From 58d7f6de50d226d35b5be79d1cd5ff957e072ac2 Mon Sep 17 00:00:00 2001 From: theonlydoo Date: Fri, 4 May 2018 17:23:10 +0200 Subject: [PATCH 1/4] quickwin dockerization --- docker/Dockerfile | 19 +++++++++++++++++++ docker/README.md | 11 +++++++++++ docker/stack.conf | 4 ++++ 3 files changed, 34 insertions(+) create mode 100644 docker/Dockerfile create mode 100644 docker/README.md create mode 100644 docker/stack.conf diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 000000000..6cd945d70 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,19 @@ +FROM debian:jessie-slim + +LABEL MAINTAINER="theonlydoo " + +WORKDIR /app + +ADD https://github.com/guardicore/monkey/releases/download/1.5.2/infection_monkey_1.5.2_deb.tgz . + +RUN tar xvf infection_monkey_1.5.2_deb.tgz \ + && apt-get -yqq update \ + && apt-get -yqq upgrade \ + && apt-get -yqq install python-pip \ + libssl-dev \ + supervisor \ + && dpkg -i *.deb + +COPY stack.conf /etc/supervisor/conf.d/stack.conf + +ENTRYPOINT [ "supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf" ] \ No newline at end of file diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 000000000..768730061 --- /dev/null +++ b/docker/README.md @@ -0,0 +1,11 @@ +# Improvements needed + +* Remove embedded mongodb from .deb, it forbids installation on a `debian:stretch` distro. +* Package monkey for system's python usage. +* Fix package number: (I installed the 1.5.2) +``` +ii gc-monkey-island 1.0 amd64 Guardicore Infection Monkey Island installation package +``` +* Use .deb dependencies for mongodb setup? +* Use docker-compose for stack construction. +* Remove the .sh script from the systemd unit file (`/var/monkey_island/ubuntu/systemd/start_server.sh`) which only does a `cd && localpython run` \ No newline at end of file diff --git a/docker/stack.conf b/docker/stack.conf new file mode 100644 index 000000000..b742c0392 --- /dev/null +++ b/docker/stack.conf @@ -0,0 +1,4 @@ +[program:mongod] +command=/var/monkey_island/bin/mongodb/bin/mongod --quiet --dbpath /var/monkey_island/db +[program:monkey] +command=/var/monkey_island/ubuntu/systemd/start_server.sh From 9cd839abf6c4e6347cf71ee0133e311d05fb5738 Mon Sep 17 00:00:00 2001 From: cclauss Date: Mon, 7 May 2018 17:19:28 +0200 Subject: [PATCH 2/4] Travis CI for automated testing of all pull requests Travis Continuous Integration is free for all open source projects like this one. This config file would have Travis CI run [flake8](http://flake8.pycqa.org) tests to find Python syntax errors and undefined names in all pull requests _before_ they are reviewed. To turn Travis CI on, visit https://travis-ci.com/guardicore --- .travis.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 000000000..8b780e2fc --- /dev/null +++ b/.travis.yml @@ -0,0 +1,27 @@ +group: travis_latest +language: python +cache: pip +python: + - 2.7 + - 3.6 + #- nightly + #- pypy + #- pypy3 +matrix: + allow_failures: + - python: nightly + - python: pypy + - python: pypy3 +install: + #- pip install -r requirements.txt + - pip install flake8 # pytest # add another testing frameworks later +before_script: + # stop the build if there are Python syntax errors or undefined names + - flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics + # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide + - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics +script: + - true # pytest --capture=sys # add other tests here +notifications: + on_success: change + on_failure: change # `always` will be the setting once code changes slow down From 0be721cf010f270cf1e6ff2c8760a22f2afca0bf Mon Sep 17 00:00:00 2001 From: "maor.rayzin" Date: Thu, 17 May 2018 14:11:07 +0300 Subject: [PATCH 3/4] Json file was missing two commas --- infection_monkey/example.conf | 178 +++++++++++++++++----------------- 1 file changed, 89 insertions(+), 89 deletions(-) diff --git a/infection_monkey/example.conf b/infection_monkey/example.conf index 6e8638742..b3d2b6d57 100644 --- a/infection_monkey/example.conf +++ b/infection_monkey/example.conf @@ -1,93 +1,93 @@ { - "command_servers": [ - "41.50.73.31:5000" - ], - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "keep_tunnel_open_time": 60, - "subnet_scan_list": [ - "" - ], - "blocked_ips": [""], - "current_server": "41.50.73.31:5000", - "alive": true, - "collect_system_info": true, - "extract_azure_creds": true, - "depth": 2, + "command_servers": [ + "41.50.73.31:5000" + ], + "internet_services": [ + "monkey.guardicore.com", + "www.google.com" + ], + "keep_tunnel_open_time": 60, + "subnet_scan_list": [ + "" + ], + "blocked_ips": [""], + "current_server": "41.50.73.31:5000", + "alive": true, + "collect_system_info": true, + "extract_azure_creds": true, + "depth": 2, - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_set_date": true, - "dropper_target_path_win_32": "C:\\Windows\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\monkey64.exe", - "dropper_target_path_linux": "/tmp/monkey", + "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", + "dropper_date_reference_path_linux": "/bin/sh", + "dropper_log_path_windows": "%temp%\\~df1562.tmp", + "dropper_log_path_linux": "/tmp/user-1562", + "dropper_set_date": true, + "dropper_target_path_win_32": "C:\\Windows\\monkey32.exe", + "dropper_target_path_win_64": "C:\\Windows\\monkey64.exe", + "dropper_target_path_linux": "/tmp/monkey", - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not", - "dropper_try_move_first": true, - "exploiter_classes": [ - "SSHExploiter", - "SmbExploiter", - "WmiExploiter", - "ShellShockExploiter", - "ElasticGroovyExploiter", - "SambaCryExploiter", - ], - "finger_classes": [ - "SSHFinger", - "PingScanner", - "HTTPFinger", - "SMBFinger", - "MySQLFinger" - "ElasticFinger", - ], - "max_iterations": 3, - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "send_log_to_server": true, - "ms08_067_exploit_attempts": 5, - "ms08_067_remote_user_add": "Monkey_IUSER_SUPPORT", - "ms08_067_remote_user_pass": "Password1!", - "ping_scan_timeout": 10000, - "rdp_use_vbs_download": true, - "smb_download_timeout": 300, - "smb_service_name": "InfectionMonkey", - "retry_failed_explotation": true, - "scanner_class": "TcpScanner", - "self_delete_in_cleanup": true, - "serialize_config": false, - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "skip_exploit_if_file_exist": false, - "exploit_user_list": [], - "exploit_password_list": [], - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": ["", "/mnt", "/tmp", "/storage", "/export", "/share", "/shares", "/home"], - "sambacry_shares_not_to_check": ["IPC$", "print$"], - "local_network_scan": false, - "tcp_scan_get_banner": true, - "tcp_scan_interval": 200, - "tcp_scan_timeout": 10000, - "tcp_target_ports": [ - 22, - 445, - 135, - 3389, - 80, - 8080, - 443, - 3306, - 8008, - 9200 - ], - "timeout_between_iterations": 10, - "use_file_logging": true, - "victims_max_exploit": 7, - "victims_max_find": 30 -} + "kill_file_path_linux": "/var/run/monkey.not", + "kill_file_path_windows": "%windir%\\monkey.not", + "dropper_try_move_first": true, + "exploiter_classes": [ + "SSHExploiter", + "SmbExploiter", + "WmiExploiter", + "ShellShockExploiter", + "ElasticGroovyExploiter", + "SambaCryExploiter" + ], + "finger_classes": [ + "SSHFinger", + "PingScanner", + "HTTPFinger", + "SMBFinger", + "MySQLFinger", + "ElasticFinger" + ], + "max_iterations": 3, + "monkey_log_path_windows": "%temp%\\~df1563.tmp", + "monkey_log_path_linux": "/tmp/user-1563", + "send_log_to_server": true, + "ms08_067_exploit_attempts": 5, + "ms08_067_remote_user_add": "Monkey_IUSER_SUPPORT", + "ms08_067_remote_user_pass": "Password1!", + "ping_scan_timeout": 10000, + "rdp_use_vbs_download": true, + "smb_download_timeout": 300, + "smb_service_name": "InfectionMonkey", + "retry_failed_explotation": true, + "scanner_class": "TcpScanner", + "self_delete_in_cleanup": true, + "serialize_config": false, + "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", + "skip_exploit_if_file_exist": false, + "exploit_user_list": [], + "exploit_password_list": [], + "exploit_lm_hash_list": [], + "exploit_ntlm_hash_list": [], + "sambacry_trigger_timeout": 5, + "sambacry_folder_paths_to_guess": ["", "/mnt", "/tmp", "/storage", "/export", "/share", "/shares", "/home"], + "sambacry_shares_not_to_check": ["IPC$", "print$"], + "local_network_scan": false, + "tcp_scan_get_banner": true, + "tcp_scan_interval": 200, + "tcp_scan_timeout": 10000, + "tcp_target_ports": [ + 22, + 445, + 135, + 3389, + 80, + 8080, + 443, + 3306, + 8008, + 9200 + ], + "timeout_between_iterations": 10, + "use_file_logging": true, + "victims_max_exploit": 7, + "victims_max_find": 30 +} \ No newline at end of file From 7656f448a53f27e83fc1d0915c7d5af3f1ee24ce Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Thu, 17 May 2018 15:11:38 +0300 Subject: [PATCH 4/4] Add python-dev as dependency Because we also build packages manually during the install that depend on python-dev --- monkey_island/deb-package/DEBIAN/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey_island/deb-package/DEBIAN/control b/monkey_island/deb-package/DEBIAN/control index 2426feecb..2693afbd9 100644 --- a/monkey_island/deb-package/DEBIAN/control +++ b/monkey_island/deb-package/DEBIAN/control @@ -5,4 +5,4 @@ Homepage: http://www.guardicore.com Priority: optional Version: 1.0 Description: Guardicore Infection Monkey Island installation package -Depends: openssl, python-pip +Depends: openssl, python-pip, python-dev