Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea

This commit is contained in:
Shay Nehmad 2020-07-16 13:42:34 +03:00
commit 7e45540361
247 changed files with 1070 additions and 598 deletions

View File

@ -20,7 +20,7 @@ install:
# Python
- pip freeze
- pip install -r monkey/monkey_island/requirements.txt # for unit tests
- pip install flake8 pytest dlint # for next stages
- pip install flake8 pytest dlint isort # for next stages
- pip install coverage # for code coverage
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests
- pip install pipdeptree
@ -69,6 +69,9 @@ script:
- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120
- if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
## Check import order
- python -m isort . -c -p common -p infection_monkey -p monkey_island
## Run unit tests
- cd monkey # This is our source dir
- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.

View File

@ -3,7 +3,8 @@ from datetime import timedelta
from typing import Dict
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
LOGGER = logging.getLogger(__name__)

View File

@ -1,11 +1,11 @@
import json
import logging
from time import sleep
from bson import json_util
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import MonkeyIslandRequests
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import \
MonkeyIslandRequests
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
MONKEY_TEST_ENDPOINT = 'api/test/monkey'

View File

@ -1,13 +1,12 @@
from typing import Dict
import functools
import logging
from datetime import timedelta
from typing import Dict
import requests
import functools
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
import logging
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
SupportedRequestMethod
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \

View File

@ -2,8 +2,10 @@ import logging
import os
import shutil
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import MonkeyLogParser
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import MonkeyLogsDownloader
from envs.monkey_zoo.blackbox.log_handlers.monkey_log_parser import \
MonkeyLogParser
from envs.monkey_zoo.blackbox.log_handlers.monkey_logs_downloader import \
MonkeyLogsDownloader
LOG_DIR_NAME = 'logs'
LOGGER = logging.getLogger(__name__)

View File

@ -1,20 +1,28 @@
import os
import logging
import pytest
import os
from time import sleep
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer
from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler
import pytest
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \
CommunicationAnalyzer
from envs.monkey_zoo.blackbox.island_client.island_config_parser import \
IslandConfigParser
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \
TestLogsHandler
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.map_generation import MapGenerationTest
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import MapGenerationFromTelemetryTest
from envs.monkey_zoo.blackbox.tests.performance.report_generation import ReportGenerationTest
from envs.monkey_zoo.blackbox.tests.performance.map_generation import \
MapGenerationTest
from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import \
MapGenerationFromTelemetryTest
from envs.monkey_zoo.blackbox.tests.performance.report_generation import \
ReportGenerationTest
from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \
ReportGenerationFromTelemetryTest
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
TelemetryPerformanceTest
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
DEFAULT_TIMEOUT_SECONDS = 5*60

View File

@ -1,10 +1,14 @@
import logging
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
PerformanceAnalyzer
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
SupportedRequestMethod
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
LOGGER = logging.getLogger(__name__)

View File

@ -1,9 +1,12 @@
from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
PerformanceTestWorkflow
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)

View File

@ -1,7 +1,9 @@
from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
TelemetryPerformanceTestWorkflow

View File

@ -1,7 +1,9 @@
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
EndpointPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
class PerformanceTestWorkflow(BasicTest):

View File

@ -1,9 +1,12 @@
from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import PerformanceTestWorkflow
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test_workflow import \
PerformanceTestWorkflow
MAX_ALLOWED_SINGLE_PAGE_TIME = timedelta(seconds=2)
MAX_ALLOWED_TOTAL_TIME = timedelta(seconds=5)

View File

@ -1,7 +1,9 @@
from datetime import timedelta
from envs.monkey_zoo.blackbox.tests.performance.performance_test import PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.performance_test import \
PerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test_workflow import \
TelemetryPerformanceTestWorkflow

View File

@ -1,7 +1,7 @@
import json
import logging
from os import listdir, path
from typing import List, Dict
from typing import Dict, List
from tqdm import tqdm

View File

@ -1,7 +1,7 @@
import random
from envs.monkey_zoo.blackbox.tests.performance.\
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
FakeIpGenerator
class FakeMonkey:

View File

@ -2,14 +2,16 @@ import copy
import json
import logging
import sys
from typing import List, Dict
from typing import Dict, List
from tqdm import tqdm
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser
from envs.monkey_zoo.blackbox.tests.performance.\
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import FakeMonkey
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
SampleFileParser
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
FakeIpGenerator
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_monkey import \
FakeMonkey
TELEM_DIR_PATH = './tests/performance/telemetry_sample'
LOGGER = logging.getLogger(__name__)

View File

@ -1,7 +1,7 @@
from unittest import TestCase
from envs.monkey_zoo.blackbox.tests.performance.\
telem_sample_parsing.sample_multiplier.fake_ip_generator import FakeIpGenerator
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_multiplier.fake_ip_generator import \
FakeIpGenerator
class TestFakeIpGenerator(TestCase):

View File

@ -4,11 +4,16 @@ from datetime import timedelta
from tqdm import tqdm
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
from envs.monkey_zoo.blackbox.island_client.supported_request_method import SupportedRequestMethod
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import SampleFileParser
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import \
PerformanceAnalyzer
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
from envs.monkey_zoo.blackbox.island_client.supported_request_method import \
SupportedRequestMethod
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telem_sample_parsing.sample_file_parser import \
SampleFileParser
LOGGER = logging.getLogger(__name__)

View File

@ -1,7 +1,10 @@
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import EndpointPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.endpoint_performance_test import \
EndpointPerformanceTest
from envs.monkey_zoo.blackbox.tests.performance.performance_test_config import \
PerformanceTestConfig
from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \
TelemetryPerformanceTest
class TelemetryPerformanceTestWorkflow(BasicTest):

View File

@ -1,7 +1,7 @@
import pytest
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
MonkeyIslandClient
machine_list = {
"10.0.0.36": "centos_6",

View File

@ -1,14 +1,15 @@
import json
import re
import urllib.request
import urllib.error
import logging
__author__ = 'itay.mizeretz'
import re
import urllib.error
import urllib.request
from common.cloud.environment_names import Environment
from common.cloud.instance import CloudInstance
__author__ = 'itay.mizeretz'
AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254"
AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS)
ACCOUNT_ID_KEY = "accountId"

View File

@ -1,7 +1,7 @@
from unittest import TestCase
from .aws_service import filter_instance_data_from_aws_response
import json
from unittest import TestCase
from .aws_service import filter_instance_data_from_aws_response
__author__ = 'shay.nehmad'

View File

@ -1,4 +1,5 @@
import logging
import requests
from common.cloud.environment_names import Environment

View File

@ -1,4 +1,5 @@
import logging
import requests
from common.cloud.environment_names import Environment

View File

@ -1,5 +1,5 @@
import time
import logging
import time
from abc import abstractmethod
from common.cmd.cmd import Cmd

View File

@ -5,3 +5,4 @@ POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION = "Modify shell startup file"
POST_BREACH_HIDDEN_FILES = "Hide files and directories"
POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received"
POST_BREACH_SETUID_SETGID = "Setuid and Setgid"
POST_BREACH_JOB_SCHEDULING = "Schedule jobs"

View File

@ -57,7 +57,7 @@ PRINCIPLES = {
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandetory "
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandatory "
"Access Control) only.",
}

View File

@ -1,11 +1,10 @@
import ipaddress
import logging
import random
import socket
import struct
from abc import ABCMeta, abstractmethod
import ipaddress
import logging
__author__ = 'itamar'
LOG = logging.getLogger(__name__)

View File

@ -1,4 +1,5 @@
import sys
if sys.platform == 'win32':
import win32com
import wmi
@ -24,7 +25,7 @@ class MongoUtils:
return o
elif isinstance(o, str):
# mongo dosn't like unprintable chars, so we use repr :/
# mongo doesn't like unprintable chars, so we use repr :/
return repr(o)
elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object:
@ -32,7 +33,7 @@ class MongoUtils:
elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch:
try:
# objectSid property of ds_user is problematic and need thie special treatment.
# objectSid property of ds_user is problematic and need this special treatment.
# ISWbemObjectEx interface. Class Uint8Array ?
if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}":
return o.Value

View File

@ -8,14 +8,15 @@ from requests.exceptions import ConnectionError
import infection_monkey.monkeyfs as monkeyfs
import infection_monkey.tunnel as tunnel
from infection_monkey.config import WormConfiguration, GUID
from infection_monkey.network.info import local_ips, check_internet_access
from infection_monkey.config import GUID, WormConfiguration
from infection_monkey.network.info import check_internet_access, local_ips
from infection_monkey.transport.http import HTTPConnectProxy
from infection_monkey.transport.tcp import TcpProxy
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
PlannedShutdownException
__author__ = 'hoffer'
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
requests.packages.urllib3.disable_warnings()

View File

@ -1,5 +1,6 @@
import argparse
import ctypes
import filecmp
import logging
import os
import pprint
@ -9,13 +10,15 @@ import sys
import time
from ctypes import c_char_p
import filecmp
from infection_monkey.config import WormConfiguration
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
from infection_monkey.model import MONKEY_CMDLINE_WINDOWS, MONKEY_CMDLINE_LINUX, GENERAL_CMDLINE_LINUX
from infection_monkey.system_info import SystemInfoCollector, OperatingSystem
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from common.utils.attack_utils import ScanStatus, UsageEnum
from infection_monkey.config import WormConfiguration
from infection_monkey.exploit.tools.helpers import \
build_monkey_commandline_explicitly
from infection_monkey.model import (GENERAL_CMDLINE_LINUX,
MONKEY_CMDLINE_LINUX,
MONKEY_CMDLINE_WINDOWS)
from infection_monkey.system_info import OperatingSystem, SystemInfoCollector
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
if "win32" == sys.platform:
from win32process import DETACHED_PROCESS

View File

@ -1,11 +1,10 @@
from abc import abstractmethod
from infection_monkey.config import WormConfiguration
from common.utils.exploit_enum import ExploitType
from datetime import datetime
from infection_monkey.utils.plugins.plugin import Plugin
import infection_monkey.exploit
from common.utils.exploit_enum import ExploitType
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
__author__ = 'itamar'

View File

@ -6,17 +6,19 @@
import json
import logging
import requests
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import WGET_HTTP_UPLOAD, BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX, \
DOWNLOAD_TIMEOUT
from infection_monkey.network.elasticfinger import ES_PORT
from common.data.network_consts import ES_SERVICE
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
import re
import requests
from common.data.network_consts import ES_SERVICE
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
CMD_PREFIX, DOWNLOAD_TIMEOUT, ID_STRING,
WGET_HTTP_UPLOAD)
from infection_monkey.network.elasticfinger import ES_PORT
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
__author__ = 'danielg, VakarisZ'
LOG = logging.getLogger(__name__)

View File

@ -3,17 +3,21 @@
Implementation is based on code from https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn
"""
import requests
import json
import random
import string
import logging
import posixpath
import random
import string
from infection_monkey.exploit.web_rce import WebRCE
import requests
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth)
from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_monkey_depth
from infection_monkey.model import MONKEY_ARG, ID_STRING, HADOOP_WINDOWS_COMMAND, HADOOP_LINUX_COMMAND
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import (HADOOP_LINUX_COMMAND,
HADOOP_WINDOWS_COMMAND, ID_STRING,
MONKEY_ARG)
__author__ = 'VakarisZ'

View File

@ -5,13 +5,16 @@ from time import sleep
import pymssql
from common.utils.exceptions import (ExploitingVulnerableMachineError,
FailedExploitationError)
from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_monkey_dest_path)
from infection_monkey.exploit.tools.http_tools import MonkeyHTTPServer
from infection_monkey.exploit.tools.helpers import get_monkey_dest_path, build_monkey_commandline, get_monkey_depth
from infection_monkey.model import DROPPER_ARG
from infection_monkey.exploit.tools.payload_parsing import LimitedSizePayload
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
from infection_monkey.model import DROPPER_ARG
LOG = logging.getLogger(__name__)

View File

@ -8,21 +8,27 @@ from io import BytesIO
import impacket.smbconnection
from impacket.nmb import NetBIOSError
from impacket.nt_errors import STATUS_SUCCESS
from impacket.smb import FILE_OPEN, SMB_DIALECT, SMB, SMBCommand, SMBNtCreateAndX_Parameters, SMBNtCreateAndX_Data, \
FILE_READ_DATA, FILE_SHARE_READ, FILE_NON_DIRECTORY_FILE, FILE_WRITE_DATA, FILE_DIRECTORY_FILE
from impacket.smb import SessionError
from impacket.smb3structs import SMB2_IL_IMPERSONATION, SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS, SMB2Create, \
SMB2Packet, SMB2Create_Response, SMB2_OPLOCK_LEVEL_NONE
from impacket.smb import (FILE_DIRECTORY_FILE, FILE_NON_DIRECTORY_FILE,
FILE_OPEN, FILE_READ_DATA, FILE_SHARE_READ,
FILE_WRITE_DATA, SMB, SMB_DIALECT, SessionError,
SMBCommand, SMBNtCreateAndX_Data,
SMBNtCreateAndX_Parameters)
from impacket.smb3structs import (SMB2_CREATE, SMB2_FLAGS_DFS_OPERATIONS,
SMB2_IL_IMPERSONATION,
SMB2_OPLOCK_LEVEL_NONE, SMB2Create,
SMB2Create_Response, SMB2Packet)
from impacket.smbconnection import SMBConnection
import infection_monkey.monkeyfs as monkeyfs
from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey_by_os)
from infection_monkey.model import DROPPER_ARG
from infection_monkey.network.smbfinger import SMB_SERVICE
from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_target_monkey_by_os, get_monkey_depth
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.pyinstaller_utils import get_binary_file_path
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
__author__ = 'itay.mizeretz'

View File

@ -8,10 +8,12 @@ import requests
from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.model import DROPPER_ARG
from infection_monkey.exploit.shellshock_resources import CGI_FILES
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.model import DROPPER_ARG
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
__author__ = 'danielg'
@ -86,7 +88,7 @@ class ShellShockExploiter(HostExploiter):
LOG.info("SSH Skipping unknown os: %s", uname_os)
return False
except Exception as exc:
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc)
LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
return False
if not self.host.os.get('machine'):
try:
@ -95,7 +97,7 @@ class ShellShockExploiter(HostExploiter):
if '' != uname_machine:
self.host.os['machine'] = uname_machine.lower().strip()
except Exception as exc:
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc)
LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
return False
# copy the monkey

View File

@ -1,17 +1,21 @@
from logging import getLogger
from impacket.dcerpc.v5 import transport, scmr
from impacket.dcerpc.v5 import scmr, transport
from impacket.smbconnection import SMB_DIALECT
from common.utils.attack_utils import ScanStatus, UsageEnum
from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS, VictimHost
from infection_monkey.model import (DROPPER_CMDLINE_DETACHED_WINDOWS,
MONKEY_CMDLINE_DETACHED_WINDOWS,
VictimHost)
from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.tools import check_tcp_port
from common.utils.exploit_enum import ExploitType
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
from common.utils.attack_utils import ScanStatus, UsageEnum
LOG = getLogger(__name__)

View File

@ -5,13 +5,16 @@ import time
import paramiko
import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.model import MONKEY_ARG
from infection_monkey.network.tools import check_tcp_port, get_interface_to_target
from common.utils.attack_utils import ScanStatus
from common.utils.exceptions import FailedExploitationError
from common.utils.exploit_enum import ExploitType
from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.model import MONKEY_ARG
from infection_monkey.network.tools import (check_tcp_port,
get_interface_to_target)
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
@ -129,7 +132,7 @@ class SSHExploiter(HostExploiter):
LOG.info("SSH Skipping unknown os: %s", uname_os)
return False
except Exception as exc:
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc)
LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
return False
if not self.host.os.get('machine'):
@ -139,7 +142,7 @@ class SSHExploiter(HostExploiter):
if '' != uname_machine:
self.host.os['machine'] = uname_machine
except Exception as exc:
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc)
LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
if self.skip_exist:
_, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux)

View File

@ -11,10 +11,11 @@ def try_get_target_monkey(host):
def get_target_monkey(host):
from infection_monkey.control import ControlClient
import platform
import sys
from infection_monkey.control import ControlClient
if host.monkey_exe:
return host.monkey_exe

View File

@ -6,12 +6,12 @@ import urllib.parse
import urllib.request
from threading import Lock
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
from infection_monkey.model import DOWNLOAD_TIMEOUT
from infection_monkey.network.firewall import app as firewall
from infection_monkey.network.info import get_free_tcp_port
from infection_monkey.transport import HTTPServer, LockedHTTPServer
from infection_monkey.exploit.tools.helpers import try_get_target_monkey
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.transport import HTTPServer, LockedHTTPServer
__author__ = 'itamar'

View File

@ -1,5 +1,6 @@
from unittest import TestCase
from .payload_parsing import Payload, LimitedSizePayload
from .payload_parsing import LimitedSizePayload, Payload
class TestPayload(TestCase):

View File

@ -2,16 +2,16 @@ import logging
import ntpath
import pprint
from impacket.dcerpc.v5 import transport, srvs
from impacket.dcerpc.v5 import srvs, transport
from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
from impacket.smbconnection import SMBConnection, SMB_DIALECT
from impacket.smbconnection import SMB_DIALECT, SMBConnection
import infection_monkey.config
import infection_monkey.monkeyfs as monkeyfs
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.config import Configuration
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
__author__ = 'itamar'

View File

@ -1,6 +1,7 @@
import unittest
from infection_monkey.exploit.tools.helpers import build_monkey_commandline_explicitly
from infection_monkey.exploit.tools.helpers import \
build_monkey_commandline_explicitly
class TestHelpers(unittest.TestCase):

View File

@ -6,14 +6,16 @@
import socket
import time
from logging import getLogger
from common.utils.attack_utils import ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, build_monkey_commandline, get_monkey_depth
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.model import MONKEY_ARG, CHMOD_MONKEY, RUN_MONKEY, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT
from logging import getLogger
from infection_monkey.model import (CHMOD_MONKEY, DOWNLOAD_TIMEOUT, MONKEY_ARG,
RUN_MONKEY, WGET_HTTP_UPLOAD)
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
LOG = getLogger(__name__)

View File

@ -1,16 +1,22 @@
import logging
import re
from posixpath import join
from abc import abstractmethod
from posixpath import join
from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.model import CHECK_COMMAND, ID_STRING, GET_ARCH_LINUX, GET_ARCH_WINDOWS, BITSADMIN_CMDLINE_HTTP, \
POWERSHELL_HTTP_UPLOAD, WGET_HTTP_UPLOAD, DOWNLOAD_TIMEOUT, CHMOD_MONKEY, RUN_MONKEY, MONKEY_ARG, DROPPER_ARG
from infection_monkey.model import (BITSADMIN_CMDLINE_HTTP, CHECK_COMMAND,
CHMOD_MONKEY, DOWNLOAD_TIMEOUT,
DROPPER_ARG, GET_ARCH_LINUX,
GET_ARCH_WINDOWS, ID_STRING, MONKEY_ARG,
POWERSHELL_HTTP_UPLOAD, RUN_MONKEY,
WGET_HTTP_UPLOAD)
from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
__author__ = 'VakarisZ'

View File

@ -1,16 +1,16 @@
import threading
import logging
import time
import copy
from requests import post, exceptions
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.network.info import get_free_tcp_port
import logging
import threading
import time
from http.server import BaseHTTPRequestHandler, HTTPServer
from requests import exceptions, post
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.network.info import get_free_tcp_port
from infection_monkey.network.tools import get_interface_to_target
__author__ = "VakarisZ"
LOG = logging.getLogger(__name__)

View File

@ -8,18 +8,21 @@
import socket
import time
from enum import IntEnum
from logging import getLogger
from enum import IntEnum
from impacket import uuid
from impacket.dcerpc.v5 import transport
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
MONKEY_CMDLINE_WINDOWS)
from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.tools import check_tcp_port
from infection_monkey.exploit.HostExploiter import HostExploiter
LOG = getLogger(__name__)

View File

@ -5,14 +5,16 @@ import traceback
from impacket.dcerpc.v5.rpcrt import DCERPCException
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, \
get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException
from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.exploit.tools.wmi_tools import WmiTools
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import (build_monkey_commandline,
get_monkey_depth,
get_target_monkey)
from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.exploit.tools.wmi_tools import (AccessDeniedException,
WmiTools)
from infection_monkey.model import (DROPPER_CMDLINE_WINDOWS,
MONKEY_CMDLINE_WINDOWS)
LOG = logging.getLogger(__name__)

View File

@ -7,14 +7,15 @@ import sys
import traceback
from multiprocessing import freeze_support
from infection_monkey.utils.monkey_log_path import get_dropper_log_path, get_monkey_log_path
from infection_monkey.config import WormConfiguration, EXTERNAL_CONFIG_FILE
from infection_monkey.dropper import MonkeyDrops
from infection_monkey.model import MONKEY_ARG, DROPPER_ARG
from infection_monkey.monkey import InfectionMonkey
from common.version import get_version
# noinspection PyUnresolvedReferences
import infection_monkey.post_breach # dummy import for pyinstaller
from common.version import get_version
from infection_monkey.config import EXTERNAL_CONFIG_FILE, WormConfiguration
from infection_monkey.dropper import MonkeyDrops
from infection_monkey.model import DROPPER_ARG, MONKEY_ARG
from infection_monkey.monkey import InfectionMonkey
from infection_monkey.utils.monkey_log_path import (get_dropper_log_path,
get_monkey_log_path)
__author__ = 'itamar'

View File

@ -1,6 +1,7 @@
from unittest import TestCase
from infection_monkey.model.victim_host_generator import VictimHostGenerator
from common.network.network_range import CidrRange, SingleIpRange
from infection_monkey.model.victim_host_generator import VictimHostGenerator
class VictimHostGeneratorTester(TestCase):

View File

@ -6,34 +6,39 @@ import sys
import time
import infection_monkey.tunnel as tunnel
from infection_monkey.network.HostFinger import HostFinger
from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.exceptions.planned_shutdown_exception import PlannedShutdownException
from common.network.network_utils import get_host_from_network_location
from common.utils.attack_utils import ScanStatus, UsageEnum
from common.utils.exceptions import (ExploitingVulnerableMachineError,
FailedExploitationError)
from common.version import get_version
from infection_monkey.config import WormConfiguration
from infection_monkey.control import ControlClient
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.model import DELAY_DELETE_CMD
from infection_monkey.network.firewall import app as firewall
from infection_monkey.network.HostFinger import HostFinger
from infection_monkey.network.network_scanner import NetworkScanner
from infection_monkey.network.tools import (get_interface_to_target,
is_running_on_server)
from infection_monkey.post_breach.post_breach_handler import PostBreach
from infection_monkey.system_info import SystemInfoCollector
from infection_monkey.system_singleton import SystemSingleton
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from infection_monkey.telemetry.attack.t1107_telem import T1107Telem
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
from infection_monkey.telemetry.scan_telem import ScanTelem
from infection_monkey.telemetry.state_telem import StateTelem
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
from infection_monkey.telemetry.trace_telem import TraceTelem
from infection_monkey.telemetry.tunnel_telem import TunnelTelem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.exceptions.planned_shutdown_exception import \
PlannedShutdownException
from infection_monkey.utils.monkey_dir import (create_monkey_dir,
get_monkey_dir_path,
remove_monkey_dir)
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
from infection_monkey.windows_upgrader import WindowsUpgrader
from infection_monkey.post_breach.post_breach_handler import PostBreach
from infection_monkey.network.tools import get_interface_to_target, is_running_on_server
from common.utils.exceptions import ExploitingVulnerableMachineError, FailedExploitationError
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from common.utils.attack_utils import ScanStatus, UsageEnum
from common.version import get_version
from infection_monkey.exploit.HostExploiter import HostExploiter
from common.network.network_utils import get_host_from_network_location
MAX_DEPTH_REACHED_MESSAGE = "Reached max depth, shutting down"
@ -290,7 +295,8 @@ class InfectionMonkey(object):
try:
status = None
if "win32" == sys.platform:
from subprocess import SW_HIDE, STARTF_USESHOWWINDOW, CREATE_NEW_CONSOLE
from subprocess import (CREATE_NEW_CONSOLE,
STARTF_USESHOWWINDOW, SW_HIDE)
startupinfo = subprocess.STARTUPINFO()
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
startupinfo.wShowWindow = SW_HIDE

View File

@ -1,5 +1,5 @@
from io import BytesIO
import os
from io import BytesIO
__author__ = 'hoffer'

View File

@ -1,8 +1,8 @@
from abc import abstractmethod
import infection_monkey.network
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
import infection_monkey.network
class HostFinger(Plugin):

View File

@ -3,11 +3,11 @@ import logging
from contextlib import closing
import requests
from requests.exceptions import Timeout, ConnectionError
from requests.exceptions import ConnectionError, Timeout
import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger
from common.data.network_consts import ES_SERVICE
from infection_monkey.network.HostFinger import HostFinger
ES_PORT = 9200
ES_HTTP_TIMEOUT = 5

View File

@ -1,6 +1,6 @@
import platform
import subprocess
import sys
import platform
def _run_netsh_cmd(command, args):

View File

@ -1,6 +1,7 @@
import logging
import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger
import logging
LOG = logging.getLogger(__name__)
@ -20,10 +21,11 @@ class HTTPFinger(HostFinger):
pass
def get_host_fingerprint(self, host):
from requests import head
from requests.exceptions import Timeout, ConnectionError
from contextlib import closing
from requests import head
from requests.exceptions import ConnectionError, Timeout
for port in self.HTTP:
# check both http and https
http = "http://" + host.ip_addr + ":" + port[1]

View File

@ -1,12 +1,12 @@
import socket
import struct
import psutil
import ipaddress
import itertools
import netifaces
from subprocess import check_output
import socket
import struct
from random import randint
from subprocess import check_output
import netifaces
import psutil
import requests
from requests import ConnectionError

View File

@ -2,8 +2,8 @@ import errno
import logging
import socket
from infection_monkey.network.HostFinger import HostFinger
import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger
__author__ = 'Maor Rayzin'

View File

@ -3,7 +3,8 @@ import socket
import infection_monkey.config
from infection_monkey.network.HostFinger import HostFinger
from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string
from infection_monkey.network.tools import (struct_unpack_tracker,
struct_unpack_tracker_string)
MYSQL_PORT = 3306
SQL_SERVICE = 'mysqld-3306'

View File

@ -1,13 +1,13 @@
import time
import logging
import time
from multiprocessing.dummy import Pool
from common.network.network_range import NetworkRange
from infection_monkey.config import WormConfiguration
from infection_monkey.model.victim_host_generator import VictimHostGenerator
from infection_monkey.network.info import local_ips, get_interfaces_ranges
from infection_monkey.network.tcp_scanner import TcpScanner
from infection_monkey.network.info import get_interfaces_ranges, local_ips
from infection_monkey.network.ping_scanner import PingScanner
from infection_monkey.network.tcp_scanner import TcpScanner
LOG = logging.getLogger(__name__)

View File

@ -1,6 +1,7 @@
import logging
import socket
import struct
import logging
from odict import odict
from infection_monkey.network.HostFinger import HostFinger

View File

@ -1,11 +1,11 @@
import logging
import sys
import subprocess
import re
import select
import socket
import struct
import subprocess
import sys
import time
import re
from infection_monkey.network.info import get_routes, local_ips
from infection_monkey.pyinstaller_utils import get_binary_file_path

View File

@ -1,6 +1,6 @@
from common.data.post_breach_consts import POST_BREACH_BACKDOOR_USER
from infection_monkey.post_breach.pba import PBA
from infection_monkey.config import WormConfiguration
from infection_monkey.post_breach.pba import PBA
from infection_monkey.utils.users import get_commands_to_add_user

View File

@ -3,12 +3,12 @@ import random
import string
import subprocess
from infection_monkey.utils.new_user_error import NewUserError
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
from common.data.post_breach_consts import POST_BREACH_COMMUNICATE_AS_NEW_USER
from infection_monkey.post_breach.pba import PBA
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.new_user_error import NewUserError
INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/"

View File

@ -1,13 +1,11 @@
from common.data.post_breach_consts import POST_BREACH_HIDDEN_FILES
from infection_monkey.post_breach.pba import PBA
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.hidden_files import\
get_commands_to_hide_files,\
get_commands_to_hide_folders,\
cleanup_hidden_files,\
get_winAPI_to_hide_files
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.hidden_files import (cleanup_hidden_files,
get_commands_to_hide_files,
get_commands_to_hide_folders,
get_winAPI_to_hide_files)
HIDDEN_FSO_CREATION_COMMANDS = [get_commands_to_hide_files,
get_commands_to_hide_folders]

View File

@ -1,4 +1,5 @@
from common.data.post_breach_consts import POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
from common.data.post_breach_consts import \
POST_BREACH_SHELL_STARTUP_FILE_MODIFICATION
from infection_monkey.post_breach.pba import PBA
from infection_monkey.post_breach.shell_startup_files.shell_startup_files_modification import \
get_commands_to_modify_shell_startup_files

View File

@ -0,0 +1,19 @@
from common.data.post_breach_consts import POST_BREACH_JOB_SCHEDULING
from infection_monkey.post_breach.job_scheduling.job_scheduling import (
get_commands_to_schedule_jobs, remove_scheduled_jobs)
from infection_monkey.post_breach.pba import PBA
class ScheduleJobs(PBA):
"""
This PBA attempts to schedule jobs on the system.
"""
def __init__(self):
linux_cmds, windows_cmds = get_commands_to_schedule_jobs()
super(ScheduleJobs, self).__init__(name=POST_BREACH_JOB_SCHEDULING,
linux_cmd=' '.join(linux_cmds),
windows_cmd=windows_cmds)
remove_scheduled_jobs()

View File

@ -1,15 +1,15 @@
import os
import logging
import os
from common.data.post_breach_consts import POST_BREACH_FILE_EXECUTION
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.post_breach.pba import PBA
from infection_monkey.control import ControlClient
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from common.utils.attack_utils import ScanStatus
from infection_monkey.config import WormConfiguration
from infection_monkey.control import ControlClient
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.post_breach.pba import PBA
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.monkey_dir import get_monkey_dir_path
LOG = logging.getLogger(__name__)

View File

@ -0,0 +1,19 @@
import subprocess
from infection_monkey.post_breach.job_scheduling.linux_job_scheduling import \
get_linux_commands_to_schedule_jobs
from infection_monkey.post_breach.job_scheduling.windows_job_scheduling import (
get_windows_commands_to_remove_scheduled_jobs,
get_windows_commands_to_schedule_jobs)
from infection_monkey.utils.environment import is_windows_os
def get_commands_to_schedule_jobs():
linux_cmds = get_linux_commands_to_schedule_jobs()
windows_cmds = get_windows_commands_to_schedule_jobs()
return linux_cmds, windows_cmds
def remove_scheduled_jobs():
if is_windows_os():
subprocess.run(get_windows_commands_to_remove_scheduled_jobs(), shell=True) # noqa: DUO116

View File

@ -0,0 +1,12 @@
TEMP_CRON = "$HOME/monkey-schedule-jobs"
def get_linux_commands_to_schedule_jobs():
return [
f'touch {TEMP_CRON} &&',
f'crontab -l > {TEMP_CRON} &&',
'echo \"# Successfully scheduled a job using crontab\" |',
f'tee -a {TEMP_CRON} &&',
f'crontab {TEMP_CRON} ;',
f'rm {TEMP_CRON}'
]

View File

@ -0,0 +1,12 @@
SCHEDULED_TASK_NAME = 'monkey-spawn-cmd'
SCHEDULED_TASK_COMMAND = 'C:\windows\system32\cmd.exe'
# Commands from: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md
def get_windows_commands_to_schedule_jobs():
return f'schtasks /Create /SC monthly /TN {SCHEDULED_TASK_NAME} /TR {SCHEDULED_TASK_COMMAND}'
def get_windows_commands_to_remove_scheduled_jobs():
return f'schtasks /Delete /TN {SCHEDULED_TASK_NAME} /F > nul 2>&1'

View File

@ -1,13 +1,14 @@
import logging
import subprocess
import infection_monkey.post_breach.actions
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.config import WormConfiguration
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.plugins.plugin import Plugin
import infection_monkey.post_breach.actions
LOG = logging.getLogger(__name__)
__author__ = 'VakarisZ'

View File

@ -1,8 +1,8 @@
import logging
from typing import Sequence
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.post_breach.pba import PBA
from infection_monkey.utils.environment import is_windows_os
LOG = logging.getLogger(__name__)

View File

@ -1,4 +1,5 @@
import subprocess
from infection_monkey.utils.environment import is_windows_os

View File

@ -1,4 +1,5 @@
import subprocess
from infection_monkey.utils.environment import is_windows_os

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
hiddenimports = collect_submodules('infection_monkey.exploit')
datas = (collect_data_files('infection_monkey.exploit', include_py_files=True))

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
hiddenimports = collect_submodules('infection_monkey.network')
datas = (collect_data_files('infection_monkey.network', include_py_files=True))

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
# Import all actions as modules
hiddenimports = collect_submodules('infection_monkey.post_breach.actions')

View File

@ -1,4 +1,4 @@
from PyInstaller.utils.hooks import collect_submodules, collect_data_files
from PyInstaller.utils.hooks import collect_data_files, collect_submodules
# Import all actions as modules
hiddenimports = collect_submodules('infection_monkey.system_info.collectors')

View File

@ -1,7 +1,7 @@
import logging
import pwd
import os
import glob
import logging
import os
import pwd
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem

View File

@ -1,13 +1,14 @@
import logging
import sys
from enum import IntEnum
import psutil
from enum import IntEnum
from infection_monkey.network.info import get_host_subnets
from infection_monkey.system_info.azure_cred_collector import AzureCollector
from infection_monkey.system_info.netstat_collector import NetstatCollector
from infection_monkey.system_info.system_info_collectors_handler import SystemInfoCollectorsHandler
from infection_monkey.system_info.system_info_collectors_handler import \
SystemInfoCollectorsHandler
LOG = logging.getLogger(__name__)

View File

@ -1,9 +1,9 @@
import sys
import glob
import json
import logging
import os.path
import json
import glob
import subprocess
import sys
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1005_telem import T1005Telem

View File

@ -2,8 +2,8 @@ import logging
from common.cloud.aws.aws_instance import AwsInstance
from common.data.system_info_collectors_names import AWS_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
logger = logging.getLogger(__name__)

View File

@ -1,7 +1,8 @@
from common.cloud.all_instances import get_all_cloud_instances
from common.cloud.environment_names import Environment
from common.data.system_info_collectors_names import ENVIRONMENT_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
def get_monkey_environment() -> str:

View File

@ -2,8 +2,8 @@ import logging
import socket
from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
logger = logging.getLogger(__name__)

View File

@ -1,8 +1,10 @@
import logging
import psutil
from common.data.system_info_collectors_names import PROCESS_LIST_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
logger = logging.getLogger(__name__)

View File

@ -1,10 +1,10 @@
# Inspired by Giampaolo Rodola's psutil example from https://github.com/giampaolo/psutil/blob/master/scripts/netstat.py
import logging
import psutil
import socket
from socket import AF_INET, SOCK_DGRAM, SOCK_STREAM
from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM
import psutil
__author__ = 'itay.mizeretz'

View File

@ -1,8 +1,8 @@
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
from abc import ABCMeta, abstractmethod
import infection_monkey.system_info.collectors
from infection_monkey.config import WormConfiguration
from infection_monkey.utils.plugins.plugin import Plugin
class SystemInfoCollector(Plugin, metaclass=ABCMeta):

View File

@ -1,7 +1,8 @@
import logging
from typing import Sequence
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
from infection_monkey.system_info.system_info_collector import \
SystemInfoCollector
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
LOG = logging.getLogger(__name__)

View File

@ -1,8 +1,10 @@
import logging
from typing import List
from infection_monkey.system_info.windows_cred_collector import pypykatz_handler
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials
from infection_monkey.system_info.windows_cred_collector import \
pypykatz_handler
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
WindowsCredentials
LOG = logging.getLogger(__name__)

View File

@ -1,9 +1,10 @@
import binascii
from typing import Dict, List, NewType, Any
from typing import Any, Dict, List, NewType
from pypykatz.pypykatz import pypykatz
from infection_monkey.system_info.windows_cred_collector.windows_credentials import WindowsCredentials
from infection_monkey.system_info.windows_cred_collector.windows_credentials import \
WindowsCredentials
CREDENTIAL_TYPES = ['msv_creds', 'wdigest_creds', 'ssp_creds', 'livessp_creds', 'dpapi_creds',
'kerberos_creds', 'credman_creds', 'tspkg_creds']

View File

@ -1,6 +1,7 @@
from unittest import TestCase
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import _get_creds_from_pypykatz_session
from infection_monkey.system_info.windows_cred_collector.pypykatz_handler import \
_get_creds_from_pypykatz_session
class TestPypykatzHandler(TestCase):

View File

@ -1,18 +1,19 @@
import os
import logging
import os
import sys
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import MimikatzCredentialCollector
from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector import \
MimikatzCredentialCollector
sys.coinit_flags = 0 # needed for proper destruction of the wmi python module
# noinspection PyPep8
import infection_monkey.config
# noinspection PyPep8
from common.utils.wmi_utils import WMIUtils
# noinspection PyPep8
from infection_monkey.system_info import InfoCollector
# noinspection PyPep8
from infection_monkey.system_info.wmi_consts import WMI_CLASSES
# noinspection PyPep8
from common.utils.wmi_utils import WMIUtils
LOG = logging.getLogger(__name__)
LOG.info('started windows info collector')

View File

@ -9,10 +9,11 @@ from urllib.parse import urlsplit
import requests
import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
from infection_monkey.network.tools import get_interface_to_target
import infection_monkey.control
import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.transport.base import (TransportProxyBase,
update_last_serve_time)
__author__ = 'hoffer'
@ -190,7 +191,8 @@ class HTTPServer(threading.Thread):
def run(self):
class TempHandler(FileServHTTPRequestHandler):
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.telemetry.attack.t1105_telem import \
T1105Telem
filename = self._filename
@ -244,7 +246,8 @@ class LockedHTTPServer(threading.Thread):
def run(self):
class TempHandler(FileServHTTPRequestHandler):
from common.utils.attack_utils import ScanStatus
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.telemetry.attack.t1105_telem import \
T1105Telem
filename = self._filename
@staticmethod

View File

@ -1,9 +1,10 @@
import socket
import select
from threading import Thread
import socket
from logging import getLogger
from threading import Thread
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
from infection_monkey.transport.base import (TransportProxyBase,
update_last_serve_time)
READ_BUFFER_SIZE = 8192
DEFAULT_TIMEOUT = 30

View File

@ -6,8 +6,9 @@ from threading import Thread
from infection_monkey.model import VictimHost
from infection_monkey.network.firewall import app as firewall
from infection_monkey.network.info import local_ips, get_free_tcp_port
from infection_monkey.network.tools import check_tcp_port, get_interface_to_target
from infection_monkey.network.info import get_free_tcp_port, local_ips
from infection_monkey.network.tools import (check_tcp_port,
get_interface_to_target)
from infection_monkey.transport.base import get_last_serve_time
__author__ = 'hoffer'

View File

@ -1,5 +1,5 @@
import logging
import abc
import logging
logger = logging.getLogger(__name__)

View File

@ -1,14 +1,12 @@
import subprocess
from infection_monkey.utils.linux.hidden_files import\
get_linux_commands_to_hide_files,\
get_linux_commands_to_hide_folders,\
get_linux_commands_to_delete
from infection_monkey.utils.windows.hidden_files import\
get_windows_commands_to_hide_files,\
get_windows_commands_to_hide_folders,\
get_winAPI_to_hide_files,\
get_windows_commands_to_delete
from infection_monkey.utils.environment import is_windows_os
from infection_monkey.utils.linux.hidden_files import (
get_linux_commands_to_delete, get_linux_commands_to_hide_files,
get_linux_commands_to_hide_folders)
from infection_monkey.utils.windows.hidden_files import (
get_winAPI_to_hide_files, get_windows_commands_to_delete,
get_windows_commands_to_hide_files, get_windows_commands_to_hide_folders)
def get_commands_to_hide_files():

View File

@ -1,10 +1,10 @@
import glob
import importlib
import inspect
import logging
from abc import ABCMeta, abstractmethod
from os.path import dirname, basename, isfile, join
import glob
from typing import Sequence, TypeVar, Type, Callable
from os.path import basename, dirname, isfile, join
from typing import Callable, Sequence, Type, TypeVar
LOG = logging.getLogger(__name__)

View File

@ -1,4 +1,5 @@
from infection_monkey.utils.plugins.pluginTests.PluginTestClass import TestPlugin # noqa: F401
from infection_monkey.utils.plugins.pluginTests.PluginTestClass import \
TestPlugin # noqa: F401
class SomeDummyPlugin:

Some files were not shown because too many files have changed in this diff Show More