Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea

This commit is contained in:
Shay Nehmad 2020-07-16 13:42:34 +03:00
commit 7e45540361
247 changed files with 1070 additions and 598 deletions

View File

@ -20,7 +20,7 @@ install:
# Python # Python
- pip freeze - pip freeze
- pip install -r monkey/monkey_island/requirements.txt # for unit tests - pip install -r monkey/monkey_island/requirements.txt # for unit tests
- pip install flake8 pytest dlint # for next stages - pip install flake8 pytest dlint isort # for next stages
- pip install coverage # for code coverage - pip install coverage # for code coverage
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests - pip install -r monkey/infection_monkey/requirements.txt # for unit tests
- pip install pipdeptree - pip install pipdeptree
@ -69,6 +69,9 @@ script:
- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120 - PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120
- if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi - if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
## Check import order
- python -m isort . -c -p common -p infection_monkey -p monkey_island
## Run unit tests ## Run unit tests
- cd monkey # This is our source dir - cd monkey # This is our source dir
- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path. - python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.

View File

@ -3,7 +3,8 @@ from datetime import timedelta
from typing import Dict from typing import Dict
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)

View File

@ -1,11 +1,11 @@
import json import json
import logging import logging
from time import sleep from time import sleep
from bson import json_util from bson import json_util
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import MonkeyIslandRequests from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import \
MonkeyIslandRequests
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5 SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
MONKEY_TEST_ENDPOINT = 'api/test/monkey' MONKEY_TEST_ENDPOINT = 'api/test/monkey'

View File

@ -1,13 +1,12 @@
from typing import Dict import functools
import logging
from datetime import timedelta from datetime import timedelta
from typing import Dict
import requests import requests
import functools
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
SupportedRequestMethod
import logging
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()' # SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \ NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \

View File

@ -2,8 +2,10 @@ import logging
import os import os
import shutil import shutil
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import MonkeyLogParser from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import \
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import MonkeyLogsDownloader MonkeyLogParser
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import \
MonkeyLogsDownloader
LOG_DIR_NAME = 'logs' LOG_DIR_NAME = 'logs'
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)

View File

@ -1,20 +1,28 @@
import os
import logging import logging
import os
import pytest
from time import sleep from time import sleep
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer import pytest
from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler CommunicationAnalyzer
from envs.monkey_zoo.blackbox.island_client.island_config_parser import \
IslandConfigParser
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \
TestLogsHandler
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.map_generation import MapGenerationTest from envs.monkey_zoo.blackbox.tests.performance.map_generation import \
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import MapGenerationFromTelemetryTest MapGenerationTest
from envs.monkey_zoo.blackbox.tests.performance.report_generation import ReportGenerationTest from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import \
MapGenerationFromTelemetryTest
from envs.monkey_zoo.blackbox.tests.performance.report_generation import \
ReportGenerationTest
from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \ from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \
ReportGenerationFromTelemetryTest ReportGenerationFromTelemetryTest
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
TelemetryPerformanceTest
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
DEFAULT_TIMEOUT_SECONDS = 5*60 DEFAULT_TIMEOUT_SECONDS = 5*60

View File

@ -1,10 +1,14 @@
import logging import logging
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient PerformanceAnalyzer
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
SupportedRequestMethod
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)

View File

@ -1,9 +1,12 @@
from datetime import timedelta from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
PerformanceTestWorkflow
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2) MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5) MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)

View File

@ -1,7 +1,9 @@
from datetime import timedelta from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \ from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
TelemetryPerformanceTestWorkflow TelemetryPerformanceTestWorkflow

View File

@ -1,7 +1,9 @@
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig EndpointPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
class PerformanceTestWorkflow(BasicTest): class PerformanceTestWorkflow(BasicTest):

View File

@ -1,9 +1,12 @@
from datetime import timedelta from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
PerformanceTestWorkflow
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2) MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5) MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)

View File

@ -1,7 +1,9 @@
from datetime import timedelta from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \ from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
TelemetryPerformanceTestWorkflow TelemetryPerformanceTestWorkflow

View File

@ -1,7 +1,7 @@
import json import json
import logging import logging
from os import listdir, path from os import listdir, path
from typing import List, Dict from typing import Dict, List
from tqdm import tqdm from tqdm import tqdm

View File

@ -1,7 +1,7 @@
import random import random
from envs.monkey_zoo.blackbox.tests.performance.\ from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator FakeIpGenerator
class FakeMonkey: class FakeMonkey:

View File

@ -2,14 +2,16 @@ import copy
import json import json
import logging import logging
import sys import sys
from typing import List, Dict from typing import Dict, List
from tqdm import tqdm from tqdm import tqdm
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
from envs.monkey_zoo.blackbox.tests.performance.\ SampleFileParser
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import FakeMonkey FakeIpGenerator
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import \
FakeMonkey
TELEM_DIR_PATH = './tests/performance/telemetry_sample' TELEM_DIR_PATH = './tests/performance/telemetry_sample'
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)

View File

@ -1,7 +1,7 @@
from unittest import TestCase from unittest import TestCase
from envs.monkey_zoo.blackbox.tests.performance.\ from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator FakeIpGenerator
class TestFakeIpGenerator(TestCase): class TestFakeIpGenerator(TestCase):

View File

@ -4,11 +4,16 @@ from datetime import timedelta
from tqdm import tqdm from tqdm import tqdm
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient PerformanceAnalyzer
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig MonkeyIslandClient
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
SupportedRequestMethod
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
SampleFileParser
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)

View File

@ -1,7 +1,10 @@
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig EndpointPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
TelemetryPerformanceTest
class TelemetryPerformanceTestWorkflow(BasicTest): class TelemetryPerformanceTestWorkflow(BasicTest):

View File

@ -1,7 +1,7 @@
import pytest import pytest
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
machine_list = { machine_list = {
"10.0.0.36": "centos_6", "10.0.0.36": "centos_6",

View File

@ -1,14 +1,15 @@
import json import json
import re
import urllib.request
import urllib.error
import logging import logging
import re
__author__ = 'itay.mizeretz' import urllib.error
import urllib.request
from common.cloud.environment_names import Environment from common.cloud.environment_names import Environment
from common.cloud.instance import CloudInstance from common.cloud.instance import CloudInstance
__author__ = 'itay.mizeretz'
AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254" AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254"
AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS) AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS)
ACCOUNT_ID_KEY = "accountId" ACCOUNT_ID_KEY = "accountId"

View File

@ -1,7 +1,7 @@
from unittest import TestCase
from .aws_service import filter_instance_data_from_aws_response
import json import json
from unittest import TestCase
from .aws_service import filter_instance_data_from_aws_response
__author__ = 'shay.nehmad' __author__ = 'shay.nehmad'

View File

@ -1,4 +1,5 @@
import logging import logging
import requests import requests
from common.cloud.environment_names import Environment from common.cloud.environment_names import Environment

View File

@ -1,4 +1,5 @@
import logging import logging
import requests import requests
from common.cloud.environment_names import Environment from common.cloud.environment_names import Environment

View File

@ -1,5 +1,5 @@
import time
import logging import logging
import time
from abc import abstractmethod from abc import abstractmethod
from common.cmd.cmd import Cmd from common.cmd.cmd import Cmd

View File

@ -5,3 +5,4 @@ POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION = "Modify shell startup file"
POST_BREACH_HIDDEN_FILES = "Hide files and directories" POST_BREACH_HIDDEN_FILES = "Hide files and directories"
POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received" POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received"
POST_BREACH_SETUID_SETGID = "Setuid and Setgid" POST_BREACH_SETUID_SETGID = "Setuid and Setgid"
POST_BREACH_JOB_SCHEDULING = "Schedule jobs"

View File

@ -57,7 +57,7 @@ PRINCIPLES = {
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.", PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.", PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.", PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandetory " PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandatory "
"Access Control) only.", "Access Control) only.",
} }

View File

@ -1,11 +1,10 @@
import ipaddress
import logging
import random import random
import socket import socket
import struct import struct
from abc import ABCMeta, abstractmethod from abc import ABCMeta, abstractmethod
import ipaddress
import logging
__author__ = 'itamar' __author__ = 'itamar'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -1,4 +1,5 @@
import sys import sys
if sys.platform == 'win32': if sys.platform == 'win32':
import win32com import win32com
import wmi import wmi
@ -24,7 +25,7 @@ class MongoUtils:
return o return o
elif isinstance(o, str): elif isinstance(o, str):
# mongo dosn't like unprintable chars, so we use repr :/ # mongo doesn't like unprintable chars, so we use repr :/
return repr(o) return repr(o)
elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object: elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object:
@ -32,7 +33,7 @@ class MongoUtils:
elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch: elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch:
try: try:
# objectSid property of ds_user is problematic and need thie special treatment. # objectSid property of ds_user is problematic and need this special treatment.
# ISWbemObjectEx interface. Class Uint8Array ? # ISWbemObjectEx interface. Class Uint8Array ?
if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}": if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}":
return o.Value return o.Value

View File

@ -8,14 +8,15 @@ from requests.exceptions import ConnectionError
import infection_monkey.monkeyfs as monkeyfs import infection_monkey.monkeyfs as monkeyfs
import infection_monkey.tunnel as tunnel import infection_monkey.tunnel as tunnel
from infection_monkey.config import WormConfiguration, GUID from infection_monkey.config import GUID, WormConfiguration
from infection_monkey.network.info import local_ips, check_internet_access from infection_monkey.network.info import check_internet_access, local_ips
from infection_monkey.transport.http import HTTPConnectProxy from infection_monkey.transport.http import HTTPConnectProxy
from infection_monkey.transport.tcp import TcpProxy from infection_monkey.transport.tcp import TcpProxy
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
PlannedShutdownException
__author__ = 'hoffer' __author__ = 'hoffer'
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
requests.packages.urllib3.disable_warnings() requests.packages.urllib3.disable_warnings()

View File

@ -1,5 +1,6 @@
import argparse import argparse
import ctypes import ctypes
import filecmp
import logging import logging
import os import os
import pprint import pprint
@ -9,13 +10,15 @@ import sys
import time import time
from ctypes import c_char_p from ctypes import c_char_p
import filecmp
from infection_monkey.config import WormConfiguration
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
from infection_monkey.model import MONKEY_CMDLINE_WINDOWS, MONKEY_CMDLINE_LINUX, GENERAL_CMDLINE_LINUX
from infection_monkey.system_info import SystemInfoCollector, OperatingSystem
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from common.utils.attack_utils import ScanStatus, UsageEnum from common.utils.attack_utils import ScanStatus, UsageEnum
from infection_monkey.config import WormConfiguration
from infection_monkey.exploit.tools.helpers import \
build_monkey_commandline_explicitly
from infection_monkey.model import (GENERAL_CMDLINE_LINUX,
MONKEY_CMDLINE_LINUX,
MONKEY_CMDLINE_WINDOWS)
from infection_monkey.system_info import OperatingSystem, SystemInfoCollector
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
if "win32" == sys.platform: if "win32" == sys.platform:
from win32process import DETACHED_PROCESS from win32process import DETACHED_PROCESS

View File

@ -1,11 +1,10 @@
from abc import abstractmethod from abc import abstractmethod
from infection_monkey.config import WormConfiguration
from common.utils.exploit_enum import ExploitType
from datetime import datetime from datetime import datetime
from infection_monkey.utils.plugins.plugin import Plugin
import infection_monkey.exploit import infection_monkey.exploit
from common.utils.exploit_enum import ExploitType
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
__author__ = 'itamar' __author__ = 'itamar'

View File

@ -6,17 +6,19 @@
import json import json
import logging import logging
import requests
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import WGET_HTTP_UPLOAD, BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX, \
DOWNLOAD_TIMEOUT
from infection_monkey.network.elasticfinger import ES_PORT
from common.data.network_consts import ES_SERVICE
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
import re import re
import requests
from common.data.network_consts import ES_SERVICE
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
CMD_PREFIX, DOWNLOAD_TIMEOUT, ID_STRING,
WGET_HTTP_UPLOAD)
from infection_monkey.network.elasticfinger import ES_PORT
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
__author__ = 'danielg, VakarisZ' __author__ = 'danielg, VakarisZ'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -3,17 +3,21 @@
Implementation is based on code from https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn Implementation is based on code from https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn
""" """
import requests
import json import json
import random
import string
import logging import logging
import posixpath import posixpath
import random
import string
from infection_monkey.exploit.web_rce import WebRCE import requests
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth)
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_monkey_depth from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import MONKEY_ARG, ID_STRING, HADOOP_WINDOWS_COMMAND, HADOOP_LINUX_COMMAND from infection_monkey.model import (HADOOP_LINUX_COMMAND,
HADOOP_WINDOWS_COMMAND, ID_STRING,
MONKEY_ARG)
__author__ = 'VakarisZ' __author__ = 'VakarisZ'

View File

@ -5,13 +5,16 @@ from time import sleep
import pymssql import pymssql
from common.utils.exceptions import (ExploitingVulnerableMachineError,
FailedExploitationError)
from common.utils.exploit_enum import ExploitType from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_monkey_dest_path)
from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer
from infection_monkey.exploit.tools.helpers import get_monkey_dest_path, build_monkey_commandline, get_monkey_depth
from infection_monkey.model import DROPPER_ARG
from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError from infection_monkey.model import DROPPER_ARG
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -8,21 +8,27 @@ from io import BytesIO
import impacket.smbconnection import impacket.smbconnection
from impacket.nmb import NetBIOSError from impacket.nmb import NetBIOSError
from impacket.nt_errors import STATUS_SUCCESS from impacket.nt_errors import STATUS_SUCCESS
from impacket.smb import FILE_OPEN, SMB_DIALECT, SMB, SMBCommand, SMBNtCreateAndX_Parameters, SMBNtCreateAndX_Data, \ from impacket.smb import (FILE_DIRECTORY_FILE, FILE_NON_DIRECTORY_FILE,
FILE_READ_DATA, FILE_SHARE_READ, FILE_NON_DIRECTORY_FILE, FILE_WRITE_DATA, FILE_DIRECTORY_FILE FILE_OPEN, FILE_READ_DATA, FILE_SHARE_READ,
from impacket.smb import SessionError FILE_WRITE_DATA, SMB, SMB_DIALECT, SessionError,
from impacket.smb3structs import SMB2_IL_IMPERSONATION, SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS, SMB2Create, \ SMBCommand, SMBNtCreateAndX_Data,
SMB2Packet, SMB2Create_Response, SMB2_OPLOCK_LEVEL_NONE SMBNtCreateAndX_Parameters)
from impacket.smb3structs import (SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS,
SMB2_IL_IMPERSONATION,
SMB2_OPLOCK_LEVEL_NONE, SMB2Create,
SMB2Create_Response, SMB2Packet)
from impacket.smbconnection import SMBConnection from impacket.smbconnection import SMBConnection
import infection_monkey.monkeyfs as monkeyfs import infection_monkey.monkeyfs as monkeyfs
from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey_by_os)
from infection_monkey.model import DROPPER_ARG from infection_monkey.model import DROPPER_ARG
from infection_monkey.network.smbfinger import SMB_SERVICE from infection_monkey.network.smbfinger import SMB_SERVICE
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_target_monkey_by_os, get_monkey_depth
from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.pyinstaller_utils import get_binary_file_path from infection_monkey.pyinstaller_utils import get_binary_file_path
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
__author__ = 'itay.mizeretz' __author__ = 'itay.mizeretz'

View File

@ -8,10 +8,12 @@ import requests
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.model import DROPPER_ARG
from infection_monkey.exploit.shellshock_resources import CGI_FILES from infection_monkey.exploit.shellshock_resources import CGI_FILES
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.model import DROPPER_ARG
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
__author__ = 'danielg' __author__ = 'danielg'
@ -86,7 +88,7 @@ class ShellShockExploiter(HostExploiter):
LOG.info("SSH Skipping unknown os: %s", uname_os) LOG.info("SSH Skipping unknown os: %s", uname_os)
return False return False
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
return False return False
if not self.host.os.get('machine'): if not self.host.os.get('machine'):
try: try:
@ -95,7 +97,7 @@ class ShellShockExploiter(HostExploiter):
if '' != uname_machine: if '' != uname_machine:
self.host.os['machine'] = uname_machine.lower().strip() self.host.os['machine'] = uname_machine.lower().strip()
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
return False return False
# copy the monkey # copy the monkey

View File

@ -1,17 +1,21 @@
from logging import getLogger from logging import getLogger
from impacket.dcerpc.v5 import transport, scmr from impacket.dcerpc.v5 import scmr, transport
from impacket.smbconnection import SMB_DIALECT from impacket.smbconnection import SMB_DIALECT
from common.utils.attack_utils import ScanStatus, UsageEnum
from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS, VictimHost from infection_monkey.model import (DROPPER_CMDLINE_DETACHED_WINDOWS,
MONKEY_CMDLINE_DETACHED_WINDOWS,
VictimHost)
from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.tools import check_tcp_port from infection_monkey.network.tools import check_tcp_port
from common.utils.exploit_enum import ExploitType
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
from common.utils.attack_utils import ScanStatus, UsageEnum
LOG = getLogger(__name__) LOG = getLogger(__name__)

View File

@ -5,13 +5,16 @@ import time
import paramiko import paramiko
import infection_monkey.monkeyfs as monkeyfs import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.exploit.HostExploiter import HostExploiter from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.model import MONKEY_ARG
from infection_monkey.network.tools import check_tcp_port, get_interface_to_target
from common.utils.exceptions import FailedExploitationError from common.utils.exceptions import FailedExploitationError
from common.utils.exploit_enum import ExploitType from common.utils.exploit_enum import ExploitType
from common.utils.attack_utils import ScanStatus from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.model import MONKEY_ARG
from infection_monkey.network.tools import (check_tcp_port,
get_interface_to_target)
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
@ -129,7 +132,7 @@ class SSHExploiter(HostExploiter):
LOG.info("SSH Skipping unknown os: %s", uname_os) LOG.info("SSH Skipping unknown os: %s", uname_os)
return False return False
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
return False return False
if not self.host.os.get('machine'): if not self.host.os.get('machine'):
@ -139,7 +142,7 @@ class SSHExploiter(HostExploiter):
if '' != uname_machine: if '' != uname_machine:
self.host.os['machine'] = uname_machine self.host.os['machine'] = uname_machine
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
if self.skip_exist: if self.skip_exist:
_, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux) _, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux)

View File

@ -11,10 +11,11 @@ def try_get_target_monkey(host):
def get_target_monkey(host): def get_target_monkey(host):
from infection_monkey.control import ControlClient
import platform import platform
import sys import sys
from infection_monkey.control import ControlClient
if host.monkey_exe: if host.monkey_exe:
return host.monkey_exe return host.monkey_exe

View File

@ -6,12 +6,12 @@ import urllib.parse
import urllib.request import urllib.request
from threading import Lock from threading import Lock
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
from infection_monkey.model import DOWNLOAD_TIMEOUT from infection_monkey.model import DOWNLOAD_TIMEOUT
from infection_monkey.network.firewall import app as firewall from infection_monkey.network.firewall import app as firewall
from infection_monkey.network.info import get_free_tcp_port from infection_monkey.network.info import get_free_tcp_port
from infection_monkey.transport import HTTPServer, LockedHTTPServer
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.transport import HTTPServer, LockedHTTPServer
__author__ = 'itamar' __author__ = 'itamar'

View File

@ -1,5 +1,6 @@
from unittest import TestCase from unittest import TestCase
from .payload_parsing import Payload, LimitedSizePayload
from .payload_parsing import LimitedSizePayload, Payload
class TestPayload(TestCase): class TestPayload(TestCase):

View File

@ -2,16 +2,16 @@ import logging
import ntpath import ntpath
import pprint import pprint
from impacket.dcerpc.v5 import transport, srvs from impacket.dcerpc.v5 import srvs, transport
from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21 from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
from impacket.smbconnection import SMBConnection, SMB_DIALECT from impacket.smbconnection import SMB_DIALECT, SMBConnection
import infection_monkey.config import infection_monkey.config
import infection_monkey.monkeyfs as monkeyfs import infection_monkey.monkeyfs as monkeyfs
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.config import Configuration from infection_monkey.config import Configuration
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
__author__ = 'itamar' __author__ = 'itamar'

View File

@ -1,6 +1,7 @@
import unittest import unittest
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly from infection_monkey.exploit.tools.helpers import \
build_monkey_commandline_explicitly
class TestHelpers(unittest.TestCase): class TestHelpers(unittest.TestCase):

View File

@ -6,14 +6,16 @@
import socket import socket
import time import time
from logging import getLogger
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, build_monkey_commandline, get_monkey_depth from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.model import MONKEY_ARG, CHMOD_MONKEY, RUN_MONKEY, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT from infection_monkey.model import (CHMOD_MONKEY, DOWNLOAD_TIMEOUT, MONKEY_ARG,
from logging import getLogger RUN_MONKEY, WGET_HTTP_UPLOAD)
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
LOG = getLogger(__name__) LOG = getLogger(__name__)

View File

@ -1,16 +1,22 @@
import logging import logging
import re import re
from posixpath import join
from abc import abstractmethod from abc import abstractmethod
from posixpath import join
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.model import CHECK_COMMAND, ID_STRING, GET_ARCH_LINUX, GET_ARCH_WINDOWS, BITSADMIN_CMDLINE_HTTP, \ from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
POWERSHELL_HTTP_UPLOAD, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT, CHMOD_MONKEY, RUN_MONKEY, MONKEY_ARG, DROPPER_ARG CHMOD_MONKEY, DOWNLOAD_TIMEOUT,
DROPPER_ARG, GET_ARCH_LINUX,
GET_ARCH_WINDOWS, ID_STRING, MONKEY_ARG,
POWERSHELL_HTTP_UPLOAD, RUN_MONKEY,
WGET_HTTP_UPLOAD)
from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
__author__ = 'VakarisZ' __author__ = 'VakarisZ'

View File

@ -1,16 +1,16 @@
import threading
import logging
import time
import copy import copy
import logging
from requests import post, exceptions import threading
import time
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.network.info import get_free_tcp_port
from http.server import BaseHTTPRequestHandler, HTTPServer from http.server import BaseHTTPRequestHandler, HTTPServer
from requests import exceptions, post
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.network.info import get_free_tcp_port
from infection_monkey.network.tools import get_interface_to_target
__author__ = "VakarisZ" __author__ = "VakarisZ"
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -8,18 +8,21 @@
import socket import socket
import time import time
from enum import IntEnum
from logging import getLogger from logging import getLogger
from enum import IntEnum
from impacket import uuid from impacket import uuid
from impacket.dcerpc.v5 import transport from impacket.dcerpc.v5 import transport
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
MONKEY_CMDLINE_WINDOWS)
from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.tools import check_tcp_port from infection_monkey.network.tools import check_tcp_port
from infection_monkey.exploit.HostExploiter import HostExploiter
LOG = getLogger(__name__) LOG = getLogger(__name__)

View File

@ -5,14 +5,16 @@ import traceback
from impacket.dcerpc.v5.rpcrt import DCERPCException from impacket.dcerpc.v5.rpcrt import DCERPCException
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, \
get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException
from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.exploit.tools.wmi_tools import WmiTools
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
from common.utils.exploit_enum import ExploitType from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.exploit.tools.wmi_tools import (AccessDeniedException,
WmiTools)
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
MONKEY_CMDLINE_WINDOWS)
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -7,14 +7,15 @@ import sys
import traceback import traceback
from multiprocessing import freeze_support from multiprocessing import freeze_support
from infection_monkey.utils.monkey_log_path import get_dropper_log_path, get_monkey_log_path
from infection_monkey.config import WormConfiguration, EXTERNAL_CONFIG_FILE
from infection_monkey.dropper import MonkeyDrops
from infection_monkey.model import MONKEY_ARG, DROPPER_ARG
from infection_monkey.monkey import InfectionMonkey
from common.version import get_version
# noinspection PyUnresolvedReferences # noinspection PyUnresolvedReferences
import infection_monkey.post_breach # dummy import for pyinstaller import infection_monkey.post_breach # dummy import for pyinstaller
from common.version import get_version
from infection_monkey.config import EXTERNAL_CONFIG_FILE, WormConfiguration
from infection_monkey.dropper import MonkeyDrops
from infection_monkey.model import DROPPER_ARG, MONKEY_ARG
from infection_monkey.monkey import InfectionMonkey
from infection_monkey.utils.monkey_log_path import (get_dropper_log_path,
get_monkey_log_path)
__author__ = 'itamar' __author__ = 'itamar'

View File

@ -1,6 +1,7 @@
from unittest import TestCase from unittest import TestCase
from infection_monkey.model.victim_host_generator import VictimHostGenerator
from common.network.network_range import CidrRange, SingleIpRange from common.network.network_range import CidrRange, SingleIpRange
from infection_monkey.model.victim_host_generator import VictimHostGenerator
class VictimHostGeneratorTester(TestCase): class VictimHostGeneratorTester(TestCase):

View File

@ -6,34 +6,39 @@ import sys
import time import time
import infection_monkey.tunnel as tunnel import infection_monkey.tunnel as tunnel
from infection_monkey.network.HostFinger import HostFinger from common.network.network_utils import get_host_from_network_location
from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir from common.utils.attack_utils import ScanStatus, UsageEnum
from infection_monkey.utils.monkey_log_path import get_monkey_log_path from common.utils.exceptions import (ExploitingVulnerableMachineError,
from infection_monkey.utils.environment import is_windows_os FailedExploitationError)
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException from common.version import get_version
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
from infection_monkey.control import ControlClient from infection_monkey.control import ControlClient
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.model import DELAY_DELETE_CMD from infection_monkey.model import DELAY_DELETE_CMD
from infection_monkey.network.firewall import app as firewall from infection_monkey.network.firewall import app as firewall
from infection_monkey.network.HostFinger import HostFinger
from infection_monkey.network.network_scanner import NetworkScanner from infection_monkey.network.network_scanner import NetworkScanner
from infection_monkey.network.tools import (get_interface_to_target,
is_running_on_server)
from infection_monkey.post_breach.post_breach_handler import PostBreach
from infection_monkey.system_info import SystemInfoCollector from infection_monkey.system_info import SystemInfoCollector
from infection_monkey.system_singleton import SystemSingleton from infection_monkey.system_singleton import SystemSingleton
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from infection_monkey.telemetry.attack.t1107_telem import T1107Telem from infection_monkey.telemetry.attack.t1107_telem import T1107Telem
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
from infection_monkey.telemetry.scan_telem import ScanTelem from infection_monkey.telemetry.scan_telem import ScanTelem
from infection_monkey.telemetry.state_telem import StateTelem from infection_monkey.telemetry.state_telem import StateTelem
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
from infection_monkey.telemetry.trace_telem import TraceTelem from infection_monkey.telemetry.trace_telem import TraceTelem
from infection_monkey.telemetry.tunnel_telem import TunnelTelem from infection_monkey.telemetry.tunnel_telem import TunnelTelem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
PlannedShutdownException
from infection_monkey.utils.monkey_dir import (create_monkey_dir,
get_monkey_dir_path,
remove_monkey_dir)
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
from infection_monkey.windows_upgrader import WindowsUpgrader from infection_monkey.windows_upgrader import WindowsUpgrader
from infection_monkey.post_breach.post_breach_handler import PostBreach
from infection_monkey.network.tools import get_interface_to_target, is_running_on_server
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from common.utils.attack_utils import ScanStatus, UsageEnum
from common.version import get_version
from infection_monkey.exploit.HostExploiter import HostExploiter
from common.network.network_utils import get_host_from_network_location
MAX_DEPTH_REACHED_MESSAGE = "Reached max depth, shutting down" MAX_DEPTH_REACHED_MESSAGE = "Reached max depth, shutting down"
@ -290,7 +295,8 @@ class InfectionMonkey(object):
try: try:
status = None status = None
if "win32" == sys.platform: if "win32" == sys.platform:
from subprocess import SW_HIDE, STARTF_USESHOWWINDOW, CREATE_NEW_CONSOLE from subprocess import (CREATE_NEW_CONSOLE,
STARTF_USESHOWWINDOW, SW_HIDE)
startupinfo = subprocess.STARTUPINFO() startupinfo = subprocess.STARTUPINFO()
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
startupinfo.wShowWindow = SW_HIDE startupinfo.wShowWindow = SW_HIDE

View File

@ -1,5 +1,5 @@
from io import BytesIO
import os import os
from io import BytesIO
__author__ = 'hoffer' __author__ = 'hoffer'

View File

@ -1,8 +1,8 @@
from abc import abstractmethod from abc import abstractmethod
import infection_monkey.network
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin from infection_monkey.utils.plugins.plugin import Plugin
import infection_monkey.network
class HostFinger(Plugin): class HostFinger(Plugin):

View File

@ -3,11 +3,11 @@ import logging
from contextlib import closing from contextlib import closing
import requests import requests
from requests.exceptions import Timeout, ConnectionError from requests.exceptions import ConnectionError, Timeout
import infection_monkey.config import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger
from common.data.network_consts import ES_SERVICE from common.data.network_consts import ES_SERVICE
from infection_monkey.network.HostFinger import HostFinger
ES_PORT = 9200 ES_PORT = 9200
ES_HTTP_TIMEOUT = 5 ES_HTTP_TIMEOUT = 5

View File

@ -1,6 +1,6 @@
import platform
import subprocess import subprocess
import sys import sys
import platform
def _run_netsh_cmd(command, args): def _run_netsh_cmd(command, args):

View File

@ -1,6 +1,7 @@
import logging
import infection_monkey.config import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger from infection_monkey.network.HostFinger import HostFinger
import logging
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
@ -20,10 +21,11 @@ class HTTPFinger(HostFinger):
pass pass
def get_host_fingerprint(self, host): def get_host_fingerprint(self, host):
from requests import head
from requests.exceptions import Timeout, ConnectionError
from contextlib import closing from contextlib import closing
from requests import head
from requests.exceptions import ConnectionError, Timeout
for port in self.HTTP: for port in self.HTTP:
# check both http and https # check both http and https
http = "http://" + host.ip_addr + ":" + port[1] http = "http://" + host.ip_addr + ":" + port[1]

View File

@ -1,12 +1,12 @@
import socket
import struct
import psutil
import ipaddress import ipaddress
import itertools import itertools
import netifaces import socket
from subprocess import check_output import struct
from random import randint from random import randint
from subprocess import check_output
import netifaces
import psutil
import requests import requests
from requests import ConnectionError from requests import ConnectionError

View File

@ -2,8 +2,8 @@ import errno
import logging import logging
import socket import socket
from infection_monkey.network.HostFinger import HostFinger
import infection_monkey.config import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger
__author__ = 'Maor Rayzin' __author__ = 'Maor Rayzin'

View File

@ -3,7 +3,8 @@ import socket
import infection_monkey.config import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger from infection_monkey.network.HostFinger import HostFinger
from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string from infection_monkey.network.tools import (struct_unpack_tracker,
struct_unpack_tracker_string)
MYSQL_PORT = 3306 MYSQL_PORT = 3306
SQL_SERVICE = 'mysqld-3306' SQL_SERVICE = 'mysqld-3306'

View File

@ -1,13 +1,13 @@
import time
import logging import logging
import time
from multiprocessing.dummy import Pool from multiprocessing.dummy import Pool
from common.network.network_range import NetworkRange from common.network.network_range import NetworkRange
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
from infection_monkey.model.victim_host_generator import VictimHostGenerator from infection_monkey.model.victim_host_generator import VictimHostGenerator
from infection_monkey.network.info import local_ips, get_interfaces_ranges from infection_monkey.network.info import get_interfaces_ranges, local_ips
from infection_monkey.network.tcp_scanner import TcpScanner
from infection_monkey.network.ping_scanner import PingScanner from infection_monkey.network.ping_scanner import PingScanner
from infection_monkey.network.tcp_scanner import TcpScanner
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -1,6 +1,7 @@
import logging
import socket import socket
import struct import struct
import logging
from odict import odict from odict import odict
from infection_monkey.network.HostFinger import HostFinger from infection_monkey.network.HostFinger import HostFinger

View File

@ -1,11 +1,11 @@
import logging import logging
import sys import re
import subprocess
import select import select
import socket import socket
import struct import struct
import subprocess
import sys
import time import time
import re
from infection_monkey.network.info import get_routes, local_ips from infection_monkey.network.info import get_routes, local_ips
from infection_monkey.pyinstaller_utils import get_binary_file_path from infection_monkey.pyinstaller_utils import get_binary_file_path

View File

@ -1,6 +1,6 @@
from common.data.post_breach_consts import POST_BREACH_BACKDOOR_USER from common.data.post_breach_consts import POST_BREACH_BACKDOOR_USER
from infection_monkey.post_breach.pba import PBA
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
from infection_monkey.post_breach.pba import PBA
from infection_monkey.utils.users import get_commands_to_add_user from infection_monkey.utils.users import get_commands_to_add_user

View File

@ -1,6 +1,6 @@
from common.data.post_breach_consts import POST_BREACH_SETUID_SETGID from common.data.post_breach_consts import POST_BREACH_SETUID_SETGID
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
from infection_monkey.post_breach.setuid_setgid.setuid_setgid import\ from infection_monkey.post_breach.setuid_setgid.setuid_setgid import \
get_commands_to_change_setuid_setgid get_commands_to_change_setuid_setgid
from infection_monkey.utils.environment import is_windows_os from infection_monkey.utils.environment import is_windows_os

View File

@ -3,12 +3,12 @@ import random
import string import string
import subprocess import subprocess
from infection_monkey.utils.new_user_error import NewUserError
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
from common.data.post_breach_consts import POST_BREACH_COMMUNICATE_AS_NEW_USER from common.data.post_breach_consts import POST_BREACH_COMMUNICATE_AS_NEW_USER
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
from infection_monkey.utils.environment import is_windows_os from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.new_user_error import NewUserError
INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/" INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/"

View File

@ -1,13 +1,11 @@
from common.data.post_breach_consts import POST_BREACH_HIDDEN_FILES from common.data.post_breach_consts import POST_BREACH_HIDDEN_FILES
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.hidden_files import\
get_commands_to_hide_files,\
get_commands_to_hide_folders,\
cleanup_hidden_files,\
get_winAPI_to_hide_files
from infection_monkey.utils.environment import is_windows_os from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.hidden_files import (cleanup_hidden_files,
get_commands_to_hide_files,
get_commands_to_hide_folders,
get_winAPI_to_hide_files)
HIDDEN_FSO_CREATION_COMMANDS = [get_commands_to_hide_files, HIDDEN_FSO_CREATION_COMMANDS = [get_commands_to_hide_files,
get_commands_to_hide_folders] get_commands_to_hide_folders]

View File

@ -1,6 +1,7 @@
from common.data.post_breach_consts import POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION from common.data.post_breach_consts import \
POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import\ from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import \
get_commands_to_modify_shell_startup_files get_commands_to_modify_shell_startup_files

View File

@ -0,0 +1,19 @@
from common.data.post_breach_consts import POST_BREACH_JOB_SCHEDULING
from infection_monkey.post_breach.job_scheduling.job_scheduling import (
get_commands_to_schedule_jobs, remove_scheduled_jobs)
from infection_monkey.post_breach.pba import PBA
class ScheduleJobs(PBA):
"""
This PBA attempts to schedule jobs on the system.
"""
def __init__(self):
linux_cmds, windows_cmds = get_commands_to_schedule_jobs()
super(ScheduleJobs, self).__init__(name=POST_BREACH_JOB_SCHEDULING,
linux_cmd=' '.join(linux_cmds),
windows_cmd=windows_cmds)
remove_scheduled_jobs()

View File

@ -1,6 +1,6 @@
from common.data.post_breach_consts import POST_BREACH_TRAP_COMMAND from common.data.post_breach_consts import POST_BREACH_TRAP_COMMAND
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
from infection_monkey.post_breach.trap_command.trap_command import\ from infection_monkey.post_breach.trap_command.trap_command import \
get_trap_commands get_trap_commands
from infection_monkey.utils.environment import is_windows_os from infection_monkey.utils.environment import is_windows_os

View File

@ -1,15 +1,15 @@
import os
import logging import logging
import os
from common.data.post_breach_consts import POST_BREACH_FILE_EXECUTION from common.data.post_breach_consts import POST_BREACH_FILE_EXECUTION
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.post_breach.pba import PBA
from infection_monkey.control import ControlClient
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.config import WormConfiguration
from infection_monkey.control import ControlClient
from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.post_breach.pba import PBA
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -0,0 +1,19 @@
import subprocess
from infection_monkey.post_breach.job_scheduling.linux_job_scheduling import \
get_linux_commands_to_schedule_jobs
from infection_monkey.post_breach.job_scheduling.windows_job_scheduling import (
get_windows_commands_to_remove_scheduled_jobs,
get_windows_commands_to_schedule_jobs)
from infection_monkey.utils.environment import is_windows_os
def get_commands_to_schedule_jobs():
linux_cmds = get_linux_commands_to_schedule_jobs()
windows_cmds = get_windows_commands_to_schedule_jobs()
return linux_cmds, windows_cmds
def remove_scheduled_jobs():
if is_windows_os():
subprocess.run(get_windows_commands_to_remove_scheduled_jobs(), shell=True) # noqa: DUO116

View File

@ -0,0 +1,12 @@
TEMP_CRON = "$HOME/monkey-schedule-jobs"
def get_linux_commands_to_schedule_jobs():
return [
f'touch {TEMP_CRON} &&',
f'crontab -l > {TEMP_CRON} &&',
'echo \"# Successfully scheduled a job using crontab\" |',
f'tee -a {TEMP_CRON} &&',
f'crontab {TEMP_CRON} ;',
f'rm {TEMP_CRON}'
]

View File

@ -0,0 +1,12 @@
SCHEDULED_TASK_NAME = 'monkey-spawn-cmd'
SCHEDULED_TASK_COMMAND = 'C:\windows\system32\cmd.exe'
# Commands from: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md
def get_windows_commands_to_schedule_jobs():
return f'schtasks /Create /SC monthly /TN {SCHEDULED_TASK_NAME} /TR {SCHEDULED_TASK_COMMAND}'
def get_windows_commands_to_remove_scheduled_jobs():
return f'schtasks /Delete /TN {SCHEDULED_TASK_NAME} /F > nul 2>&1'

View File

@ -1,13 +1,14 @@
import logging import logging
import subprocess import subprocess
import infection_monkey.post_breach.actions
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.plugins.plugin import Plugin from infection_monkey.utils.plugins.plugin import Plugin
import infection_monkey.post_breach.actions
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
__author__ = 'VakarisZ' __author__ = 'VakarisZ'

View File

@ -1,8 +1,8 @@
import logging import logging
from typing import Sequence from typing import Sequence
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.pba import PBA
from infection_monkey.utils.environment import is_windows_os
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -1,4 +1,4 @@
from infection_monkey.post_breach.setuid_setgid.linux_setuid_setgid import\ from infection_monkey.post_breach.setuid_setgid.linux_setuid_setgid import \
get_linux_commands_to_setuid_setgid get_linux_commands_to_setuid_setgid

View File

@ -1,4 +1,5 @@
import subprocess import subprocess
from infection_monkey.utils.environment import is_windows_os from infection_monkey.utils.environment import is_windows_os

View File

@ -1,6 +1,6 @@
from infection_monkey.post_breach.shell_startup_files.linux.shell_startup_files_modification import\ from infection_monkey.post_breach.shell_startup_files.linux.shell_startup_files_modification import \
get_linux_commands_to_modify_shell_startup_files get_linux_commands_to_modify_shell_startup_files
from infection_monkey.post_breach.shell_startup_files.windows.shell_startup_files_modification import\ from infection_monkey.post_breach.shell_startup_files.windows.shell_startup_files_modification import \
get_windows_commands_to_modify_shell_startup_files get_windows_commands_to_modify_shell_startup_files

View File

@ -1,4 +1,5 @@
import subprocess import subprocess
from infection_monkey.utils.environment import is_windows_os from infection_monkey.utils.environment import is_windows_os

View File

@ -1,4 +1,4 @@
from infection_monkey.post_breach.trap_command.linux_trap_command import\ from infection_monkey.post_breach.trap_command.linux_trap_command import \
get_linux_trap_commands get_linux_trap_commands

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files from PyInstaller.utils.hooks import collect_data_files, collect_submodules
hiddenimports = collect_submodules('infection_monkey.exploit') hiddenimports = collect_submodules('infection_monkey.exploit')
datas = (collect_data_files('infection_monkey.exploit', include_py_files=True)) datas = (collect_data_files('infection_monkey.exploit', include_py_files=True))

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files from PyInstaller.utils.hooks import collect_data_files, collect_submodules
hiddenimports = collect_submodules('infection_monkey.network') hiddenimports = collect_submodules('infection_monkey.network')
datas = (collect_data_files('infection_monkey.network', include_py_files=True)) datas = (collect_data_files('infection_monkey.network', include_py_files=True))

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files from PyInstaller.utils.hooks import collect_data_files, collect_submodules
# Import all actions as modules # Import all actions as modules
hiddenimports = collect_submodules('infection_monkey.post_breach.actions') hiddenimports = collect_submodules('infection_monkey.post_breach.actions')

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files from PyInstaller.utils.hooks import collect_data_files, collect_submodules
# Import all actions as modules # Import all actions as modules
hiddenimports = collect_submodules('infection_monkey.system_info.collectors') hiddenimports = collect_submodules('infection_monkey.system_info.collectors')

View File

@ -1,7 +1,7 @@
import logging
import pwd
import os
import glob import glob
import logging
import os
import pwd
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem from infection_monkey.telemetry.attack.t1005_telem import T1005Telem

View File

@ -1,13 +1,14 @@
import logging import logging
import sys import sys
from enum import IntEnum
import psutil import psutil
from enum import IntEnum
from infection_monkey.network.info import get_host_subnets from infection_monkey.network.info import get_host_subnets
from infection_monkey.system_info.azure_cred_collector import AzureCollector from infection_monkey.system_info.azure_cred_collector import AzureCollector
from infection_monkey.system_info.netstat_collector import NetstatCollector from infection_monkey.system_info.netstat_collector import NetstatCollector
from infection_monkey.system_info.system_info_collectors_handler import SystemInfoCollectorsHandler from infection_monkey.system_info.system_info_collectors_handler import \
SystemInfoCollectorsHandler
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -1,9 +1,9 @@
import sys import glob
import json
import logging import logging
import os.path import os.path
import json
import glob
import subprocess import subprocess
import sys
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem from infection_monkey.telemetry.attack.t1005_telem import T1005Telem

View File

@ -2,8 +2,8 @@ import logging
from common.cloud.aws.aws_instance import AwsInstance from common.cloud.aws.aws_instance import AwsInstance
from common.data.system_info_collectors_names import AWS_COLLECTOR from common.data.system_info_collectors_names import AWS_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)

View File

@ -1,7 +1,8 @@
from common.cloud.all_instances import get_all_cloud_instances from common.cloud.all_instances import get_all_cloud_instances
from common.cloud.environment_names import Environment from common.cloud.environment_names import Environment
from common.data.system_info_collectors_names import ENVIRONMENT_COLLECTOR from common.data.system_info_collectors_names import ENVIRONMENT_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
def get_monkey_environment() -> str: def get_monkey_environment() -> str:

View File

@ -2,8 +2,8 @@ import logging
import socket import socket
from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)

View File

@ -1,8 +1,10 @@
import logging import logging
import psutil import psutil
from common.data.system_info_collectors_names import PROCESS_LIST_COLLECTOR from common.data.system_info_collectors_names import PROCESS_LIST_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)

View File

@ -1,10 +1,10 @@
# Inspired by Giampaolo Rodola's psutil example from https://github.com/giampaolo/psutil/blob/master/scripts/netstat.py # Inspired by Giampaolo Rodola's psutil example from https://github.com/giampaolo/psutil/blob/master/scripts/netstat.py
import logging import logging
import psutil
import socket import socket
from socket import AF_INET, SOCK_DGRAM, SOCK_STREAM
from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM import psutil
__author__ = 'itay.mizeretz' __author__ = 'itay.mizeretz'

View File

@ -1,8 +1,8 @@
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
from abc import ABCMeta, abstractmethod from abc import ABCMeta, abstractmethod
import infection_monkey.system_info.collectors import infection_monkey.system_info.collectors
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
class SystemInfoCollector(Plugin, metaclass=ABCMeta): class SystemInfoCollector(Plugin, metaclass=ABCMeta):

View File

@ -1,7 +1,8 @@
import logging import logging
from typing import Sequence from typing import Sequence
from infection_monkey.system_info.system_info_collector import SystemInfoCollector from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -1,8 +1,10 @@
import logging import logging
from typing import List from typing import List
from infection_monkey.system_info.windows_cred_collector import pypykatz_handler from infection_monkey.system_info.windows_cred_collector import \
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials pypykatz_handler
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
WindowsCredentials
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

View File

@ -1,9 +1,10 @@
import binascii import binascii
from typing import Dict, List, NewType, Any from typing import Any, Dict, List, NewType
from pypykatz.pypykatz import pypykatz from pypykatz.pypykatz import pypykatz
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
WindowsCredentials
CREDENTIAL_TYPES = ['msv_creds', 'wdigest_creds', 'ssp_creds', 'livessp_creds', 'dpapi_creds', CREDENTIAL_TYPES = ['msv_creds', 'wdigest_creds', 'ssp_creds', 'livessp_creds', 'dpapi_creds',
'kerberos_creds', 'credman_creds', 'tspkg_creds'] 'kerberos_creds', 'credman_creds', 'tspkg_creds']

View File

@ -1,6 +1,7 @@
from unittest import TestCase from unittest import TestCase
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import _get_creds_from_pypykatz_session from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import \
_get_creds_from_pypykatz_session
class TestPypykatzHandler(TestCase): class TestPypykatzHandler(TestCase):

View File

@ -1,18 +1,19 @@
import os
import logging import logging
import os
import sys import sys
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import MimikatzCredentialCollector from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import \
MimikatzCredentialCollector
sys.coinit_flags = 0 # needed for proper destruction of the wmi python module sys.coinit_flags = 0 # needed for proper destruction of the wmi python module
# noinspection PyPep8 # noinspection PyPep8
import infection_monkey.config import infection_monkey.config
# noinspection PyPep8 # noinspection PyPep8
from common.utils.wmi_utils import WMIUtils
# noinspection PyPep8
from infection_monkey.system_info import InfoCollector from infection_monkey.system_info import InfoCollector
# noinspection PyPep8 # noinspection PyPep8
from infection_monkey.system_info.wmi_consts import WMI_CLASSES from infection_monkey.system_info.wmi_consts import WMI_CLASSES
# noinspection PyPep8
from common.utils.wmi_utils import WMIUtils
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
LOG.info('started windows info collector') LOG.info('started windows info collector')

View File

@ -9,10 +9,11 @@ from urllib.parse import urlsplit
import requests import requests
import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
from infection_monkey.network.tools import get_interface_to_target
import infection_monkey.control import infection_monkey.control
import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.transport.base import (TransportProxyBase,
update_last_serve_time)
__author__ = 'hoffer' __author__ = 'hoffer'
@ -190,7 +191,8 @@ class HTTPServer(threading.Thread):
def run(self): def run(self):
class TempHandler(FileServHTTPRequestHandler): class TempHandler(FileServHTTPRequestHandler):
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1105_telem import \
T1105Telem
filename = self._filename filename = self._filename
@ -244,7 +246,8 @@ class LockedHTTPServer(threading.Thread):
def run(self): def run(self):
class TempHandler(FileServHTTPRequestHandler): class TempHandler(FileServHTTPRequestHandler):
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1105_telem import \
T1105Telem
filename = self._filename filename = self._filename
@staticmethod @staticmethod

View File

@ -1,9 +1,10 @@
import socket
import select import select
from threading import Thread import socket
from logging import getLogger from logging import getLogger
from threading import Thread
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time from infection_monkey.transport.base import (TransportProxyBase,
update_last_serve_time)
READ_BUFFER_SIZE = 8192 READ_BUFFER_SIZE = 8192
DEFAULT_TIMEOUT = 30 DEFAULT_TIMEOUT = 30

Some files were not shown because too many files have changed in this diff Show More