p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Adds configuration option to turn Azure collection on and off 

Merge mimikatz and Azure into system info collection settings.
This commit is contained in:
Daniel Goldberg 2018-03-27 10:40:03 +03:00
parent 9d7b345d1d
commit 9b44fc8b98
4 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
infection_monkey/config.py
View File

@ -272,5 +272,7 @@ class Configuration(object):
mimikatz_dll_name = "mk.dll" mimikatz_dll_name = "mk.dll"
extract_azure_creds = True
WormConfiguration = Configuration() WormConfiguration = Configuration()

1
infection_monkey/example.conf
View File

@ -15,6 +15,7 @@
"current_server": "41.50.73.31:5000", "current_server": "41.50.73.31:5000",
"alive": true, "alive": true,
"collect_system_info": true, "collect_system_info": true,
"extract_azure_creds": true,
"depth": 2, "depth": 2,
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",

4
infection_monkey/system_info/__init__.py
View File

@ -6,7 +6,6 @@ import psutil
from enum import IntEnum from enum import IntEnum
from network.info import get_host_subnets from network.info import get_host_subnets
from azure_cred_collector import AzureCollector from azure_cred_collector import AzureCollector
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
@ -113,6 +112,9 @@ class InfoCollector(object):
Updates the credentials structure, creating it if neccesary (compat with mimikatz) Updates the credentials structure, creating it if neccesary (compat with mimikatz)
:return: None. Updates class information :return: None. Updates class information
""" """
from config import WormConfiguration
if not WormConfiguration.extract_azure_creds:
return
LOG.debug("Harvesting creds if on an Azure machine") LOG.debug("Harvesting creds if on an Azure machine")
azure_collector = AzureCollector() azure_collector = AzureCollector()
if 'credentials' not in self.info: if 'credentials' not in self.info:

11
monkey_island/cc/services/config.py
View File

@ -521,8 +521,8 @@ SCHEMA = {
} }
} }
}, },
"mimikatz": { "systemInfo": {
"title": "Mimikatz", "title": "System collection",
"type": "object", "type": "object",
"properties": { "properties": {
"mimikatz_dll_name": { "mimikatz_dll_name": {
@ -531,6 +531,13 @@ SCHEMA = {
"default": "mk.dll", "default": "mk.dll",
"description": "description":
"Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)" "Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)"
},
"extract_azure_creds": {
"title": "Harvest Azure Credentials",
"type": "boolean",
"default": True,
"description":
"Determine if the Monkey should try to harvest password credentials from Azure VMs"
} }
} }
} }