p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Island: Add SSHCollector to system info collectors

This commit is contained in:
Mike Salvatore 2022-02-16 14:53:13 -05:00
parent 2f838372b5
commit 92ddeebd4e
4 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py
View File

@ -1,6 +1,7 @@
from common.common_consts.system_info_collectors_names import ( from common.common_consts.system_info_collectors_names import (
MIMIKATZ_COLLECTOR, MIMIKATZ_COLLECTOR,
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
SSH_COLLECTOR,
) )
SYSTEM_INFO_COLLECTOR_CLASSES = { SYSTEM_INFO_COLLECTOR_CLASSES = {
@ -11,7 +12,7 @@ SYSTEM_INFO_COLLECTOR_CLASSES = {
{ {
"type": "string", "type": "string",
"enum": [MIMIKATZ_COLLECTOR], "enum": [MIMIKATZ_COLLECTOR],
"title": "Mimikatz Collector", "title": "Mimikatz Credentials Collector",
"safe": True, "safe": True,
"info": "Collects credentials from Windows credential manager.", "info": "Collects credentials from Windows credential manager.",
"attack_techniques": ["T1003", "T1005"], "attack_techniques": ["T1003", "T1005"],
@ -24,5 +25,13 @@ SYSTEM_INFO_COLLECTOR_CLASSES = {
"info": "Collects a list of running processes on the machine.", "info": "Collects a list of running processes on the machine.",
"attack_techniques": ["T1082"], "attack_techniques": ["T1082"],
}, },
{
"type": "string",
"enum": [SSH_COLLECTOR],
"title": "SSH Credentials Collector",
"safe": True,
"info": "Searches users' home directories and collects SSH keypairs.",
"attack_techniques": ["T1005", "T1145"],
},
], ],
} }

2
monkey/monkey_island/cc/services/config_schema/monkey.py
View File

@ -1,6 +1,7 @@
from common.common_consts.system_info_collectors_names import ( from common.common_consts.system_info_collectors_names import (
MIMIKATZ_COLLECTOR, MIMIKATZ_COLLECTOR,
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
SSH_COLLECTOR,
) )
MONKEY = { MONKEY = {
@ -87,6 +88,7 @@ MONKEY = {
"default": [ "default": [
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
MIMIKATZ_COLLECTOR, MIMIKATZ_COLLECTOR,
SSH_COLLECTOR,
], ],
}, },
}, },

4
monkey/tests/data_for_tests/monkey_configs/automated_master_config.json
View File

@ -104,8 +104,8 @@
} }
}, },
"system_info_collector_classes": [ "system_info_collector_classes": [
"ProcessListCollector", "MimikatzCollector",
"MimikatzCollector" "SSHCollector"
] ]
} }
} }

6
monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
View File

@ -146,10 +146,8 @@
}, },
"system_info": { "system_info": {
"system_info_collector_classes": [ "system_info_collector_classes": [
"environmentcollector", "MimikatzCollector",
"hostnamecollector", "SSHCollector"
"processlistcollector",
"mimikatzcollector"
] ]
} }
} }