropper and windows_upgrader. --- monkey/infection_monkey/dropper.py | 28 ++++---- monkey/infection_monkey/exploit/hadoop.py | 3 +- monkey/infection_monkey/exploit/mssqlexec.py | 7 +- monkey/infection_monkey/exploit/sambacry.py | 7 +- monkey/infection_monkey/exploit/shellshock.py | 7 +- monkey/infection_monkey/exploit/smbexec.py | 7 +- monkey/infection_monkey/exploit/sshexec.py | 7 +- .../infection_monkey/exploit/tools/helpers.py | 36 ---------- monkey/infection_monkey/exploit/vsftpd.py | 7 +- monkey/infection_monkey/exploit/web_rce.py | 7 +- .../infection_monkey/exploit/win_ms08_067.py | 7 +- monkey/infection_monkey/exploit/wmiexec.py | 7 +- monkey/infection_monkey/model/__init__.py | 5 +- monkey/infection_monkey/utils/commands.py | 66 ++++++++++++++++--- monkey/infection_monkey/windows_upgrader.py | 23 +++---- .../test_commands.py} | 19 +++++- 16 files changed, 116 insertions(+), 127 deletions(-) rename monkey/tests/unit_tests/infection_monkey/{exploit/tools/test_helpers.py => utils/test_commands.py} (54%) diff --git a/monkey/infection_monkey/dropper.py b/monkey/infection_monkey/dropper.py index 2b6987cf4..a9b753357 100644 --- a/monkey/infection_monkey/dropper.py +++ b/monkey/infection_monkey/dropper.py @@ -12,11 +12,13 @@ from ctypes import c_char_p from common.utils.attack_utils import ScanStatus, UsageEnum from infection_monkey.config import WormConfiguration -from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly -from infection_monkey.model import MONKEY_CMDLINE_LINUX, MONKEY_CMDLINE_WINDOWS from infection_monkey.system_info import OperatingSystem, SystemInfoCollector from infection_monkey.telemetry.attack.t1106_telem import T1106Telem -from infection_monkey.utils.commands import get_monkey_cmd_lines_linux, get_monkey_cmd_lines_windows +from infection_monkey.utils.commands import ( + build_monkey_commandline_explicitly, + get_monkey_cmd_lines_linux, + get_monkey_cmd_lines_windows, +) if "win32" == sys.platform: from win32process import DETACHED_PROCESS @@ -143,15 +145,13 @@ class MonkeyDrops(object): ) if OperatingSystem.Windows == SystemInfoCollector.get_os(): - # TODO: Replace all of this string templating with a function that accepts - # the necessary parameters and returns a list of arguments. - monkey_cmdline, monkey_cmdline_split = get_monkey_cmd_lines_windows( - MONKEY_CMDLINE_WINDOWS, self._config["destination_path"], monkey_options + monkey_cmdline = get_monkey_cmd_lines_windows( + self._config["destination_path"], monkey_options ) monkey_process = subprocess.Popen( - monkey_cmdline_split, + monkey_cmdline, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, @@ -162,15 +162,13 @@ class MonkeyDrops(object): dest_path = self._config["destination_path"] # In Linux, we need to change the directory first, which is done # using thw `cwd` argument in `subprocess.Popen` below - # TODO: Replace all of this string templating with a function that accepts - # the necessary parameters and returns a list of arguments. - monkey_cmdline, monkey_cmdline_split = get_monkey_cmd_lines_linux( - MONKEY_CMDLINE_LINUX, dest_path, monkey_options - ) + monkey_cmdline = get_monkey_cmd_lines_linux(dest_path, monkey_options) + + LOG.info("Commands of monkey cmdline_split %s", monkey_cmdline) monkey_process = subprocess.Popen( - monkey_cmdline_split, + monkey_cmdline, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, @@ -182,7 +180,7 @@ class MonkeyDrops(object): LOG.info( "Executed monkey process (PID=%d) with command line: %s", monkey_process.pid, - monkey_cmdline, + " ".join(monkey_cmdline), ) time.sleep(3) diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py index 7a0264380..227638d5e 100644 --- a/monkey/infection_monkey/exploit/hadoop.py +++ b/monkey/infection_monkey/exploit/hadoop.py @@ -13,7 +13,7 @@ from random import SystemRandom import requests from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT -from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_monkey_depth +from infection_monkey.exploit.tools.helpers import get_monkey_depth from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.model import ( @@ -22,6 +22,7 @@ from infection_monkey.model import ( ID_STRING, MONKEY_ARG, ) +from infection_monkey.utils.commands import build_monkey_commandline __author__ = "VakarisZ" diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index 24b46d278..6269a8778 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -8,14 +8,11 @@ import pymssql from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError from common.utils.exploit_enum import ExploitType from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_monkey_dest_path, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_monkey_dest_path from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload from infection_monkey.model import DROPPER_ARG +from infection_monkey.utils.commands import build_monkey_commandline LOG = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/exploit/sambacry.py b/monkey/infection_monkey/exploit/sambacry.py index 11a2ab9c5..3ca5d9921 100644 --- a/monkey/infection_monkey/exploit/sambacry.py +++ b/monkey/infection_monkey/exploit/sambacry.py @@ -36,16 +36,13 @@ from impacket.smbconnection import SMBConnection import infection_monkey.monkeyfs as monkeyfs from common.utils.attack_utils import ScanStatus from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey_by_os, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey_by_os from infection_monkey.model import DROPPER_ARG from infection_monkey.network.smbfinger import SMB_SERVICE from infection_monkey.network.tools import get_interface_to_target from infection_monkey.pyinstaller_utils import get_binary_file_path from infection_monkey.telemetry.attack.t1105_telem import T1105Telem +from infection_monkey.utils.commands import build_monkey_commandline __author__ = "itay.mizeretz" diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py index 7bca6b04b..bf6c5589e 100644 --- a/monkey/infection_monkey/exploit/shellshock.py +++ b/monkey/infection_monkey/exploit/shellshock.py @@ -10,14 +10,11 @@ import requests from common.utils.attack_utils import ScanStatus from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.shellshock_resources import CGI_FILES -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.model import DROPPER_ARG from infection_monkey.telemetry.attack.t1222_telem import T1222Telem +from infection_monkey.utils.commands import build_monkey_commandline __author__ = "danielg" diff --git a/monkey/infection_monkey/exploit/smbexec.py b/monkey/infection_monkey/exploit/smbexec.py index 81fc2848c..189bc51ad 100644 --- a/monkey/infection_monkey/exploit/smbexec.py +++ b/monkey/infection_monkey/exploit/smbexec.py @@ -5,16 +5,13 @@ from impacket.dcerpc.v5 import scmr, transport from common.utils.attack_utils import ScanStatus, UsageEnum from common.utils.exploit_enum import ExploitType from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.model import DROPPER_CMDLINE_DETACHED_WINDOWS, MONKEY_CMDLINE_DETACHED_WINDOWS from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.tools import check_tcp_port from infection_monkey.telemetry.attack.t1035_telem import T1035Telem +from infection_monkey.utils.commands import build_monkey_commandline LOG = getLogger(__name__) diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py index 3dedae114..bfcab4a46 100644 --- a/monkey/infection_monkey/exploit/sshexec.py +++ b/monkey/infection_monkey/exploit/sshexec.py @@ -9,15 +9,12 @@ from common.utils.attack_utils import ScanStatus from common.utils.exceptions import FailedExploitationError from common.utils.exploit_enum import ExploitType from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.model import MONKEY_ARG from infection_monkey.network.tools import check_tcp_port, get_interface_to_target from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1222_telem import T1222Telem +from infection_monkey.utils.commands import build_monkey_commandline __author__ = "hoffer" diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index a863f9499..f7f6eadb8 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -45,42 +45,6 @@ def get_target_monkey_by_os(is_windows, is_32bit): return ControlClient.download_monkey_exe_by_os(is_windows, is_32bit) -def build_monkey_commandline_explicitly( - parent=None, tunnel=None, server=None, depth=None, location=None, vulnerable_port=None -): - cmdline = "" - - if parent is not None: - cmdline += f" -p {parent}" - if tunnel is not None: - cmdline += f" -t {tunnel}" - if server is not None: - cmdline += f" -s {server}" - if depth is not None: - if int(depth) < 0: - depth = 0 - cmdline += f" -d {depth}" - if location is not None: - cmdline += f" -l {location}" - if vulnerable_port is not None: - cmdline += f" -vp {vulnerable_port}" - - return cmdline - - -def build_monkey_commandline(target_host, depth, vulnerable_port, location=None): - from infection_monkey.config import GUID - - return build_monkey_commandline_explicitly( - GUID, - target_host.default_tunnel, - target_host.default_server, - depth, - location, - vulnerable_port, - ) - - def get_monkey_depth(): from infection_monkey.config import WormConfiguration diff --git a/monkey/infection_monkey/exploit/vsftpd.py b/monkey/infection_monkey/exploit/vsftpd.py index 8af8e24d9..7164a21c8 100644 --- a/monkey/infection_monkey/exploit/vsftpd.py +++ b/monkey/infection_monkey/exploit/vsftpd.py @@ -11,11 +11,7 @@ from logging import getLogger from common.utils.attack_utils import ScanStatus from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.model import ( CHMOD_MONKEY, @@ -25,6 +21,7 @@ from infection_monkey.model import ( WGET_HTTP_UPLOAD, ) from infection_monkey.telemetry.attack.t1222_telem import T1222Telem +from infection_monkey.utils.commands import build_monkey_commandline LOG = getLogger(__name__) diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py index 5620c425a..1bd9fd6b4 100644 --- a/monkey/infection_monkey/exploit/web_rce.py +++ b/monkey/infection_monkey/exploit/web_rce.py @@ -5,11 +5,7 @@ from posixpath import join from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.model import ( BITSADMIN_CMDLINE_HTTP, @@ -28,6 +24,7 @@ from infection_monkey.model import ( from infection_monkey.network.tools import tcp_port_to_service from infection_monkey.telemetry.attack.t1197_telem import T1197Telem from infection_monkey.telemetry.attack.t1222_telem import T1222Telem +from infection_monkey.utils.commands import build_monkey_commandline __author__ = "VakarisZ" diff --git a/monkey/infection_monkey/exploit/win_ms08_067.py b/monkey/infection_monkey/exploit/win_ms08_067.py index 2d005e543..1e92eadf5 100644 --- a/monkey/infection_monkey/exploit/win_ms08_067.py +++ b/monkey/infection_monkey/exploit/win_ms08_067.py @@ -16,15 +16,12 @@ from impacket.dcerpc.v5 import transport from common.utils.shellcode_obfuscator import clarify from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.tools import check_tcp_port +from infection_monkey.utils.commands import build_monkey_commandline from infection_monkey.utils.random_password_generator import get_random_password LOG = getLogger(__name__) diff --git a/monkey/infection_monkey/exploit/wmiexec.py b/monkey/infection_monkey/exploit/wmiexec.py index cad313f8c..c89b2d5ea 100644 --- a/monkey/infection_monkey/exploit/wmiexec.py +++ b/monkey/infection_monkey/exploit/wmiexec.py @@ -7,14 +7,11 @@ from impacket.dcerpc.v5.rpcrt import DCERPCException from common.utils.exploit_enum import ExploitType from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.tools.helpers import ( - build_monkey_commandline, - get_monkey_depth, - get_target_monkey, -) +from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException, WmiTools from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS +from infection_monkey.utils.commands import build_monkey_commandline LOG = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/model/__init__.py b/monkey/infection_monkey/model/__init__.py index 988edbc07..c7b8609b7 100644 --- a/monkey/infection_monkey/model/__init__.py +++ b/monkey/infection_monkey/model/__init__.py @@ -7,7 +7,9 @@ DROPPER_ARG = "dr0pp3r" ID_STRING = "M0NK3Y3XPL0ITABLE" # CMD prefix for windows commands -CMD_PREFIX = "cmd.exe /c" +CMD_EXE = "cmd.exe" +CMD_CARRY_OUT = "/c" +CMD_PREFIX = CMD_EXE + " " + CMD_CARRY_OUT DROPPER_CMDLINE_WINDOWS = "%s %%(dropper_path)s %s" % ( CMD_PREFIX, DROPPER_ARG, @@ -16,7 +18,6 @@ MONKEY_CMDLINE_WINDOWS = "%s %%(monkey_path)s %s" % ( CMD_PREFIX, MONKEY_ARG, ) -MONKEY_CMDLINE_LINUX = "./%%(monkey_filename)s %s" % (MONKEY_ARG,) DROPPER_CMDLINE_DETACHED_WINDOWS = "%s start cmd /c %%(dropper_path)s %s" % ( CMD_PREFIX, DROPPER_ARG, diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index 451f03f86..8d3229965 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -1,15 +1,61 @@ -import shlex +import logging + +from infection_monkey.model import CMD_CARRY_OUT, CMD_EXE, MONKEY_ARG + +LOG = logging.getLogger(__name__) -def get_monkey_cmd_lines_windows(monkey_cmdline_windows, destination_path, monkey_options): - monkey_cmdline = monkey_cmdline_windows % {"monkey_path": destination_path} + monkey_options +def build_monkey_commandline(target_host, depth, vulnerable_port, location=None): + from infection_monkey.config import GUID - return monkey_cmdline, shlex.split(monkey_cmdline, posix=False) - - -def get_monkey_cmd_lines_linux(monkey_cmdline_linux, destination_path, monkey_options): - monkey_cmdline = ( - monkey_cmdline_linux % {"monkey_filename": destination_path.split("/")[-1]} + monkey_options + return "".join( + build_monkey_commandline_explicitly( + GUID, + target_host.default_tunnel, + target_host.default_server, + depth, + location, + vulnerable_port, + ) ) - return monkey_cmdline, shlex.split(monkey_cmdline, posix=False) + +def build_monkey_commandline_explicitly( + parent=None, tunnel=None, server=None, depth=None, location=None, vulnerable_port=None +): + cmdline = [] + + if parent is not None: + cmdline.append("-p") + cmdline.append(f"{parent}") + if tunnel is not None: + cmdline.append("-t") + cmdline.append(f"{tunnel}") + if server is not None: + cmdline.append("-s") + cmdline.append(f"{server}") + if depth is not None: + if int(depth) < 0: + depth = 0 + cmdline.append("-d") + cmdline.append(f"{depth}") + if location is not None: + cmdline.append("-l") + cmdline.append(f"{location}") + if vulnerable_port is not None: + cmdline.append("-vp") + cmdline.append(f"{vulnerable_port}") + + return cmdline + + +def get_monkey_cmd_lines_windows(destination_path, monkey_options): + monkey_cmdline = [CMD_EXE, CMD_CARRY_OUT, destination_path, MONKEY_ARG] + + return monkey_cmdline + monkey_options + + +def get_monkey_cmd_lines_linux(destination_path, monkey_options): + monkey_cmdline = [destination_path.split("/")[-1], MONKEY_ARG] + + return monkey_cmdline + monkey_options diff --git a/monkey/infection_monkey/windows_upgrader.py b/monkey/infection_monkey/windows_upgrader.py index d81b7dc52..09936fc5b 100644 --- a/monkey/infection_monkey/windows_upgrader.py +++ b/monkey/infection_monkey/windows_upgrader.py @@ -1,5 +1,4 @@ import logging -import shlex import shutil import subprocess import sys @@ -8,8 +7,10 @@ import time import infection_monkey.monkeyfs as monkeyfs from infection_monkey.config import WormConfiguration from infection_monkey.control import ControlClient -from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly -from infection_monkey.model import MONKEY_CMDLINE_WINDOWS +from infection_monkey.utils.commands import ( + build_monkey_commandline_explicitly, + get_monkey_cmd_lines_windows, +) from infection_monkey.utils.environment import is_64bit_python, is_64bit_windows_os, is_windows_os __author__ = "itay.mizeretz" @@ -46,20 +47,12 @@ class WindowsUpgrader(object): opts.parent, opts.tunnel, opts.server, opts.depth ) - # TODO: Replace all of this string templating with a function that accepts - # the necessary parameters and returns a list of arguments. - monkey_cmdline = ( - MONKEY_CMDLINE_WINDOWS % {"monkey_path": WormConfiguration.dropper_target_path_win_64} - + monkey_options - ) - - monkey_cmdline_split = shlex.split( - monkey_cmdline, - posix=False, # won't try resolving "\" in paths as part of escape sequences + monkey_cmdline = get_monkey_cmd_lines_windows( + WormConfiguration.dropper_target_path_win_64, monkey_options ) monkey_process = subprocess.Popen( - monkey_cmdline_split, + monkey_cmdline, stdin=None, stdout=None, stderr=None, @@ -70,7 +63,7 @@ class WindowsUpgrader(object): LOG.info( "Executed 64bit monkey process (PID=%d) with command line: %s", monkey_process.pid, - monkey_cmdline, + "".join(monkey_cmdline), ) time.sleep(WindowsUpgrader.__UPGRADE_WAIT_TIME__) diff --git a/monkey/tests/unit_tests/infection_monkey/exploit/tools/test_helpers.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py similarity index 54% rename from monkey/tests/unit_tests/infection_monkey/exploit/tools/test_helpers.py rename to monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 60cc136e5..f5ea8659d 100644 --- a/monkey/tests/unit_tests/infection_monkey/exploit/tools/test_helpers.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -1,16 +1,29 @@ import unittest -from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly +from infection_monkey.utils.commands import build_monkey_commandline_explicitly class TestHelpers(unittest.TestCase): def test_build_monkey_commandline_explicitly(self): - test1 = " -p 101010 -t 10.10.101.10 -s 127.127.127.127:5000 -d 0 -l C:\\windows\\abc -vp 80" + test1 = [ + "-p", + "101010", + "-t", + "10.10.101.10", + "-s", + "127.127.127.127:5000", + "-d", + "0", + "-l", + "C:\\windows\\abc", + "-vp", + "80", + ] result1 = build_monkey_commandline_explicitly( 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 ) - test2 = " -p parent -s 127.127.127.127:5000 -d 0 -vp 80" + test2 = ["-p", "parent", "-s", "127.127.127.127:5000", "-d", "0", "-vp", "80"] result2 = build_monkey_commandline_explicitly( parent="parent", server="127.127.127.127:5000", depth="0", vulnerable_port="80" ) From 4d71ed42a56845f41eaca55ac56a31510a883591 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 17 Jun 2021 20:01:41 +0200 Subject: [PATCH 03/20] Remove unnecessary unit test for build_monkey_commandline_explicitly --- .../unit_tests/infection_monkey/utils/test_commands.py | 6 ------ 1 file changed, 6 deletions(-) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index f5ea8659d..049ec7751 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -23,13 +23,7 @@ class TestHelpers(unittest.TestCase): 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 ) - test2 = ["-p", "parent", "-s", "127.127.127.127:5000", "-d", "0", "-vp", "80"] - result2 = build_monkey_commandline_explicitly( - parent="parent", server="127.127.127.127:5000", depth="0", vulnerable_port="80" - ) - self.assertEqual(test1, result1) - self.assertEqual(test2, result2) if __name__ == "__main__": From 24bb79af6a2eda9d8a84f892703534335012d9e7 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 17 Jun 2021 20:05:40 +0200 Subject: [PATCH 04/20] agent: Convert unit test_commands to pytest --- .../infection_monkey/utils/test_commands.py | 45 ++++++++----------- 1 file changed, 19 insertions(+), 26 deletions(-) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 049ec7751..0b59ff649 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -1,30 +1,23 @@ -import unittest - from infection_monkey.utils.commands import build_monkey_commandline_explicitly -class TestHelpers(unittest.TestCase): - def test_build_monkey_commandline_explicitly(self): - test1 = [ - "-p", - "101010", - "-t", - "10.10.101.10", - "-s", - "127.127.127.127:5000", - "-d", - "0", - "-l", - "C:\\windows\\abc", - "-vp", - "80", - ] - result1 = build_monkey_commandline_explicitly( - 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 - ) +def test_build_monkey_commandline_explicitly(): + test1 = [ + "-p", + "101010", + "-t", + "10.10.101.10", + "-s", + "127.127.127.127:5000", + "-d", + "0", + "-l", + "C:\\windows\\abc", + "-vp", + "80", + ] + result1 = build_monkey_commandline_explicitly( + 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 + ) - self.assertEqual(test1, result1) - - -if __name__ == "__main__": - unittest.main() + assert test1 == result1 From b1dd08b390ad98c39ee2e67a59c289780167b553 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 17 Jun 2021 20:41:17 +0200 Subject: [PATCH 05/20] Add depth unit tests for test_build_monkey_commandline_explicitly --- .../infection_monkey/utils/test_commands.py | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 0b59ff649..8770cb599 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -20,4 +20,42 @@ def test_build_monkey_commandline_explicitly(): 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 ) + test2 = [ + "-p", + "101010", + "-t", + "10.10.101.10", + "-s", + "200.150.100.50:5000", + "-d", + "0", + "-l", + "C:\\windows\\abc", + "-vp", + "443", + ] + result2 = build_monkey_commandline_explicitly( + 101010, "10.10.101.10", "200.150.100.50:5000", -50, "C:\\windows\\abc", 443 + ) + + test3 = [ + "-p", + "101010", + "-t", + "10.10.101.10", + "-s", + "200.150.100.50:5000", + "-d", + "100", + "-l", + "C:\\windows\\ghi", + "-vp", + "443", + ] + result3 = build_monkey_commandline_explicitly( + 101010, "10.10.101.10", "200.150.100.50:5000", 100, "C:\\windows\\ghi", 443 + ) + assert test1 == result1 + assert test2 == result2 + assert test3 == result3 From 9a3d0155036599f40ceb8c6d2b5951cd448a7f2d Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 17 Jun 2021 21:03:55 +0200 Subject: [PATCH 06/20] Add commands unit test_get_monkey_cmd_lines_windows --- .../infection_monkey/utils/test_commands.py | 29 ++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 8770cb599..7e69c5051 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -1,4 +1,7 @@ -from infection_monkey.utils.commands import build_monkey_commandline_explicitly +from infection_monkey.utils.commands import ( + build_monkey_commandline_explicitly, + get_monkey_cmd_lines_windows, +) def test_build_monkey_commandline_explicitly(): @@ -59,3 +62,27 @@ def test_build_monkey_commandline_explicitly(): assert test1 == result1 assert test2 == result2 assert test3 == result3 + + +def test_get_monkey_cmd_lines_windows(): + test1 = [ + "cmd.exe", + "/c", + "C:\\windows\\abc", + "m0nk3y", + "-p", + "101010", + "-t", + "10.10.101.10", + ] + result1 = get_monkey_cmd_lines_windows( + "C:\\windows\\abc", + [ + "-p", + "101010", + "-t", + "10.10.101.10", + ], + ) + + assert test1 == result1 From d76e69fffefa4c56ead0be00b2e87e7eb8216871 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 17 Jun 2021 21:17:14 +0200 Subject: [PATCH 07/20] Add commands unit test_get_monkey_cmd_lines_linux --- .../infection_monkey/utils/test_commands.py | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 7e69c5051..511adeb4b 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -1,5 +1,6 @@ from infection_monkey.utils.commands import ( build_monkey_commandline_explicitly, + get_monkey_cmd_lines_linux, get_monkey_cmd_lines_windows, ) @@ -86,3 +87,25 @@ def test_get_monkey_cmd_lines_windows(): ) assert test1 == result1 + + +def test_get_monkey_cmd_lines_linux(): + test1 = [ + "monkey-linux-64", + "m0nk3y", + "-p", + "101010", + "-t", + "10.10.101.10", + ] + result1 = get_monkey_cmd_lines_linux( + "/home/user/monkey-linux-64", + [ + "-p", + "101010", + "-t", + "10.10.101.10", + ], + ) + + assert test1 == result1 From b93be212f4588b4a46baed5e2aca64ef357ef913 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 18 Jun 2021 11:53:04 +0200 Subject: [PATCH 08/20] Add name consistency for get_monkey_commandline --- monkey/infection_monkey/dropper.py | 16 ++++++++-------- monkey/infection_monkey/utils/commands.py | 4 ++-- monkey/infection_monkey/windows_upgrader.py | 4 ++-- .../infection_monkey/utils/test_commands.py | 12 ++++++------ 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/monkey/infection_monkey/dropper.py b/monkey/infection_monkey/dropper.py index a9b753357..9df8f6a82 100644 --- a/monkey/infection_monkey/dropper.py +++ b/monkey/infection_monkey/dropper.py @@ -16,8 +16,8 @@ from infection_monkey.system_info import OperatingSystem, SystemInfoCollector from infection_monkey.telemetry.attack.t1106_telem import T1106Telem from infection_monkey.utils.commands import ( build_monkey_commandline_explicitly, - get_monkey_cmd_lines_linux, - get_monkey_cmd_lines_windows, + get_monkey_commandline_linux, + get_monkey_commandline_windows, ) if "win32" == sys.platform: @@ -146,12 +146,12 @@ class MonkeyDrops(object): if OperatingSystem.Windows == SystemInfoCollector.get_os(): - monkey_cmdline = get_monkey_cmd_lines_windows( + monkey_commandline = get_monkey_commandline_windows( self._config["destination_path"], monkey_options ) monkey_process = subprocess.Popen( - monkey_cmdline, + monkey_commandline, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, @@ -163,12 +163,12 @@ class MonkeyDrops(object): # In Linux, we need to change the directory first, which is done # using thw `cwd` argument in `subprocess.Popen` below - monkey_cmdline = get_monkey_cmd_lines_linux(dest_path, monkey_options) + monkey_commandline = get_monkey_commandline_linux(dest_path, monkey_options) - LOG.info("Commands of monkey cmdline_split %s", monkey_cmdline) + LOG.info("Commands of monkey cmdline_split %s", monkey_commandline) monkey_process = subprocess.Popen( - monkey_cmdline, + monkey_commandline, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, @@ -180,7 +180,7 @@ class MonkeyDrops(object): LOG.info( "Executed monkey process (PID=%d) with command line: %s", monkey_process.pid, - " ".join(monkey_cmdline), + " ".join(monkey_commandline), ) time.sleep(3) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index 8d3229965..32d423fa6 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -49,13 +49,13 @@ def build_monkey_commandline_explicitly( return cmdline -def get_monkey_cmd_lines_windows(destination_path, monkey_options): +def get_monkey_commandline_windows(destination_path, monkey_options): monkey_cmdline = [CMD_EXE, CMD_CARRY_OUT, destination_path, MONKEY_ARG] return monkey_cmdline + monkey_options -def get_monkey_cmd_lines_linux(destination_path, monkey_options): +def get_monkey_commandline_linux(destination_path, monkey_options): monkey_cmdline = [destination_path.split("/")[-1], MONKEY_ARG] return monkey_cmdline + monkey_options diff --git a/monkey/infection_monkey/windows_upgrader.py b/monkey/infection_monkey/windows_upgrader.py index 09936fc5b..b3745bf48 100644 --- a/monkey/infection_monkey/windows_upgrader.py +++ b/monkey/infection_monkey/windows_upgrader.py @@ -9,7 +9,7 @@ from infection_monkey.config import WormConfiguration from infection_monkey.control import ControlClient from infection_monkey.utils.commands import ( build_monkey_commandline_explicitly, - get_monkey_cmd_lines_windows, + get_monkey_commandline_windows, ) from infection_monkey.utils.environment import is_64bit_python, is_64bit_windows_os, is_windows_os @@ -47,7 +47,7 @@ class WindowsUpgrader(object): opts.parent, opts.tunnel, opts.server, opts.depth ) - monkey_cmdline = get_monkey_cmd_lines_windows( + monkey_cmdline = get_monkey_commandline_windows( WormConfiguration.dropper_target_path_win_64, monkey_options ) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 511adeb4b..00b62dd6b 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -1,7 +1,7 @@ from infection_monkey.utils.commands import ( build_monkey_commandline_explicitly, - get_monkey_cmd_lines_linux, - get_monkey_cmd_lines_windows, + get_monkey_commandline_linux, + get_monkey_commandline_windows, ) @@ -65,7 +65,7 @@ def test_build_monkey_commandline_explicitly(): assert test3 == result3 -def test_get_monkey_cmd_lines_windows(): +def test_get_monkey_commandline_windows(): test1 = [ "cmd.exe", "/c", @@ -76,7 +76,7 @@ def test_get_monkey_cmd_lines_windows(): "-t", "10.10.101.10", ] - result1 = get_monkey_cmd_lines_windows( + result1 = get_monkey_commandline_windows( "C:\\windows\\abc", [ "-p", @@ -89,7 +89,7 @@ def test_get_monkey_cmd_lines_windows(): assert test1 == result1 -def test_get_monkey_cmd_lines_linux(): +def test_get_monkey_commandline_linux(): test1 = [ "monkey-linux-64", "m0nk3y", @@ -98,7 +98,7 @@ def test_get_monkey_cmd_lines_linux(): "-t", "10.10.101.10", ] - result1 = get_monkey_cmd_lines_linux( + result1 = get_monkey_commandline_linux( "/home/user/monkey-linux-64", [ "-p", From 5c5d96f79d1f97792b43edfc73e6a2c6a3d275ca Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 18 Jun 2021 12:03:39 +0200 Subject: [PATCH 09/20] agent: Remove unnecessary log --- monkey/infection_monkey/dropper.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/monkey/infection_monkey/dropper.py b/monkey/infection_monkey/dropper.py index 9df8f6a82..b3e5665c1 100644 --- a/monkey/infection_monkey/dropper.py +++ b/monkey/infection_monkey/dropper.py @@ -145,7 +145,6 @@ class MonkeyDrops(object): ) if OperatingSystem.Windows == SystemInfoCollector.get_os(): - monkey_commandline = get_monkey_commandline_windows( self._config["destination_path"], monkey_options ) @@ -165,8 +164,6 @@ class MonkeyDrops(object): monkey_commandline = get_monkey_commandline_linux(dest_path, monkey_options) - LOG.info("Commands of monkey cmdline_split %s", monkey_commandline) - monkey_process = subprocess.Popen( monkey_commandline, stdin=subprocess.PIPE, From 36a9e021816beed1d13bebfa441241879b7e20ea Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 18 Jun 2021 12:14:01 +0200 Subject: [PATCH 10/20] agent: Replace f-strings with explicit conversion --- monkey/infection_monkey/utils/commands.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index 32d423fa6..c5755a4be 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -27,24 +27,24 @@ def build_monkey_commandline_explicitly( if parent is not None: cmdline.append("-p") - cmdline.append(f"{parent}") + cmdline.append(str(parent)) if tunnel is not None: cmdline.append("-t") - cmdline.append(f"{tunnel}") + cmdline.append(str(tunnel)) if server is not None: cmdline.append("-s") - cmdline.append(f"{server}") + cmdline.append(str(server)) if depth is not None: if int(depth) < 0: depth = 0 cmdline.append("-d") - cmdline.append(f"{depth}") + cmdline.append(str(depth)) if location is not None: cmdline.append("-l") - cmdline.append(f"{location}") + cmdline.append(str(location)) if vulnerable_port is not None: cmdline.append("-vp") - cmdline.append(f"{vulnerable_port}") + cmdline.append(str(vulnerable_port)) return cmdline From af974fae70508c1978d63f1f5443bf01505969dd Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 18 Jun 2021 12:29:36 +0200 Subject: [PATCH 11/20] agent: Modify unit test for commands --- .../infection_monkey/utils/test_commands.py | 64 +++++++------------ 1 file changed, 23 insertions(+), 41 deletions(-) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 00b62dd6b..df92296a9 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -5,8 +5,8 @@ from infection_monkey.utils.commands import ( ) -def test_build_monkey_commandline_explicitly(): - test1 = [ +def test_build_monkey_commandline_explicitly_arguments(): + expected = [ "-p", "101010", "-t", @@ -20,53 +20,35 @@ def test_build_monkey_commandline_explicitly(): "-vp", "80", ] - result1 = build_monkey_commandline_explicitly( + actual = build_monkey_commandline_explicitly( 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 ) - test2 = [ - "-p", - "101010", - "-t", - "10.10.101.10", - "-s", - "200.150.100.50:5000", + assert expected == actual + + +def test_build_monkey_commandline_explicitly_depth_condition_less(): + expected = [ "-d", "0", - "-l", - "C:\\windows\\abc", - "-vp", - "443", ] - result2 = build_monkey_commandline_explicitly( - 101010, "10.10.101.10", "200.150.100.50:5000", -50, "C:\\windows\\abc", 443 - ) + actual = build_monkey_commandline_explicitly(depth=-50) - test3 = [ - "-p", - "101010", - "-t", - "10.10.101.10", - "-s", - "200.150.100.50:5000", + assert expected == actual + + +def test_build_monkey_commandline_explicitly_depth_condition_greater(): + expected = [ "-d", - "100", - "-l", - "C:\\windows\\ghi", - "-vp", - "443", + "50", ] - result3 = build_monkey_commandline_explicitly( - 101010, "10.10.101.10", "200.150.100.50:5000", 100, "C:\\windows\\ghi", 443 - ) + actual = build_monkey_commandline_explicitly(depth=50) - assert test1 == result1 - assert test2 == result2 - assert test3 == result3 + assert expected == actual def test_get_monkey_commandline_windows(): - test1 = [ + expected = [ "cmd.exe", "/c", "C:\\windows\\abc", @@ -76,7 +58,7 @@ def test_get_monkey_commandline_windows(): "-t", "10.10.101.10", ] - result1 = get_monkey_commandline_windows( + actual = get_monkey_commandline_windows( "C:\\windows\\abc", [ "-p", @@ -86,11 +68,11 @@ def test_get_monkey_commandline_windows(): ], ) - assert test1 == result1 + assert expected == actual def test_get_monkey_commandline_linux(): - test1 = [ + expected = [ "monkey-linux-64", "m0nk3y", "-p", @@ -98,7 +80,7 @@ def test_get_monkey_commandline_linux(): "-t", "10.10.101.10", ] - result1 = get_monkey_commandline_linux( + actual = get_monkey_commandline_linux( "/home/user/monkey-linux-64", [ "-p", @@ -108,4 +90,4 @@ def test_get_monkey_commandline_linux(): ], ) - assert test1 == result1 + assert expected == actual From a158665f2b00a3992bbc86dcd7a67eb0c31aa028 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 18 Jun 2021 12:38:32 +0200 Subject: [PATCH 12/20] agent: Change absolute path to full path in get_monkey_commandline_linux --- monkey/infection_monkey/utils/commands.py | 2 +- monkey/tests/unit_tests/infection_monkey/utils/test_commands.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index c5755a4be..bb7ec569d 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -56,6 +56,6 @@ def get_monkey_commandline_windows(destination_path, monkey_options): def get_monkey_commandline_linux(destination_path, monkey_options): - monkey_cmdline = [destination_path.split("/")[-1], MONKEY_ARG] + monkey_cmdline = [destination_path, MONKEY_ARG] return monkey_cmdline + monkey_options diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index df92296a9..4eebd0ee4 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -73,7 +73,7 @@ def test_get_monkey_commandline_windows(): def test_get_monkey_commandline_linux(): expected = [ - "monkey-linux-64", + "/home/user/monkey-linux-64", "m0nk3y", "-p", "101010", From e93df01e69bfc553153bc2a963401ed521c5b10e Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 21 Jun 2021 17:29:21 +0200 Subject: [PATCH 13/20] agent: Remove logging in commands --- monkey/infection_monkey/utils/commands.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index bb7ec569d..e94f1124e 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -1,9 +1,5 @@ -import logging - from infection_monkey.model import CMD_CARRY_OUT, CMD_EXE, MONKEY_ARG -LOG = logging.getLogger(__name__) - def build_monkey_commandline(target_host, depth, vulnerable_port, location=None): from infection_monkey.config import GUID From 680b1f54d0e137d711ad7e9bd44ea4a5b8a0ef23 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 21 Jun 2021 20:31:50 +0200 Subject: [PATCH 14/20] agent: Add type hinting to commands --- monkey/infection_monkey/utils/commands.py | 18 +++++++++++++----- .../infection_monkey/utils/test_commands.py | 2 +- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index e94f1124e..5742389f0 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -1,7 +1,10 @@ from infection_monkey.model import CMD_CARRY_OUT, CMD_EXE, MONKEY_ARG +from infection_monkey.model.host import VictimHost -def build_monkey_commandline(target_host, depth, vulnerable_port, location=None): +def build_monkey_commandline( + target_host: VictimHost, depth: int, vulnerable_port: str, location: str = None +) -> str: from infection_monkey.config import GUID return "".join( @@ -17,8 +20,13 @@ def build_monkey_commandline(target_host, depth, vulnerable_port, location=None) def build_monkey_commandline_explicitly( - parent=None, tunnel=None, server=None, depth=None, location=None, vulnerable_port=None -): + parent: str = None, + tunnel: str = None, + server: str = None, + depth: int = None, + location: str = None, + vulnerable_port: str = None, +) -> list: cmdline = [] if parent is not None: @@ -45,13 +53,13 @@ def build_monkey_commandline_explicitly( return cmdline -def get_monkey_commandline_windows(destination_path, monkey_options): +def get_monkey_commandline_windows(destination_path: str, monkey_options: list) -> list: monkey_cmdline = [CMD_EXE, CMD_CARRY_OUT, destination_path, MONKEY_ARG] return monkey_cmdline + monkey_options -def get_monkey_commandline_linux(destination_path, monkey_options): +def get_monkey_commandline_linux(destination_path: str, monkey_options: list) -> list: monkey_cmdline = [destination_path, MONKEY_ARG] return monkey_cmdline + monkey_options diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index 4eebd0ee4..c43d02e41 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -21,7 +21,7 @@ def test_build_monkey_commandline_explicitly_arguments(): "80", ] actual = build_monkey_commandline_explicitly( - 101010, "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", 80 + "101010", "10.10.101.10", "127.127.127.127:5000", 0, "C:\\windows\\abc", "80" ) assert expected == actual From 8c7fe00182f8f914067bc7ce3e959f3a486cc5a3 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 21 Jun 2021 20:33:19 +0200 Subject: [PATCH 15/20] agent: Rename monkey_options to monkey_cmd_args --- monkey/infection_monkey/utils/commands.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index 5742389f0..77d385d74 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -53,13 +53,13 @@ def build_monkey_commandline_explicitly( return cmdline -def get_monkey_commandline_windows(destination_path: str, monkey_options: list) -> list: +def get_monkey_commandline_windows(destination_path: str, monkey_cmd_args: list) -> list: monkey_cmdline = [CMD_EXE, CMD_CARRY_OUT, destination_path, MONKEY_ARG] - return monkey_cmdline + monkey_options + return monkey_cmdline + monkey_cmd_args -def get_monkey_commandline_linux(destination_path: str, monkey_options: list) -> list: +def get_monkey_commandline_linux(destination_path: str, monkey_cmd_args: list) -> list: monkey_cmdline = [destination_path, MONKEY_ARG] - return monkey_cmdline + monkey_options + return monkey_cmdline + monkey_cmd_args From 5a871da26a17a1cd1292bfa0e97c94e0f7d9d78b Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 21 Jun 2021 20:35:06 +0200 Subject: [PATCH 16/20] agent: Move GUID import to other imports --- monkey/infection_monkey/utils/commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index 77d385d74..b2b5745ba 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -1,3 +1,4 @@ +from infection_monkey.config import GUID from infection_monkey.model import CMD_CARRY_OUT, CMD_EXE, MONKEY_ARG from infection_monkey.model.host import VictimHost @@ -5,7 +6,6 @@ from infection_monkey.model.host import VictimHost def build_monkey_commandline( target_host: VictimHost, depth: int, vulnerable_port: str, location: str = None ) -> str: - from infection_monkey.config import GUID return "".join( build_monkey_commandline_explicitly( From feaa7ee867ab3bfc89c3960839f3ed3c83975de5 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 21 Jun 2021 21:00:04 +0200 Subject: [PATCH 17/20] agent: Resolve empty space in build_monkey_commandline --- monkey/infection_monkey/utils/commands.py | 2 +- .../infection_monkey/utils/test_commands.py | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index b2b5745ba..b9e042e00 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -7,7 +7,7 @@ def build_monkey_commandline( target_host: VictimHost, depth: int, vulnerable_port: str, location: str = None ) -> str: - return "".join( + return " ".join( build_monkey_commandline_explicitly( GUID, target_host.default_tunnel, diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index c43d02e41..ef96f022e 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -1,4 +1,7 @@ +from infection_monkey.config import GUID +from infection_monkey.model.host import VictimHost from infection_monkey.utils.commands import ( + build_monkey_commandline, build_monkey_commandline_explicitly, get_monkey_commandline_linux, get_monkey_commandline_windows, @@ -91,3 +94,15 @@ def test_get_monkey_commandline_linux(): ) assert expected == actual + + +def test_build_monkey_commandline(): + example_host = VictimHost(ip_addr="bla") + example_host.set_default_server("101010") + + expected = "-p " + GUID + " -s 101010 -d 0 -l /home/bla -vp 80" + actual = build_monkey_commandline( + target_host=example_host, depth=0, vulnerable_port="80", location="/home/bla" + ) + + assert expected == actual From b65b26e856b8079e9d6d44ef08bc1997e5c5efc7 Mon Sep 17 00:00:00 2001 From: ilija-lazoroski Date: Tue, 22 Jun 2021 17:09:09 +0200 Subject: [PATCH 18/20] agent: Join monkey cmdline for log Co-authored-by: Mike Salvatore --- monkey/infection_monkey/windows_upgrader.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/infection_monkey/windows_upgrader.py b/monkey/infection_monkey/windows_upgrader.py index b3745bf48..6dfd01c11 100644 --- a/monkey/infection_monkey/windows_upgrader.py +++ b/monkey/infection_monkey/windows_upgrader.py @@ -63,7 +63,7 @@ class WindowsUpgrader(object): LOG.info( "Executed 64bit monkey process (PID=%d) with command line: %s", monkey_process.pid, - "".join(monkey_cmdline), + " ".join(monkey_cmdline), ) time.sleep(WindowsUpgrader.__UPGRADE_WAIT_TIME__) From 8ee1ce67069fe1d1d9d9e2358e290882fb99a31f Mon Sep 17 00:00:00 2001 From: ilija-lazoroski Date: Tue, 22 Jun 2021 17:10:49 +0200 Subject: [PATCH 19/20] agent: Update unit test for build_monkey_commandline Co-authored-by: Mike Salvatore --- monkey/tests/unit_tests/infection_monkey/utils/test_commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index ef96f022e..efb0623bd 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -100,7 +100,7 @@ def test_build_monkey_commandline(): example_host = VictimHost(ip_addr="bla") example_host.set_default_server("101010") - expected = "-p " + GUID + " -s 101010 -d 0 -l /home/bla -vp 80" + expected = f"-p {GUID} -s 101010 -d 0 -l /home/bla -vp 80" actual = build_monkey_commandline( target_host=example_host, depth=0, vulnerable_port="80", location="/home/bla" ) From 96cf8fc0527a979bdad814b0de9c14c7ece3bd93 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Tue, 29 Jun 2021 18:03:23 +0200 Subject: [PATCH 20/20] agent: Add missing space in build_monkey_commandline --- monkey/infection_monkey/utils/commands.py | 2 +- monkey/tests/unit_tests/infection_monkey/utils/test_commands.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/infection_monkey/utils/commands.py b/monkey/infection_monkey/utils/commands.py index b9e042e00..ee2f0153a 100644 --- a/monkey/infection_monkey/utils/commands.py +++ b/monkey/infection_monkey/utils/commands.py @@ -7,7 +7,7 @@ def build_monkey_commandline( target_host: VictimHost, depth: int, vulnerable_port: str, location: str = None ) -> str: - return " ".join( + return " " + " ".join( build_monkey_commandline_explicitly( GUID, target_host.default_tunnel, diff --git a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py index efb0623bd..a3f210533 100644 --- a/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py +++ b/monkey/tests/unit_tests/infection_monkey/utils/test_commands.py @@ -100,7 +100,7 @@ def test_build_monkey_commandline(): example_host = VictimHost(ip_addr="bla") example_host.set_default_server("101010") - expected = f"-p {GUID} -s 101010 -d 0 -l /home/bla -vp 80" + expected = f" -p {GUID} -s 101010 -d 0 -l /home/bla -vp 80" actual = build_monkey_commandline( target_host=example_host, depth=0, vulnerable_port="80", location="/home/bla" )