forked from p15670423/monkey
Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea
This commit is contained in:
commit
7e45540361
|
@ -20,7 +20,7 @@ install:
|
||||||
# Python
|
# Python
|
||||||
- pip freeze
|
- pip freeze
|
||||||
- pip install -r monkey/monkey_island/requirements.txt # for unit tests
|
- pip install -r monkey/monkey_island/requirements.txt # for unit tests
|
||||||
- pip install flake8 pytest dlint # for next stages
|
- pip install flake8 pytest dlint isort # for next stages
|
||||||
- pip install coverage # for code coverage
|
- pip install coverage # for code coverage
|
||||||
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests
|
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests
|
||||||
- pip install pipdeptree
|
- pip install pipdeptree
|
||||||
|
@ -69,6 +69,9 @@ script:
|
||||||
- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120
|
- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120
|
||||||
- if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
|
- if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
|
||||||
|
|
||||||
|
## Check import order
|
||||||
|
- python -m isort . -c -p common -p infection_monkey -p monkey_island
|
||||||
|
|
||||||
## Run unit tests
|
## Run unit tests
|
||||||
- cd monkey # This is our source dir
|
- cd monkey # This is our source dir
|
||||||
- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
|
- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
|
||||||
|
|
|
@ -3,7 +3,8 @@ from datetime import timedelta
|
||||||
from typing import Dict
|
from typing import Dict
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
|
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
|
||||||
LOGGER = logging.getLogger(__name__)
|
LOGGER = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
import json
|
import json
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
from time import sleep
|
from time import sleep
|
||||||
|
|
||||||
from bson import json_util
|
from bson import json_util
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import MonkeyIslandRequests
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import \
|
||||||
|
MonkeyIslandRequests
|
||||||
|
|
||||||
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
|
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
|
||||||
MONKEY_TEST_ENDPOINT = 'api/test/monkey'
|
MONKEY_TEST_ENDPOINT = 'api/test/monkey'
|
||||||
|
|
|
@ -1,13 +1,12 @@
|
||||||
from typing import Dict
|
import functools
|
||||||
|
import logging
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
|
from typing import Dict
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
import functools
|
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
|
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
|
||||||
|
SupportedRequestMethod
|
||||||
import logging
|
|
||||||
|
|
||||||
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
|
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
|
||||||
NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \
|
NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \
|
||||||
|
|
|
@ -2,8 +2,10 @@ import logging
|
||||||
import os
|
import os
|
||||||
import shutil
|
import shutil
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import MonkeyLogParser
|
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import \
|
||||||
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import MonkeyLogsDownloader
|
MonkeyLogParser
|
||||||
|
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import \
|
||||||
|
MonkeyLogsDownloader
|
||||||
|
|
||||||
LOG_DIR_NAME = 'logs'
|
LOG_DIR_NAME = 'logs'
|
||||||
LOGGER = logging.getLogger(__name__)
|
LOGGER = logging.getLogger(__name__)
|
||||||
|
|
|
@ -1,20 +1,28 @@
|
||||||
import os
|
|
||||||
import logging
|
import logging
|
||||||
|
import os
|
||||||
import pytest
|
|
||||||
from time import sleep
|
from time import sleep
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer
|
import pytest
|
||||||
from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser
|
|
||||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \
|
||||||
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler
|
CommunicationAnalyzer
|
||||||
|
from envs.monkey_zoo.blackbox.island_client.island_config_parser import \
|
||||||
|
IslandConfigParser
|
||||||
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||||
|
MonkeyIslandClient
|
||||||
|
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \
|
||||||
|
TestLogsHandler
|
||||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.map_generation import MapGenerationTest
|
from envs.monkey_zoo.blackbox.tests.performance.map_generation import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import MapGenerationFromTelemetryTest
|
MapGenerationTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.report_generation import ReportGenerationTest
|
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import \
|
||||||
|
MapGenerationFromTelemetryTest
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.report_generation import \
|
||||||
|
ReportGenerationTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \
|
from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \
|
||||||
ReportGenerationFromTelemetryTest
|
ReportGenerationFromTelemetryTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
|
||||||
|
TelemetryPerformanceTest
|
||||||
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
|
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
|
||||||
|
|
||||||
DEFAULT_TIMEOUT_SECONDS = 5*60
|
DEFAULT_TIMEOUT_SECONDS = 5*60
|
||||||
|
|
|
@ -1,10 +1,14 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
|
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
|
||||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
PerformanceAnalyzer
|
||||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||||
|
MonkeyIslandClient
|
||||||
|
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
|
||||||
|
SupportedRequestMethod
|
||||||
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
|
||||||
LOGGER = logging.getLogger(__name__)
|
LOGGER = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
PerformanceTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
|
||||||
|
PerformanceTestWorkflow
|
||||||
|
|
||||||
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
|
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
|
||||||
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)
|
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
PerformanceTest
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
|
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
|
||||||
TelemetryPerformanceTestWorkflow
|
TelemetryPerformanceTestWorkflow
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
||||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
EndpointPerformanceTest
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
|
||||||
|
|
||||||
class PerformanceTestWorkflow(BasicTest):
|
class PerformanceTestWorkflow(BasicTest):
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
PerformanceTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
|
||||||
|
PerformanceTestWorkflow
|
||||||
|
|
||||||
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
|
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
|
||||||
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)
|
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
PerformanceTest
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
|
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
|
||||||
TelemetryPerformanceTestWorkflow
|
TelemetryPerformanceTestWorkflow
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import json
|
import json
|
||||||
import logging
|
import logging
|
||||||
from os import listdir, path
|
from os import listdir, path
|
||||||
from typing import List, Dict
|
from typing import Dict, List
|
||||||
|
|
||||||
from tqdm import tqdm
|
from tqdm import tqdm
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import random
|
import random
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.\
|
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
|
||||||
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
|
FakeIpGenerator
|
||||||
|
|
||||||
|
|
||||||
class FakeMonkey:
|
class FakeMonkey:
|
||||||
|
|
|
@ -2,14 +2,16 @@ import copy
|
||||||
import json
|
import json
|
||||||
import logging
|
import logging
|
||||||
import sys
|
import sys
|
||||||
from typing import List, Dict
|
from typing import Dict, List
|
||||||
|
|
||||||
from tqdm import tqdm
|
from tqdm import tqdm
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser
|
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.\
|
SampleFileParser
|
||||||
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
|
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import FakeMonkey
|
FakeIpGenerator
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import \
|
||||||
|
FakeMonkey
|
||||||
|
|
||||||
TELEM_DIR_PATH = './tests/performance/telemetry_sample'
|
TELEM_DIR_PATH = './tests/performance/telemetry_sample'
|
||||||
LOGGER = logging.getLogger(__name__)
|
LOGGER = logging.getLogger(__name__)
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
from unittest import TestCase
|
from unittest import TestCase
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.\
|
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
|
||||||
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
|
FakeIpGenerator
|
||||||
|
|
||||||
|
|
||||||
class TestFakeIpGenerator(TestCase):
|
class TestFakeIpGenerator(TestCase):
|
||||||
|
|
|
@ -4,11 +4,16 @@ from datetime import timedelta
|
||||||
|
|
||||||
from tqdm import tqdm
|
from tqdm import tqdm
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
|
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
|
||||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
PerformanceAnalyzer
|
||||||
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
MonkeyIslandClient
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser
|
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
|
||||||
|
SupportedRequestMethod
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
|
||||||
|
SampleFileParser
|
||||||
|
|
||||||
LOGGER = logging.getLogger(__name__)
|
LOGGER = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
|
EndpointPerformanceTest
|
||||||
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest
|
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
|
||||||
|
PerformanceTestConfig
|
||||||
|
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
|
||||||
|
TelemetryPerformanceTest
|
||||||
|
|
||||||
|
|
||||||
class TelemetryPerformanceTestWorkflow(BasicTest):
|
class TelemetryPerformanceTestWorkflow(BasicTest):
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||||
|
MonkeyIslandClient
|
||||||
|
|
||||||
machine_list = {
|
machine_list = {
|
||||||
"10.0.0.36": "centos_6",
|
"10.0.0.36": "centos_6",
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
import json
|
import json
|
||||||
import re
|
|
||||||
import urllib.request
|
|
||||||
import urllib.error
|
|
||||||
import logging
|
import logging
|
||||||
|
import re
|
||||||
__author__ = 'itay.mizeretz'
|
import urllib.error
|
||||||
|
import urllib.request
|
||||||
|
|
||||||
from common.cloud.environment_names import Environment
|
from common.cloud.environment_names import Environment
|
||||||
from common.cloud.instance import CloudInstance
|
from common.cloud.instance import CloudInstance
|
||||||
|
|
||||||
|
__author__ = 'itay.mizeretz'
|
||||||
|
|
||||||
|
|
||||||
AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254"
|
AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254"
|
||||||
AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS)
|
AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS)
|
||||||
ACCOUNT_ID_KEY = "accountId"
|
ACCOUNT_ID_KEY = "accountId"
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
from unittest import TestCase
|
|
||||||
from .aws_service import filter_instance_data_from_aws_response
|
|
||||||
|
|
||||||
import json
|
import json
|
||||||
|
from unittest import TestCase
|
||||||
|
|
||||||
|
from .aws_service import filter_instance_data_from_aws_response
|
||||||
|
|
||||||
__author__ = 'shay.nehmad'
|
__author__ = 'shay.nehmad'
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
|
|
||||||
from common.cloud.environment_names import Environment
|
from common.cloud.environment_names import Environment
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
|
|
||||||
from common.cloud.environment_names import Environment
|
from common.cloud.environment_names import Environment
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
import time
|
|
||||||
import logging
|
import logging
|
||||||
|
import time
|
||||||
from abc import abstractmethod
|
from abc import abstractmethod
|
||||||
|
|
||||||
from common.cmd.cmd import Cmd
|
from common.cmd.cmd import Cmd
|
||||||
|
|
|
@ -5,3 +5,4 @@ POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION = "Modify shell startup file"
|
||||||
POST_BREACH_HIDDEN_FILES = "Hide files and directories"
|
POST_BREACH_HIDDEN_FILES = "Hide files and directories"
|
||||||
POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received"
|
POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received"
|
||||||
POST_BREACH_SETUID_SETGID = "Setuid and Setgid"
|
POST_BREACH_SETUID_SETGID = "Setuid and Setgid"
|
||||||
|
POST_BREACH_JOB_SCHEDULING = "Schedule jobs"
|
||||||
|
|
|
@ -57,7 +57,7 @@ PRINCIPLES = {
|
||||||
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
|
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
|
||||||
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
|
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
|
||||||
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
|
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
|
||||||
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandetory "
|
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandatory "
|
||||||
"Access Control) only.",
|
"Access Control) only.",
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
|
import ipaddress
|
||||||
|
import logging
|
||||||
import random
|
import random
|
||||||
import socket
|
import socket
|
||||||
import struct
|
import struct
|
||||||
from abc import ABCMeta, abstractmethod
|
from abc import ABCMeta, abstractmethod
|
||||||
|
|
||||||
import ipaddress
|
|
||||||
import logging
|
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
if sys.platform == 'win32':
|
if sys.platform == 'win32':
|
||||||
import win32com
|
import win32com
|
||||||
import wmi
|
import wmi
|
||||||
|
@ -24,7 +25,7 @@ class MongoUtils:
|
||||||
return o
|
return o
|
||||||
|
|
||||||
elif isinstance(o, str):
|
elif isinstance(o, str):
|
||||||
# mongo dosn't like unprintable chars, so we use repr :/
|
# mongo doesn't like unprintable chars, so we use repr :/
|
||||||
return repr(o)
|
return repr(o)
|
||||||
|
|
||||||
elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object:
|
elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object:
|
||||||
|
@ -32,7 +33,7 @@ class MongoUtils:
|
||||||
|
|
||||||
elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch:
|
elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch:
|
||||||
try:
|
try:
|
||||||
# objectSid property of ds_user is problematic and need thie special treatment.
|
# objectSid property of ds_user is problematic and need this special treatment.
|
||||||
# ISWbemObjectEx interface. Class Uint8Array ?
|
# ISWbemObjectEx interface. Class Uint8Array ?
|
||||||
if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}":
|
if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}":
|
||||||
return o.Value
|
return o.Value
|
||||||
|
|
|
@ -8,14 +8,15 @@ from requests.exceptions import ConnectionError
|
||||||
|
|
||||||
import infection_monkey.monkeyfs as monkeyfs
|
import infection_monkey.monkeyfs as monkeyfs
|
||||||
import infection_monkey.tunnel as tunnel
|
import infection_monkey.tunnel as tunnel
|
||||||
from infection_monkey.config import WormConfiguration, GUID
|
from infection_monkey.config import GUID, WormConfiguration
|
||||||
from infection_monkey.network.info import local_ips, check_internet_access
|
from infection_monkey.network.info import check_internet_access, local_ips
|
||||||
from infection_monkey.transport.http import HTTPConnectProxy
|
from infection_monkey.transport.http import HTTPConnectProxy
|
||||||
from infection_monkey.transport.tcp import TcpProxy
|
from infection_monkey.transport.tcp import TcpProxy
|
||||||
|
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
|
||||||
|
PlannedShutdownException
|
||||||
|
|
||||||
__author__ = 'hoffer'
|
__author__ = 'hoffer'
|
||||||
|
|
||||||
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
|
|
||||||
|
|
||||||
requests.packages.urllib3.disable_warnings()
|
requests.packages.urllib3.disable_warnings()
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import argparse
|
import argparse
|
||||||
import ctypes
|
import ctypes
|
||||||
|
import filecmp
|
||||||
import logging
|
import logging
|
||||||
import os
|
import os
|
||||||
import pprint
|
import pprint
|
||||||
|
@ -9,13 +10,15 @@ import sys
|
||||||
import time
|
import time
|
||||||
from ctypes import c_char_p
|
from ctypes import c_char_p
|
||||||
|
|
||||||
import filecmp
|
|
||||||
from infection_monkey.config import WormConfiguration
|
|
||||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
|
|
||||||
from infection_monkey.model import MONKEY_CMDLINE_WINDOWS, MONKEY_CMDLINE_LINUX, GENERAL_CMDLINE_LINUX
|
|
||||||
from infection_monkey.system_info import SystemInfoCollector, OperatingSystem
|
|
||||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
|
||||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||||
|
from infection_monkey.config import WormConfiguration
|
||||||
|
from infection_monkey.exploit.tools.helpers import \
|
||||||
|
build_monkey_commandline_explicitly
|
||||||
|
from infection_monkey.model import (GENERAL_CMDLINE_LINUX,
|
||||||
|
MONKEY_CMDLINE_LINUX,
|
||||||
|
MONKEY_CMDLINE_WINDOWS)
|
||||||
|
from infection_monkey.system_info import OperatingSystem, SystemInfoCollector
|
||||||
|
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||||
|
|
||||||
if "win32" == sys.platform:
|
if "win32" == sys.platform:
|
||||||
from win32process import DETACHED_PROCESS
|
from win32process import DETACHED_PROCESS
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
from abc import abstractmethod
|
from abc import abstractmethod
|
||||||
|
|
||||||
from infection_monkey.config import WormConfiguration
|
|
||||||
from common.utils.exploit_enum import ExploitType
|
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
||||||
from infection_monkey.utils.plugins.plugin import Plugin
|
|
||||||
import infection_monkey.exploit
|
import infection_monkey.exploit
|
||||||
|
from common.utils.exploit_enum import ExploitType
|
||||||
|
from infection_monkey.config import WormConfiguration
|
||||||
|
from infection_monkey.utils.plugins.plugin import Plugin
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
|
|
|
@ -6,17 +6,19 @@
|
||||||
|
|
||||||
import json
|
import json
|
||||||
import logging
|
import logging
|
||||||
import requests
|
|
||||||
from infection_monkey.exploit.web_rce import WebRCE
|
|
||||||
from infection_monkey.model import WGET_HTTP_UPLOAD, BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX, \
|
|
||||||
DOWNLOAD_TIMEOUT
|
|
||||||
from infection_monkey.network.elasticfinger import ES_PORT
|
|
||||||
from common.data.network_consts import ES_SERVICE
|
|
||||||
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
|
||||||
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
|
|
||||||
|
|
||||||
import re
|
import re
|
||||||
|
|
||||||
|
import requests
|
||||||
|
|
||||||
|
from common.data.network_consts import ES_SERVICE
|
||||||
|
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
|
||||||
|
from infection_monkey.exploit.web_rce import WebRCE
|
||||||
|
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
|
||||||
|
CMD_PREFIX, DOWNLOAD_TIMEOUT, ID_STRING,
|
||||||
|
WGET_HTTP_UPLOAD)
|
||||||
|
from infection_monkey.network.elasticfinger import ES_PORT
|
||||||
|
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
||||||
|
|
||||||
__author__ = 'danielg, VakarisZ'
|
__author__ = 'danielg, VakarisZ'
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
|
@ -3,17 +3,21 @@
|
||||||
Implementation is based on code from https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn
|
Implementation is based on code from https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import requests
|
|
||||||
import json
|
import json
|
||||||
import random
|
|
||||||
import string
|
|
||||||
import logging
|
import logging
|
||||||
import posixpath
|
import posixpath
|
||||||
|
import random
|
||||||
|
import string
|
||||||
|
|
||||||
from infection_monkey.exploit.web_rce import WebRCE
|
import requests
|
||||||
|
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth)
|
||||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_monkey_depth
|
from infection_monkey.exploit.web_rce import WebRCE
|
||||||
from infection_monkey.model import MONKEY_ARG, ID_STRING, HADOOP_WINDOWS_COMMAND, HADOOP_LINUX_COMMAND
|
from infection_monkey.model import (HADOOP_LINUX_COMMAND,
|
||||||
|
HADOOP_WINDOWS_COMMAND, ID_STRING,
|
||||||
|
MONKEY_ARG)
|
||||||
|
|
||||||
__author__ = 'VakarisZ'
|
__author__ = 'VakarisZ'
|
||||||
|
|
||||||
|
|
|
@ -5,13 +5,16 @@ from time import sleep
|
||||||
|
|
||||||
import pymssql
|
import pymssql
|
||||||
|
|
||||||
|
from common.utils.exceptions import (ExploitingVulnerableMachineError,
|
||||||
|
FailedExploitationError)
|
||||||
from common.utils.exploit_enum import ExploitType
|
from common.utils.exploit_enum import ExploitType
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_monkey_dest_path)
|
||||||
from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer
|
from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer
|
||||||
from infection_monkey.exploit.tools.helpers import get_monkey_dest_path, build_monkey_commandline, get_monkey_depth
|
|
||||||
from infection_monkey.model import DROPPER_ARG
|
|
||||||
from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload
|
from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload
|
||||||
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
|
from infection_monkey.model import DROPPER_ARG
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -8,21 +8,27 @@ from io import BytesIO
|
||||||
import impacket.smbconnection
|
import impacket.smbconnection
|
||||||
from impacket.nmb import NetBIOSError
|
from impacket.nmb import NetBIOSError
|
||||||
from impacket.nt_errors import STATUS_SUCCESS
|
from impacket.nt_errors import STATUS_SUCCESS
|
||||||
from impacket.smb import FILE_OPEN, SMB_DIALECT, SMB, SMBCommand, SMBNtCreateAndX_Parameters, SMBNtCreateAndX_Data, \
|
from impacket.smb import (FILE_DIRECTORY_FILE, FILE_NON_DIRECTORY_FILE,
|
||||||
FILE_READ_DATA, FILE_SHARE_READ, FILE_NON_DIRECTORY_FILE, FILE_WRITE_DATA, FILE_DIRECTORY_FILE
|
FILE_OPEN, FILE_READ_DATA, FILE_SHARE_READ,
|
||||||
from impacket.smb import SessionError
|
FILE_WRITE_DATA, SMB, SMB_DIALECT, SessionError,
|
||||||
from impacket.smb3structs import SMB2_IL_IMPERSONATION, SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS, SMB2Create, \
|
SMBCommand, SMBNtCreateAndX_Data,
|
||||||
SMB2Packet, SMB2Create_Response, SMB2_OPLOCK_LEVEL_NONE
|
SMBNtCreateAndX_Parameters)
|
||||||
|
from impacket.smb3structs import (SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS,
|
||||||
|
SMB2_IL_IMPERSONATION,
|
||||||
|
SMB2_OPLOCK_LEVEL_NONE, SMB2Create,
|
||||||
|
SMB2Create_Response, SMB2Packet)
|
||||||
from impacket.smbconnection import SMBConnection
|
from impacket.smbconnection import SMBConnection
|
||||||
|
|
||||||
import infection_monkey.monkeyfs as monkeyfs
|
import infection_monkey.monkeyfs as monkeyfs
|
||||||
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey_by_os)
|
||||||
from infection_monkey.model import DROPPER_ARG
|
from infection_monkey.model import DROPPER_ARG
|
||||||
from infection_monkey.network.smbfinger import SMB_SERVICE
|
from infection_monkey.network.smbfinger import SMB_SERVICE
|
||||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_target_monkey_by_os, get_monkey_depth
|
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
from infection_monkey.pyinstaller_utils import get_binary_file_path
|
from infection_monkey.pyinstaller_utils import get_binary_file_path
|
||||||
from common.utils.attack_utils import ScanStatus
|
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||||
|
|
||||||
__author__ = 'itay.mizeretz'
|
__author__ = 'itay.mizeretz'
|
||||||
|
|
|
@ -8,10 +8,12 @@ import requests
|
||||||
|
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
|
||||||
from infection_monkey.model import DROPPER_ARG
|
|
||||||
from infection_monkey.exploit.shellshock_resources import CGI_FILES
|
from infection_monkey.exploit.shellshock_resources import CGI_FILES
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||||
|
from infection_monkey.model import DROPPER_ARG
|
||||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||||
|
|
||||||
__author__ = 'danielg'
|
__author__ = 'danielg'
|
||||||
|
@ -86,7 +88,7 @@ class ShellShockExploiter(HostExploiter):
|
||||||
LOG.info("SSH Skipping unknown os: %s", uname_os)
|
LOG.info("SSH Skipping unknown os: %s", uname_os)
|
||||||
return False
|
return False
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc)
|
LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
|
||||||
return False
|
return False
|
||||||
if not self.host.os.get('machine'):
|
if not self.host.os.get('machine'):
|
||||||
try:
|
try:
|
||||||
|
@ -95,7 +97,7 @@ class ShellShockExploiter(HostExploiter):
|
||||||
if '' != uname_machine:
|
if '' != uname_machine:
|
||||||
self.host.os['machine'] = uname_machine.lower().strip()
|
self.host.os['machine'] = uname_machine.lower().strip()
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc)
|
LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
# copy the monkey
|
# copy the monkey
|
||||||
|
|
|
@ -1,17 +1,21 @@
|
||||||
from logging import getLogger
|
from logging import getLogger
|
||||||
|
|
||||||
from impacket.dcerpc.v5 import transport, scmr
|
from impacket.dcerpc.v5 import scmr, transport
|
||||||
from impacket.smbconnection import SMB_DIALECT
|
from impacket.smbconnection import SMB_DIALECT
|
||||||
|
|
||||||
|
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||||
|
from common.utils.exploit_enum import ExploitType
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||||
from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS, VictimHost
|
from infection_monkey.model import (DROPPER_CMDLINE_DETACHED_WINDOWS,
|
||||||
|
MONKEY_CMDLINE_DETACHED_WINDOWS,
|
||||||
|
VictimHost)
|
||||||
from infection_monkey.network.smbfinger import SMBFinger
|
from infection_monkey.network.smbfinger import SMBFinger
|
||||||
from infection_monkey.network.tools import check_tcp_port
|
from infection_monkey.network.tools import check_tcp_port
|
||||||
from common.utils.exploit_enum import ExploitType
|
|
||||||
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
|
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
|
||||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
|
||||||
|
|
||||||
LOG = getLogger(__name__)
|
LOG = getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -5,13 +5,16 @@ import time
|
||||||
import paramiko
|
import paramiko
|
||||||
|
|
||||||
import infection_monkey.monkeyfs as monkeyfs
|
import infection_monkey.monkeyfs as monkeyfs
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
|
||||||
from infection_monkey.model import MONKEY_ARG
|
|
||||||
from infection_monkey.network.tools import check_tcp_port, get_interface_to_target
|
|
||||||
from common.utils.exceptions import FailedExploitationError
|
from common.utils.exceptions import FailedExploitationError
|
||||||
from common.utils.exploit_enum import ExploitType
|
from common.utils.exploit_enum import ExploitType
|
||||||
from common.utils.attack_utils import ScanStatus
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
|
from infection_monkey.model import MONKEY_ARG
|
||||||
|
from infection_monkey.network.tools import (check_tcp_port,
|
||||||
|
get_interface_to_target)
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||||
|
|
||||||
|
@ -129,7 +132,7 @@ class SSHExploiter(HostExploiter):
|
||||||
LOG.info("SSH Skipping unknown os: %s", uname_os)
|
LOG.info("SSH Skipping unknown os: %s", uname_os)
|
||||||
return False
|
return False
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc)
|
LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
if not self.host.os.get('machine'):
|
if not self.host.os.get('machine'):
|
||||||
|
@ -139,7 +142,7 @@ class SSHExploiter(HostExploiter):
|
||||||
if '' != uname_machine:
|
if '' != uname_machine:
|
||||||
self.host.os['machine'] = uname_machine
|
self.host.os['machine'] = uname_machine
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc)
|
LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
|
||||||
|
|
||||||
if self.skip_exist:
|
if self.skip_exist:
|
||||||
_, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux)
|
_, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux)
|
||||||
|
|
|
@ -11,10 +11,11 @@ def try_get_target_monkey(host):
|
||||||
|
|
||||||
|
|
||||||
def get_target_monkey(host):
|
def get_target_monkey(host):
|
||||||
from infection_monkey.control import ControlClient
|
|
||||||
import platform
|
import platform
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
|
from infection_monkey.control import ControlClient
|
||||||
|
|
||||||
if host.monkey_exe:
|
if host.monkey_exe:
|
||||||
return host.monkey_exe
|
return host.monkey_exe
|
||||||
|
|
||||||
|
|
|
@ -6,12 +6,12 @@ import urllib.parse
|
||||||
import urllib.request
|
import urllib.request
|
||||||
from threading import Lock
|
from threading import Lock
|
||||||
|
|
||||||
|
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
|
||||||
from infection_monkey.model import DOWNLOAD_TIMEOUT
|
from infection_monkey.model import DOWNLOAD_TIMEOUT
|
||||||
from infection_monkey.network.firewall import app as firewall
|
from infection_monkey.network.firewall import app as firewall
|
||||||
from infection_monkey.network.info import get_free_tcp_port
|
from infection_monkey.network.info import get_free_tcp_port
|
||||||
from infection_monkey.transport import HTTPServer, LockedHTTPServer
|
|
||||||
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
|
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
|
from infection_monkey.transport import HTTPServer, LockedHTTPServer
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
from unittest import TestCase
|
from unittest import TestCase
|
||||||
from .payload_parsing import Payload, LimitedSizePayload
|
|
||||||
|
from .payload_parsing import LimitedSizePayload, Payload
|
||||||
|
|
||||||
|
|
||||||
class TestPayload(TestCase):
|
class TestPayload(TestCase):
|
||||||
|
|
|
@ -2,16 +2,16 @@ import logging
|
||||||
import ntpath
|
import ntpath
|
||||||
import pprint
|
import pprint
|
||||||
|
|
||||||
from impacket.dcerpc.v5 import transport, srvs
|
from impacket.dcerpc.v5 import srvs, transport
|
||||||
from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
|
from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
|
||||||
from impacket.smbconnection import SMBConnection, SMB_DIALECT
|
from impacket.smbconnection import SMB_DIALECT, SMBConnection
|
||||||
|
|
||||||
import infection_monkey.config
|
import infection_monkey.config
|
||||||
import infection_monkey.monkeyfs as monkeyfs
|
import infection_monkey.monkeyfs as monkeyfs
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
|
||||||
from infection_monkey.config import Configuration
|
from infection_monkey.config import Configuration
|
||||||
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
|
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
import unittest
|
import unittest
|
||||||
|
|
||||||
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
|
from infection_monkey.exploit.tools.helpers import \
|
||||||
|
build_monkey_commandline_explicitly
|
||||||
|
|
||||||
|
|
||||||
class TestHelpers(unittest.TestCase):
|
class TestHelpers(unittest.TestCase):
|
||||||
|
|
|
@ -6,14 +6,16 @@
|
||||||
|
|
||||||
import socket
|
import socket
|
||||||
import time
|
import time
|
||||||
|
from logging import getLogger
|
||||||
|
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, build_monkey_commandline, get_monkey_depth
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||||
from infection_monkey.model import MONKEY_ARG, CHMOD_MONKEY, RUN_MONKEY, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT
|
from infection_monkey.model import (CHMOD_MONKEY, DOWNLOAD_TIMEOUT, MONKEY_ARG,
|
||||||
from logging import getLogger
|
RUN_MONKEY, WGET_HTTP_UPLOAD)
|
||||||
|
|
||||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||||
|
|
||||||
LOG = getLogger(__name__)
|
LOG = getLogger(__name__)
|
||||||
|
|
|
@ -1,16 +1,22 @@
|
||||||
import logging
|
import logging
|
||||||
import re
|
import re
|
||||||
from posixpath import join
|
|
||||||
from abc import abstractmethod
|
from abc import abstractmethod
|
||||||
|
from posixpath import join
|
||||||
|
|
||||||
|
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
from infection_monkey.exploit.tools.http_tools import HTTPTools
|
||||||
from infection_monkey.model import CHECK_COMMAND, ID_STRING, GET_ARCH_LINUX, GET_ARCH_WINDOWS, BITSADMIN_CMDLINE_HTTP, \
|
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
|
||||||
POWERSHELL_HTTP_UPLOAD, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT, CHMOD_MONKEY, RUN_MONKEY, MONKEY_ARG, DROPPER_ARG
|
CHMOD_MONKEY, DOWNLOAD_TIMEOUT,
|
||||||
|
DROPPER_ARG, GET_ARCH_LINUX,
|
||||||
|
GET_ARCH_WINDOWS, ID_STRING, MONKEY_ARG,
|
||||||
|
POWERSHELL_HTTP_UPLOAD, RUN_MONKEY,
|
||||||
|
WGET_HTTP_UPLOAD)
|
||||||
from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
|
from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
|
||||||
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
||||||
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
|
|
||||||
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
|
||||||
|
|
||||||
__author__ = 'VakarisZ'
|
__author__ = 'VakarisZ'
|
||||||
|
|
|
@ -1,16 +1,16 @@
|
||||||
import threading
|
|
||||||
import logging
|
|
||||||
import time
|
|
||||||
import copy
|
import copy
|
||||||
|
import logging
|
||||||
from requests import post, exceptions
|
import threading
|
||||||
|
import time
|
||||||
from infection_monkey.exploit.web_rce import WebRCE
|
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
|
||||||
from infection_monkey.network.info import get_free_tcp_port
|
|
||||||
from http.server import BaseHTTPRequestHandler, HTTPServer
|
from http.server import BaseHTTPRequestHandler, HTTPServer
|
||||||
|
|
||||||
|
from requests import exceptions, post
|
||||||
|
|
||||||
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
|
from infection_monkey.exploit.web_rce import WebRCE
|
||||||
|
from infection_monkey.network.info import get_free_tcp_port
|
||||||
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
|
|
||||||
__author__ = "VakarisZ"
|
__author__ = "VakarisZ"
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
|
@ -8,18 +8,21 @@
|
||||||
|
|
||||||
import socket
|
import socket
|
||||||
import time
|
import time
|
||||||
|
from enum import IntEnum
|
||||||
from logging import getLogger
|
from logging import getLogger
|
||||||
|
|
||||||
from enum import IntEnum
|
|
||||||
from impacket import uuid
|
from impacket import uuid
|
||||||
from impacket.dcerpc.v5 import transport
|
from impacket.dcerpc.v5 import transport
|
||||||
|
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||||
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
|
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
|
||||||
|
MONKEY_CMDLINE_WINDOWS)
|
||||||
from infection_monkey.network.smbfinger import SMBFinger
|
from infection_monkey.network.smbfinger import SMBFinger
|
||||||
from infection_monkey.network.tools import check_tcp_port
|
from infection_monkey.network.tools import check_tcp_port
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
|
||||||
|
|
||||||
LOG = getLogger(__name__)
|
LOG = getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -5,14 +5,16 @@ import traceback
|
||||||
|
|
||||||
from impacket.dcerpc.v5.rpcrt import DCERPCException
|
from impacket.dcerpc.v5.rpcrt import DCERPCException
|
||||||
|
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
|
||||||
from infection_monkey.exploit.tools.helpers import get_target_monkey, \
|
|
||||||
get_monkey_depth, build_monkey_commandline
|
|
||||||
from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException
|
|
||||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
|
||||||
from infection_monkey.exploit.tools.wmi_tools import WmiTools
|
|
||||||
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
|
|
||||||
from common.utils.exploit_enum import ExploitType
|
from common.utils.exploit_enum import ExploitType
|
||||||
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
|
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
|
||||||
|
get_monkey_depth,
|
||||||
|
get_target_monkey)
|
||||||
|
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||||
|
from infection_monkey.exploit.tools.wmi_tools import (AccessDeniedException,
|
||||||
|
WmiTools)
|
||||||
|
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
|
||||||
|
MONKEY_CMDLINE_WINDOWS)
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -7,14 +7,15 @@ import sys
|
||||||
import traceback
|
import traceback
|
||||||
from multiprocessing import freeze_support
|
from multiprocessing import freeze_support
|
||||||
|
|
||||||
from infection_monkey.utils.monkey_log_path import get_dropper_log_path, get_monkey_log_path
|
|
||||||
from infection_monkey.config import WormConfiguration, EXTERNAL_CONFIG_FILE
|
|
||||||
from infection_monkey.dropper import MonkeyDrops
|
|
||||||
from infection_monkey.model import MONKEY_ARG, DROPPER_ARG
|
|
||||||
from infection_monkey.monkey import InfectionMonkey
|
|
||||||
from common.version import get_version
|
|
||||||
# noinspection PyUnresolvedReferences
|
# noinspection PyUnresolvedReferences
|
||||||
import infection_monkey.post_breach # dummy import for pyinstaller
|
import infection_monkey.post_breach # dummy import for pyinstaller
|
||||||
|
from common.version import get_version
|
||||||
|
from infection_monkey.config import EXTERNAL_CONFIG_FILE, WormConfiguration
|
||||||
|
from infection_monkey.dropper import MonkeyDrops
|
||||||
|
from infection_monkey.model import DROPPER_ARG, MONKEY_ARG
|
||||||
|
from infection_monkey.monkey import InfectionMonkey
|
||||||
|
from infection_monkey.utils.monkey_log_path import (get_dropper_log_path,
|
||||||
|
get_monkey_log_path)
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
from unittest import TestCase
|
from unittest import TestCase
|
||||||
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
|
||||||
from common.network.network_range import CidrRange, SingleIpRange
|
from common.network.network_range import CidrRange, SingleIpRange
|
||||||
|
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
||||||
|
|
||||||
|
|
||||||
class VictimHostGeneratorTester(TestCase):
|
class VictimHostGeneratorTester(TestCase):
|
||||||
|
|
|
@ -6,34 +6,39 @@ import sys
|
||||||
import time
|
import time
|
||||||
|
|
||||||
import infection_monkey.tunnel as tunnel
|
import infection_monkey.tunnel as tunnel
|
||||||
from infection_monkey.network.HostFinger import HostFinger
|
from common.network.network_utils import get_host_from_network_location
|
||||||
from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
|
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||||
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
|
from common.utils.exceptions import (ExploitingVulnerableMachineError,
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
FailedExploitationError)
|
||||||
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
|
from common.version import get_version
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
from infection_monkey.control import ControlClient
|
from infection_monkey.control import ControlClient
|
||||||
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.model import DELAY_DELETE_CMD
|
from infection_monkey.model import DELAY_DELETE_CMD
|
||||||
from infection_monkey.network.firewall import app as firewall
|
from infection_monkey.network.firewall import app as firewall
|
||||||
|
from infection_monkey.network.HostFinger import HostFinger
|
||||||
from infection_monkey.network.network_scanner import NetworkScanner
|
from infection_monkey.network.network_scanner import NetworkScanner
|
||||||
|
from infection_monkey.network.tools import (get_interface_to_target,
|
||||||
|
is_running_on_server)
|
||||||
|
from infection_monkey.post_breach.post_breach_handler import PostBreach
|
||||||
from infection_monkey.system_info import SystemInfoCollector
|
from infection_monkey.system_info import SystemInfoCollector
|
||||||
from infection_monkey.system_singleton import SystemSingleton
|
from infection_monkey.system_singleton import SystemSingleton
|
||||||
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
|
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||||
from infection_monkey.telemetry.attack.t1107_telem import T1107Telem
|
from infection_monkey.telemetry.attack.t1107_telem import T1107Telem
|
||||||
|
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
|
||||||
from infection_monkey.telemetry.scan_telem import ScanTelem
|
from infection_monkey.telemetry.scan_telem import ScanTelem
|
||||||
from infection_monkey.telemetry.state_telem import StateTelem
|
from infection_monkey.telemetry.state_telem import StateTelem
|
||||||
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
||||||
from infection_monkey.telemetry.trace_telem import TraceTelem
|
from infection_monkey.telemetry.trace_telem import TraceTelem
|
||||||
from infection_monkey.telemetry.tunnel_telem import TunnelTelem
|
from infection_monkey.telemetry.tunnel_telem import TunnelTelem
|
||||||
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
|
||||||
|
PlannedShutdownException
|
||||||
|
from infection_monkey.utils.monkey_dir import (create_monkey_dir,
|
||||||
|
get_monkey_dir_path,
|
||||||
|
remove_monkey_dir)
|
||||||
|
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
|
||||||
from infection_monkey.windows_upgrader import WindowsUpgrader
|
from infection_monkey.windows_upgrader import WindowsUpgrader
|
||||||
from infection_monkey.post_breach.post_breach_handler import PostBreach
|
|
||||||
from infection_monkey.network.tools import get_interface_to_target, is_running_on_server
|
|
||||||
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
|
|
||||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
|
||||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
|
||||||
from common.version import get_version
|
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
|
||||||
from common.network.network_utils import get_host_from_network_location
|
|
||||||
|
|
||||||
MAX_DEPTH_REACHED_MESSAGE = "Reached max depth, shutting down"
|
MAX_DEPTH_REACHED_MESSAGE = "Reached max depth, shutting down"
|
||||||
|
|
||||||
|
@ -290,7 +295,8 @@ class InfectionMonkey(object):
|
||||||
try:
|
try:
|
||||||
status = None
|
status = None
|
||||||
if "win32" == sys.platform:
|
if "win32" == sys.platform:
|
||||||
from subprocess import SW_HIDE, STARTF_USESHOWWINDOW, CREATE_NEW_CONSOLE
|
from subprocess import (CREATE_NEW_CONSOLE,
|
||||||
|
STARTF_USESHOWWINDOW, SW_HIDE)
|
||||||
startupinfo = subprocess.STARTUPINFO()
|
startupinfo = subprocess.STARTUPINFO()
|
||||||
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
|
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
|
||||||
startupinfo.wShowWindow = SW_HIDE
|
startupinfo.wShowWindow = SW_HIDE
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
from io import BytesIO
|
|
||||||
import os
|
import os
|
||||||
|
from io import BytesIO
|
||||||
|
|
||||||
__author__ = 'hoffer'
|
__author__ = 'hoffer'
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
from abc import abstractmethod
|
from abc import abstractmethod
|
||||||
|
|
||||||
|
import infection_monkey.network
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
from infection_monkey.utils.plugins.plugin import Plugin
|
from infection_monkey.utils.plugins.plugin import Plugin
|
||||||
import infection_monkey.network
|
|
||||||
|
|
||||||
|
|
||||||
class HostFinger(Plugin):
|
class HostFinger(Plugin):
|
||||||
|
|
|
@ -3,11 +3,11 @@ import logging
|
||||||
from contextlib import closing
|
from contextlib import closing
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
from requests.exceptions import Timeout, ConnectionError
|
from requests.exceptions import ConnectionError, Timeout
|
||||||
|
|
||||||
import infection_monkey.config
|
import infection_monkey.config
|
||||||
from infection_monkey.network.HostFinger import HostFinger
|
|
||||||
from common.data.network_consts import ES_SERVICE
|
from common.data.network_consts import ES_SERVICE
|
||||||
|
from infection_monkey.network.HostFinger import HostFinger
|
||||||
|
|
||||||
ES_PORT = 9200
|
ES_PORT = 9200
|
||||||
ES_HTTP_TIMEOUT = 5
|
ES_HTTP_TIMEOUT = 5
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
|
import platform
|
||||||
import subprocess
|
import subprocess
|
||||||
import sys
|
import sys
|
||||||
import platform
|
|
||||||
|
|
||||||
|
|
||||||
def _run_netsh_cmd(command, args):
|
def _run_netsh_cmd(command, args):
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
|
import logging
|
||||||
|
|
||||||
import infection_monkey.config
|
import infection_monkey.config
|
||||||
from infection_monkey.network.HostFinger import HostFinger
|
from infection_monkey.network.HostFinger import HostFinger
|
||||||
import logging
|
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -20,10 +21,11 @@ class HTTPFinger(HostFinger):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
def get_host_fingerprint(self, host):
|
def get_host_fingerprint(self, host):
|
||||||
from requests import head
|
|
||||||
from requests.exceptions import Timeout, ConnectionError
|
|
||||||
from contextlib import closing
|
from contextlib import closing
|
||||||
|
|
||||||
|
from requests import head
|
||||||
|
from requests.exceptions import ConnectionError, Timeout
|
||||||
|
|
||||||
for port in self.HTTP:
|
for port in self.HTTP:
|
||||||
# check both http and https
|
# check both http and https
|
||||||
http = "http://" + host.ip_addr + ":" + port[1]
|
http = "http://" + host.ip_addr + ":" + port[1]
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
import socket
|
|
||||||
import struct
|
|
||||||
import psutil
|
|
||||||
import ipaddress
|
import ipaddress
|
||||||
import itertools
|
import itertools
|
||||||
import netifaces
|
import socket
|
||||||
from subprocess import check_output
|
import struct
|
||||||
from random import randint
|
from random import randint
|
||||||
|
from subprocess import check_output
|
||||||
|
|
||||||
|
import netifaces
|
||||||
|
import psutil
|
||||||
import requests
|
import requests
|
||||||
from requests import ConnectionError
|
from requests import ConnectionError
|
||||||
|
|
||||||
|
|
|
@ -2,8 +2,8 @@ import errno
|
||||||
import logging
|
import logging
|
||||||
import socket
|
import socket
|
||||||
|
|
||||||
from infection_monkey.network.HostFinger import HostFinger
|
|
||||||
import infection_monkey.config
|
import infection_monkey.config
|
||||||
|
from infection_monkey.network.HostFinger import HostFinger
|
||||||
|
|
||||||
__author__ = 'Maor Rayzin'
|
__author__ = 'Maor Rayzin'
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,8 @@ import socket
|
||||||
|
|
||||||
import infection_monkey.config
|
import infection_monkey.config
|
||||||
from infection_monkey.network.HostFinger import HostFinger
|
from infection_monkey.network.HostFinger import HostFinger
|
||||||
from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string
|
from infection_monkey.network.tools import (struct_unpack_tracker,
|
||||||
|
struct_unpack_tracker_string)
|
||||||
|
|
||||||
MYSQL_PORT = 3306
|
MYSQL_PORT = 3306
|
||||||
SQL_SERVICE = 'mysqld-3306'
|
SQL_SERVICE = 'mysqld-3306'
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
import time
|
|
||||||
import logging
|
import logging
|
||||||
|
import time
|
||||||
from multiprocessing.dummy import Pool
|
from multiprocessing.dummy import Pool
|
||||||
|
|
||||||
from common.network.network_range import NetworkRange
|
from common.network.network_range import NetworkRange
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
from infection_monkey.model.victim_host_generator import VictimHostGenerator
|
||||||
from infection_monkey.network.info import local_ips, get_interfaces_ranges
|
from infection_monkey.network.info import get_interfaces_ranges, local_ips
|
||||||
from infection_monkey.network.tcp_scanner import TcpScanner
|
|
||||||
from infection_monkey.network.ping_scanner import PingScanner
|
from infection_monkey.network.ping_scanner import PingScanner
|
||||||
|
from infection_monkey.network.tcp_scanner import TcpScanner
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
|
import logging
|
||||||
import socket
|
import socket
|
||||||
import struct
|
import struct
|
||||||
import logging
|
|
||||||
from odict import odict
|
from odict import odict
|
||||||
|
|
||||||
from infection_monkey.network.HostFinger import HostFinger
|
from infection_monkey.network.HostFinger import HostFinger
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
import logging
|
import logging
|
||||||
import sys
|
import re
|
||||||
import subprocess
|
|
||||||
import select
|
import select
|
||||||
import socket
|
import socket
|
||||||
import struct
|
import struct
|
||||||
|
import subprocess
|
||||||
|
import sys
|
||||||
import time
|
import time
|
||||||
import re
|
|
||||||
|
|
||||||
from infection_monkey.network.info import get_routes, local_ips
|
from infection_monkey.network.info import get_routes, local_ips
|
||||||
from infection_monkey.pyinstaller_utils import get_binary_file_path
|
from infection_monkey.pyinstaller_utils import get_binary_file_path
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
from common.data.post_breach_consts import POST_BREACH_BACKDOOR_USER
|
from common.data.post_breach_consts import POST_BREACH_BACKDOOR_USER
|
||||||
from infection_monkey.post_breach.pba import PBA
|
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
|
from infection_monkey.post_breach.pba import PBA
|
||||||
from infection_monkey.utils.users import get_commands_to_add_user
|
from infection_monkey.utils.users import get_commands_to_add_user
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
from common.data.post_breach_consts import POST_BREACH_SETUID_SETGID
|
from common.data.post_breach_consts import POST_BREACH_SETUID_SETGID
|
||||||
from infection_monkey.post_breach.pba import PBA
|
from infection_monkey.post_breach.pba import PBA
|
||||||
from infection_monkey.post_breach.setuid_setgid.setuid_setgid import\
|
from infection_monkey.post_breach.setuid_setgid.setuid_setgid import \
|
||||||
get_commands_to_change_setuid_setgid
|
get_commands_to_change_setuid_setgid
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
|
|
|
@ -3,12 +3,12 @@ import random
|
||||||
import string
|
import string
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
from infection_monkey.utils.new_user_error import NewUserError
|
|
||||||
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
|
|
||||||
from common.data.post_breach_consts import POST_BREACH_COMMUNICATE_AS_NEW_USER
|
from common.data.post_breach_consts import POST_BREACH_COMMUNICATE_AS_NEW_USER
|
||||||
from infection_monkey.post_breach.pba import PBA
|
from infection_monkey.post_breach.pba import PBA
|
||||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||||
|
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
from infection_monkey.utils.new_user_error import NewUserError
|
||||||
|
|
||||||
INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/"
|
INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/"
|
||||||
|
|
||||||
|
|
|
@ -1,13 +1,11 @@
|
||||||
from common.data.post_breach_consts import POST_BREACH_HIDDEN_FILES
|
from common.data.post_breach_consts import POST_BREACH_HIDDEN_FILES
|
||||||
from infection_monkey.post_breach.pba import PBA
|
from infection_monkey.post_breach.pba import PBA
|
||||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||||
from infection_monkey.utils.hidden_files import\
|
|
||||||
get_commands_to_hide_files,\
|
|
||||||
get_commands_to_hide_folders,\
|
|
||||||
cleanup_hidden_files,\
|
|
||||||
get_winAPI_to_hide_files
|
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
from infection_monkey.utils.hidden_files import (cleanup_hidden_files,
|
||||||
|
get_commands_to_hide_files,
|
||||||
|
get_commands_to_hide_folders,
|
||||||
|
get_winAPI_to_hide_files)
|
||||||
|
|
||||||
HIDDEN_FSO_CREATION_COMMANDS = [get_commands_to_hide_files,
|
HIDDEN_FSO_CREATION_COMMANDS = [get_commands_to_hide_files,
|
||||||
get_commands_to_hide_folders]
|
get_commands_to_hide_folders]
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
from common.data.post_breach_consts import POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
|
from common.data.post_breach_consts import \
|
||||||
|
POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
|
||||||
from infection_monkey.post_breach.pba import PBA
|
from infection_monkey.post_breach.pba import PBA
|
||||||
from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import\
|
from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import \
|
||||||
get_commands_to_modify_shell_startup_files
|
get_commands_to_modify_shell_startup_files
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
from common.data.post_breach_consts import POST_BREACH_JOB_SCHEDULING
|
||||||
|
from infection_monkey.post_breach.job_scheduling.job_scheduling import (
|
||||||
|
get_commands_to_schedule_jobs, remove_scheduled_jobs)
|
||||||
|
from infection_monkey.post_breach.pba import PBA
|
||||||
|
|
||||||
|
|
||||||
|
class ScheduleJobs(PBA):
|
||||||
|
"""
|
||||||
|
This PBA attempts to schedule jobs on the system.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
linux_cmds, windows_cmds = get_commands_to_schedule_jobs()
|
||||||
|
|
||||||
|
super(ScheduleJobs, self).__init__(name=POST_BREACH_JOB_SCHEDULING,
|
||||||
|
linux_cmd=' '.join(linux_cmds),
|
||||||
|
windows_cmd=windows_cmds)
|
||||||
|
|
||||||
|
remove_scheduled_jobs()
|
|
@ -1,6 +1,6 @@
|
||||||
from common.data.post_breach_consts import POST_BREACH_TRAP_COMMAND
|
from common.data.post_breach_consts import POST_BREACH_TRAP_COMMAND
|
||||||
from infection_monkey.post_breach.pba import PBA
|
from infection_monkey.post_breach.pba import PBA
|
||||||
from infection_monkey.post_breach.trap_command.trap_command import\
|
from infection_monkey.post_breach.trap_command.trap_command import \
|
||||||
get_trap_commands
|
get_trap_commands
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
import os
|
|
||||||
import logging
|
import logging
|
||||||
|
import os
|
||||||
|
|
||||||
from common.data.post_breach_consts import POST_BREACH_FILE_EXECUTION
|
from common.data.post_breach_consts import POST_BREACH_FILE_EXECUTION
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
|
||||||
from infection_monkey.post_breach.pba import PBA
|
|
||||||
from infection_monkey.control import ControlClient
|
|
||||||
from infection_monkey.config import WormConfiguration
|
|
||||||
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
|
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
|
from infection_monkey.config import WormConfiguration
|
||||||
|
from infection_monkey.control import ControlClient
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
|
from infection_monkey.post_breach.pba import PBA
|
||||||
|
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||||
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
from infection_monkey.post_breach.job_scheduling.linux_job_scheduling import \
|
||||||
|
get_linux_commands_to_schedule_jobs
|
||||||
|
from infection_monkey.post_breach.job_scheduling.windows_job_scheduling import (
|
||||||
|
get_windows_commands_to_remove_scheduled_jobs,
|
||||||
|
get_windows_commands_to_schedule_jobs)
|
||||||
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
|
|
||||||
|
def get_commands_to_schedule_jobs():
|
||||||
|
linux_cmds = get_linux_commands_to_schedule_jobs()
|
||||||
|
windows_cmds = get_windows_commands_to_schedule_jobs()
|
||||||
|
return linux_cmds, windows_cmds
|
||||||
|
|
||||||
|
|
||||||
|
def remove_scheduled_jobs():
|
||||||
|
if is_windows_os():
|
||||||
|
subprocess.run(get_windows_commands_to_remove_scheduled_jobs(), shell=True) # noqa: DUO116
|
|
@ -0,0 +1,12 @@
|
||||||
|
TEMP_CRON = "$HOME/monkey-schedule-jobs"
|
||||||
|
|
||||||
|
|
||||||
|
def get_linux_commands_to_schedule_jobs():
|
||||||
|
return [
|
||||||
|
f'touch {TEMP_CRON} &&',
|
||||||
|
f'crontab -l > {TEMP_CRON} &&',
|
||||||
|
'echo \"# Successfully scheduled a job using crontab\" |',
|
||||||
|
f'tee -a {TEMP_CRON} &&',
|
||||||
|
f'crontab {TEMP_CRON} ;',
|
||||||
|
f'rm {TEMP_CRON}'
|
||||||
|
]
|
|
@ -0,0 +1,12 @@
|
||||||
|
SCHEDULED_TASK_NAME = 'monkey-spawn-cmd'
|
||||||
|
SCHEDULED_TASK_COMMAND = 'C:\windows\system32\cmd.exe'
|
||||||
|
|
||||||
|
# Commands from: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md
|
||||||
|
|
||||||
|
|
||||||
|
def get_windows_commands_to_schedule_jobs():
|
||||||
|
return f'schtasks /Create /SC monthly /TN {SCHEDULED_TASK_NAME} /TR {SCHEDULED_TASK_COMMAND}'
|
||||||
|
|
||||||
|
|
||||||
|
def get_windows_commands_to_remove_scheduled_jobs():
|
||||||
|
return f'schtasks /Delete /TN {SCHEDULED_TASK_NAME} /F > nul 2>&1'
|
|
@ -1,13 +1,14 @@
|
||||||
import logging
|
import logging
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
|
import infection_monkey.post_breach.actions
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
|
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
|
||||||
|
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||||
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
from infection_monkey.utils.plugins.plugin import Plugin
|
from infection_monkey.utils.plugins.plugin import Plugin
|
||||||
import infection_monkey.post_breach.actions
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
__author__ = 'VakarisZ'
|
__author__ = 'VakarisZ'
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
import logging
|
import logging
|
||||||
from typing import Sequence
|
from typing import Sequence
|
||||||
|
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
|
||||||
from infection_monkey.post_breach.pba import PBA
|
from infection_monkey.post_breach.pba import PBA
|
||||||
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from infection_monkey.post_breach.setuid_setgid.linux_setuid_setgid import\
|
from infection_monkey.post_breach.setuid_setgid.linux_setuid_setgid import \
|
||||||
get_linux_commands_to_setuid_setgid
|
get_linux_commands_to_setuid_setgid
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
from infection_monkey.post_breach.shell_startup_files.linux.shell_startup_files_modification import\
|
from infection_monkey.post_breach.shell_startup_files.linux.shell_startup_files_modification import \
|
||||||
get_linux_commands_to_modify_shell_startup_files
|
get_linux_commands_to_modify_shell_startup_files
|
||||||
from infection_monkey.post_breach.shell_startup_files.windows.shell_startup_files_modification import\
|
from infection_monkey.post_breach.shell_startup_files.windows.shell_startup_files_modification import \
|
||||||
get_windows_commands_to_modify_shell_startup_files
|
get_windows_commands_to_modify_shell_startup_files
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from infection_monkey.post_breach.trap_command.linux_trap_command import\
|
from infection_monkey.post_breach.trap_command.linux_trap_command import \
|
||||||
get_linux_trap_commands
|
get_linux_trap_commands
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||||
|
|
||||||
hiddenimports = collect_submodules('infection_monkey.exploit')
|
hiddenimports = collect_submodules('infection_monkey.exploit')
|
||||||
datas = (collect_data_files('infection_monkey.exploit', include_py_files=True))
|
datas = (collect_data_files('infection_monkey.exploit', include_py_files=True))
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||||
|
|
||||||
hiddenimports = collect_submodules('infection_monkey.network')
|
hiddenimports = collect_submodules('infection_monkey.network')
|
||||||
datas = (collect_data_files('infection_monkey.network', include_py_files=True))
|
datas = (collect_data_files('infection_monkey.network', include_py_files=True))
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||||
|
|
||||||
# Import all actions as modules
|
# Import all actions as modules
|
||||||
hiddenimports = collect_submodules('infection_monkey.post_breach.actions')
|
hiddenimports = collect_submodules('infection_monkey.post_breach.actions')
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
|
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
|
||||||
|
|
||||||
# Import all actions as modules
|
# Import all actions as modules
|
||||||
hiddenimports = collect_submodules('infection_monkey.system_info.collectors')
|
hiddenimports = collect_submodules('infection_monkey.system_info.collectors')
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import logging
|
|
||||||
import pwd
|
|
||||||
import os
|
|
||||||
import glob
|
import glob
|
||||||
|
import logging
|
||||||
|
import os
|
||||||
|
import pwd
|
||||||
|
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem
|
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem
|
||||||
|
|
|
@ -1,13 +1,14 @@
|
||||||
import logging
|
import logging
|
||||||
import sys
|
import sys
|
||||||
|
from enum import IntEnum
|
||||||
|
|
||||||
import psutil
|
import psutil
|
||||||
from enum import IntEnum
|
|
||||||
|
|
||||||
from infection_monkey.network.info import get_host_subnets
|
from infection_monkey.network.info import get_host_subnets
|
||||||
from infection_monkey.system_info.azure_cred_collector import AzureCollector
|
from infection_monkey.system_info.azure_cred_collector import AzureCollector
|
||||||
from infection_monkey.system_info.netstat_collector import NetstatCollector
|
from infection_monkey.system_info.netstat_collector import NetstatCollector
|
||||||
from infection_monkey.system_info.system_info_collectors_handler import SystemInfoCollectorsHandler
|
from infection_monkey.system_info.system_info_collectors_handler import \
|
||||||
|
SystemInfoCollectorsHandler
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
import sys
|
import glob
|
||||||
|
import json
|
||||||
import logging
|
import logging
|
||||||
import os.path
|
import os.path
|
||||||
import json
|
|
||||||
import glob
|
|
||||||
import subprocess
|
import subprocess
|
||||||
|
import sys
|
||||||
|
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem
|
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem
|
||||||
|
|
|
@ -2,8 +2,8 @@ import logging
|
||||||
|
|
||||||
from common.cloud.aws.aws_instance import AwsInstance
|
from common.cloud.aws.aws_instance import AwsInstance
|
||||||
from common.data.system_info_collectors_names import AWS_COLLECTOR
|
from common.data.system_info_collectors_names import AWS_COLLECTOR
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
from infection_monkey.system_info.system_info_collector import \
|
||||||
|
SystemInfoCollector
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
from common.cloud.all_instances import get_all_cloud_instances
|
from common.cloud.all_instances import get_all_cloud_instances
|
||||||
from common.cloud.environment_names import Environment
|
from common.cloud.environment_names import Environment
|
||||||
from common.data.system_info_collectors_names import ENVIRONMENT_COLLECTOR
|
from common.data.system_info_collectors_names import ENVIRONMENT_COLLECTOR
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
from infection_monkey.system_info.system_info_collector import \
|
||||||
|
SystemInfoCollector
|
||||||
|
|
||||||
|
|
||||||
def get_monkey_environment() -> str:
|
def get_monkey_environment() -> str:
|
||||||
|
|
|
@ -2,8 +2,8 @@ import logging
|
||||||
import socket
|
import socket
|
||||||
|
|
||||||
from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR
|
from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
from infection_monkey.system_info.system_info_collector import \
|
||||||
|
SystemInfoCollector
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
import psutil
|
import psutil
|
||||||
|
|
||||||
from common.data.system_info_collectors_names import PROCESS_LIST_COLLECTOR
|
from common.data.system_info_collectors_names import PROCESS_LIST_COLLECTOR
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
from infection_monkey.system_info.system_info_collector import \
|
||||||
|
SystemInfoCollector
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
# Inspired by Giampaolo Rodola's psutil example from https://github.com/giampaolo/psutil/blob/master/scripts/netstat.py
|
# Inspired by Giampaolo Rodola's psutil example from https://github.com/giampaolo/psutil/blob/master/scripts/netstat.py
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
import psutil
|
|
||||||
import socket
|
import socket
|
||||||
|
from socket import AF_INET, SOCK_DGRAM, SOCK_STREAM
|
||||||
|
|
||||||
from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM
|
import psutil
|
||||||
|
|
||||||
__author__ = 'itay.mizeretz'
|
__author__ = 'itay.mizeretz'
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
from infection_monkey.config import WormConfiguration
|
|
||||||
from infection_monkey.utils.plugins.plugin import Plugin
|
|
||||||
from abc import ABCMeta, abstractmethod
|
from abc import ABCMeta, abstractmethod
|
||||||
|
|
||||||
import infection_monkey.system_info.collectors
|
import infection_monkey.system_info.collectors
|
||||||
|
from infection_monkey.config import WormConfiguration
|
||||||
|
from infection_monkey.utils.plugins.plugin import Plugin
|
||||||
|
|
||||||
|
|
||||||
class SystemInfoCollector(Plugin, metaclass=ABCMeta):
|
class SystemInfoCollector(Plugin, metaclass=ABCMeta):
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
import logging
|
import logging
|
||||||
from typing import Sequence
|
from typing import Sequence
|
||||||
|
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
from infection_monkey.system_info.system_info_collector import \
|
||||||
|
SystemInfoCollector
|
||||||
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
import logging
|
import logging
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
from infection_monkey.system_info.windows_cred_collector import pypykatz_handler
|
from infection_monkey.system_info.windows_cred_collector import \
|
||||||
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials
|
pypykatz_handler
|
||||||
|
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
|
||||||
|
WindowsCredentials
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
import binascii
|
import binascii
|
||||||
from typing import Dict, List, NewType, Any
|
from typing import Any, Dict, List, NewType
|
||||||
|
|
||||||
from pypykatz.pypykatz import pypykatz
|
from pypykatz.pypykatz import pypykatz
|
||||||
|
|
||||||
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials
|
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
|
||||||
|
WindowsCredentials
|
||||||
|
|
||||||
CREDENTIAL_TYPES = ['msv_creds', 'wdigest_creds', 'ssp_creds', 'livessp_creds', 'dpapi_creds',
|
CREDENTIAL_TYPES = ['msv_creds', 'wdigest_creds', 'ssp_creds', 'livessp_creds', 'dpapi_creds',
|
||||||
'kerberos_creds', 'credman_creds', 'tspkg_creds']
|
'kerberos_creds', 'credman_creds', 'tspkg_creds']
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
from unittest import TestCase
|
from unittest import TestCase
|
||||||
|
|
||||||
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import _get_creds_from_pypykatz_session
|
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import \
|
||||||
|
_get_creds_from_pypykatz_session
|
||||||
|
|
||||||
|
|
||||||
class TestPypykatzHandler(TestCase):
|
class TestPypykatzHandler(TestCase):
|
||||||
|
|
|
@ -1,18 +1,19 @@
|
||||||
import os
|
|
||||||
import logging
|
import logging
|
||||||
|
import os
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import MimikatzCredentialCollector
|
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import \
|
||||||
|
MimikatzCredentialCollector
|
||||||
|
|
||||||
sys.coinit_flags = 0 # needed for proper destruction of the wmi python module
|
sys.coinit_flags = 0 # needed for proper destruction of the wmi python module
|
||||||
# noinspection PyPep8
|
# noinspection PyPep8
|
||||||
import infection_monkey.config
|
import infection_monkey.config
|
||||||
# noinspection PyPep8
|
# noinspection PyPep8
|
||||||
|
from common.utils.wmi_utils import WMIUtils
|
||||||
|
# noinspection PyPep8
|
||||||
from infection_monkey.system_info import InfoCollector
|
from infection_monkey.system_info import InfoCollector
|
||||||
# noinspection PyPep8
|
# noinspection PyPep8
|
||||||
from infection_monkey.system_info.wmi_consts import WMI_CLASSES
|
from infection_monkey.system_info.wmi_consts import WMI_CLASSES
|
||||||
# noinspection PyPep8
|
|
||||||
from common.utils.wmi_utils import WMIUtils
|
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
LOG.info('started windows info collector')
|
LOG.info('started windows info collector')
|
||||||
|
|
|
@ -9,10 +9,11 @@ from urllib.parse import urlsplit
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
|
|
||||||
import infection_monkey.monkeyfs as monkeyfs
|
|
||||||
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
|
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
|
||||||
import infection_monkey.control
|
import infection_monkey.control
|
||||||
|
import infection_monkey.monkeyfs as monkeyfs
|
||||||
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
|
from infection_monkey.transport.base import (TransportProxyBase,
|
||||||
|
update_last_serve_time)
|
||||||
|
|
||||||
__author__ = 'hoffer'
|
__author__ = 'hoffer'
|
||||||
|
|
||||||
|
@ -190,7 +191,8 @@ class HTTPServer(threading.Thread):
|
||||||
def run(self):
|
def run(self):
|
||||||
class TempHandler(FileServHTTPRequestHandler):
|
class TempHandler(FileServHTTPRequestHandler):
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
from infection_monkey.telemetry.attack.t1105_telem import \
|
||||||
|
T1105Telem
|
||||||
|
|
||||||
filename = self._filename
|
filename = self._filename
|
||||||
|
|
||||||
|
@ -244,7 +246,8 @@ class LockedHTTPServer(threading.Thread):
|
||||||
def run(self):
|
def run(self):
|
||||||
class TempHandler(FileServHTTPRequestHandler):
|
class TempHandler(FileServHTTPRequestHandler):
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
from infection_monkey.telemetry.attack.t1105_telem import \
|
||||||
|
T1105Telem
|
||||||
filename = self._filename
|
filename = self._filename
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
import socket
|
|
||||||
import select
|
import select
|
||||||
from threading import Thread
|
import socket
|
||||||
from logging import getLogger
|
from logging import getLogger
|
||||||
|
from threading import Thread
|
||||||
|
|
||||||
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
|
from infection_monkey.transport.base import (TransportProxyBase,
|
||||||
|
update_last_serve_time)
|
||||||
|
|
||||||
READ_BUFFER_SIZE = 8192
|
READ_BUFFER_SIZE = 8192
|
||||||
DEFAULT_TIMEOUT = 30
|
DEFAULT_TIMEOUT = 30
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue