forked from p15670423/monkey
BB: Move tunneling to depth 4a test suite
This commit is contained in:
vakarisz
parent
b6588925e2
commit
72c76319d1
|
|
@ -18,6 +18,7 @@ from envs.monkey_zoo.blackbox.test_configurations import (
|
||||||
wmi_mimikatz_test_configuration,
|
wmi_mimikatz_test_configuration,
|
||||||
zerologon_test_configuration,
|
zerologon_test_configuration,
|
||||||
)
|
)
|
||||||
|
from envs.monkey_zoo.blackbox.test_configurations.depth_4_a import depth_4_a_test_configuration
|
||||||
from envs.monkey_zoo.blackbox.test_configurations.test_configuration import TestConfiguration
|
from envs.monkey_zoo.blackbox.test_configurations.test_configuration import TestConfiguration
|
||||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||||
from envs.monkey_zoo.blackbox.utils.gcp_machine_handlers import (
|
from envs.monkey_zoo.blackbox.utils.gcp_machine_handlers import (
|
||||||
|
|
@ -123,6 +124,11 @@ class TestMonkeyBlackbox:
|
||||||
island_client, depth_3_a_test_configuration, "Depth3A test suite"
|
island_client, depth_3_a_test_configuration, "Depth3A test suite"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_depth_4_a(self, island_client):
|
||||||
|
TestMonkeyBlackbox.run_exploitation_test(
|
||||||
|
island_client, depth_4_a_test_configuration, "Depth4A test suite"
|
||||||
|
)
|
||||||
|
|
||||||
# Not grouped because can only be ran on windows
|
# Not grouped because can only be ran on windows
|
||||||
@pytest.mark.skip_powershell_reuse
|
@pytest.mark.skip_powershell_reuse
|
||||||
def test_powershell_exploiter_credentials_reuse(self, island_client):
|
def test_powershell_exploiter_credentials_reuse(self, island_client):
|
||||||
|
|
|
||||||
|
|
@ -16,14 +16,12 @@ from .utils import (
|
||||||
|
|
||||||
# Tests:
|
# Tests:
|
||||||
# Powershell (10.2.3.45, 10.2.3.46, 10.2.3.47, 10.2.3.48)
|
# Powershell (10.2.3.45, 10.2.3.46, 10.2.3.47, 10.2.3.48)
|
||||||
# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.11)
|
|
||||||
# WMI pass the hash (10.2.2.15)
|
# WMI pass the hash (10.2.2.15)
|
||||||
|
|
||||||
|
|
||||||
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||||
brute_force = [
|
brute_force = [
|
||||||
PluginConfiguration(name="PowerShellExploiter", options={}),
|
PluginConfiguration(name="PowerShellExploiter", options={}),
|
||||||
PluginConfiguration(name="SSHExploiter", options={}),
|
|
||||||
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
|
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
@ -32,21 +30,17 @@ def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfigurati
|
||||||
|
|
||||||
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||||
subnets = [
|
subnets = [
|
||||||
"10.2.2.9",
|
|
||||||
"10.2.3.45",
|
"10.2.3.45",
|
||||||
"10.2.3.46",
|
"10.2.3.46",
|
||||||
"10.2.3.47",
|
"10.2.3.47",
|
||||||
"10.2.3.48",
|
"10.2.3.48",
|
||||||
"10.2.1.10",
|
|
||||||
"10.2.0.12",
|
|
||||||
"10.2.0.11",
|
|
||||||
"10.2.2.15",
|
"10.2.2.15",
|
||||||
]
|
]
|
||||||
return add_subnets(agent_configuration, subnets)
|
return add_subnets(agent_configuration, subnets)
|
||||||
|
|
||||||
|
|
||||||
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||||
ports = [22, 135, 5985, 5986]
|
ports = [135, 5985, 5986]
|
||||||
return add_tcp_ports(agent_configuration, ports)
|
return add_tcp_ports(agent_configuration, ports)
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -60,9 +54,6 @@ CREDENTIALS = (
|
||||||
Credentials(Username("m0nk3y"), None),
|
Credentials(Username("m0nk3y"), None),
|
||||||
Credentials(Username("m0nk3y-user"), None),
|
Credentials(Username("m0nk3y-user"), None),
|
||||||
Credentials(None, Password("Passw0rd!")),
|
Credentials(None, Password("Passw0rd!")),
|
||||||
Credentials(None, Password("3Q=(Ge(+&w]*")),
|
|
||||||
Credentials(None, Password("`))jU7L(w}")),
|
|
||||||
Credentials(None, Password("t67TC5ZDmz")),
|
|
||||||
Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")),
|
Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")),
|
||||||
Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")),
|
Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")),
|
||||||
Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")),
|
Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")),
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,65 @@
|
||||||
|
import dataclasses
|
||||||
|
|
||||||
|
from common.agent_configuration import AgentConfiguration, PluginConfiguration
|
||||||
|
from common.credentials import Credentials, Password, Username
|
||||||
|
|
||||||
|
from .noop import noop_test_configuration
|
||||||
|
from .utils import (
|
||||||
|
add_exploiters,
|
||||||
|
add_subnets,
|
||||||
|
add_tcp_ports,
|
||||||
|
replace_agent_configuration,
|
||||||
|
replace_propagation_credentials,
|
||||||
|
set_keep_tunnel_open_time,
|
||||||
|
set_maximum_depth,
|
||||||
|
)
|
||||||
|
|
||||||
|
# Tests:
|
||||||
|
# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.13)
|
||||||
|
|
||||||
|
|
||||||
|
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||||
|
brute_force = [
|
||||||
|
PluginConfiguration(name="SSHExploiter", options={}),
|
||||||
|
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
|
||||||
|
]
|
||||||
|
|
||||||
|
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
|
||||||
|
|
||||||
|
|
||||||
|
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||||
|
subnets = [
|
||||||
|
"10.2.2.9",
|
||||||
|
"10.2.1.10",
|
||||||
|
"10.2.0.12",
|
||||||
|
"10.2.2.13",
|
||||||
|
]
|
||||||
|
return add_subnets(agent_configuration, subnets)
|
||||||
|
|
||||||
|
|
||||||
|
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
|
||||||
|
ports = [22, 135, 5985, 5986]
|
||||||
|
return add_tcp_ports(agent_configuration, ports)
|
||||||
|
|
||||||
|
|
||||||
|
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 4)
|
||||||
|
test_agent_configuration = set_keep_tunnel_open_time(test_agent_configuration, 20)
|
||||||
|
test_agent_configuration = _add_exploiters(test_agent_configuration)
|
||||||
|
test_agent_configuration = _add_subnets(test_agent_configuration)
|
||||||
|
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
|
||||||
|
|
||||||
|
CREDENTIALS = (
|
||||||
|
Credentials(Username("m0nk3y"), None),
|
||||||
|
Credentials(None, Password("3Q=(Ge(+&w]*")),
|
||||||
|
Credentials(None, Password("`))jU7L(w}")),
|
||||||
|
Credentials(None, Password("prM2qsroTI")),
|
||||||
|
Credentials(None, Password("t67TC5ZDmz")),
|
||||||
|
)
|
||||||
|
|
||||||
|
depth_4_a_test_configuration = dataclasses.replace(noop_test_configuration)
|
||||||
|
replace_agent_configuration(
|
||||||
|
test_configuration=depth_4_a_test_configuration, agent_configuration=test_agent_configuration
|
||||||
|
)
|
||||||
|
replace_propagation_credentials(
|
||||||
|
test_configuration=depth_4_a_test_configuration, propagation_credentials=CREDENTIALS
|
||||||
|
)
|
||||||
Loading…
Reference in New Issue