From 1bf51cd04702f6843fedb581f33ac3a498417064 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Fri, 25 Feb 2022 22:46:33 +0530 Subject: [PATCH 1/6] Agent: Fix function call (misspelled) in WebRCE --- monkey/infection_monkey/exploit/web_rce.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py index cdb0ddce9..47ceca3ea 100644 --- a/monkey/infection_monkey/exploit/web_rce.py +++ b/monkey/infection_monkey/exploit/web_rce.py @@ -274,7 +274,7 @@ class WebRCE(HostExploiter): "monkey_path": dest_path, "http_path": http_path, } - self.telemetry_messenger.send_telemtry( + self.telemetry_messenger.send_telemetry( T1197Telem(ScanStatus.USED, self.host, BITS_UPLOAD_STRING) ) resp = self.exploit(url, backup_command) @@ -334,10 +334,10 @@ class WebRCE(HostExploiter): command = CHMOD_MONKEY % {"monkey_path": path} try: resp = self.exploit(url, command) - self.telemetry_messenger.send_telemtry(T1222Telem(ScanStatus.USED, command, self.host)) + self.telemetry_messenger.send_telemetry(T1222Telem(ScanStatus.USED, command, self.host)) except Exception as e: logger.error("Something went wrong while trying to change permission: %s" % e) - self.telemetry_messenger.send_telemtry(T1222Telem(ScanStatus.SCANNED, "", self.host)) + self.telemetry_messenger.send_telemetry(T1222Telem(ScanStatus.SCANNED, "", self.host)) return False # If exploiter returns True / False if isinstance(resp, bool): From 62263b8fbf42310e0104b98f2e6ba6c4af940642 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Fri, 25 Feb 2022 23:04:03 +0530 Subject: [PATCH 2/6] Agent: Remove 32-bit references from Hadoop --- monkey/infection_monkey/exploit/tools/helpers.py | 9 +++------ monkey/infection_monkey/exploit/web_rce.py | 3 +-- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index a0b53d0e7..2c98e2b2e 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -29,11 +29,8 @@ def get_target_monkey(host): if not monkey_path: if host.os.get("type") == platform.system().lower(): - # if exe not found, and we have the same arch or arch is unknown and we are 32bit, - # use our exe - if (not host.os.get("machine") and sys.maxsize < 2 ** 32) or host.os.get( - "machine", "" - ).lower() == platform.machine().lower(): + # if exe not found, and we have the same arch, use our exe + if host.os.get("machine", "").lower() == platform.machine().lower(): monkey_path = sys.executable return monkey_path @@ -54,7 +51,7 @@ def get_monkey_depth(): def get_monkey_dest_path(url_to_monkey): """ Gets destination path from monkey's source url. - :param url_to_monkey: Hosted monkey's url. egz : http://localserver:9999/monkey/windows-32.exe + :param url_to_monkey: Hosted monkey's url. egz : http://localserver:9999/monkey/windows-64.exe :return: Corresponding monkey path from configuration """ from infection_monkey.config import WormConfiguration diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py index 47ceca3ea..7bc02a694 100644 --- a/monkey/infection_monkey/exploit/web_rce.py +++ b/monkey/infection_monkey/exploit/web_rce.py @@ -432,8 +432,7 @@ class WebRCE(HostExploiter): except KeyError: logger.error( 'Unknown key was found. Please use "linux" and "win64" keys to ' - "initialize " - "custom dict of monkey's destination paths" + "initialize custom dict of monkey's destination paths" ) return False From ec9d3822a60de8290935671432aab4d7da1dbfb3 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Sat, 26 Feb 2022 12:55:09 +0530 Subject: [PATCH 3/6] Island: Remove logic to download 32-bit monkeys --- .../cc/resources/monkey_download.py | 48 ++----------------- .../cc/services/run_local_monkey.py | 2 +- 2 files changed, 6 insertions(+), 44 deletions(-) diff --git a/monkey/monkey_island/cc/resources/monkey_download.py b/monkey/monkey_island/cc/resources/monkey_download.py index 24e03280c..ee77091af 100644 --- a/monkey/monkey_island/cc/resources/monkey_download.py +++ b/monkey/monkey_island/cc/resources/monkey_download.py @@ -11,61 +11,23 @@ from monkey_island.cc.server_utils.consts import MONKEY_ISLAND_ABS_PATH logger = logging.getLogger(__name__) MONKEY_DOWNLOADS = [ - { - "type": "linux", - "machine": "x86_64", - "filename": "monkey-linux-64", - }, - { - "type": "linux", - "machine": "i686", - "filename": "monkey-linux-32", - }, - { - "type": "linux", - "machine": "i386", - "filename": "monkey-linux-32", - }, { "type": "linux", "filename": "monkey-linux-64", }, { "type": "windows", - "machine": "x86", - "filename": "monkey-windows-32.exe", - }, - { - "type": "windows", - "machine": "amd64", "filename": "monkey-windows-64.exe", }, - { - "type": "windows", - "machine": "64", - "filename": "monkey-windows-64.exe", - }, - { - "type": "windows", - "machine": "32", - "filename": "monkey-windows-32.exe", - }, - { - "type": "windows", - "filename": "monkey-windows-32.exe", - }, ] -def get_monkey_executable(host_os, machine): +def get_monkey_executable(host_os): for download in MONKEY_DOWNLOADS: - if host_os == download.get("type") and machine == download.get("machine"): - logger.info("Monkey exec found for os: {0} and machine: {1}".format(host_os, machine)) + if host_os == download.get("type"): + logger.info(f"Monkey exec found for os: {host_os}") return download - logger.warning( - "No monkey executables could be found for the host os or machine or both: host_os: {" - "0}, machine: {1}".format(host_os, machine) - ) + logger.warning(f"No monkey executables could be found for the host os: {host_os}") return None @@ -80,7 +42,7 @@ class MonkeyDownload(flask_restful.Resource): host_json = json.loads(request.data) host_os = host_json.get("os") if host_os: - result = get_monkey_executable(host_os.get("type"), host_os.get("machine")) + result = get_monkey_executable(host_os.get("type")) if result: # change resulting from new base path diff --git a/monkey/monkey_island/cc/services/run_local_monkey.py b/monkey/monkey_island/cc/services/run_local_monkey.py index ce6c98c61..4cdd89479 100644 --- a/monkey/monkey_island/cc/services/run_local_monkey.py +++ b/monkey/monkey_island/cc/services/run_local_monkey.py @@ -25,7 +25,7 @@ class LocalMonkeyRunService: @staticmethod def run_local_monkey(): # get the monkey executable suitable to run on the server - result = get_monkey_executable(platform.system().lower(), platform.machine().lower()) + result = get_monkey_executable(platform.system().lower()) if not result: return False, "OS Type not found" From a53ff7d0d91c4f47ec7d7d516e90084b256570c0 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 28 Feb 2022 07:46:16 -0500 Subject: [PATCH 4/6] Agent: Fix broken logic in get_target_monkey() download optimization --- .../infection_monkey/exploit/tools/helpers.py | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index 2c98e2b2e..f519e554f 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -16,24 +16,13 @@ def get_target_monkey(host): from infection_monkey.control import ControlClient - if host.monkey_exe: - return host.monkey_exe - if not host.os.get("type"): return None - monkey_path = ControlClient.download_monkey_exe(host) + if host.os.get("type") == platform.system().lower(): + return sys.executable - if host.os.get("machine") and monkey_path: - host.monkey_exe = monkey_path - - if not monkey_path: - if host.os.get("type") == platform.system().lower(): - # if exe not found, and we have the same arch, use our exe - if host.os.get("machine", "").lower() == platform.machine().lower(): - monkey_path = sys.executable - - return monkey_path + return ControlClient.download_monkey_exe(host) def get_target_monkey_by_os(is_windows, is_32bit): From 01a21f744f33b306f0c1d6683fff40bc99a43b1b Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 28 Feb 2022 07:52:37 -0500 Subject: [PATCH 5/6] Agent: Remove disused VictimHost.monkey_exe --- monkey/infection_monkey/model/host.py | 2 -- .../infection_monkey/telemetry/test_exploit_telem.py | 9 +++++++-- .../infection_monkey/telemetry/test_scan_telem.py | 1 - 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/monkey/infection_monkey/model/host.py b/monkey/infection_monkey/model/host.py index 3bbd1dfb8..95cc85810 100644 --- a/monkey/infection_monkey/model/host.py +++ b/monkey/infection_monkey/model/host.py @@ -8,7 +8,6 @@ class VictimHost(object): self.os = {} self.services = {} self.icmp = False - self.monkey_exe = None self.default_tunnel = None self.default_server = None @@ -42,7 +41,6 @@ class VictimHost(object): for k, v in list(self.services.items()): victim += "%s-%s " % (k, v) victim += "] ICMP: %s " % (self.icmp) - victim += "target monkey: %s" % self.monkey_exe return victim def set_island_address(self, ip: str, port: Optional[str]): diff --git a/monkey/tests/unit_tests/infection_monkey/telemetry/test_exploit_telem.py b/monkey/tests/unit_tests/infection_monkey/telemetry/test_exploit_telem.py index 5d6c81f56..600e1db20 100644 --- a/monkey/tests/unit_tests/infection_monkey/telemetry/test_exploit_telem.py +++ b/monkey/tests/unit_tests/infection_monkey/telemetry/test_exploit_telem.py @@ -16,7 +16,6 @@ HOST_AS_DICT = { "os": {}, "services": {}, "icmp": False, - "monkey_exe": None, "default_tunnel": None, "default_server": None, } @@ -37,7 +36,13 @@ ERROR_MSG = "failed because yolo" @pytest.fixture def exploit_telem_test_instance(): - return ExploitTelem(EXPLOITER_NAME, HOST, ExploiterResultData(RESULT, RESULT, OS_LINUX, EXPLOITER_INFO, EXPLOITER_ATTEMPTS, ERROR_MSG)) + return ExploitTelem( + EXPLOITER_NAME, + HOST, + ExploiterResultData( + RESULT, RESULT, OS_LINUX, EXPLOITER_INFO, EXPLOITER_ATTEMPTS, ERROR_MSG + ), + ) def test_exploit_telem_send(exploit_telem_test_instance, spy_send_telemetry): diff --git a/monkey/tests/unit_tests/infection_monkey/telemetry/test_scan_telem.py b/monkey/tests/unit_tests/infection_monkey/telemetry/test_scan_telem.py index 07c6fbf41..a369fe4cf 100644 --- a/monkey/tests/unit_tests/infection_monkey/telemetry/test_scan_telem.py +++ b/monkey/tests/unit_tests/infection_monkey/telemetry/test_scan_telem.py @@ -14,7 +14,6 @@ HOST_AS_DICT = { "os": {}, "services": {}, "icmp": False, - "monkey_exe": None, "default_tunnel": None, "default_server": None, } From d970271016557da705482c3a03fbe7bfdca7f2dc Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 28 Feb 2022 08:29:04 -0500 Subject: [PATCH 6/6] Agent: Fix get_target_monkey() bug when running from source --- monkey/infection_monkey/exploit/tools/helpers.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index f519e554f..47057b63f 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -1,4 +1,5 @@ import logging +from pathlib import Path logger = logging.getLogger(__name__) @@ -20,7 +21,15 @@ def get_target_monkey(host): return None if host.os.get("type") == platform.system().lower(): - return sys.executable + try: + # When running from source, sys.executable will be "python", not an agent. + if "monkey" in Path(sys.executable).name: + return sys.executable + except Exception as ex: + logger.warning( + "Unable to retrieve this executable's path, downloading executable from the island " + f"instead: {ex}" + ) return ControlClient.download_monkey_exe(host)