diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md
index f69a48b77..16b150852 100644
--- a/deployment_scripts/README.md
+++ b/deployment_scripts/README.md
@@ -1,25 +1,55 @@
-# Files used to deploy development version of infection monkey
-## Windows
+# Deployment guide for a development environemnt
-Before running the script you must have git installed.
-Cd to scripts directory and use the scripts.
-First argument is an empty directory (script can create one) and second is branch you want to clone.
-Example usages:
-./run_script.bat (Sets up monkey in current directory under .\infection_monkey)
-./run_script.bat "C:\test" (Sets up monkey in C:\test)
-powershell -ExecutionPolicy ByPass -Command ". .\deploy_windows.ps1; Deploy-Windows -monkey_home C:\test" (Same as above)
-./run_script.bat "" "master"(Sets up master branch instead of develop in current dir)
-Don't forget to add python to PATH or do so while installing it via this script.
+This guide is for you if you wish to develop for Infection Monkey. If you only want to use it, please download the relevant version from [our website](https://infectionmonkey.com).
-## Linux
+## Prerequisites
-Linux deployment script is meant for Ubuntu 16.x machines.
-You must have root permissions, but don't run the script as root.
-Launch deploy_linux.sh from scripts directory.
-First argument should be an absolute path of an empty directory (script will create one if doesn't exist, default is ./infection_monkey).
-Second parameter is the branch you want to clone (develop by default).
-Example usages:
-./deploy_linux.sh (deploys under ./infection_monkey)
-./deploy_linux.sh "/home/test/monkey" (deploys under /home/test/monkey)
-./deploy_linux.sh "" "master" (deploys master branch in script directory)
-./deploy_linux.sh "/home/user/new" "master" (if directory "new" is not found creates it and clones master branch into it)
+Before running the script you must have `git` installed. If you don't have `git` installed, please follow [this guide](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git).
+
+## Deploy on Windows
+
+Run the following command in powershell:
+
+```powershell
+Invoke-WebRequest https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_windows.ps1 -OutFile deploy_windows.ps1
+```
+
+This will download our deploy script. It's a good idea to read it quickly before executing it!
+
+After downloading that script, execute it in `powershell`.
+
+The first argument is an empty directory (script can create one). The second argument is which branch you want to clone - by default, the script will check out the `develop` branch. Some example usages:
+
+- `.\deploy_windows.ps1` (Sets up monkey in current directory under .\infection_monkey)
+- `.\deploy_windows.ps1 -monkey_home "C:\test"` (Sets up monkey in C:\test)
+- `.\deploy_windows.ps1 -branch "master"` (Sets up master branch instead of develop in current dir)
+
+You may also pass in an optional `agents=$false` parameter to disable downloading the latest agent binaries.
+
+### Troubleshooting
+
+- If you run into Execution Policy warnings, you can disable them by prefixing the following snippet: `powershell -ExecutionPolicy ByPass -Command "[original command here]"`
+- Don't forget to add python to PATH or do so while installing it via this script.
+
+## Deploy on Linux
+
+Linux deployment script is meant for Ubuntu 16 and Ubuntu 18 machines.
+
+Your user must have root permissions; however, don't run the script as root!
+
+```sh
+wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh
+```
+
+This will download our deploy script. It's a good idea to read it quickly before executing it!
+
+Then execute the resulting script with your shell.
+
+After downloading that script, execute it in a shell. The first argument should be an absolute path of an empty directory (the script will create one if doesn't exist, default is ./infection_monkey). The second parameter is the branch you want to clone (develop by default). Some example usages:
+
+- `./deploy_linux.sh` (deploys under ./infection_monkey)
+- `./deploy_linux.sh "/home/test/monkey"` (deploys under /home/test/monkey)
+- `./deploy_linux.sh "" "master"` (deploys master branch in script directory)
+- `./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it)
+
+You may also pass in an optional third `false` parameter to disable downloading the latest agent binaries.
\ No newline at end of file
diff --git a/deployment_scripts/config b/deployment_scripts/config
index fb7a3d5b6..5607d37fd 100644
--- a/deployment_scripts/config
+++ b/deployment_scripts/config
@@ -5,21 +5,17 @@ MONKEY_FOLDER_NAME="infection_monkey"
MONKEY_GIT_URL="https://github.com/guardicore/monkey"
# Monkey binaries
-LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-32"
+LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-linux-32"
LINUX_32_BINARY_NAME="monkey-linux-32"
-LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-64"
+LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-linux-64"
LINUX_64_BINARY_NAME="monkey-linux-64"
-WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-32.exe"
+WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-windows-32.exe"
WINDOWS_32_BINARY_NAME="monkey-windows-32.exe"
-WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-64.exe"
+WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-windows-64.exe"
WINDOWS_64_BINARY_NAME="monkey-windows-64.exe"
# Other binaries for monkey
-TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute64"
-TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute32"
-SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner64.so"
-SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so"
-
-# Mongo url's
-MONGO_DEBIAN_URL="https://downloads.mongodb.org/linux/mongodb-linux-x86_64-debian81-latest.tgz"
-MONGO_UBUNTU_URL="https://downloads.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-latest.tgz"
+TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/traceroute64"
+TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/traceroute32"
+SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/sc_monkey_runner64.so"
+SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/sc_monkey_runner32.so"
\ No newline at end of file
diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1
index 095f7b899..b18b7c63c 100644
--- a/deployment_scripts/config.ps1
+++ b/deployment_scripts/config.ps1
@@ -2,28 +2,33 @@
$MONKEY_FOLDER_NAME = "infection_monkey"
# Url of public git repository that contains monkey's source code
$MONKEY_GIT_URL = "https://github.com/guardicore/monkey"
+$MONKEY_RELEASES_URL = $MONKEY_GIT_URL + "/releases"
+$MONKEY_LATEST_VERSION = "v1.7.0"
+$MONKEY_DOWNLOAD_URL = $MONKEY_RELEASES_URL + "/download/" + $MONKEY_LATEST_VERSION + "/"
# Link to the latest python download or install it manually
-$PYTHON_URL = "https://www.python.org/ftp/python/3.7.4/python-3.7.4-amd64.exe"
+$PYTHON_URL = "https://www.python.org/ftp/python/3.7.6/python-3.7.6-amd64.exe"
+
# Monkey binaries
-$LINUX_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-32"
+$LINUX_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-linux-32"
$LINUX_32_BINARY_PATH = "monkey-linux-32"
-$LINUX_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-64"
+$LINUX_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-linux-64"
$LINUX_64_BINARY_PATH = "monkey-linux-64"
-$WINDOWS_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-32.exe"
+$WINDOWS_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-windows-32.exe"
$WINDOWS_32_BINARY_PATH = "monkey-windows-32.exe"
-$WINDOWS_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-64.exe"
+$WINDOWS_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-windows-64.exe"
$WINDOWS_64_BINARY_PATH = "monkey-windows-64.exe"
-$SAMBA_32_BINARY_URL = "https://github.com/VakarisZ/tempBinaries/raw/master/sc_monkey_runner32.so"
-$SAMBA_32_BINARY_NAME= "sc_monkey_runner32.so"
-$SAMBA_64_BINARY_URL = "https://github.com/VakarisZ/tempBinaries/raw/master/sc_monkey_runner64.so"
+$SAMBA_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "sc_monkey_runner32.so"
+$SAMBA_32_BINARY_NAME = "sc_monkey_runner32.so"
+$SAMBA_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "sc_monkey_runner64.so"
$SAMBA_64_BINARY_NAME = "sc_monkey_runner64.so"
+$TRACEROUTE_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "traceroute64"
+$TRACEROUTE_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "traceroute32"
# Other directories and paths ( most likely you dont need to configure)
-$MONKEY_ISLAND_DIR = "\monkey\monkey_island"
-$MONKEY_DIR = "\monkey\infection_monkey"
+$MONKEY_ISLAND_DIR = Join-Path "\monkey" -ChildPath "monkey_island"
+$MONKEY_DIR = Join-Path "\monkey" -ChildPath "infection_monkey"
$SAMBA_BINARIES_DIR = Join-Path -Path $MONKEY_DIR -ChildPath "\bin"
-$PYTHON_DLL = "C:\Windows\System32\python27.dll"
$MK32_DLL = "mk32.zip"
$MK64_DLL = "mk64.zip"
$TEMP_PYTHON_INSTALLER = ".\python.exe"
@@ -31,16 +36,14 @@ $TEMP_MONGODB_ZIP = ".\mongodb.zip"
$TEMP_OPEN_SSL_ZIP = ".\openssl.zip"
$TEMP_CPP_INSTALLER = "cpp.exe"
$TEMP_NPM_INSTALLER = "node.msi"
-$TEMP_PYWIN32_INSTALLER = "pywin32.exe"
$TEMP_UPX_ZIP = "upx.zip"
-$UPX_FOLDER = "upx394w"
+$UPX_FOLDER = "upx-3.96-win64"
# Other url's
-$MONGODB_URL = "https://downloads.mongodb.org/win32/mongodb-win32-x86_64-2008plus-ssl-latest.zip"
-$OPEN_SSL_URL = "https://indy.fulgan.com/SSL/Archive/openssl-1.0.2l-i386-win32.zip"
+$MONGODB_URL = "https://downloads.mongodb.org/win32/mongodb-win32-x86_64-2012plus-v4.2-latest.zip"
+$OPEN_SSL_URL = "https://indy.fulgan.com/SSL/openssl-1.0.2u-x64_86-win64.zip"
$CPP_URL = "https://go.microsoft.com/fwlink/?LinkId=746572"
-$NPM_URL = "https://nodejs.org/dist/v10.13.0/node-v10.13.0-x64.msi"
-$PYWIN32_URL = "https://github.com/mhammond/pywin32/releases/download/b225/pywin32-225.win-amd64-py3.7.exe"
+$NPM_URL = "https://nodejs.org/dist/v12.14.1/node-v12.14.1-x64.msi"
$MK32_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk32.zip"
$MK64_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk64.zip"
-$UPX_URL = "https://github.com/upx/upx/releases/download/v3.94/upx394w.zip"
+$UPX_URL = "https://github.com/upx/upx/releases/download/v3.96/upx-3.96-win64.zip"
diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh
index 67eeaa957..65fdd48e6 100755
--- a/deployment_scripts/deploy_linux.sh
+++ b/deployment_scripts/deploy_linux.sh
@@ -1,10 +1,54 @@
#!/bin/bash
-source config
exists() {
command -v "$1" >/dev/null 2>&1
}
+is_root() {
+ return $(id -u)
+}
+
+has_sudo() {
+ # 0 true, 1 false
+ timeout 1 sudo id && return 0 || return 1
+}
+
+handle_error() {
+ echo "Fix the errors above and rerun the script"
+ exit 1
+}
+
+log_message() {
+ echo -e "\n\n"
+ echo -e "DEPLOYMENT SCRIPT: $1"
+}
+
+config_branch=${2:-"develop"}
+config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config"
+
+if (! exists curl) && (! exists wget); then
+ log_message 'Your system does not have curl or wget, exiting'
+ exit 1
+fi
+
+file=$(mktemp)
+# shellcheck disable=SC2086
+if exists wget; then
+ # shellcheck disable=SC2086
+ wget --output-document=$file "$config_url"
+else
+ # shellcheck disable=SC2086
+ curl -s -o $file "$config_url"
+fi
+
+log_message "downloaded configuration"
+# shellcheck source=deployment_scripts/config
+# shellcheck disable=SC2086
+source $file
+log_message "loaded configuration"
+# shellcheck disable=SC2086
+# rm $file
+
# Setup monkey either in dir required or current dir
monkey_home=${1:-$(pwd)}
if [[ $monkey_home == $(pwd) ]]; then
@@ -13,26 +57,19 @@ fi
# We can set main paths after we know the home dir
ISLAND_PATH="$monkey_home/monkey/monkey_island"
-MONKEY_COMMON_PATH="$monkey_home/monkey/common/"
MONGO_PATH="$ISLAND_PATH/bin/mongodb"
ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries"
INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey"
MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin"
-handle_error() {
- echo "Fix the errors above and rerun the script"
+if is_root; then
+ log_message "Please don't run this script as root"
exit 1
-}
+fi
-log_message() {
- echo -e "\n\n-------------------------------------------"
- echo -e "DEPLOYMENT SCRIPT: $1"
- echo -e "-------------------------------------------\n"
-}
-
-sudo -v
-if [[ $? != 0 ]]; then
- echo "You need root permissions for some of this script operations. Quiting."
+HAS_SUDO=$(has_sudo)
+if [[ ! $HAS_SUDO ]]; then
+ log_message "You need root permissions for some of this script operations. Quiting."
exit 1
fi
@@ -41,15 +78,10 @@ if [[ ! -d ${monkey_home} ]]; then
fi
if ! exists git; then
- echo "Please install git and re-run this script"
+ log_message "Please install git and re-run this script"
exit 1
fi
-if ! exists wget; then
- echo 'Your system does not have wget, please install and re-run this script'
- exit 1
-fi
-
log_message "Cloning files from git"
branch=${2:-"develop"}
if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned
@@ -59,7 +91,7 @@ fi
# Create folders
log_message "Creating island dirs under $ISLAND_PATH"
-mkdir -p "${MONGO_PATH}"
+mkdir -p "${MONGO_PATH}" || handle_error
mkdir -p "${ISLAND_BINARIES_PATH}" || handle_error
# Detecting command that calls python 3.7
@@ -78,87 +110,114 @@ if [[ ${python_cmd} == "" ]]; then
log_message "Python 3.7 command not found. Installing python 3.7."
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get update
- sudo apt install python3.7
+ sudo apt install python3.7 python3.7-dev
log_message "Python 3.7 is now available with command 'python3.7'."
python_cmd="python3.7"
fi
-log_message "Updating package list"
-sudo apt-get update
+log_message "Installing build-essential"
+sudo apt install build-essential
-log_message "Installing pip"
-sudo apt install python3-pip
-${python_cmd} -m pip install pip
-
-log_message "Install python3.7-dev"
-sudo apt-get install python3.7-dev
+log_message "Installing or updating pip"
+# shellcheck disable=SC2086
+pip_url=https://bootstrap.pypa.io/get-pip.py
+if exists wget; then
+ wget --output-document=get-pip.py $pip_url
+else
+ curl $pip_url -o get-pip.py
+fi
+${python_cmd} get-pip.py
+rm get-pip.py
log_message "Installing island requirements"
-requirements="$ISLAND_PATH/requirements.txt"
-${python_cmd} -m pip install --user --upgrade -r ${requirements} || handle_error
+requirements_island="$ISLAND_PATH/requirements.txt"
+${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error
log_message "Installing monkey requirements"
sudo apt-get install libffi-dev upx libssl-dev libc++1
-cd "${monkey_home}"/monkey/infection_monkey || handle_error
-${python_cmd} -m pip install -r requirements.txt --user --upgrade || handle_error
+requirements_monkey="$INFECTION_MONKEY_DIR/requirements.txt"
+${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || handle_error
+
+agents=${3:-true}
# Download binaries
-log_message "Downloading binaries"
-wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL}
-wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL}
-wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL}
-wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL}
+if [ "$agents" = true ] ; then
+ log_message "Downloading binaries"
+ if exists wget; then
+ wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL}
+ wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL}
+ wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL}
+ wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL}
+ else
+ curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-32 ${LINUX_32_BINARY_URL}
+ curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-64 ${LINUX_64_BINARY_URL}
+ curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-32.exe ${WINDOWS_32_BINARY_URL}
+ curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-64.exe ${WINDOWS_64_BINARY_URL}
+ fi
+fi
+
# Allow them to be executed
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_32_BINARY_NAME"
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME"
-# Get machine type/kernel version
-kernel=$(uname -m)
-linux_dist=$(lsb_release -a 2>/dev/null)
-
# If a user haven't installed mongo manually check if we can install it with our script
-log_message "Installing MongoDB"
-"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error
-
+if ! exists mongod; then
+ log_message "Installing MongoDB"
+ "${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error
+fi
log_message "Installing openssl"
sudo apt-get install openssl
# Generate SSL certificate
log_message "Generating certificate"
-cd "${ISLAND_PATH}" || {
- echo "cd failed"
- exit 1
-}
-openssl genrsa -out cc/server.key 2048
-openssl req -new -key cc/server.key -out cc/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com"
-openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/server.crt
+
+"${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc
# Update node
-log_message "Installing nodejs"
-cd "$ISLAND_PATH/cc/ui" || handle_error
-sudo apt-get install curl
-curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
-sudo apt-get install -y nodejs
+if ! exists npm; then
+ log_message "Installing nodejs"
+ node_src=https://deb.nodesource.com/setup_12.x
+ if exists curl; then
+ curl -sL $node_src | sudo -E bash -
+ else
+ wget -q -O - $node_src | sudo -E bash -
+ fi
+ sudo apt-get install -y nodejs
+fi
+
+pushd "$ISLAND_PATH/cc/ui" || handle_error
npm install sass-loader node-sass webpack --save-dev
npm update
log_message "Generating front end"
npm run dist
+popd || handle_error
# Making dir for binaries
mkdir "${MONKEY_BIN_DIR}"
# Download sambacry binaries
log_message "Downloading sambacry binaries"
-wget -c -N -P "${MONKEY_BIN_DIR}" "${SAMBACRY_64_BINARY_URL}"
-wget -c -N -P "${MONKEY_BIN_DIR}" "${SAMBACRY_32_BINARY_URL}"
-
+# shellcheck disable=SC2086
+if exists wget; then
+ wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_64_BINARY_URL}
+ wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_32_BINARY_URL}
+else
+ curl -o ${MONKEY_BIN_DIR}/sc_monkey_runner64.so ${SAMBACRY_64_BINARY_URL}
+ curl -o ${MONKEY_BIN_DIR}/sc_monkey_runner32.so ${SAMBACRY_32_BINARY_URL}
+fi
# Download traceroute binaries
log_message "Downloading traceroute binaries"
-wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_64_BINARY_URL}"
-wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_32_BINARY_URL}"
+# shellcheck disable=SC2086
+if exists wget; then
+ wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_64_BINARY_URL}
+ wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_32_BINARY_URL}
+else
+ curl -o ${MONKEY_BIN_DIR}/traceroute64 ${TRACEROUTE_64_BINARY_URL}
+ curl -o ${MONKEY_BIN_DIR}/traceroute32 ${TRACEROUTE_32_BINARY_URL}
+fi
-sudo chmod +x "${monkey_home}"/monkey/infection_monkey/build_linux.sh
+sudo chmod +x "${INFECTION_MONKEY_DIR}/build_linux.sh"
log_message "Deployment script finished."
exit 0
diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1
index dd602e199..003fdd061 100644
--- a/deployment_scripts/deploy_windows.ps1
+++ b/deployment_scripts/deploy_windows.ps1
@@ -1,17 +1,40 @@
-function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, [String] $branch = "develop"){
- # Import the config variables
- . ./config.ps1
- "Config variables from config.ps1 imported"
-
- # If we want monkey in current dir we need to create an empty folder for source files
- if ( (Join-Path $monkey_home '') -eq (Join-Path (Get-Item -Path ".\").FullName '') ){
- $monkey_home = Join-Path -Path $monkey_home -ChildPath $MONKEY_FOLDER_NAME
- }
+param(
+ [Parameter(Mandatory = $false, Position = 0)]
+ [String] $monkey_home = (Get-Item -Path ".\").FullName,
+ [Parameter(Mandatory = $false, Position = 1)]
+ [System.String]
+ $branch = "develop",
+ [Parameter(Mandatory = $false, Position = 2)]
+ [Bool]
+ $agents = $true
+)
+function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, [String] $branch = "develop")
+{
+ Write-Output "Downloading to $monkey_home"
+ Write-Output "Branch $branch"
# Set variables for script execution
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$webClient = New-Object System.Net.WebClient
+
+ # Import the config variables
+ $config_filename = New-TemporaryFile
+ $config_filename = "config.ps1"
+ $config_url = "https://raw.githubusercontent.com/guardicore/monkey/" + $branch + "/deployment_scripts/config.ps1"
+ $webClient.DownloadFile($config_url, $config_filename)
+ . ./config.ps1
+ "Config variables from config.ps1 imported"
+ Remove-Item $config_filename
+
+
+ # If we want monkey in current dir we need to create an empty folder for source files
+ if ((Join-Path $monkey_home '') -eq (Join-Path (Get-Item -Path ".\").FullName ''))
+ {
+ $monkey_home = Join-Path -Path $monkey_home -ChildPath $MONKEY_FOLDER_NAME
+ }
+
+
# We check if git is installed
try
{
@@ -25,15 +48,22 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
}
# Download the monkey
- $output = cmd.exe /c "git clone --single-branch -b $branch $MONKEY_GIT_URL $monkey_home 2>&1"
+ $command = "git clone --single-branch -b $branch $MONKEY_GIT_URL $monkey_home 2>&1"
+ Write-Output $command
+ $output = cmd.exe /c $command
$binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\bin")
- if ( $output -like "*already exists and is not an empty directory.*"){
+ if ($output -like "*already exists and is not an empty directory.*")
+ {
"Assuming you already have the source directory. If not, make sure to set an empty directory as monkey's home directory."
- } elseif ($output -like "fatal:*"){
+ }
+ elseif ($output -like "fatal:*")
+ {
"Error while cloning monkey from the repository:"
$output
return
- } else {
+ }
+ else
+ {
"Monkey cloned from the repository"
# Create bin directory
New-Item -ItemType directory -path $binDir
@@ -44,9 +74,12 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
try
{
$version = cmd.exe /c '"python" --version 2>&1'
- if ( $version -like 'Python 3.*' ) {
+ if ($version -like 'Python 3.*')
+ {
"Python 3.* was found, installing dependencies"
- } else {
+ }
+ else
+ {
throw System.Management.Automation.CommandNotFoundException
}
}
@@ -56,11 +89,12 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
"Select 'add to PATH' when installing"
$webClient.DownloadFile($PYTHON_URL, $TEMP_PYTHON_INSTALLER)
Start-Process -Wait $TEMP_PYTHON_INSTALLER -ErrorAction Stop
- $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path","User")
+ $env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User")
Remove-Item $TEMP_PYTHON_INSTALLER
# Check if installed correctly
$version = cmd.exe /c '"python" --version 2>&1'
- if ( $version -like '* is not recognized*' ) {
+ if ($version -like '* is not recognized*')
+ {
"Python is not found in PATH. Add it to PATH and relaunch the script."
return
}
@@ -69,7 +103,8 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
"Upgrading pip..."
$output = cmd.exe /c 'python -m pip install --user --upgrade pip 2>&1'
$output
- if ( $output -like '*No module named pip*' ) {
+ if ($output -like '*No module named pip*')
+ {
"Make sure pip module is installed and re-run this script."
return
}
@@ -83,20 +118,24 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
$user_python_dir = cmd.exe /c 'py -m site --user-site'
$user_python_dir = Join-Path (Split-Path $user_python_dir) -ChildPath "\Scripts"
- if(!($ENV:PATH | Select-String -SimpleMatch $user_python_dir)){
+ if (!($ENV:Path | Select-String -SimpleMatch $user_python_dir))
+ {
"Adding python scripts path to user's env"
- $env:Path += ";"+$user_python_dir
- [Environment]::SetEnvironmentVariable("Path",$env:Path,"User")
+ $env:Path += ";" + $user_python_dir
+ [Environment]::SetEnvironmentVariable("Path", $env:Path, "User")
}
# Download mongodb
- if(!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "mongodb") )){
+ if (!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "mongodb")))
+ {
"Downloading mongodb ..."
$webClient.DownloadFile($MONGODB_URL, $TEMP_MONGODB_ZIP)
"Unzipping mongodb"
Expand-Archive $TEMP_MONGODB_ZIP -DestinationPath $binDir
# Get unzipped folder's name
- $mongodb_folder = Get-ChildItem -Path $binDir | Where-Object -FilterScript {($_.Name -like "mongodb*")} | Select-Object -ExpandProperty Name
+ $mongodb_folder = Get-ChildItem -Path $binDir | Where-Object -FilterScript {
+ ($_.Name -like "mongodb*")
+ } | Select-Object -ExpandProperty Name
# Move all files from extracted folder to mongodb folder
New-Item -ItemType directory -Path (Join-Path -Path $binDir -ChildPath "mongodb")
New-Item -ItemType directory -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "db")
@@ -127,23 +166,30 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
. .\windows\create_certificate.bat
Pop-Location
- # Adding binaries
- "Adding binaries"
- $binaries = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\cc\binaries")
- New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue
- $webClient.DownloadFile($LINUX_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_32_BINARY_PATH))
- $webClient.DownloadFile($LINUX_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_64_BINARY_PATH))
- $webClient.DownloadFile($WINDOWS_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_32_BINARY_PATH))
- $webClient.DownloadFile($WINDOWS_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_64_BINARY_PATH))
+ if ($agents)
+ {
+ # Adding binaries
+ "Adding binaries"
+ $binaries = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\cc\binaries")
+ New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue
+ $webClient.DownloadFile($LINUX_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_32_BINARY_PATH))
+ $webClient.DownloadFile($LINUX_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_64_BINARY_PATH))
+ $webClient.DownloadFile($WINDOWS_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_32_BINARY_PATH))
+ $webClient.DownloadFile($WINDOWS_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_64_BINARY_PATH))
+ }
+
# Check if NPM installed
"Installing npm"
try
{
$version = cmd.exe /c '"npm" --version 2>&1'
- if ( $version -like "*is not recognized*"){
+ if ($version -like "*is not recognized*")
+ {
throw System.Management.Automation.CommandNotFoundException
- } else {
+ }
+ else
+ {
"Npm already installed"
}
}
@@ -152,7 +198,7 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
"Downloading npm ..."
$webClient.DownloadFile($NPM_URL, $TEMP_NPM_INSTALLER)
Start-Process -Wait $TEMP_NPM_INSTALLER
- $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine")
+ $env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine")
Remove-Item $TEMP_NPM_INSTALLER
}
@@ -162,18 +208,13 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
& npm run dist
Pop-Location
- # Install pywin32
- "Downloading pywin32"
- $webClient.DownloadFile($PYWIN32_URL, $TEMP_PYWIN32_INSTALLER)
- Start-Process -Wait $TEMP_PYWIN32_INSTALLER -ErrorAction Stop
- Remove-Item $TEMP_PYWIN32_INSTALLER
-
# Create infection_monkey/bin directory if not already present
$binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_DIR | Join-Path -ChildPath "\bin")
New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue
# Download upx
- if(!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe") )){
+ if (!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe")))
+ {
"Downloading upx ..."
$webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP)
"Unzipping upx"
@@ -187,12 +228,14 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
# Download mimikatz binaries
$mk32_path = Join-Path -Path $binDir -ChildPath $MK32_DLL
- if(!(Test-Path -Path $mk32_path )){
+ if (!(Test-Path -Path $mk32_path))
+ {
"Downloading mimikatz 32 binary"
$webClient.DownloadFile($MK32_DLL_URL, $mk32_path)
}
$mk64_path = Join-Path -Path $binDir -ChildPath $MK64_DLL
- if(!(Test-Path -Path $mk64_path )){
+ if (!(Test-Path -Path $mk64_path))
+ {
"Downloading mimikatz 64 binary"
$webClient.DownloadFile($MK64_DLL_URL, $mk64_path)
}
@@ -200,12 +243,14 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
# Download sambacry binaries
$samba_path = Join-Path -Path $monkey_home -ChildPath $SAMBA_BINARIES_DIR
$samba32_path = Join-Path -Path $samba_path -ChildPath $SAMBA_32_BINARY_NAME
- if(!(Test-Path -Path $samba32_path )){
+ if (!(Test-Path -Path $samba32_path))
+ {
"Downloading sambacry 32 binary"
$webClient.DownloadFile($SAMBA_32_BINARY_URL, $samba32_path)
}
$samba64_path = Join-Path -Path $samba_path -ChildPath $SAMBA_64_BINARY_NAME
- if(!(Test-Path -Path $samba64_path )){
+ if (!(Test-Path -Path $samba64_path))
+ {
"Downloading sambacry 64 binary"
$webClient.DownloadFile($SAMBA_64_BINARY_URL, $samba64_path)
}
@@ -213,3 +258,4 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
"Script finished"
}
+Deploy-Windows -monkey_home $monkey_home -branch $branch
diff --git a/deployment_scripts/run_script.bat b/deployment_scripts/run_script.bat
deleted file mode 100644
index 3dcd62760..000000000
--- a/deployment_scripts/run_script.bat
+++ /dev/null
@@ -1,8 +0,0 @@
-SET command=. .\deploy_windows.ps1; Deploy-Windows
-if NOT "%~1" == "" (
- SET "command=%command% -monkey_home %~1"
-)
-if NOT "%~2" == "" (
- SET "command=%command% -branch %~2"
-)
-powershell -ExecutionPolicy ByPass -Command %command%
\ No newline at end of file
diff --git a/monkey/monkey_island/linux/create_certificate.sh b/monkey/monkey_island/linux/create_certificate.sh
index 72aace118..7e306a822 100644
--- a/monkey/monkey_island/linux/create_certificate.sh
+++ b/monkey/monkey_island/linux/create_certificate.sh
@@ -1,6 +1,9 @@
#!/bin/bash
-openssl genrsa -out ./cc/server.key 2048
-openssl req -new -key ./cc/server.key -out ./cc/server.csr -subj "/OU=Monkey Department/CN=monkey.com"
-openssl x509 -req -days 366 -in ./cc/server.csr -signkey ./cc/server.key -out ./cc/server.crt
+server_root=${1:-"./cc"}
+
+
+openssl genrsa -out "$server_root"/server.key 2048
+openssl req -new -key "$server_root"/server.key -out "$server_root"/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com"
+openssl x509 -req -days 366 -in "$server_root"/server.csr -signkey "$server_root"/server.key -out $server_root/server.crt
diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh
index 51091d144..df2c0160e 100755
--- a/monkey/monkey_island/linux/install_mongo.sh
+++ b/monkey/monkey_island/linux/install_mongo.sh
@@ -10,16 +10,19 @@ MONGODB_DIR=$1 # If using deb, this should be: /var/monkey/monkey_island/bin/mon
if [[ ${os_version_monkey} == "Ubuntu 16.04"* ]]; then
echo Detected Ubuntu 16.04
- export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-3.6.12.tgz"
+ export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-4.2.3.tgz"
elif [[ ${os_version_monkey} == "Ubuntu 18.04"* ]]; then
echo Detected Ubuntu 18.04
- export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.2.0.tgz"
+ export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.2.3.tgz"
elif [[ ${os_version_monkey} == "Debian GNU/Linux 8"* ]]; then
echo Detected Debian 8
- export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-3.6.12.tgz"
+ export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-4.0.16.tgz"
elif [[ ${os_version_monkey} == "Debian GNU/Linux 9"* ]]; then
echo Detected Debian 9
- export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-3.6.12.tgz"
+ export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-4.2.3.tgz"
+elif [[ ${os_version_monkey} == "Debian GNU/Linux 10"* ]]; then
+ echo Detected Debian 10
+ export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian10-4.2.3.tgz"
else
echo Unsupported OS
exit 1