More improvements on the configs

This commit is contained in:
VakarisZ 2019-09-11 15:44:57 +03:00
parent e6060b6729
commit a17305a324
13 changed files with 33 additions and 22 deletions

View File

@ -107,7 +107,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -118,7 +118,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -106,7 +106,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -106,7 +106,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -105,7 +105,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},
@ -136,7 +136,7 @@
"post_breach_actions": []
},
"life_cycle": {
"max_iterations": 2,
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,

View File

@ -115,7 +115,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -116,7 +116,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -23,7 +23,7 @@
"depth": 3,
"local_network_scan": false,
"subnet_scan_list": [
"10.2.2.39",
"10.2.2.32",
"10.2.1.10",
"10.2.0.11"
]
@ -191,4 +191,4 @@
]
}
}
}
}

View File

@ -107,7 +107,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},

View File

@ -113,7 +113,7 @@
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 50,
"keep_tunnel_open_time": 1,
"monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},
@ -144,7 +144,7 @@
"post_breach_actions": []
},
"life_cycle": {
"max_iterations": 2,
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,

View File

@ -8,8 +8,8 @@ from envs.monkey_zoo.blackbox.utils.island_config_parser import IslandConfigPars
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
DEFAULT_TIMEOUT_SECONDS = 4 * 60 # 4 minutes
DELAY_BETWEEN_TESTS = 10
DEFAULT_TIMEOUT_SECONDS = 3 * 60
DELAY_BETWEEN_TESTS = 30
GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'haddop-2-v3', 'hadoop-3', 'mssql-16',
'mimikatz-14', 'mimikatz-15', 'final-test-struts2-23', 'final-test-struts2-24',
'tunneling-9', 'tunneling-10', 'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8']
@ -52,7 +52,6 @@ class TestMonkeyBlackbox(object):
print("Waiting for ({:.0f} seconds) for old monkey's to die or GCP machines to boot up.".format(DELAY_BETWEEN_TESTS))
sleep(DELAY_BETWEEN_TESTS)
"""
def test_server_online(self, island_client):
assert island_client.get_api_status() is not None
@ -62,15 +61,18 @@ class TestMonkeyBlackbox(object):
def test_hadoop_exploiter(self, island_client):
self.run_basic_test(island_client, "HADOOP.conf", "Hadoop exploiter")
def test_mssql_exploiter(self, island_client):
self.run_basic_test(island_client, "MSSQL.conf", "MSSQL exploiter")
"""
def test_mssql_exploiter(self, island_client):
self.run_basic_test(island_client, "MSSQL.conf", "MSSQL exploiter")
"""
def test_smb_and_mimikatz_exploiters(self, island_client):
self.run_basic_test(island_client, "SMB_MIMIKATZ.conf", "SMB exploiter, mimikatz")
"""
def test_elastic_exploiter(self, island_client):
self.run_basic_test(island_client, "ELASTIC.conf", "Elastic exploiter", 180)
self.run_basic_test(island_client, "ELASTIC.conf", "Elastic exploiter")
"""
def test_struts_exploiter(self, island_client):
self.run_basic_test(island_client, "STRUTS2.conf", "Strtuts2 exploiter")
@ -86,4 +88,3 @@ class TestMonkeyBlackbox(object):
def test_wmi_exploiter(self, island_client):
self.run_basic_test(island_client, "WMI_MIMIKATZ.conf", "WMI exploiter, mimikatz")
"""

View File

@ -29,7 +29,6 @@ class BasicTest(object):
if self.all_analyzers_pass():
self.log_success(timer)
return
sleep(DELAY_BETWEEN_ANALYSIS)
self.log_failure(timer)
assert False

View File

@ -1,10 +1,17 @@
import json
from time import sleep
import requests
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062' \
'8d2c8d0b1538d2208c1444ac66535b764a3d902b35e751df3faec1e477ed3557'
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
def avoid_race_condition(func):
sleep(SLEEP_BETWEEN_REQUESTS_SECONDS)
return func
class MonkeyIslandClient(object):
@ -46,9 +53,11 @@ class MonkeyIslandClient(object):
def get_api_status(self):
return self.request_get("api")
@avoid_race_condition
def import_config(self, config_contents):
_ = self.request_post("api/configuration/island", data=config_contents)
@avoid_race_condition
def run_monkey_local(self):
response = self.request_post_json("api/local-monkey", dict_data={"action": "run"})
if MonkeyIslandClient.monkey_ran_successfully(response):
@ -61,6 +70,7 @@ class MonkeyIslandClient(object):
def monkey_ran_successfully(response):
return response.ok and json.loads(response.content)['is_running']
@avoid_race_condition
def kill_all_monkeys(self):
if self.request_get("api", {"action": "killall"}).ok:
print("Killing all monkeys after the test.")
@ -68,6 +78,7 @@ class MonkeyIslandClient(object):
print("Failed to kill all monkeys.")
assert False
@avoid_race_condition
def reset_env(self):
if self.request_get("api", {"action": "reset"}).ok:
print("Resetting environment after the test.")