forked from p15670423/monkey
Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea
This commit is contained in:
Shay Nehmad
commit
7e45540361
|
|
@ -20,7 +20,7 @@ install:
|
|||
# Python
|
||||
- pip freeze
|
||||
- pip install -r monkey/monkey_island/requirements.txt # for unit tests
|
||||
- pip install flake8 pytest dlint # for next stages
|
||||
- pip install flake8 pytest dlint isort # for next stages
|
||||
- pip install coverage # for code coverage
|
||||
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests
|
||||
- pip install pipdeptree
|
||||
|
|
@ -69,6 +69,9 @@ script:
|
|||
- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120
|
||||
- if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
|
||||
|
||||
## Check import order
|
||||
- python -m isort . -c -p common -p infection_monkey -p monkey_island
|
||||
|
||||
## Run unit tests
|
||||
- cd monkey # This is our source dir
|
||||
- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
|
||||
|
|
|
|||
|
|
@ -3,7 +3,8 @@ from datetime import timedelta
|
|||
from typing import Dict
|
||||
|
||||
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
|
||||
LOGGER = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
import json
|
||||
|
||||
import logging
|
||||
from time import sleep
|
||||
|
||||
from bson import json_util
|
||||
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import MonkeyIslandRequests
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import \
|
||||
MonkeyIslandRequests
|
||||
|
||||
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
|
||||
MONKEY_TEST_ENDPOINT = 'api/test/monkey'
|
||||
|
|
|
|||
|
|
@ -1,13 +1,12 @@
|
|||
from typing import Dict
|
||||
import functools
|
||||
import logging
|
||||
from datetime import timedelta
|
||||
|
||||
from typing import Dict
|
||||
|
||||
import requests
|
||||
import functools
|
||||
|
||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
|
||||
|
||||
import logging
|
||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
|
||||
SupportedRequestMethod
|
||||
|
||||
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
|
||||
NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \
|
||||
|
|
|
|||
|
|
@ -2,8 +2,10 @@ import logging
|
|||
import os
|
||||
import shutil
|
||||
|
||||
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import MonkeyLogParser
|
||||
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import MonkeyLogsDownloader
|
||||
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import \
|
||||
MonkeyLogParser
|
||||
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import \
|
||||
MonkeyLogsDownloader
|
||||
|
||||
LOG_DIR_NAME = 'logs'
|
||||
LOGGER = logging.getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -1,20 +1,28 @@
|
|||
import os
|
||||
import logging
|
||||
|
||||
import pytest
|
||||
import os
|
||||
from time import sleep
|
||||
|
||||
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
||||
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler
|
||||
import pytest
|
||||
|
||||
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \
|
||||
CommunicationAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.island_config_parser import \
|
||||
IslandConfigParser
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||
MonkeyIslandClient
|
||||
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \
|
||||
TestLogsHandler
|
||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.map_generation import MapGenerationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import MapGenerationFromTelemetryTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.report_generation import ReportGenerationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.map_generation import \
|
||||
MapGenerationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import \
|
||||
MapGenerationFromTelemetryTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.report_generation import \
|
||||
ReportGenerationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \
|
||||
ReportGenerationFromTelemetryTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
|
||||
TelemetryPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
|
||||
|
||||
DEFAULT_TIMEOUT_SECONDS = 5*60
|
||||
|
|
|
|||
|
|
@ -1,10 +1,14 @@
|
|||
import logging
|
||||
|
||||
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
|
||||
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
|
||||
PerformanceAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||
MonkeyIslandClient
|
||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
|
||||
SupportedRequestMethod
|
||||
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
|
||||
LOGGER = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,12 @@
|
|||
from datetime import timedelta
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||
PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
|
||||
PerformanceTestWorkflow
|
||||
|
||||
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
|
||||
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
from datetime import timedelta
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||
PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
|
||||
TelemetryPerformanceTestWorkflow
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
|
||||
EndpointPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
|
||||
|
||||
class PerformanceTestWorkflow(BasicTest):
|
||||
|
|
|
|||
|
|
@ -1,9 +1,12 @@
|
|||
from datetime import timedelta
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||
PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
|
||||
PerformanceTestWorkflow
|
||||
|
||||
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
|
||||
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
from datetime import timedelta
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||
PerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
|
||||
TelemetryPerformanceTestWorkflow
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import json
|
||||
import logging
|
||||
from os import listdir, path
|
||||
from typing import List, Dict
|
||||
from typing import Dict, List
|
||||
|
||||
from tqdm import tqdm
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import random
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.performance.\
|
||||
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
|
||||
FakeIpGenerator
|
||||
|
||||
|
||||
class FakeMonkey:
|
||||
|
|
|
|||
|
|
@ -2,14 +2,16 @@ import copy
|
|||
import json
|
||||
import logging
|
||||
import sys
|
||||
from typing import List, Dict
|
||||
from typing import Dict, List
|
||||
|
||||
from tqdm import tqdm
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser
|
||||
from envs.monkey_zoo.blackbox.tests.performance.\
|
||||
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import FakeMonkey
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
|
||||
SampleFileParser
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
|
||||
FakeIpGenerator
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import \
|
||||
FakeMonkey
|
||||
|
||||
TELEM_DIR_PATH = './tests/performance/telemetry_sample'
|
||||
LOGGER = logging.getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
from unittest import TestCase
|
||||
|
||||
from envs.monkey_zoo.blackbox.tests.performance.\
|
||||
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
|
||||
FakeIpGenerator
|
||||
|
||||
|
||||
class TestFakeIpGenerator(TestCase):
|
||||
|
|
|
|||
|
|
@ -4,11 +4,16 @@ from datetime import timedelta
|
|||
|
||||
from tqdm import tqdm
|
||||
|
||||
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser
|
||||
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
|
||||
PerformanceAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||
MonkeyIslandClient
|
||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
|
||||
SupportedRequestMethod
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
|
||||
SampleFileParser
|
||||
|
||||
LOGGER = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,10 @@
|
|||
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
|
||||
EndpointPerformanceTest
|
||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||
PerformanceTestConfig
|
||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
|
||||
TelemetryPerformanceTest
|
||||
|
||||
|
||||
class TelemetryPerformanceTestWorkflow(BasicTest):
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import pytest
|
||||
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
||||
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||
MonkeyIslandClient
|
||||
|
||||
machine_list = {
|
||||
"10.0.0.36": "centos_6",
|
||||
|
|
|
|||
|
|
@ -1,14 +1,15 @@
|
|||
import json
|
||||
import re
|
||||
import urllib.request
|
||||
import urllib.error
|
||||
import logging
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
import re
|
||||
import urllib.error
|
||||
import urllib.request
|
||||
|
||||
from common.cloud.environment_names import Environment
|
||||
from common.cloud.instance import CloudInstance
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
||||
|
||||
AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254"
|
||||
AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS)
|
||||
ACCOUNT_ID_KEY = "accountId"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
from unittest import TestCase
|
||||
from .aws_service import filter_instance_data_from_aws_response
|
||||
|
||||
import json
|
||||
from unittest import TestCase
|
||||
|
||||
from .aws_service import filter_instance_data_from_aws_response
|
||||
|
||||
__author__ = 'shay.nehmad'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import logging
|
||||
|
||||
import requests
|
||||
|
||||
from common.cloud.environment_names import Environment
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import logging
|
||||
|
||||
import requests
|
||||
|
||||
from common.cloud.environment_names import Environment
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
import time
|
||||
import logging
|
||||
import time
|
||||
from abc import abstractmethod
|
||||
|
||||
from common.cmd.cmd import Cmd
|
||||
|
|
|
|||
|
|
@ -5,3 +5,4 @@ POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION = "Modify shell startup file"
|
|||
POST_BREACH_HIDDEN_FILES = "Hide files and directories"
|
||||
POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received"
|
||||
POST_BREACH_SETUID_SETGID = "Setuid and Setgid"
|
||||
POST_BREACH_JOB_SCHEDULING = "Schedule jobs"
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ PRINCIPLES = {
|
|||
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
|
||||
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
|
||||
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
|
||||
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandetory "
|
||||
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandatory "
|
||||
"Access Control) only.",
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,11 +1,10 @@
|
|||
import ipaddress
|
||||
import logging
|
||||
import random
|
||||
import socket
|
||||
import struct
|
||||
from abc import ABCMeta, abstractmethod
|
||||
|
||||
import ipaddress
|
||||
import logging
|
||||
|
||||
__author__ = 'itamar'
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import sys
|
||||
|
||||
if sys.platform == 'win32':
|
||||
import win32com
|
||||
import wmi
|
||||
|
|
@ -24,7 +25,7 @@ class MongoUtils:
|
|||
return o
|
||||
|
||||
elif isinstance(o, str):
|
||||
# mongo dosn't like unprintable chars, so we use repr :/
|
||||
# mongo doesn't like unprintable chars, so we use repr :/
|
||||
return repr(o)
|
||||
|
||||
elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object:
|
||||
|
|
@ -32,7 +33,7 @@ class MongoUtils:
|
|||
|
||||
elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch:
|
||||
try:
|
||||
# objectSid property of ds_user is problematic and need thie special treatment.
|
||||
# objectSid property of ds_user is problematic and need this special treatment.
|
||||
# ISWbemObjectEx interface. Class Uint8Array ?
|
||||
if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}":
|
||||
return o.Value
|
||||
|
|
|
|||
|
|
@ -8,14 +8,15 @@ from requests.exceptions import ConnectionError
|
|||
|
||||
import infection_monkey.monkeyfs as monkeyfs
|
||||
import infection_monkey.tunnel as tunnel
|
||||
from infection_monkey.config import WormConfiguration, GUID
|
||||
from infection_monkey.network.info import local_ips, check_internet_access
|
||||
from infection_monkey.config import GUID, WormConfiguration
|
||||
from infection_monkey.network.info import check_internet_access, local_ips
|
||||
from infection_monkey.transport.http import HTTPConnectProxy
|
||||
from infection_monkey.transport.tcp import TcpProxy
|
||||
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
|
||||
PlannedShutdownException
|
||||
|
||||
__author__ = 'hoffer'
|
||||
|
||||
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
|
||||
|
||||
requests.packages.urllib3.disable_warnings()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
import argparse
|
||||
import ctypes
|
||||
import filecmp
|
||||
import logging
|
||||
import os
|
||||
import pprint
|
||||
|
|
@ -9,13 +10,15 @@ import sys
|
|||
import time
|
||||
from ctypes import c_char_p
|
||||
|
||||
import filecmp
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
|
||||
from infection_monkey.model import MONKEY_CMDLINE_WINDOWS, MONKEY_CMDLINE_LINUX, GENERAL_CMDLINE_LINUX
|
||||
from infection_monkey.system_info import SystemInfoCollector, OperatingSystem
|
||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.exploit.tools.helpers import \
|
||||
build_monkey_commandline_explicitly
|
||||
from infection_monkey.model import (GENERAL_CMDLINE_LINUX,
|
||||
MONKEY_CMDLINE_LINUX,
|
||||
MONKEY_CMDLINE_WINDOWS)
|
||||
from infection_monkey.system_info import OperatingSystem, SystemInfoCollector
|
||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||
|
||||
if "win32" == sys.platform:
|
||||
from win32process import DETACHED_PROCESS
|
||||
|
|
|
|||
|
|
@ -1,11 +1,10 @@
|
|||
from abc import abstractmethod
|
||||
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from datetime import datetime
|
||||
|
||||
from infection_monkey.utils.plugins.plugin import Plugin
|
||||
import infection_monkey.exploit
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.utils.plugins.plugin import Plugin
|
||||
|
||||
__author__ = 'itamar'
|
||||
|
||||
|
|
|
|||
|
|
@ -6,17 +6,19 @@
|
|||
|
||||
import json
|
||||
import logging
|
||||
import requests
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
from infection_monkey.model import WGET_HTTP_UPLOAD, BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX, \
|
||||
DOWNLOAD_TIMEOUT
|
||||
from infection_monkey.network.elasticfinger import ES_PORT
|
||||
from common.data.network_consts import ES_SERVICE
|
||||
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
||||
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
|
||||
|
||||
import re
|
||||
|
||||
import requests
|
||||
|
||||
from common.data.network_consts import ES_SERVICE
|
||||
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
|
||||
CMD_PREFIX, DOWNLOAD_TIMEOUT, ID_STRING,
|
||||
WGET_HTTP_UPLOAD)
|
||||
from infection_monkey.network.elasticfinger import ES_PORT
|
||||
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
||||
|
||||
__author__ = 'danielg, VakarisZ'
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -3,17 +3,21 @@
|
|||
Implementation is based on code from https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn
|
||||
"""
|
||||
|
||||
import requests
|
||||
import json
|
||||
import random
|
||||
import string
|
||||
import logging
|
||||
import posixpath
|
||||
import random
|
||||
import string
|
||||
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
import requests
|
||||
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth)
|
||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_monkey_depth
|
||||
from infection_monkey.model import MONKEY_ARG, ID_STRING, HADOOP_WINDOWS_COMMAND, HADOOP_LINUX_COMMAND
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
from infection_monkey.model import (HADOOP_LINUX_COMMAND,
|
||||
HADOOP_WINDOWS_COMMAND, ID_STRING,
|
||||
MONKEY_ARG)
|
||||
|
||||
__author__ = 'VakarisZ'
|
||||
|
||||
|
|
|
|||
|
|
@ -5,13 +5,16 @@ from time import sleep
|
|||
|
||||
import pymssql
|
||||
|
||||
from common.utils.exceptions import (ExploitingVulnerableMachineError,
|
||||
FailedExploitationError)
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_monkey_dest_path)
|
||||
from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer
|
||||
from infection_monkey.exploit.tools.helpers import get_monkey_dest_path, build_monkey_commandline, get_monkey_depth
|
||||
from infection_monkey.model import DROPPER_ARG
|
||||
from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload
|
||||
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
|
||||
from infection_monkey.model import DROPPER_ARG
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -8,21 +8,27 @@ from io import BytesIO
|
|||
import impacket.smbconnection
|
||||
from impacket.nmb import NetBIOSError
|
||||
from impacket.nt_errors import STATUS_SUCCESS
|
||||
from impacket.smb import FILE_OPEN, SMB_DIALECT, SMB, SMBCommand, SMBNtCreateAndX_Parameters, SMBNtCreateAndX_Data, \
|
||||
FILE_READ_DATA, FILE_SHARE_READ, FILE_NON_DIRECTORY_FILE, FILE_WRITE_DATA, FILE_DIRECTORY_FILE
|
||||
from impacket.smb import SessionError
|
||||
from impacket.smb3structs import SMB2_IL_IMPERSONATION, SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS, SMB2Create, \
|
||||
SMB2Packet, SMB2Create_Response, SMB2_OPLOCK_LEVEL_NONE
|
||||
from impacket.smb import (FILE_DIRECTORY_FILE, FILE_NON_DIRECTORY_FILE,
|
||||
FILE_OPEN, FILE_READ_DATA, FILE_SHARE_READ,
|
||||
FILE_WRITE_DATA, SMB, SMB_DIALECT, SessionError,
|
||||
SMBCommand, SMBNtCreateAndX_Data,
|
||||
SMBNtCreateAndX_Parameters)
|
||||
from impacket.smb3structs import (SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS,
|
||||
SMB2_IL_IMPERSONATION,
|
||||
SMB2_OPLOCK_LEVEL_NONE, SMB2Create,
|
||||
SMB2Create_Response, SMB2Packet)
|
||||
from impacket.smbconnection import SMBConnection
|
||||
|
||||
import infection_monkey.monkeyfs as monkeyfs
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey_by_os)
|
||||
from infection_monkey.model import DROPPER_ARG
|
||||
from infection_monkey.network.smbfinger import SMB_SERVICE
|
||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_target_monkey_by_os, get_monkey_depth
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.pyinstaller_utils import get_binary_file_path
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
|
|
|||
|
|
@ -8,10 +8,12 @@ import requests
|
|||
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
||||
from infection_monkey.model import DROPPER_ARG
|
||||
from infection_monkey.exploit.shellshock_resources import CGI_FILES
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||
from infection_monkey.model import DROPPER_ARG
|
||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||
|
||||
__author__ = 'danielg'
|
||||
|
|
@ -86,7 +88,7 @@ class ShellShockExploiter(HostExploiter):
|
|||
LOG.info("SSH Skipping unknown os: %s", uname_os)
|
||||
return False
|
||||
except Exception as exc:
|
||||
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc)
|
||||
LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
|
||||
return False
|
||||
if not self.host.os.get('machine'):
|
||||
try:
|
||||
|
|
@ -95,7 +97,7 @@ class ShellShockExploiter(HostExploiter):
|
|||
if '' != uname_machine:
|
||||
self.host.os['machine'] = uname_machine.lower().strip()
|
||||
except Exception as exc:
|
||||
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc)
|
||||
LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
|
||||
return False
|
||||
|
||||
# copy the monkey
|
||||
|
|
|
|||
|
|
@ -1,17 +1,21 @@
|
|||
from logging import getLogger
|
||||
|
||||
from impacket.dcerpc.v5 import transport, scmr
|
||||
from impacket.dcerpc.v5 import scmr, transport
|
||||
from impacket.smbconnection import SMB_DIALECT
|
||||
|
||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||
from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS, VictimHost
|
||||
from infection_monkey.model import (DROPPER_CMDLINE_DETACHED_WINDOWS,
|
||||
MONKEY_CMDLINE_DETACHED_WINDOWS,
|
||||
VictimHost)
|
||||
from infection_monkey.network.smbfinger import SMBFinger
|
||||
from infection_monkey.network.tools import check_tcp_port
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
|
||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||
|
||||
LOG = getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -5,13 +5,16 @@ import time
|
|||
import paramiko
|
||||
|
||||
import infection_monkey.monkeyfs as monkeyfs
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
||||
from infection_monkey.model import MONKEY_ARG
|
||||
from infection_monkey.network.tools import check_tcp_port, get_interface_to_target
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from common.utils.exceptions import FailedExploitationError
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.model import MONKEY_ARG
|
||||
from infection_monkey.network.tools import (check_tcp_port,
|
||||
get_interface_to_target)
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||
|
||||
|
|
@ -129,7 +132,7 @@ class SSHExploiter(HostExploiter):
|
|||
LOG.info("SSH Skipping unknown os: %s", uname_os)
|
||||
return False
|
||||
except Exception as exc:
|
||||
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc)
|
||||
LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
|
||||
return False
|
||||
|
||||
if not self.host.os.get('machine'):
|
||||
|
|
@ -139,7 +142,7 @@ class SSHExploiter(HostExploiter):
|
|||
if '' != uname_machine:
|
||||
self.host.os['machine'] = uname_machine
|
||||
except Exception as exc:
|
||||
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc)
|
||||
LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
|
||||
|
||||
if self.skip_exist:
|
||||
_, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux)
|
||||
|
|
|
|||
|
|
@ -11,10 +11,11 @@ def try_get_target_monkey(host):
|
|||
|
||||
|
||||
def get_target_monkey(host):
|
||||
from infection_monkey.control import ControlClient
|
||||
import platform
|
||||
import sys
|
||||
|
||||
from infection_monkey.control import ControlClient
|
||||
|
||||
if host.monkey_exe:
|
||||
return host.monkey_exe
|
||||
|
||||
|
|
|
|||
|
|
@ -6,12 +6,12 @@ import urllib.parse
|
|||
import urllib.request
|
||||
from threading import Lock
|
||||
|
||||
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
|
||||
from infection_monkey.model import DOWNLOAD_TIMEOUT
|
||||
from infection_monkey.network.firewall import app as firewall
|
||||
from infection_monkey.network.info import get_free_tcp_port
|
||||
from infection_monkey.transport import HTTPServer, LockedHTTPServer
|
||||
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.transport import HTTPServer, LockedHTTPServer
|
||||
|
||||
__author__ = 'itamar'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
from unittest import TestCase
|
||||
from .payload_parsing import Payload, LimitedSizePayload
|
||||
|
||||
from .payload_parsing import LimitedSizePayload, Payload
|
||||
|
||||
|
||||
class TestPayload(TestCase):
|
||||
|
|
|
|||
|
|
@ -2,16 +2,16 @@ import logging
|
|||
import ntpath
|
||||
import pprint
|
||||
|
||||
from impacket.dcerpc.v5 import transport, srvs
|
||||
from impacket.dcerpc.v5 import srvs, transport
|
||||
from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
|
||||
from impacket.smbconnection import SMBConnection, SMB_DIALECT
|
||||
from impacket.smbconnection import SMB_DIALECT, SMBConnection
|
||||
|
||||
import infection_monkey.config
|
||||
import infection_monkey.monkeyfs as monkeyfs
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.config import Configuration
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
|
||||
__author__ = 'itamar'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
import unittest
|
||||
|
||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
|
||||
from infection_monkey.exploit.tools.helpers import \
|
||||
build_monkey_commandline_explicitly
|
||||
|
||||
|
||||
class TestHelpers(unittest.TestCase):
|
||||
|
|
|
|||
|
|
@ -6,14 +6,16 @@
|
|||
|
||||
import socket
|
||||
import time
|
||||
from logging import getLogger
|
||||
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, build_monkey_commandline, get_monkey_depth
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||
from infection_monkey.model import MONKEY_ARG, CHMOD_MONKEY, RUN_MONKEY, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT
|
||||
from logging import getLogger
|
||||
|
||||
from infection_monkey.model import (CHMOD_MONKEY, DOWNLOAD_TIMEOUT, MONKEY_ARG,
|
||||
RUN_MONKEY, WGET_HTTP_UPLOAD)
|
||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||
|
||||
LOG = getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -1,16 +1,22 @@
|
|||
import logging
|
||||
import re
|
||||
from posixpath import join
|
||||
from abc import abstractmethod
|
||||
from posixpath import join
|
||||
|
||||
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||
from infection_monkey.model import CHECK_COMMAND, ID_STRING, GET_ARCH_LINUX, GET_ARCH_WINDOWS, BITSADMIN_CMDLINE_HTTP, \
|
||||
POWERSHELL_HTTP_UPLOAD, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT, CHMOD_MONKEY, RUN_MONKEY, MONKEY_ARG, DROPPER_ARG
|
||||
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
|
||||
CHMOD_MONKEY, DOWNLOAD_TIMEOUT,
|
||||
DROPPER_ARG, GET_ARCH_LINUX,
|
||||
GET_ARCH_WINDOWS, ID_STRING, MONKEY_ARG,
|
||||
POWERSHELL_HTTP_UPLOAD, RUN_MONKEY,
|
||||
WGET_HTTP_UPLOAD)
|
||||
from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
|
||||
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
||||
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
|
||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||
|
||||
__author__ = 'VakarisZ'
|
||||
|
|
|
|||
|
|
@ -1,16 +1,16 @@
|
|||
import threading
|
||||
import logging
|
||||
import time
|
||||
import copy
|
||||
|
||||
from requests import post, exceptions
|
||||
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.network.info import get_free_tcp_port
|
||||
import logging
|
||||
import threading
|
||||
import time
|
||||
from http.server import BaseHTTPRequestHandler, HTTPServer
|
||||
|
||||
from requests import exceptions, post
|
||||
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
from infection_monkey.network.info import get_free_tcp_port
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
|
||||
__author__ = "VakarisZ"
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -8,18 +8,21 @@
|
|||
|
||||
import socket
|
||||
import time
|
||||
from enum import IntEnum
|
||||
from logging import getLogger
|
||||
|
||||
from enum import IntEnum
|
||||
from impacket import uuid
|
||||
from impacket.dcerpc.v5 import transport
|
||||
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
|
||||
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
|
||||
MONKEY_CMDLINE_WINDOWS)
|
||||
from infection_monkey.network.smbfinger import SMBFinger
|
||||
from infection_monkey.network.tools import check_tcp_port
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
|
||||
LOG = getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -5,14 +5,16 @@ import traceback
|
|||
|
||||
from impacket.dcerpc.v5.rpcrt import DCERPCException
|
||||
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, \
|
||||
get_monkey_depth, build_monkey_commandline
|
||||
from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException
|
||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||
from infection_monkey.exploit.tools.wmi_tools import WmiTools
|
||||
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||
get_monkey_depth,
|
||||
get_target_monkey)
|
||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||
from infection_monkey.exploit.tools.wmi_tools import (AccessDeniedException,
|
||||
WmiTools)
|
||||
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
|
||||
MONKEY_CMDLINE_WINDOWS)
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -7,14 +7,15 @@ import sys
|
|||
import traceback
|
||||
from multiprocessing import freeze_support
|
||||
|
||||
from infection_monkey.utils.monkey_log_path import get_dropper_log_path, get_monkey_log_path
|
||||
from infection_monkey.config import WormConfiguration, EXTERNAL_CONFIG_FILE
|
||||
from infection_monkey.dropper import MonkeyDrops
|
||||
from infection_monkey.model import MONKEY_ARG, DROPPER_ARG
|
||||
from infection_monkey.monkey import InfectionMonkey
|
||||
from common.version import get_version
|
||||
# noinspection PyUnresolvedReferences
|
||||
import infection_monkey.post_breach # dummy import for pyinstaller
|
||||
from common.version import get_version
|
||||
from infection_monkey.config import EXTERNAL_CONFIG_FILE, WormConfiguration
|
||||
from infection_monkey.dropper import MonkeyDrops
|
||||
from infection_monkey.model import DROPPER_ARG, MONKEY_ARG
|
||||
from infection_monkey.monkey import InfectionMonkey
|
||||
from infection_monkey.utils.monkey_log_path import (get_dropper_log_path,
|
||||
get_monkey_log_path)
|
||||
|
||||
__author__ = 'itamar'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
from unittest import TestCase
|
||||
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
||||
|
||||
from common.network.network_range import CidrRange, SingleIpRange
|
||||
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
||||
|
||||
|
||||
class VictimHostGeneratorTester(TestCase):
|
||||
|
|
|
|||
|
|
@ -6,34 +6,39 @@ import sys
|
|||
import time
|
||||
|
||||
import infection_monkey.tunnel as tunnel
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
|
||||
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
|
||||
from common.network.network_utils import get_host_from_network_location
|
||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||
from common.utils.exceptions import (ExploitingVulnerableMachineError,
|
||||
FailedExploitationError)
|
||||
from common.version import get_version
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.control import ControlClient
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from infection_monkey.model import DELAY_DELETE_CMD
|
||||
from infection_monkey.network.firewall import app as firewall
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
from infection_monkey.network.network_scanner import NetworkScanner
|
||||
from infection_monkey.network.tools import (get_interface_to_target,
|
||||
is_running_on_server)
|
||||
from infection_monkey.post_breach.post_breach_handler import PostBreach
|
||||
from infection_monkey.system_info import SystemInfoCollector
|
||||
from infection_monkey.system_singleton import SystemSingleton
|
||||
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
|
||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||
from infection_monkey.telemetry.attack.t1107_telem import T1107Telem
|
||||
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
|
||||
from infection_monkey.telemetry.scan_telem import ScanTelem
|
||||
from infection_monkey.telemetry.state_telem import StateTelem
|
||||
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
||||
from infection_monkey.telemetry.trace_telem import TraceTelem
|
||||
from infection_monkey.telemetry.tunnel_telem import TunnelTelem
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
|
||||
PlannedShutdownException
|
||||
from infection_monkey.utils.monkey_dir import (create_monkey_dir,
|
||||
get_monkey_dir_path,
|
||||
remove_monkey_dir)
|
||||
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
|
||||
from infection_monkey.windows_upgrader import WindowsUpgrader
|
||||
from infection_monkey.post_breach.post_breach_handler import PostBreach
|
||||
from infection_monkey.network.tools import get_interface_to_target, is_running_on_server
|
||||
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
|
||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||
from common.version import get_version
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
from common.network.network_utils import get_host_from_network_location
|
||||
|
||||
MAX_DEPTH_REACHED_MESSAGE = "Reached max depth, shutting down"
|
||||
|
||||
|
|
@ -290,7 +295,8 @@ class InfectionMonkey(object):
|
|||
try:
|
||||
status = None
|
||||
if "win32" == sys.platform:
|
||||
from subprocess import SW_HIDE, STARTF_USESHOWWINDOW, CREATE_NEW_CONSOLE
|
||||
from subprocess import (CREATE_NEW_CONSOLE,
|
||||
STARTF_USESHOWWINDOW, SW_HIDE)
|
||||
startupinfo = subprocess.STARTUPINFO()
|
||||
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
|
||||
startupinfo.wShowWindow = SW_HIDE
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
from io import BytesIO
|
||||
import os
|
||||
from io import BytesIO
|
||||
|
||||
__author__ = 'hoffer'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
from abc import abstractmethod
|
||||
|
||||
import infection_monkey.network
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.utils.plugins.plugin import Plugin
|
||||
import infection_monkey.network
|
||||
|
||||
|
||||
class HostFinger(Plugin):
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@ import logging
|
|||
from contextlib import closing
|
||||
|
||||
import requests
|
||||
from requests.exceptions import Timeout, ConnectionError
|
||||
from requests.exceptions import ConnectionError, Timeout
|
||||
|
||||
import infection_monkey.config
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
from common.data.network_consts import ES_SERVICE
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
|
||||
ES_PORT = 9200
|
||||
ES_HTTP_TIMEOUT = 5
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
import platform
|
||||
import subprocess
|
||||
import sys
|
||||
import platform
|
||||
|
||||
|
||||
def _run_netsh_cmd(command, args):
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
import logging
|
||||
|
||||
import infection_monkey.config
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
import logging
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
@ -20,10 +21,11 @@ class HTTPFinger(HostFinger):
|
|||
pass
|
||||
|
||||
def get_host_fingerprint(self, host):
|
||||
from requests import head
|
||||
from requests.exceptions import Timeout, ConnectionError
|
||||
from contextlib import closing
|
||||
|
||||
from requests import head
|
||||
from requests.exceptions import ConnectionError, Timeout
|
||||
|
||||
for port in self.HTTP:
|
||||
# check both http and https
|
||||
http = "http://" + host.ip_addr + ":" + port[1]
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
import socket
|
||||
import struct
|
||||
import psutil
|
||||
import ipaddress
|
||||
import itertools
|
||||
import netifaces
|
||||
from subprocess import check_output
|
||||
import socket
|
||||
import struct
|
||||
from random import randint
|
||||
from subprocess import check_output
|
||||
|
||||
import netifaces
|
||||
import psutil
|
||||
import requests
|
||||
from requests import ConnectionError
|
||||
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@ import errno
|
|||
import logging
|
||||
import socket
|
||||
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
import infection_monkey.config
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
|
||||
__author__ = 'Maor Rayzin'
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,8 @@ import socket
|
|||
|
||||
import infection_monkey.config
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string
|
||||
from infection_monkey.network.tools import (struct_unpack_tracker,
|
||||
struct_unpack_tracker_string)
|
||||
|
||||
MYSQL_PORT = 3306
|
||||
SQL_SERVICE = 'mysqld-3306'
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
import time
|
||||
import logging
|
||||
import time
|
||||
from multiprocessing.dummy import Pool
|
||||
|
||||
from common.network.network_range import NetworkRange
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
||||
from infection_monkey.network.info import local_ips, get_interfaces_ranges
|
||||
from infection_monkey.network.tcp_scanner import TcpScanner
|
||||
from infection_monkey.network.info import get_interfaces_ranges, local_ips
|
||||
from infection_monkey.network.ping_scanner import PingScanner
|
||||
from infection_monkey.network.tcp_scanner import TcpScanner
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
import logging
|
||||
import socket
|
||||
import struct
|
||||
import logging
|
||||
|
||||
from odict import odict
|
||||
|
||||
from infection_monkey.network.HostFinger import HostFinger
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
import logging
|
||||
import sys
|
||||
import subprocess
|
||||
import re
|
||||
import select
|
||||
import socket
|
||||
import struct
|
||||
import subprocess
|
||||
import sys
|
||||
import time
|
||||
import re
|
||||
|
||||
from infection_monkey.network.info import get_routes, local_ips
|
||||
from infection_monkey.pyinstaller_utils import get_binary_file_path
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
from common.data.post_breach_consts import POST_BREACH_BACKDOOR_USER
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.utils.users import get_commands_to_add_user
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
from common.data.post_breach_consts import POST_BREACH_SETUID_SETGID
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.post_breach.setuid_setgid.setuid_setgid import\
|
||||
from infection_monkey.post_breach.setuid_setgid.setuid_setgid import \
|
||||
get_commands_to_change_setuid_setgid
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
|
|
|
|||
|
|
@ -3,12 +3,12 @@ import random
|
|||
import string
|
||||
import subprocess
|
||||
|
||||
from infection_monkey.utils.new_user_error import NewUserError
|
||||
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
|
||||
from common.data.post_breach_consts import POST_BREACH_COMMUNICATE_AS_NEW_USER
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.utils.new_user_error import NewUserError
|
||||
|
||||
INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/"
|
||||
|
||||
|
|
|
|||
|
|
@ -1,13 +1,11 @@
|
|||
from common.data.post_breach_consts import POST_BREACH_HIDDEN_FILES
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||
from infection_monkey.utils.hidden_files import\
|
||||
get_commands_to_hide_files,\
|
||||
get_commands_to_hide_folders,\
|
||||
cleanup_hidden_files,\
|
||||
get_winAPI_to_hide_files
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
from infection_monkey.utils.hidden_files import (cleanup_hidden_files,
|
||||
get_commands_to_hide_files,
|
||||
get_commands_to_hide_folders,
|
||||
get_winAPI_to_hide_files)
|
||||
|
||||
HIDDEN_FSO_CREATION_COMMANDS = [get_commands_to_hide_files,
|
||||
get_commands_to_hide_folders]
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
from common.data.post_breach_consts import POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
|
||||
from common.data.post_breach_consts import \
|
||||
POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import\
|
||||
from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import \
|
||||
get_commands_to_modify_shell_startup_files
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,19 @@
|
|||
from common.data.post_breach_consts import POST_BREACH_JOB_SCHEDULING
|
||||
from infection_monkey.post_breach.job_scheduling.job_scheduling import (
|
||||
get_commands_to_schedule_jobs, remove_scheduled_jobs)
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
|
||||
|
||||
class ScheduleJobs(PBA):
|
||||
"""
|
||||
This PBA attempts to schedule jobs on the system.
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
linux_cmds, windows_cmds = get_commands_to_schedule_jobs()
|
||||
|
||||
super(ScheduleJobs, self).__init__(name=POST_BREACH_JOB_SCHEDULING,
|
||||
linux_cmd=' '.join(linux_cmds),
|
||||
windows_cmd=windows_cmds)
|
||||
|
||||
remove_scheduled_jobs()
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
from common.data.post_breach_consts import POST_BREACH_TRAP_COMMAND
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.post_breach.trap_command.trap_command import\
|
||||
from infection_monkey.post_breach.trap_command.trap_command import \
|
||||
get_trap_commands
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
import os
|
||||
import logging
|
||||
import os
|
||||
|
||||
from common.data.post_breach_consts import POST_BREACH_FILE_EXECUTION
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.control import ControlClient
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.control import ControlClient
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,19 @@
|
|||
import subprocess
|
||||
|
||||
from infection_monkey.post_breach.job_scheduling.linux_job_scheduling import \
|
||||
get_linux_commands_to_schedule_jobs
|
||||
from infection_monkey.post_breach.job_scheduling.windows_job_scheduling import (
|
||||
get_windows_commands_to_remove_scheduled_jobs,
|
||||
get_windows_commands_to_schedule_jobs)
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
|
||||
def get_commands_to_schedule_jobs():
|
||||
linux_cmds = get_linux_commands_to_schedule_jobs()
|
||||
windows_cmds = get_windows_commands_to_schedule_jobs()
|
||||
return linux_cmds, windows_cmds
|
||||
|
||||
|
||||
def remove_scheduled_jobs():
|
||||
if is_windows_os():
|
||||
subprocess.run(get_windows_commands_to_remove_scheduled_jobs(), shell=True) # noqa: DUO116
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
TEMP_CRON = "$HOME/monkey-schedule-jobs"
|
||||
|
||||
|
||||
def get_linux_commands_to_schedule_jobs():
|
||||
return [
|
||||
f'touch {TEMP_CRON} &&',
|
||||
f'crontab -l > {TEMP_CRON} &&',
|
||||
'echo \"# Successfully scheduled a job using crontab\" |',
|
||||
f'tee -a {TEMP_CRON} &&',
|
||||
f'crontab {TEMP_CRON} ;',
|
||||
f'rm {TEMP_CRON}'
|
||||
]
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
SCHEDULED_TASK_NAME = 'monkey-spawn-cmd'
|
||||
SCHEDULED_TASK_COMMAND = 'C:\windows\system32\cmd.exe'
|
||||
|
||||
# Commands from: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md
|
||||
|
||||
|
||||
def get_windows_commands_to_schedule_jobs():
|
||||
return f'schtasks /Create /SC monthly /TN {SCHEDULED_TASK_NAME} /TR {SCHEDULED_TASK_COMMAND}'
|
||||
|
||||
|
||||
def get_windows_commands_to_remove_scheduled_jobs():
|
||||
return f'schtasks /Delete /TN {SCHEDULED_TASK_NAME} /F > nul 2>&1'
|
||||
|
|
@ -1,13 +1,14 @@
|
|||
import logging
|
||||
import subprocess
|
||||
|
||||
import infection_monkey.post_breach.actions
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
|
||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.utils.plugins.plugin import Plugin
|
||||
import infection_monkey.post_breach.actions
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
__author__ = 'VakarisZ'
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
import logging
|
||||
from typing import Sequence
|
||||
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
from infection_monkey.post_breach.pba import PBA
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from infection_monkey.post_breach.setuid_setgid.linux_setuid_setgid import\
|
||||
from infection_monkey.post_breach.setuid_setgid.linux_setuid_setgid import \
|
||||
get_linux_commands_to_setuid_setgid
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import subprocess
|
||||
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
from infection_monkey.post_breach.shell_startup_files.linux.shell_startup_files_modification import\
|
||||
from infection_monkey.post_breach.shell_startup_files.linux.shell_startup_files_modification import \
|
||||
get_linux_commands_to_modify_shell_startup_files
|
||||
from infection_monkey.post_breach.shell_startup_files.windows.shell_startup_files_modification import\
|
||||
from infection_monkey.post_breach.shell_startup_files.windows.shell_startup_files_modification import \
|
||||
get_windows_commands_to_modify_shell_startup_files
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import subprocess
|
||||
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from infection_monkey.post_breach.trap_command.linux_trap_command import\
|
||||
from infection_monkey.post_breach.trap_command.linux_trap_command import \
|
||||
get_linux_trap_commands
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
||||
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||
|
||||
hiddenimports = collect_submodules('infection_monkey.exploit')
|
||||
datas = (collect_data_files('infection_monkey.exploit', include_py_files=True))
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
||||
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||
|
||||
hiddenimports = collect_submodules('infection_monkey.network')
|
||||
datas = (collect_data_files('infection_monkey.network', include_py_files=True))
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
||||
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||
|
||||
# Import all actions as modules
|
||||
hiddenimports = collect_submodules('infection_monkey.post_breach.actions')
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
||||
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||
|
||||
# Import all actions as modules
|
||||
hiddenimports = collect_submodules('infection_monkey.system_info.collectors')
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import logging
|
||||
import pwd
|
||||
import os
|
||||
import glob
|
||||
import logging
|
||||
import os
|
||||
import pwd
|
||||
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem
|
||||
|
|
|
|||
|
|
@ -1,13 +1,14 @@
|
|||
import logging
|
||||
import sys
|
||||
from enum import IntEnum
|
||||
|
||||
import psutil
|
||||
from enum import IntEnum
|
||||
|
||||
from infection_monkey.network.info import get_host_subnets
|
||||
from infection_monkey.system_info.azure_cred_collector import AzureCollector
|
||||
from infection_monkey.system_info.netstat_collector import NetstatCollector
|
||||
from infection_monkey.system_info.system_info_collectors_handler import SystemInfoCollectorsHandler
|
||||
from infection_monkey.system_info.system_info_collectors_handler import \
|
||||
SystemInfoCollectorsHandler
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
import sys
|
||||
import glob
|
||||
import json
|
||||
import logging
|
||||
import os.path
|
||||
import json
|
||||
import glob
|
||||
import subprocess
|
||||
import sys
|
||||
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@ import logging
|
|||
|
||||
from common.cloud.aws.aws_instance import AwsInstance
|
||||
from common.data.system_info_collectors_names import AWS_COLLECTOR
|
||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||
|
||||
from infection_monkey.system_info.system_info_collector import \
|
||||
SystemInfoCollector
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
from common.cloud.all_instances import get_all_cloud_instances
|
||||
from common.cloud.environment_names import Environment
|
||||
from common.data.system_info_collectors_names import ENVIRONMENT_COLLECTOR
|
||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||
from infection_monkey.system_info.system_info_collector import \
|
||||
SystemInfoCollector
|
||||
|
||||
|
||||
def get_monkey_environment() -> str:
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@ import logging
|
|||
import socket
|
||||
|
||||
from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR
|
||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||
|
||||
from infection_monkey.system_info.system_info_collector import \
|
||||
SystemInfoCollector
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
import logging
|
||||
|
||||
import psutil
|
||||
|
||||
from common.data.system_info_collectors_names import PROCESS_LIST_COLLECTOR
|
||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||
from infection_monkey.system_info.system_info_collector import \
|
||||
SystemInfoCollector
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
# Inspired by Giampaolo Rodola's psutil example from https://github.com/giampaolo/psutil/blob/master/scripts/netstat.py
|
||||
|
||||
import logging
|
||||
import psutil
|
||||
import socket
|
||||
from socket import AF_INET, SOCK_DGRAM, SOCK_STREAM
|
||||
|
||||
from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM
|
||||
import psutil
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.utils.plugins.plugin import Plugin
|
||||
from abc import ABCMeta, abstractmethod
|
||||
|
||||
import infection_monkey.system_info.collectors
|
||||
from infection_monkey.config import WormConfiguration
|
||||
from infection_monkey.utils.plugins.plugin import Plugin
|
||||
|
||||
|
||||
class SystemInfoCollector(Plugin, metaclass=ABCMeta):
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
import logging
|
||||
from typing import Sequence
|
||||
|
||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||
from infection_monkey.system_info.system_info_collector import \
|
||||
SystemInfoCollector
|
||||
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
import logging
|
||||
from typing import List
|
||||
|
||||
from infection_monkey.system_info.windows_cred_collector import pypykatz_handler
|
||||
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials
|
||||
from infection_monkey.system_info.windows_cred_collector import \
|
||||
pypykatz_handler
|
||||
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
|
||||
WindowsCredentials
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,10 @@
|
|||
import binascii
|
||||
from typing import Dict, List, NewType, Any
|
||||
from typing import Any, Dict, List, NewType
|
||||
|
||||
from pypykatz.pypykatz import pypykatz
|
||||
|
||||
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials
|
||||
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
|
||||
WindowsCredentials
|
||||
|
||||
CREDENTIAL_TYPES = ['msv_creds', 'wdigest_creds', 'ssp_creds', 'livessp_creds', 'dpapi_creds',
|
||||
'kerberos_creds', 'credman_creds', 'tspkg_creds']
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
from unittest import TestCase
|
||||
|
||||
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import _get_creds_from_pypykatz_session
|
||||
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import \
|
||||
_get_creds_from_pypykatz_session
|
||||
|
||||
|
||||
class TestPypykatzHandler(TestCase):
|
||||
|
|
|
|||
|
|
@ -1,18 +1,19 @@
|
|||
import os
|
||||
import logging
|
||||
import os
|
||||
import sys
|
||||
|
||||
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import MimikatzCredentialCollector
|
||||
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import \
|
||||
MimikatzCredentialCollector
|
||||
|
||||
sys.coinit_flags = 0 # needed for proper destruction of the wmi python module
|
||||
# noinspection PyPep8
|
||||
import infection_monkey.config
|
||||
# noinspection PyPep8
|
||||
from common.utils.wmi_utils import WMIUtils
|
||||
# noinspection PyPep8
|
||||
from infection_monkey.system_info import InfoCollector
|
||||
# noinspection PyPep8
|
||||
from infection_monkey.system_info.wmi_consts import WMI_CLASSES
|
||||
# noinspection PyPep8
|
||||
from common.utils.wmi_utils import WMIUtils
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
LOG.info('started windows info collector')
|
||||
|
|
|
|||
|
|
@ -9,10 +9,11 @@ from urllib.parse import urlsplit
|
|||
|
||||
import requests
|
||||
|
||||
import infection_monkey.monkeyfs as monkeyfs
|
||||
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
import infection_monkey.control
|
||||
import infection_monkey.monkeyfs as monkeyfs
|
||||
from infection_monkey.network.tools import get_interface_to_target
|
||||
from infection_monkey.transport.base import (TransportProxyBase,
|
||||
update_last_serve_time)
|
||||
|
||||
__author__ = 'hoffer'
|
||||
|
||||
|
|
@ -190,7 +191,8 @@ class HTTPServer(threading.Thread):
|
|||
def run(self):
|
||||
class TempHandler(FileServHTTPRequestHandler):
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from infection_monkey.telemetry.attack.t1105_telem import \
|
||||
T1105Telem
|
||||
|
||||
filename = self._filename
|
||||
|
||||
|
|
@ -244,7 +246,8 @@ class LockedHTTPServer(threading.Thread):
|
|||
def run(self):
|
||||
class TempHandler(FileServHTTPRequestHandler):
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from infection_monkey.telemetry.attack.t1105_telem import \
|
||||
T1105Telem
|
||||
filename = self._filename
|
||||
|
||||
@staticmethod
|
||||
|
|
|
|||
|
|
@ -1,9 +1,10 @@
|
|||
import socket
|
||||
import select
|
||||
from threading import Thread
|
||||
import socket
|
||||
from logging import getLogger
|
||||
from threading import Thread
|
||||
|
||||
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
|
||||
from infection_monkey.transport.base import (TransportProxyBase,
|
||||
update_last_serve_time)
|
||||
|
||||
READ_BUFFER_SIZE = 8192
|
||||
DEFAULT_TIMEOUT = 30
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue