From 72c76319d1aa95c950f970cc5d9d38f253df5597 Mon Sep 17 00:00:00 2001 From: vakarisz Date: Thu, 8 Sep 2022 16:58:14 +0300 Subject: [PATCH] BB: Move tunneling to depth 4a test suite --- envs/monkey_zoo/blackbox/test_blackbox.py | 6 ++ .../blackbox/test_configurations/depth_3_a.py | 11 +--- .../blackbox/test_configurations/depth_4_a.py | 65 +++++++++++++++++++ 3 files changed, 72 insertions(+), 10 deletions(-) create mode 100644 envs/monkey_zoo/blackbox/test_configurations/depth_4_a.py diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index 16ee4c0be..be8f4fe2c 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -18,6 +18,7 @@ from envs.monkey_zoo.blackbox.test_configurations import ( wmi_mimikatz_test_configuration, zerologon_test_configuration, ) +from envs.monkey_zoo.blackbox.test_configurations.depth_4_a import depth_4_a_test_configuration from envs.monkey_zoo.blackbox.test_configurations.test_configuration import TestConfiguration from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest from envs.monkey_zoo.blackbox.utils.gcp_machine_handlers import ( @@ -123,6 +124,11 @@ class TestMonkeyBlackbox: island_client, depth_3_a_test_configuration, "Depth3A test suite" ) + def test_depth_4_a(self, island_client): + TestMonkeyBlackbox.run_exploitation_test( + island_client, depth_4_a_test_configuration, "Depth4A test suite" + ) + # Not grouped because can only be ran on windows @pytest.mark.skip_powershell_reuse def test_powershell_exploiter_credentials_reuse(self, island_client): diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py index 0a39a5e59..0b971d2d5 100644 --- a/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py @@ -16,14 +16,12 @@ from .utils import ( # Tests: # Powershell (10.2.3.45, 10.2.3.46, 10.2.3.47, 10.2.3.48) -# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.11) # WMI pass the hash (10.2.2.15) def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: brute_force = [ PluginConfiguration(name="PowerShellExploiter", options={}), - PluginConfiguration(name="SSHExploiter", options={}), PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}), ] @@ -32,21 +30,17 @@ def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfigurati def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: subnets = [ - "10.2.2.9", "10.2.3.45", "10.2.3.46", "10.2.3.47", "10.2.3.48", - "10.2.1.10", - "10.2.0.12", - "10.2.0.11", "10.2.2.15", ] return add_subnets(agent_configuration, subnets) def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: - ports = [22, 135, 5985, 5986] + ports = [135, 5985, 5986] return add_tcp_ports(agent_configuration, ports) @@ -60,9 +54,6 @@ CREDENTIALS = ( Credentials(Username("m0nk3y"), None), Credentials(Username("m0nk3y-user"), None), Credentials(None, Password("Passw0rd!")), - Credentials(None, Password("3Q=(Ge(+&w]*")), - Credentials(None, Password("`))jU7L(w}")), - Credentials(None, Password("t67TC5ZDmz")), Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")), Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")), Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")), diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_4_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_4_a.py new file mode 100644 index 000000000..83e9dc785 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_4_a.py @@ -0,0 +1,65 @@ +import dataclasses + +from common.agent_configuration import AgentConfiguration, PluginConfiguration +from common.credentials import Credentials, Password, Username + +from .noop import noop_test_configuration +from .utils import ( + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + replace_propagation_credentials, + set_keep_tunnel_open_time, + set_maximum_depth, +) + +# Tests: +# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.13) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="SSHExploiter", options={}), + PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}), + ] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[]) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.2.9", + "10.2.1.10", + "10.2.0.12", + "10.2.2.13", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [22, 135, 5985, 5986] + return add_tcp_ports(agent_configuration, ports) + + +test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 4) +test_agent_configuration = set_keep_tunnel_open_time(test_agent_configuration, 20) +test_agent_configuration = _add_exploiters(test_agent_configuration) +test_agent_configuration = _add_subnets(test_agent_configuration) +test_agent_configuration = _add_tcp_ports(test_agent_configuration) + +CREDENTIALS = ( + Credentials(Username("m0nk3y"), None), + Credentials(None, Password("3Q=(Ge(+&w]*")), + Credentials(None, Password("`))jU7L(w}")), + Credentials(None, Password("prM2qsroTI")), + Credentials(None, Password("t67TC5ZDmz")), +) + +depth_4_a_test_configuration = dataclasses.replace(noop_test_configuration) +replace_agent_configuration( + test_configuration=depth_4_a_test_configuration, agent_configuration=test_agent_configuration +) +replace_propagation_credentials( + test_configuration=depth_4_a_test_configuration, propagation_credentials=CREDENTIALS +)