diff --git a/envs/monkey_zoo/blackbox/test_configurations/__init__.py b/envs/monkey_zoo/blackbox/test_configurations/__init__.py new file mode 100644 index 000000000..9aa48000e --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/__init__.py @@ -0,0 +1,8 @@ +from .test_configuration import TestConfiguration +from .zerologon import zerologon_test_configuration +from .depth_1_a import depth_1_a_test_configuration +from .depth_2_a import depth_2_a_test_configuration +from .depth_3_a import depth_3_a_test_configuration +from .powershell_credentials_reuse import powershell_credentials_reuse_test_configuration +from .smb_pth import smb_pth_test_configuration +from .wmi_mimikatz import wmi_mimikatz_test_configuration diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py new file mode 100644 index 000000000..e6e118637 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py @@ -0,0 +1,91 @@ +from common.configuration import AgentConfiguration, PluginConfiguration +from common.credentials import Credentials, Password, Username + +from .noop import noop_test_configuration +from .utils import ( + add_credential_collectors, + add_exploiters, + add_http_ports, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + replace_propagation_credentials, + set_maximum_depth, +) + +# Tests: +# Hadoop (10.2.2.2, 10.2.2.3) +# Log4shell (10.2.3.55, 10.2.3.56, 10.2.3.49, 10.2.3.50, 10.2.3.51, 10.2.3.52) +# MSSQL (10.2.2.16) +# SMB mimikatz password stealing and brute force (10.2.2.14 and 10.2.2.15) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="MSSQLExploiter", options={}), + PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}), + PluginConfiguration(name="SSHExploiter", options={}), + ] + vulnerability = [ + PluginConfiguration(name="HadoopExploiter", options={}), + PluginConfiguration(name="Log4ShellExploiter", options={}), + ] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.2.2", + "10.2.2.3", + "10.2.3.55", + "10.2.3.56", + "10.2.3.49", + "10.2.3.50", + "10.2.3.51", + "10.2.3.52", + "10.2.2.16", + "10.2.2.14", + "10.2.2.15", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration: + return add_credential_collectors( + agent_configuration, [PluginConfiguration("MimikatzCollector", {})] + ) + + +HTTP_PORTS = [8080, 8983, 9600] + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [22, 445] + HTTP_PORTS + return add_tcp_ports(agent_configuration, ports) + + +def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + return add_http_ports(agent_configuration, HTTP_PORTS) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) +agent_configuration = _add_credential_collectors(agent_configuration) +agent_configuration = _add_http_ports(agent_configuration) + +depth_1_a_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +) + + +CREDENTIALS = ( + Credentials(Username("m0nk3y"), None), + Credentials(None, Password("Ivrrw5zEzs")), + Credentials(None, Password("Xk8VDTsC")), +) +depth_1_a_test_configuration = replace_propagation_credentials( + depth_1_a_test_configuration, CREDENTIALS +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py new file mode 100644 index 000000000..0fc6b57d6 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py @@ -0,0 +1,53 @@ +from common.configuration import AgentConfiguration, PluginConfiguration +from common.credentials import Credentials, Password, Username + +from .noop import noop_test_configuration +from .utils import ( + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + replace_propagation_credentials, + set_maximum_depth, +) + + +# Tests: +# SSH password and key brute-force, key stealing (10.2.2.11, 10.2.2.12) +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="SSHExploiter", options={}), + ] + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[]) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.2.11", + "10.2.2.12", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [22] + return add_tcp_ports(agent_configuration, ports) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 2) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) + +depth_2_a_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +) + + +CREDENTIALS = ( + Credentials(Username("m0nk3y"), None), + Credentials(None, Password("^NgDvY59~8")), +) +depth_2_a_test_configuration = replace_propagation_credentials( + depth_2_a_test_configuration, CREDENTIALS +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py new file mode 100644 index 000000000..4b0d4ce72 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_3_a.py @@ -0,0 +1,75 @@ +from common.configuration import AgentConfiguration, PluginConfiguration +from common.credentials import Credentials, NTHash, Password, Username + +from .noop import noop_test_configuration +from .utils import ( + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + replace_propagation_credentials, + set_keep_tunnel_open_time, + set_maximum_depth, +) + +# Tests: +# Powershell (10.2.3.45, 10.2.3.46, 10.2.3.47, 10.2.3.48) +# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.11) +# WMI pass the hash (10.2.2.15) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="PowerShellExploiter", options={}), + PluginConfiguration(name="SSHExploiter", options={}), + PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}), + ] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[]) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.2.9", + "10.2.3.45", + "10.2.3.46", + "10.2.3.47", + "10.2.3.48", + "10.2.1.10", + "10.2.0.12", + "10.2.0.11", + "10.2.2.15", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [22, 135, 5985, 5986] + return add_tcp_ports(agent_configuration, ports) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3) +agent_configuration = set_keep_tunnel_open_time(noop_test_configuration.agent_configuration, 20) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) + +depth_3_a_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +) + + +CREDENTIALS = ( + Credentials(Username("m0nk3y"), None), + Credentials(Username("m0nk3y-user"), None), + Credentials(None, Password("Passw0rd!")), + Credentials(None, Password("3Q=(Ge(+&w]*")), + Credentials(None, Password("`))jU7L(w}")), + Credentials(None, Password("t67TC5ZDmz")), + Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")), + Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")), + Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")), +) +depth_3_a_test_configuration = replace_propagation_credentials( + depth_3_a_test_configuration, CREDENTIALS +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/noop.py b/envs/monkey_zoo/blackbox/test_configurations/noop.py new file mode 100644 index 000000000..1d0b70ff4 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/noop.py @@ -0,0 +1,53 @@ +from common.configuration import ( + AgentConfiguration, + CustomPBAConfiguration, + ExploitationConfiguration, + ExploitationOptionsConfiguration, + ICMPScanConfiguration, + NetworkScanConfiguration, + PropagationConfiguration, + ScanTargetConfiguration, + TCPScanConfiguration, +) + +from . import TestConfiguration + +_custom_pba_configuration = CustomPBAConfiguration("", "", "", "") + +_tcp_scan_configuration = TCPScanConfiguration(timeout=3.0, ports=[]) +_icmp_scan_configuration = ICMPScanConfiguration(timeout=1.0) +_scan_target_configuration = ScanTargetConfiguration( + blocked_ips=[], inaccessible_subnets=[], local_network_scan=False, subnets=[] +) +_network_scan_configuration = NetworkScanConfiguration( + tcp=_tcp_scan_configuration, + icmp=_icmp_scan_configuration, + fingerprinters=[], + targets=_scan_target_configuration, +) + +_exploitation_options_configuration = ExploitationOptionsConfiguration(http_ports=[]) +_exploitation_configuration = ExploitationConfiguration( + options=_exploitation_options_configuration, brute_force=[], vulnerability=[] +) + +_propagation_configuration = PropagationConfiguration( + maximum_depth=0, + network_scan=_network_scan_configuration, + exploitation=_exploitation_configuration, +) + +_agent_configuration = AgentConfiguration( + keep_tunnel_open_time=0, + custom_pbas=_custom_pba_configuration, + post_breach_actions=[], + credential_collectors=[], + payloads=[], + propagation=_propagation_configuration, +) +_propagation_credentials = tuple() + +# This is an empty, NOOP configuration from which other configurations can be built +noop_test_configuration = TestConfiguration( + agent_configuration=_agent_configuration, propagation_credentials=_propagation_credentials +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/powershell_credentials_reuse.py b/envs/monkey_zoo/blackbox/test_configurations/powershell_credentials_reuse.py new file mode 100644 index 000000000..4b7aa351c --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/powershell_credentials_reuse.py @@ -0,0 +1,40 @@ +from common.configuration import AgentConfiguration, PluginConfiguration + +from .noop import noop_test_configuration +from .utils import ( + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + set_maximum_depth, +) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="PowerShellExploiter", options={}), + ] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[]) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.3.46", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [5985, 5986] + return add_tcp_ports(agent_configuration, ports) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) + +powershell_credentials_reuse_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/smb_pth.py b/envs/monkey_zoo/blackbox/test_configurations/smb_pth.py new file mode 100644 index 000000000..ee3378286 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/smb_pth.py @@ -0,0 +1,59 @@ +from common.configuration import AgentConfiguration, PluginConfiguration +from common.credentials import Credentials, NTHash, Password, Username + +from .noop import noop_test_configuration +from .utils import ( + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + replace_propagation_credentials, + set_keep_tunnel_open_time, + set_maximum_depth, +) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}), + ] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[]) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.2.15", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [445] + return add_tcp_ports(agent_configuration, ports) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3) +agent_configuration = set_keep_tunnel_open_time(noop_test_configuration.agent_configuration, 20) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) + +smb_pth_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +) + + +CREDENTIALS = ( + Credentials(Username("Administrator"), None), + Credentials(Username("m0nk3y"), None), + Credentials(Username("user"), None), + Credentials(None, Password("Ivrrw5zEzs")), + Credentials(None, Password("Password1!")), + Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")), + Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")), + Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")), +) +smb_pth_test_configuration = replace_propagation_credentials( + smb_pth_test_configuration, CREDENTIALS +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/test_configuration.py b/envs/monkey_zoo/blackbox/test_configurations/test_configuration.py new file mode 100644 index 000000000..2755a501d --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/test_configuration.py @@ -0,0 +1,11 @@ +from dataclasses import dataclass +from typing import Tuple + +from common.configuration import AgentConfiguration +from common.credentials import Credentials + + +@dataclass +class TestConfiguration: + agent_configuration: AgentConfiguration + propagation_credentials: Tuple[Credentials, ...] diff --git a/envs/monkey_zoo/blackbox/test_configurations/utils.py b/envs/monkey_zoo/blackbox/test_configurations/utils.py new file mode 100644 index 000000000..eef23b329 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/utils.py @@ -0,0 +1,142 @@ +from dataclasses import replace +from typing import Sequence, Tuple + +from common.configuration import ( + AgentConfiguration, + ExploitationConfiguration, + ExploitationOptionsConfiguration, + NetworkScanConfiguration, + PluginConfiguration, + PropagationConfiguration, + ScanTargetConfiguration, +) +from common.credentials import Credentials + +from . import TestConfiguration + + +def add_exploiters( + agent_configuration: AgentConfiguration, + brute_force: Sequence[PluginConfiguration] = [], + vulnerability: Sequence[PluginConfiguration] = [], +) -> AgentConfiguration: + exploitation_configuration = replace( + agent_configuration.propagation.exploitation, + brute_force=brute_force, + vulnerability=vulnerability, + ) + return replace_exploitation_configuration(agent_configuration, exploitation_configuration) + + +def add_tcp_ports( + agent_configuration: AgentConfiguration, tcp_ports: Sequence[int] +) -> AgentConfiguration: + tcp_scan_configuration = replace( + agent_configuration.propagation.network_scan.tcp, ports=tuple(tcp_ports) + ) + network_scan_configuration = replace( + agent_configuration.propagation.network_scan, tcp=tcp_scan_configuration + ) + + return replace_network_scan_configuration(agent_configuration, network_scan_configuration) + + +def add_subnets( + agent_configuration: AgentConfiguration, subnets: Sequence[str] +) -> AgentConfiguration: + scan_target_configuration = replace( + agent_configuration.propagation.network_scan.targets, subnets=subnets + ) + return replace_scan_target_configuration(agent_configuration, scan_target_configuration) + + +def add_credential_collectors( + agent_configuration: AgentConfiguration, credential_collectors: Sequence[PluginConfiguration] +) -> AgentConfiguration: + return replace(agent_configuration, credential_collectors=tuple(credential_collectors)) + + +def add_http_ports( + agent_configuration: AgentConfiguration, http_ports: Sequence[int] +) -> AgentConfiguration: + exploitation_options_configuration = agent_configuration.propagation.exploitation.options + exploitation_options_configuration = replace( + exploitation_options_configuration, http_ports=http_ports + ) + + return replace_exploitation_options_configuration( + agent_configuration, exploitation_options_configuration + ) + + +def set_keep_tunnel_open_time( + agent_configuration: AgentConfiguration, keep_tunnel_open_time: int +) -> AgentConfiguration: + return replace(agent_configuration, keep_tunnel_open_time=keep_tunnel_open_time) + + +def set_maximum_depth( + agent_configuration: AgentConfiguration, maximum_depth: int +) -> AgentConfiguration: + propagation_configuration = replace( + agent_configuration.propagation, maximum_depth=maximum_depth + ) + return replace_propagation_configuration(agent_configuration, propagation_configuration) + + +def replace_exploitation_configuration( + agent_configuration: AgentConfiguration, exploitation_configuration: ExploitationConfiguration +) -> AgentConfiguration: + propagation_configuration = replace( + agent_configuration.propagation, exploitation=exploitation_configuration + ) + + return replace_propagation_configuration(agent_configuration, propagation_configuration) + + +def replace_scan_target_configuration( + agent_configuration: AgentConfiguration, scan_target_configuration: ScanTargetConfiguration +) -> AgentConfiguration: + network_scan_configuration = replace( + agent_configuration.propagation.network_scan, targets=scan_target_configuration + ) + + return replace_network_scan_configuration(agent_configuration, network_scan_configuration) + + +def replace_network_scan_configuration( + agent_configuration: AgentConfiguration, network_scan_configuration: NetworkScanConfiguration +) -> AgentConfiguration: + propagation_configuration = replace( + agent_configuration.propagation, network_scan=network_scan_configuration + ) + return replace_propagation_configuration(agent_configuration, propagation_configuration) + + +def replace_propagation_configuration( + agent_configuration: AgentConfiguration, propagation_configuration: PropagationConfiguration +) -> AgentConfiguration: + return replace(agent_configuration, propagation=propagation_configuration) + + +def replace_exploitation_options_configuration( + agent_configuration: AgentConfiguration, + exploitation_options_configuration: ExploitationOptionsConfiguration, +) -> AgentConfiguration: + exploitation_configuration = agent_configuration.propagation.exploitation + exploitation_configuration = replace( + exploitation_configuration, options=exploitation_options_configuration + ) + return replace_exploitation_configuration(agent_configuration, exploitation_configuration) + + +def replace_agent_configuration( + test_configuration: TestConfiguration, agent_configuration: AgentConfiguration +) -> TestConfiguration: + return replace(test_configuration, agent_configuration=agent_configuration) + + +def replace_propagation_credentials( + test_configuration: TestConfiguration, propagation_credentials: Tuple[Credentials, ...] +): + return replace(test_configuration, propagation_credentials=propagation_credentials) diff --git a/envs/monkey_zoo/blackbox/test_configurations/wmi_mimikatz.py b/envs/monkey_zoo/blackbox/test_configurations/wmi_mimikatz.py new file mode 100644 index 000000000..e95e1b91b --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/wmi_mimikatz.py @@ -0,0 +1,64 @@ +from common.configuration import AgentConfiguration, PluginConfiguration +from common.credentials import Credentials, Password, Username + +from .noop import noop_test_configuration +from .utils import ( + add_credential_collectors, + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + replace_propagation_credentials, + set_maximum_depth, +) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [ + PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}), + ] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[]) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = [ + "10.2.2.14", + "10.2.2.15", + ] + return add_subnets(agent_configuration, subnets) + + +def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration: + return add_credential_collectors( + agent_configuration, [PluginConfiguration("MimikatzCollector", {})] + ) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + ports = [135] + return add_tcp_ports(agent_configuration, ports) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) +agent_configuration = _add_credential_collectors(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) +agent_configuration = _add_credential_collectors(agent_configuration) + +wmi_mimikatz_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +) + + +CREDENTIALS = ( + Credentials(Username("Administrator"), None), + Credentials(Username("m0nk3y"), None), + Credentials(Username("user"), None), + Credentials(None, Password("Ivrrw5zEzs")), + Credentials(None, Password("Password1!")), +) +wmi_mimikatz_test_configuration = replace_propagation_credentials( + wmi_mimikatz_test_configuration, CREDENTIALS +) diff --git a/envs/monkey_zoo/blackbox/test_configurations/zerologon.py b/envs/monkey_zoo/blackbox/test_configurations/zerologon.py new file mode 100644 index 000000000..344ab3246 --- /dev/null +++ b/envs/monkey_zoo/blackbox/test_configurations/zerologon.py @@ -0,0 +1,37 @@ +from common.configuration import AgentConfiguration, PluginConfiguration + +from .noop import noop_test_configuration +from .utils import ( + add_exploiters, + add_subnets, + add_tcp_ports, + replace_agent_configuration, + set_maximum_depth, +) + + +def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: + brute_force = [PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30})] + vulnerability = [PluginConfiguration(name="ZerologonExploiter", options={})] + + return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability) + + +def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: + tcp_ports = [135, 445] + return add_tcp_ports(agent_configuration, tcp_ports) + + +def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration: + subnets = ["10.2.2.25"] + return add_subnets(agent_configuration, subnets) + + +agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1) +agent_configuration = _add_exploiters(agent_configuration) +agent_configuration = _add_tcp_ports(agent_configuration) +agent_configuration = _add_subnets(agent_configuration) + +zerologon_test_configuration = replace_agent_configuration( + noop_test_configuration, agent_configuration +)