From 3191b2d94ec3c84e473140a92291c9287cb6db4c Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 23:17:48 +0200 Subject: [PATCH 01/42] Make deploy_linux.sh download the configuration, avoiding need for duplicate git clone. --- deployment_scripts/README.md | 4 +++- deployment_scripts/deploy_linux.sh | 36 +++++++++++++++++++++++++----- 2 files changed, 34 insertions(+), 6 deletions(-) diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md index f69a48b77..f51bd151e 100644 --- a/deployment_scripts/README.md +++ b/deployment_scripts/README.md @@ -15,7 +15,9 @@ Don't forget to add python to PATH or do so while installing it via this script. Linux deployment script is meant for Ubuntu 16.x machines. You must have root permissions, but don't run the script as root.
-Launch deploy_linux.sh from scripts directory.
+`wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh` + +Then execute the resulting script with your shell. First argument should be an absolute path of an empty directory (script will create one if doesn't exist, default is ./infection_monkey). Second parameter is the branch you want to clone (develop by default). Example usages:
diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 834d811a7..c41774393 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -1,10 +1,31 @@ #!/bin/bash -source config exists() { command -v "$1" >/dev/null 2>&1 } +is_root() { + return $(id -u) +} + +has_sudo() { + # 0 true, 1 false + timeout 1 sudo id && return 0 || return 1 +} + +config_branch=${2:-"develop"} +config_url="https://raw.githubusercontent.com/guardicore/monkey/"$config_branch"/deployment_scripts/config" + +if exists curl; then + file=$(mktemp) + curl -s -o $file "$config_url" + source $file + rm $file +else + echo 'Your system does not have curl, exiting' + exit 1 +fi + # Setup monkey either in dir required or current dir monkey_home=${1:-$(pwd)} if [[ $monkey_home == $(pwd) ]]; then @@ -30,8 +51,13 @@ log_message() { echo -e "-------------------------------------------\n" } -sudo -v -if [[ $? != 0 ]]; then +if is_root; then + echo "Please don't runt this script as root" + exit 1 +fi + +HAS_SUDO=$(has_sudo) +if [[ ! $HAS_SUDO ]]; then echo "You need root permissions for some of this script operations. Quiting." exit 1 fi @@ -46,8 +72,8 @@ if ! exists git; then fi if ! exists wget; then - echo 'Your system does have wget, please install and re-run this script' - exit 1 + echo 'Your system does have wget, please install and re-run this script' + exit 1 fi log_message "Cloning files from git" From 43adea072882629b67b1c43551d6eaa2b29cb08b Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 23:27:19 +0200 Subject: [PATCH 02/42] Ran format on PS1 script --- deployment_scripts/deploy_windows.ps1 | 221 +++++++++++++++----------- 1 file changed, 124 insertions(+), 97 deletions(-) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index dd602e199..fb0f29305 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -1,77 +1,92 @@ -function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, [String] $branch = "develop"){ - # Import the config variables - . ./config.ps1 - "Config variables from config.ps1 imported" - - # If we want monkey in current dir we need to create an empty folder for source files - if ( (Join-Path $monkey_home '') -eq (Join-Path (Get-Item -Path ".\").FullName '') ){ - $monkey_home = Join-Path -Path $monkey_home -ChildPath $MONKEY_FOLDER_NAME - } +function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, [String] $branch = "develop") +{ # Set variables for script execution [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $webClient = New-Object System.Net.WebClient + + # Import the config variables + . ./config.ps1 + "Config variables from config.ps1 imported" + + # If we want monkey in current dir we need to create an empty folder for source files + if ((Join-Path $monkey_home '') -eq (Join-Path (Get-Item -Path ".\").FullName '')) + { + $monkey_home = Join-Path -Path $monkey_home -ChildPath $MONKEY_FOLDER_NAME + } + + # We check if git is installed try { - git | Out-Null -ErrorAction Stop - "Git requirement satisfied" + git | Out-Null -ErrorAction Stop + "Git requirement satisfied" } catch [System.Management.Automation.CommandNotFoundException] { - "Please install git before running this script or add it to path and restart cmd" - return + "Please install git before running this script or add it to path and restart cmd" + return } # Download the monkey $output = cmd.exe /c "git clone --single-branch -b $branch $MONKEY_GIT_URL $monkey_home 2>&1" $binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\bin") - if ( $output -like "*already exists and is not an empty directory.*"){ - "Assuming you already have the source directory. If not, make sure to set an empty directory as monkey's home directory." - } elseif ($output -like "fatal:*"){ - "Error while cloning monkey from the repository:" - $output - return - } else { - "Monkey cloned from the repository" - # Create bin directory - New-Item -ItemType directory -path $binDir - "Bin directory added" + if ($output -like "*already exists and is not an empty directory.*") + { + "Assuming you already have the source directory. If not, make sure to set an empty directory as monkey's home directory." + } + elseif ($output -like "fatal:*") + { + "Error while cloning monkey from the repository:" + $output + return + } + else + { + "Monkey cloned from the repository" + # Create bin directory + New-Item -ItemType directory -path $binDir + "Bin directory added" } # We check if python is installed try { - $version = cmd.exe /c '"python" --version 2>&1' - if ( $version -like 'Python 3.*' ) { - "Python 3.* was found, installing dependencies" - } else { - throw System.Management.Automation.CommandNotFoundException - } + $version = cmd.exe /c '"python" --version 2>&1' + if ($version -like 'Python 3.*') + { + "Python 3.* was found, installing dependencies" + } + else + { + throw System.Management.Automation.CommandNotFoundException + } } catch [System.Management.Automation.CommandNotFoundException] { - "Downloading python 3 ..." - "Select 'add to PATH' when installing" - $webClient.DownloadFile($PYTHON_URL, $TEMP_PYTHON_INSTALLER) - Start-Process -Wait $TEMP_PYTHON_INSTALLER -ErrorAction Stop - $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path","User") - Remove-Item $TEMP_PYTHON_INSTALLER - # Check if installed correctly - $version = cmd.exe /c '"python" --version 2>&1' - if ( $version -like '* is not recognized*' ) { - "Python is not found in PATH. Add it to PATH and relaunch the script." - return - } + "Downloading python 3 ..." + "Select 'add to PATH' when installing" + $webClient.DownloadFile($PYTHON_URL, $TEMP_PYTHON_INSTALLER) + Start-Process -Wait $TEMP_PYTHON_INSTALLER -ErrorAction Stop + $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User") + Remove-Item $TEMP_PYTHON_INSTALLER + # Check if installed correctly + $version = cmd.exe /c '"python" --version 2>&1' + if ($version -like '* is not recognized*') + { + "Python is not found in PATH. Add it to PATH and relaunch the script." + return + } } "Upgrading pip..." $output = cmd.exe /c 'python -m pip install --user --upgrade pip 2>&1' $output - if ( $output -like '*No module named pip*' ) { - "Make sure pip module is installed and re-run this script." - return + if ($output -like '*No module named pip*') + { + "Make sure pip module is installed and re-run this script." + return } "Installing python packages for island" @@ -83,28 +98,32 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $user_python_dir = cmd.exe /c 'py -m site --user-site' $user_python_dir = Join-Path (Split-Path $user_python_dir) -ChildPath "\Scripts" - if(!($ENV:PATH | Select-String -SimpleMatch $user_python_dir)){ - "Adding python scripts path to user's env" - $env:Path += ";"+$user_python_dir - [Environment]::SetEnvironmentVariable("Path",$env:Path,"User") + if (!($ENV: PATH | Select-String -SimpleMatch $user_python_dir)) + { + "Adding python scripts path to user's env" + $env: Path += ";" + $user_python_dir + [Environment]::SetEnvironmentVariable("Path", $env:Path, "User") } # Download mongodb - if(!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "mongodb") )){ - "Downloading mongodb ..." - $webClient.DownloadFile($MONGODB_URL, $TEMP_MONGODB_ZIP) - "Unzipping mongodb" - Expand-Archive $TEMP_MONGODB_ZIP -DestinationPath $binDir - # Get unzipped folder's name - $mongodb_folder = Get-ChildItem -Path $binDir | Where-Object -FilterScript {($_.Name -like "mongodb*")} | Select-Object -ExpandProperty Name - # Move all files from extracted folder to mongodb folder - New-Item -ItemType directory -Path (Join-Path -Path $binDir -ChildPath "mongodb") - New-Item -ItemType directory -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "db") - "Moving extracted files" - Move-Item -Path (Join-Path -Path $binDir -ChildPath $mongodb_folder | Join-Path -ChildPath "\bin\*") -Destination (Join-Path -Path $binDir -ChildPath "mongodb\") - "Removing zip file" - Remove-Item $TEMP_MONGODB_ZIP - Remove-Item (Join-Path -Path $binDir -ChildPath $mongodb_folder) -Recurse + if (!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "mongodb"))) + { + "Downloading mongodb ..." + $webClient.DownloadFile($MONGODB_URL, $TEMP_MONGODB_ZIP) + "Unzipping mongodb" + Expand-Archive $TEMP_MONGODB_ZIP -DestinationPath $binDir + # Get unzipped folder's name + $mongodb_folder = Get-ChildItem -Path $binDir | Where-Object -FilterScript { + ($_.Name -like "mongodb*") + } | Select-Object -ExpandProperty Name + # Move all files from extracted folder to mongodb folder + New-Item -ItemType directory -Path (Join-Path -Path $binDir -ChildPath "mongodb") + New-Item -ItemType directory -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "db") + "Moving extracted files" + Move-Item -Path (Join-Path -Path $binDir -ChildPath $mongodb_folder | Join-Path -ChildPath "\bin\*") -Destination (Join-Path -Path $binDir -ChildPath "mongodb\") + "Removing zip file" + Remove-Item $TEMP_MONGODB_ZIP + Remove-Item (Join-Path -Path $binDir -ChildPath $mongodb_folder) -Recurse } # Download OpenSSL @@ -140,20 +159,23 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Installing npm" try { - $version = cmd.exe /c '"npm" --version 2>&1' - if ( $version -like "*is not recognized*"){ - throw System.Management.Automation.CommandNotFoundException - } else { - "Npm already installed" - } + $version = cmd.exe /c '"npm" --version 2>&1' + if ($version -like "*is not recognized*") + { + throw System.Management.Automation.CommandNotFoundException + } + else + { + "Npm already installed" + } } catch [System.Management.Automation.CommandNotFoundException] { - "Downloading npm ..." - $webClient.DownloadFile($NPM_URL, $TEMP_NPM_INSTALLER) - Start-Process -Wait $TEMP_NPM_INSTALLER - $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") - Remove-Item $TEMP_NPM_INSTALLER + "Downloading npm ..." + $webClient.DownloadFile($NPM_URL, $TEMP_NPM_INSTALLER) + Start-Process -Wait $TEMP_NPM_INSTALLER + $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + Remove-Item $TEMP_NPM_INSTALLER } "Updating npm" @@ -173,41 +195,46 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue # Download upx - if(!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe") )){ - "Downloading upx ..." - $webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP) - "Unzipping upx" - Expand-Archive $TEMP_UPX_ZIP -DestinationPath $binDir -ErrorAction SilentlyContinue - Move-Item -Path (Join-Path -Path $binDir -ChildPath $UPX_FOLDER | Join-Path -ChildPath "upx.exe") -Destination $binDir - # Remove unnecessary files - Remove-Item -Recurse -Force (Join-Path -Path $binDir -ChildPath $UPX_FOLDER) - "Removing zip file" - Remove-Item $TEMP_UPX_ZIP + if (!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe"))) + { + "Downloading upx ..." + $webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP) + "Unzipping upx" + Expand-Archive $TEMP_UPX_ZIP -DestinationPath $binDir -ErrorAction SilentlyContinue + Move-Item -Path (Join-Path -Path $binDir -ChildPath $UPX_FOLDER | Join-Path -ChildPath "upx.exe") -Destination $binDir + # Remove unnecessary files + Remove-Item -Recurse -Force (Join-Path -Path $binDir -ChildPath $UPX_FOLDER) + "Removing zip file" + Remove-Item $TEMP_UPX_ZIP } # Download mimikatz binaries $mk32_path = Join-Path -Path $binDir -ChildPath $MK32_DLL - if(!(Test-Path -Path $mk32_path )){ - "Downloading mimikatz 32 binary" - $webClient.DownloadFile($MK32_DLL_URL, $mk32_path) + if (!(Test-Path -Path $mk32_path)) + { + "Downloading mimikatz 32 binary" + $webClient.DownloadFile($MK32_DLL_URL, $mk32_path) } $mk64_path = Join-Path -Path $binDir -ChildPath $MK64_DLL - if(!(Test-Path -Path $mk64_path )){ - "Downloading mimikatz 64 binary" - $webClient.DownloadFile($MK64_DLL_URL, $mk64_path) + if (!(Test-Path -Path $mk64_path)) + { + "Downloading mimikatz 64 binary" + $webClient.DownloadFile($MK64_DLL_URL, $mk64_path) } # Download sambacry binaries $samba_path = Join-Path -Path $monkey_home -ChildPath $SAMBA_BINARIES_DIR $samba32_path = Join-Path -Path $samba_path -ChildPath $SAMBA_32_BINARY_NAME - if(!(Test-Path -Path $samba32_path )){ - "Downloading sambacry 32 binary" - $webClient.DownloadFile($SAMBA_32_BINARY_URL, $samba32_path) + if (!(Test-Path -Path $samba32_path)) + { + "Downloading sambacry 32 binary" + $webClient.DownloadFile($SAMBA_32_BINARY_URL, $samba32_path) } $samba64_path = Join-Path -Path $samba_path -ChildPath $SAMBA_64_BINARY_NAME - if(!(Test-Path -Path $samba64_path )){ - "Downloading sambacry 64 binary" - $webClient.DownloadFile($SAMBA_64_BINARY_URL, $samba64_path) + if (!(Test-Path -Path $samba64_path)) + { + "Downloading sambacry 64 binary" + $webClient.DownloadFile($SAMBA_64_BINARY_URL, $samba64_path) } "Script finished" From cb8d2eb0ef6e2ae584497e7bc654dc41a2f65c73 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 23:27:26 +0200 Subject: [PATCH 03/42] Make deploy_windows.ps1.sh download the configuration, avoiding need for duplicate git clone. --- deployment_scripts/deploy_windows.ps1 | 177 +++++++++++++------------- 1 file changed, 90 insertions(+), 87 deletions(-) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index fb0f29305..b04d04e0f 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -7,26 +7,29 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, # Import the config variables + $config_filename = "config.ps1" + $config_url = "https://raw.githubusercontent.com/guardicore/monkey/" + $branch + "/deployment_scripts/config.ps1" + $webClient.DownloadFile($config_url, $config_filename) . ./config.ps1 "Config variables from config.ps1 imported" # If we want monkey in current dir we need to create an empty folder for source files if ((Join-Path $monkey_home '') -eq (Join-Path (Get-Item -Path ".\").FullName '')) { - $monkey_home = Join-Path -Path $monkey_home -ChildPath $MONKEY_FOLDER_NAME + $monkey_home = Join-Path -Path $monkey_home -ChildPath $MONKEY_FOLDER_NAME } # We check if git is installed try { - git | Out-Null -ErrorAction Stop - "Git requirement satisfied" + git | Out-Null -ErrorAction Stop + "Git requirement satisfied" } catch [System.Management.Automation.CommandNotFoundException] { - "Please install git before running this script or add it to path and restart cmd" - return + "Please install git before running this script or add it to path and restart cmd" + return } # Download the monkey @@ -34,50 +37,50 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\bin") if ($output -like "*already exists and is not an empty directory.*") { - "Assuming you already have the source directory. If not, make sure to set an empty directory as monkey's home directory." + "Assuming you already have the source directory. If not, make sure to set an empty directory as monkey's home directory." } elseif ($output -like "fatal:*") { - "Error while cloning monkey from the repository:" - $output - return + "Error while cloning monkey from the repository:" + $output + return } else { - "Monkey cloned from the repository" - # Create bin directory - New-Item -ItemType directory -path $binDir - "Bin directory added" + "Monkey cloned from the repository" + # Create bin directory + New-Item -ItemType directory -path $binDir + "Bin directory added" } # We check if python is installed try { - $version = cmd.exe /c '"python" --version 2>&1' - if ($version -like 'Python 3.*') - { - "Python 3.* was found, installing dependencies" - } - else - { - throw System.Management.Automation.CommandNotFoundException - } + $version = cmd.exe /c '"python" --version 2>&1' + if ($version -like 'Python 3.*') + { + "Python 3.* was found, installing dependencies" + } + else + { + throw System.Management.Automation.CommandNotFoundException + } } catch [System.Management.Automation.CommandNotFoundException] { - "Downloading python 3 ..." - "Select 'add to PATH' when installing" - $webClient.DownloadFile($PYTHON_URL, $TEMP_PYTHON_INSTALLER) - Start-Process -Wait $TEMP_PYTHON_INSTALLER -ErrorAction Stop - $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User") - Remove-Item $TEMP_PYTHON_INSTALLER - # Check if installed correctly - $version = cmd.exe /c '"python" --version 2>&1' - if ($version -like '* is not recognized*') - { - "Python is not found in PATH. Add it to PATH and relaunch the script." - return - } + "Downloading python 3 ..." + "Select 'add to PATH' when installing" + $webClient.DownloadFile($PYTHON_URL, $TEMP_PYTHON_INSTALLER) + Start-Process -Wait $TEMP_PYTHON_INSTALLER -ErrorAction Stop + $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User") + Remove-Item $TEMP_PYTHON_INSTALLER + # Check if installed correctly + $version = cmd.exe /c '"python" --version 2>&1' + if ($version -like '* is not recognized*') + { + "Python is not found in PATH. Add it to PATH and relaunch the script." + return + } } "Upgrading pip..." @@ -85,8 +88,8 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $output if ($output -like '*No module named pip*') { - "Make sure pip module is installed and re-run this script." - return + "Make sure pip module is installed and re-run this script." + return } "Installing python packages for island" @@ -100,30 +103,30 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $user_python_dir = Join-Path (Split-Path $user_python_dir) -ChildPath "\Scripts" if (!($ENV: PATH | Select-String -SimpleMatch $user_python_dir)) { - "Adding python scripts path to user's env" - $env: Path += ";" + $user_python_dir - [Environment]::SetEnvironmentVariable("Path", $env:Path, "User") + "Adding python scripts path to user's env" + $env: Path += ";" + $user_python_dir + [Environment]::SetEnvironmentVariable("Path", $env:Path, "User") } # Download mongodb if (!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "mongodb"))) { - "Downloading mongodb ..." - $webClient.DownloadFile($MONGODB_URL, $TEMP_MONGODB_ZIP) - "Unzipping mongodb" - Expand-Archive $TEMP_MONGODB_ZIP -DestinationPath $binDir - # Get unzipped folder's name - $mongodb_folder = Get-ChildItem -Path $binDir | Where-Object -FilterScript { - ($_.Name -like "mongodb*") - } | Select-Object -ExpandProperty Name - # Move all files from extracted folder to mongodb folder - New-Item -ItemType directory -Path (Join-Path -Path $binDir -ChildPath "mongodb") - New-Item -ItemType directory -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "db") - "Moving extracted files" - Move-Item -Path (Join-Path -Path $binDir -ChildPath $mongodb_folder | Join-Path -ChildPath "\bin\*") -Destination (Join-Path -Path $binDir -ChildPath "mongodb\") - "Removing zip file" - Remove-Item $TEMP_MONGODB_ZIP - Remove-Item (Join-Path -Path $binDir -ChildPath $mongodb_folder) -Recurse + "Downloading mongodb ..." + $webClient.DownloadFile($MONGODB_URL, $TEMP_MONGODB_ZIP) + "Unzipping mongodb" + Expand-Archive $TEMP_MONGODB_ZIP -DestinationPath $binDir + # Get unzipped folder's name + $mongodb_folder = Get-ChildItem -Path $binDir | Where-Object -FilterScript { + ($_.Name -like "mongodb*") + } | Select-Object -ExpandProperty Name + # Move all files from extracted folder to mongodb folder + New-Item -ItemType directory -Path (Join-Path -Path $binDir -ChildPath "mongodb") + New-Item -ItemType directory -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "db") + "Moving extracted files" + Move-Item -Path (Join-Path -Path $binDir -ChildPath $mongodb_folder | Join-Path -ChildPath "\bin\*") -Destination (Join-Path -Path $binDir -ChildPath "mongodb\") + "Removing zip file" + Remove-Item $TEMP_MONGODB_ZIP + Remove-Item (Join-Path -Path $binDir -ChildPath $mongodb_folder) -Recurse } # Download OpenSSL @@ -159,23 +162,23 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Installing npm" try { - $version = cmd.exe /c '"npm" --version 2>&1' - if ($version -like "*is not recognized*") - { - throw System.Management.Automation.CommandNotFoundException - } - else - { - "Npm already installed" - } + $version = cmd.exe /c '"npm" --version 2>&1' + if ($version -like "*is not recognized*") + { + throw System.Management.Automation.CommandNotFoundException + } + else + { + "Npm already installed" + } } catch [System.Management.Automation.CommandNotFoundException] { - "Downloading npm ..." - $webClient.DownloadFile($NPM_URL, $TEMP_NPM_INSTALLER) - Start-Process -Wait $TEMP_NPM_INSTALLER - $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") - Remove-Item $TEMP_NPM_INSTALLER + "Downloading npm ..." + $webClient.DownloadFile($NPM_URL, $TEMP_NPM_INSTALLER) + Start-Process -Wait $TEMP_NPM_INSTALLER + $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + Remove-Item $TEMP_NPM_INSTALLER } "Updating npm" @@ -197,29 +200,29 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, # Download upx if (!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe"))) { - "Downloading upx ..." - $webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP) - "Unzipping upx" - Expand-Archive $TEMP_UPX_ZIP -DestinationPath $binDir -ErrorAction SilentlyContinue - Move-Item -Path (Join-Path -Path $binDir -ChildPath $UPX_FOLDER | Join-Path -ChildPath "upx.exe") -Destination $binDir - # Remove unnecessary files - Remove-Item -Recurse -Force (Join-Path -Path $binDir -ChildPath $UPX_FOLDER) - "Removing zip file" - Remove-Item $TEMP_UPX_ZIP + "Downloading upx ..." + $webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP) + "Unzipping upx" + Expand-Archive $TEMP_UPX_ZIP -DestinationPath $binDir -ErrorAction SilentlyContinue + Move-Item -Path (Join-Path -Path $binDir -ChildPath $UPX_FOLDER | Join-Path -ChildPath "upx.exe") -Destination $binDir + # Remove unnecessary files + Remove-Item -Recurse -Force (Join-Path -Path $binDir -ChildPath $UPX_FOLDER) + "Removing zip file" + Remove-Item $TEMP_UPX_ZIP } # Download mimikatz binaries $mk32_path = Join-Path -Path $binDir -ChildPath $MK32_DLL if (!(Test-Path -Path $mk32_path)) { - "Downloading mimikatz 32 binary" - $webClient.DownloadFile($MK32_DLL_URL, $mk32_path) + "Downloading mimikatz 32 binary" + $webClient.DownloadFile($MK32_DLL_URL, $mk32_path) } $mk64_path = Join-Path -Path $binDir -ChildPath $MK64_DLL if (!(Test-Path -Path $mk64_path)) { - "Downloading mimikatz 64 binary" - $webClient.DownloadFile($MK64_DLL_URL, $mk64_path) + "Downloading mimikatz 64 binary" + $webClient.DownloadFile($MK64_DLL_URL, $mk64_path) } # Download sambacry binaries @@ -227,14 +230,14 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $samba32_path = Join-Path -Path $samba_path -ChildPath $SAMBA_32_BINARY_NAME if (!(Test-Path -Path $samba32_path)) { - "Downloading sambacry 32 binary" - $webClient.DownloadFile($SAMBA_32_BINARY_URL, $samba32_path) + "Downloading sambacry 32 binary" + $webClient.DownloadFile($SAMBA_32_BINARY_URL, $samba32_path) } $samba64_path = Join-Path -Path $samba_path -ChildPath $SAMBA_64_BINARY_NAME if (!(Test-Path -Path $samba64_path)) { - "Downloading sambacry 64 binary" - $webClient.DownloadFile($SAMBA_64_BINARY_URL, $samba64_path) + "Downloading sambacry 64 binary" + $webClient.DownloadFile($SAMBA_64_BINARY_URL, $samba64_path) } "Script finished" From 1c4c22d8e916bff7d8d0822e591499934b75305c Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 4 Jan 2020 23:31:09 +0200 Subject: [PATCH 04/42] Update deployment README.md --- deployment_scripts/README.md | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md index f51bd151e..750979a4d 100644 --- a/deployment_scripts/README.md +++ b/deployment_scripts/README.md @@ -2,13 +2,15 @@ ## Windows Before running the script you must have git installed.
-Cd to scripts directory and use the scripts.
+`Invoke-WebRequest https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_windows.ps1 -OutFile deploy_windows.ps1` +Then execute the resulting script with your shell. First argument is an empty directory (script can create one) and second is branch you want to clone. Example usages:
-./run_script.bat (Sets up monkey in current directory under .\infection_monkey)
-./run_script.bat "C:\test" (Sets up monkey in C:\test)
-powershell -ExecutionPolicy ByPass -Command ". .\deploy_windows.ps1; Deploy-Windows -monkey_home C:\test" (Same as above)
-./run_script.bat "" "master"(Sets up master branch instead of develop in current dir) +`./run_script.bat` (Sets up monkey in current directory under .\infection_monkey)
+`./run_script.bat "C:\test"` (Sets up monkey in C:\test)
+`powershell -ExecutionPolicy ByPass -Command ". .\deploy_windows.ps1; Deploy-Windows -monkey_home C:\test"` (Same as above)
+`./run_script.bat "" "master"` (Sets up master branch instead of develop in current dir) + Don't forget to add python to PATH or do so while installing it via this script.
## Linux @@ -16,12 +18,11 @@ Don't forget to add python to PATH or do so while installing it via this script. Linux deployment script is meant for Ubuntu 16.x machines. You must have root permissions, but don't run the script as root.
`wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh` - Then execute the resulting script with your shell. First argument should be an absolute path of an empty directory (script will create one if doesn't exist, default is ./infection_monkey). Second parameter is the branch you want to clone (develop by default). Example usages:
-./deploy_linux.sh (deploys under ./infection_monkey)
-./deploy_linux.sh "/home/test/monkey" (deploys under /home/test/monkey)
-./deploy_linux.sh "" "master" (deploys master branch in script directory)
-./deploy_linux.sh "/home/user/new" "master" (if directory "new" is not found creates it and clones master branch into it)
+`./deploy_linux.sh` (deploys under ./infection_monkey)
+`./deploy_linux.sh "/home/test/monkey"` (deploys under /home/test/monkey)
+`./deploy_linux.sh "" "master"` (deploys master branch in script directory)
+`./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it)
From 291ce9a1994173604641afbbc6f5fbfbc4730ec0 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 20 Jan 2020 09:43:45 +0200 Subject: [PATCH 05/42] Minimize log messages. --- deployment_scripts/deploy_linux.sh | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index c41774393..cc0674ac4 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -13,13 +13,25 @@ has_sudo() { timeout 1 sudo id && return 0 || return 1 } +handle_error() { + echo "Fix the errors above and rerun the script" + exit 1 +} + +log_message() { + echo -e "\n\n" + echo -e "DEPLOYMENT SCRIPT: $1" +} + config_branch=${2:-"develop"} config_url="https://raw.githubusercontent.com/guardicore/monkey/"$config_branch"/deployment_scripts/config" if exists curl; then file=$(mktemp) curl -s -o $file "$config_url" + log_message "downloaded configuration" source $file + log_message "loaded configuration" rm $file else echo 'Your system does not have curl, exiting' @@ -40,16 +52,7 @@ ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries" INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey" MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin" -handle_error() { - echo "Fix the errors above and rerun the script" - exit 1 -} -log_message() { - echo -e "\n\n-------------------------------------------" - echo -e "DEPLOYMENT SCRIPT: $1" - echo -e "-------------------------------------------\n" -} if is_root; then echo "Please don't runt this script as root" From b420a83e2265d32f278ba9307efaad16e00651eb Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 08:36:42 +0200 Subject: [PATCH 06/42] Fix typos --- deployment_scripts/deploy_linux.sh | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index cc0674ac4..bb7a31307 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -55,7 +55,7 @@ MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin" if is_root; then - echo "Please don't runt this script as root" + echo "Please don't run this script as root" exit 1 fi @@ -75,7 +75,7 @@ if ! exists git; then fi if ! exists wget; then - echo 'Your system does have wget, please install and re-run this script' + echo 'Your system does not have wget, please install and re-run this script' exit 1 fi @@ -115,10 +115,6 @@ fi log_message "Updating package list" sudo apt-get update -log_message "Installing pip" -sudo apt install python3-pip -${python_cmd} -m pip install pip - log_message "Install python3.7-dev" sudo apt-get install python3.7-dev From 5002a7c17360a50450762c225a841f756ecb571b Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 08:43:35 +0200 Subject: [PATCH 07/42] Consistency cleanups --- deployment_scripts/deploy_linux.sh | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index bb7a31307..da14a7acc 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -24,7 +24,7 @@ log_message() { } config_branch=${2:-"develop"} -config_url="https://raw.githubusercontent.com/guardicore/monkey/"$config_branch"/deployment_scripts/config" +config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config" if exists curl; then file=$(mktemp) @@ -46,14 +46,11 @@ fi # We can set main paths after we know the home dir ISLAND_PATH="$monkey_home/monkey/monkey_island" -MONKEY_COMMON_PATH="$monkey_home/monkey/common/" MONGO_PATH="$ISLAND_PATH/bin/mongodb" ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries" INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey" MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin" - - if is_root; then echo "Please don't run this script as root" exit 1 @@ -118,14 +115,14 @@ sudo apt-get update log_message "Install python3.7-dev" sudo apt-get install python3.7-dev -log_message "Installing island requirements" -requirements="$ISLAND_PATH/requirements.txt" -${python_cmd} -m pip install --user --upgrade -r ${requirements} || handle_error +log_message "Installing island requirements_island" +requirements_island="$ISLAND_PATH/requirements.txt" +${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error -log_message "Installing monkey requirements" +log_message "Installing monkey requirements_island" sudo apt-get install libffi-dev upx libssl-dev libc++1 -cd "${monkey_home}"/monkey/infection_monkey || handle_error -${python_cmd} -m pip install -r requirements.txt --user --upgrade || handle_error +requirements_monkey="$INFECTION_MONKEY_DIR/requirements.txt" +${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || handle_error # Download binaries log_message "Downloading binaries" @@ -183,7 +180,7 @@ log_message "Downloading traceroute binaries" wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_64_BINARY_URL}" wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_32_BINARY_URL}" -sudo chmod +x "${monkey_home}"/monkey/infection_monkey/build_linux.sh +sudo chmod +x "${INFECTION_MONKEY_DIR}/build_linux.sh" log_message "Deployment script finished." exit 0 From 2d5dbf0b537a9c1c2cd48a15b2b34741cfd02d1c Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 08:47:32 +0200 Subject: [PATCH 08/42] Remove unused variables --- deployment_scripts/config | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/deployment_scripts/config b/deployment_scripts/config index fb7a3d5b6..079359355 100644 --- a/deployment_scripts/config +++ b/deployment_scripts/config @@ -18,8 +18,4 @@ WINDOWS_64_BINARY_NAME="monkey-windows-64.exe" TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute64" TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute32" SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner64.so" -SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so" - -# Mongo url's -MONGO_DEBIAN_URL="https://downloads.mongodb.org/linux/mongodb-linux-x86_64-debian81-latest.tgz" -MONGO_UBUNTU_URL="https://downloads.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-latest.tgz" +SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so" \ No newline at end of file From fb98a9fa123f57c3a50477ac6dc191bfb3149cb7 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 09:15:22 +0200 Subject: [PATCH 09/42] Consolidate apt install commands --- deployment_scripts/deploy_linux.sh | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index da14a7acc..a00793a2c 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -104,17 +104,11 @@ if [[ ${python_cmd} == "" ]]; then log_message "Python 3.7 command not found. Installing python 3.7." sudo add-apt-repository ppa:deadsnakes/ppa sudo apt-get update - sudo apt install python3.7 + sudo apt install python3.7 python3.7-dev log_message "Python 3.7 is now available with command 'python3.7'." python_cmd="python3.7" fi -log_message "Updating package list" -sudo apt-get update - -log_message "Install python3.7-dev" -sudo apt-get install python3.7-dev - log_message "Installing island requirements_island" requirements_island="$ISLAND_PATH/requirements.txt" ${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error From 2a6c2d5836dc896dc8d29ae7272f1ed4e622a435 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 09:16:11 +0200 Subject: [PATCH 10/42] Add get-pip command --- deployment_scripts/deploy_linux.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index a00793a2c..63f3d9ef0 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -109,6 +109,9 @@ if [[ ${python_cmd} == "" ]]; then python_cmd="python3.7" fi +curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py +${python_cmd} get-pip.py + log_message "Installing island requirements_island" requirements_island="$ISLAND_PATH/requirements.txt" ${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error From 5ecbc5f7a4b2acff8604b28fa3e9f88617db87e9 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 09:49:01 +0200 Subject: [PATCH 11/42] Add build-essential command --- deployment_scripts/deploy_linux.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 63f3d9ef0..2e1a5a1f8 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -109,6 +109,8 @@ if [[ ${python_cmd} == "" ]]; then python_cmd="python3.7" fi +sudo apt install build-essentials + curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py ${python_cmd} get-pip.py From 59f9e487bb735c7aef1809d92adbfb5274fbe784 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 09:59:09 +0200 Subject: [PATCH 12/42] Update binary links for Windows --- deployment_scripts/config.ps1 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1 index 095f7b899..869593a9b 100644 --- a/deployment_scripts/config.ps1 +++ b/deployment_scripts/config.ps1 @@ -14,10 +14,12 @@ $WINDOWS_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download $WINDOWS_32_BINARY_PATH = "monkey-windows-32.exe" $WINDOWS_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-64.exe" $WINDOWS_64_BINARY_PATH = "monkey-windows-64.exe" -$SAMBA_32_BINARY_URL = "https://github.com/VakarisZ/tempBinaries/raw/master/sc_monkey_runner32.so" +$SAMBA_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so" $SAMBA_32_BINARY_NAME= "sc_monkey_runner32.so" -$SAMBA_64_BINARY_URL = "https://github.com/VakarisZ/tempBinaries/raw/master/sc_monkey_runner64.so" +$SAMBA_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner64.so" $SAMBA_64_BINARY_NAME = "sc_monkey_runner64.so" +$TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute64" +$TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute32" # Other directories and paths ( most likely you dont need to configure) $MONKEY_ISLAND_DIR = "\monkey\monkey_island" From aa3442195b65996f7db6807a1e41b84e9e4a1cb9 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 09:59:19 +0200 Subject: [PATCH 13/42] Fix syntax errors in PS --- deployment_scripts/deploy_windows.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index b04d04e0f..b4b3c9b8c 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -72,7 +72,7 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Select 'add to PATH' when installing" $webClient.DownloadFile($PYTHON_URL, $TEMP_PYTHON_INSTALLER) Start-Process -Wait $TEMP_PYTHON_INSTALLER -ErrorAction Stop - $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User") + $env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path", "User") Remove-Item $TEMP_PYTHON_INSTALLER # Check if installed correctly $version = cmd.exe /c '"python" --version 2>&1' @@ -101,10 +101,10 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $user_python_dir = cmd.exe /c 'py -m site --user-site' $user_python_dir = Join-Path (Split-Path $user_python_dir) -ChildPath "\Scripts" - if (!($ENV: PATH | Select-String -SimpleMatch $user_python_dir)) + if (!($ENV:Path | Select-String -SimpleMatch $user_python_dir)) { "Adding python scripts path to user's env" - $env: Path += ";" + $user_python_dir + $env:Path += ";" + $user_python_dir [Environment]::SetEnvironmentVariable("Path", $env:Path, "User") } @@ -177,7 +177,7 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Downloading npm ..." $webClient.DownloadFile($NPM_URL, $TEMP_NPM_INSTALLER) Start-Process -Wait $TEMP_NPM_INSTALLER - $env: Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + $env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") Remove-Item $TEMP_NPM_INSTALLER } From 66a5133a61320e6204cc9f0840769e6deb968d8d Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 10:32:34 +0200 Subject: [PATCH 14/42] Update a lot of URLs and restructure them --- deployment_scripts/config.ps1 | 41 ++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1 index 869593a9b..ab98eaffb 100644 --- a/deployment_scripts/config.ps1 +++ b/deployment_scripts/config.ps1 @@ -2,30 +2,33 @@ $MONKEY_FOLDER_NAME = "infection_monkey" # Url of public git repository that contains monkey's source code $MONKEY_GIT_URL = "https://github.com/guardicore/monkey" +$MONKEY_RELEASES_URL = $MONKEY_GIT_URL + "/releases" +$MONKEY_LATEST_VERSION = "1.7.0" +$MONKEY_DOWNLOAD_URL = $MONKEY_RELEASES_URL + "/" + $MONKEY_LATEST_VERSION + "/" # Link to the latest python download or install it manually -$PYTHON_URL = "https://www.python.org/ftp/python/3.7.4/python-3.7.4-amd64.exe" +$PYTHON_URL = "https://www.python.org/ftp/python/3.7.6/python-3.7.6-amd64.exe" + # Monkey binaries -$LINUX_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-32" +$LINUX_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-linux-32" $LINUX_32_BINARY_PATH = "monkey-linux-32" -$LINUX_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-64" +$LINUX_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-linux-64" $LINUX_64_BINARY_PATH = "monkey-linux-64" -$WINDOWS_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-32.exe" +$WINDOWS_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-windows-32.exe" $WINDOWS_32_BINARY_PATH = "monkey-windows-32.exe" -$WINDOWS_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-64.exe" +$WINDOWS_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "monkey-windows-64.exe" $WINDOWS_64_BINARY_PATH = "monkey-windows-64.exe" -$SAMBA_32_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so" -$SAMBA_32_BINARY_NAME= "sc_monkey_runner32.so" -$SAMBA_64_BINARY_URL = "https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner64.so" +$SAMBA_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "sc_monkey_runner32.so" +$SAMBA_32_BINARY_NAME = "sc_monkey_runner32.so" +$SAMBA_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "sc_monkey_runner64.so" $SAMBA_64_BINARY_NAME = "sc_monkey_runner64.so" -$TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute64" -$TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute32" +$TRACEROUTE_64_BINARY_URL = $MONKEY_DOWNLOAD_URL + "traceroute64" +$TRACEROUTE_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "traceroute32" # Other directories and paths ( most likely you dont need to configure) -$MONKEY_ISLAND_DIR = "\monkey\monkey_island" -$MONKEY_DIR = "\monkey\infection_monkey" +$MONKEY_ISLAND_DIR = Join-Path "\monkey" -ChildPath "monkey_island" +$MONKEY_DIR = Join-Path "\monkey" -ChildPath "infection_monkey" $SAMBA_BINARIES_DIR = Join-Path -Path $MONKEY_DIR -ChildPath "\bin" -$PYTHON_DLL = "C:\Windows\System32\python27.dll" $MK32_DLL = "mk32.zip" $MK64_DLL = "mk64.zip" $TEMP_PYTHON_INSTALLER = ".\python.exe" @@ -33,16 +36,14 @@ $TEMP_MONGODB_ZIP = ".\mongodb.zip" $TEMP_OPEN_SSL_ZIP = ".\openssl.zip" $TEMP_CPP_INSTALLER = "cpp.exe" $TEMP_NPM_INSTALLER = "node.msi" -$TEMP_PYWIN32_INSTALLER = "pywin32.exe" $TEMP_UPX_ZIP = "upx.zip" -$UPX_FOLDER = "upx394w" +$UPX_FOLDER = "upx-3.96-win64" # Other url's -$MONGODB_URL = "https://downloads.mongodb.org/win32/mongodb-win32-x86_64-2008plus-ssl-latest.zip" -$OPEN_SSL_URL = "https://indy.fulgan.com/SSL/Archive/openssl-1.0.2l-i386-win32.zip" +$MONGODB_URL = "https://downloads.mongodb.org/win32/mongodb-win32-x86_64-2012plus-v4.2-latest.zip" +$OPEN_SSL_URL = "https://indy.fulgan.com/SSL/openssl-1.0.2u-x64_86-win64.zip" $CPP_URL = "https://go.microsoft.com/fwlink/?LinkId=746572" -$NPM_URL = "https://nodejs.org/dist/v10.13.0/node-v10.13.0-x64.msi" -$PYWIN32_URL = "https://github.com/mhammond/pywin32/releases/download/b225/pywin32-225.win-amd64-py3.7.exe" +$NPM_URL = "https://nodejs.org/dist/v12.14.1/node-v12.14.1-x64.msi" $MK32_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk32.zip" $MK64_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk64.zip" -$UPX_URL = "https://github.com/upx/upx/releases/download/v3.94/upx394w.zip" +$UPX_URL = "https://github.com/upx/upx/releases/download/v3.96/upx-3.96-win64.zip" From 9edce17297f158b0a8b4293cd74f150f0f62bd4d Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 10:32:47 +0200 Subject: [PATCH 15/42] Install Pywin32 using pip now --- deployment_scripts/deploy_windows.ps1 | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index b4b3c9b8c..971f4917d 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -92,6 +92,9 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, return } + "Installing pywin32" + python -m pip install --user pywin32 + "Installing python packages for island" $islandRequirements = Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\requirements.txt" -ErrorAction Stop & python -m pip install --user -r $islandRequirements @@ -187,12 +190,6 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, & npm run dist Pop-Location - # Install pywin32 - "Downloading pywin32" - $webClient.DownloadFile($PYWIN32_URL, $TEMP_PYWIN32_INSTALLER) - Start-Process -Wait $TEMP_PYWIN32_INSTALLER -ErrorAction Stop - Remove-Item $TEMP_PYWIN32_INSTALLER - # Create infection_monkey/bin directory if not already present $binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_DIR | Join-Path -ChildPath "\bin") New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue From c53806e789b680ee3f4ff13ce7865ce99d949f9d Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 11:15:46 +0200 Subject: [PATCH 16/42] Missing URL path parameter --- deployment_scripts/config.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1 index ab98eaffb..a50f3e935 100644 --- a/deployment_scripts/config.ps1 +++ b/deployment_scripts/config.ps1 @@ -4,7 +4,7 @@ $MONKEY_FOLDER_NAME = "infection_monkey" $MONKEY_GIT_URL = "https://github.com/guardicore/monkey" $MONKEY_RELEASES_URL = $MONKEY_GIT_URL + "/releases" $MONKEY_LATEST_VERSION = "1.7.0" -$MONKEY_DOWNLOAD_URL = $MONKEY_RELEASES_URL + "/" + $MONKEY_LATEST_VERSION + "/" +$MONKEY_DOWNLOAD_URL = $MONKEY_RELEASES_URL + "/download/" + $MONKEY_LATEST_VERSION + "/" # Link to the latest python download or install it manually $PYTHON_URL = "https://www.python.org/ftp/python/3.7.6/python-3.7.6-amd64.exe" From 161265e4c4a819f37c6492c9c098f8b116a7ec1d Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 11:16:00 +0200 Subject: [PATCH 17/42] Remove config.ps1 after loading the configuration --- deployment_scripts/deploy_windows.ps1 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index 971f4917d..987a9b70b 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -12,6 +12,8 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $webClient.DownloadFile($config_url, $config_filename) . ./config.ps1 "Config variables from config.ps1 imported" + Remove-Item $config_filename + # If we want monkey in current dir we need to create an empty folder for source files if ((Join-Path $monkey_home '') -eq (Join-Path (Get-Item -Path ".\").FullName '')) From e226e7410010b1d0f385568e14c2be981017ce12 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 3 Feb 2020 12:18:02 +0200 Subject: [PATCH 18/42] No more need for run_script.bat. Cleaned up README.md visually --- deployment_scripts/README.md | 12 ++++++++---- deployment_scripts/deploy_windows.ps1 | 19 ++++++++++++++++--- deployment_scripts/run_script.bat | 8 -------- 3 files changed, 24 insertions(+), 15 deletions(-) delete mode 100644 deployment_scripts/run_script.bat diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md index 750979a4d..812337eba 100644 --- a/deployment_scripts/README.md +++ b/deployment_scripts/README.md @@ -3,13 +3,17 @@ Before running the script you must have git installed.
`Invoke-WebRequest https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_windows.ps1 -OutFile deploy_windows.ps1` + Then execute the resulting script with your shell. First argument is an empty directory (script can create one) and second is branch you want to clone. + Example usages:
-`./run_script.bat` (Sets up monkey in current directory under .\infection_monkey)
-`./run_script.bat "C:\test"` (Sets up monkey in C:\test)
-`powershell -ExecutionPolicy ByPass -Command ". .\deploy_windows.ps1; Deploy-Windows -monkey_home C:\test"` (Same as above)
-`./run_script.bat "" "master"` (Sets up master branch instead of develop in current dir) +`.\deploy_windows.ps1` (Sets up monkey in current directory under .\infection_monkey)
+`.\deploy_windows.ps1 -monkey_home "C:\test"` (Sets up monkey in C:\test)
+`.\deploy_windows.ps1 -branch "master"` (Sets up master branch instead of develop in current dir) + +If you run into Execution Policy warnings, you can disable them by prefixing the following snippet +`powershell -ExecutionPolicy ByPass -Command "[original command here]"` Don't forget to add python to PATH or do so while installing it via this script.
diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index 987a9b70b..9272533fd 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -1,18 +1,28 @@ +param( + [Parameter(Mandatory = $false, Position = 0)] + [String] $monkey_home = (Get-Item -Path ".\").FullName, + + [Parameter(Mandatory = $false, Position = 1)] + [System.String] + $branch = "develop" +) function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, [String] $branch = "develop") { - + Write-Output "Downloading to $monkey_home" + Write-Output "Branch $branch" # Set variables for script execution [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $webClient = New-Object System.Net.WebClient # Import the config variables + $config_filename = New-TemporaryFile $config_filename = "config.ps1" $config_url = "https://raw.githubusercontent.com/guardicore/monkey/" + $branch + "/deployment_scripts/config.ps1" $webClient.DownloadFile($config_url, $config_filename) . ./config.ps1 "Config variables from config.ps1 imported" - Remove-Item $config_filename + #Remove-Item $config_filename # If we want monkey in current dir we need to create an empty folder for source files @@ -35,7 +45,9 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, } # Download the monkey - $output = cmd.exe /c "git clone --single-branch -b $branch $MONKEY_GIT_URL $monkey_home 2>&1" + $command = "git clone --single-branch -b $branch $MONKEY_GIT_URL $monkey_home 2>&1" + Write-Output $command + $output = cmd.exe /c $command $binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\bin") if ($output -like "*already exists and is not an empty directory.*") { @@ -242,3 +254,4 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Script finished" } +Deploy-Windows -monkey_home $monkey_home -branch $branch \ No newline at end of file diff --git a/deployment_scripts/run_script.bat b/deployment_scripts/run_script.bat deleted file mode 100644 index 3dcd62760..000000000 --- a/deployment_scripts/run_script.bat +++ /dev/null @@ -1,8 +0,0 @@ -SET command=. .\deploy_windows.ps1; Deploy-Windows -if NOT "%~1" == "" ( - SET "command=%command% -monkey_home %~1" -) -if NOT "%~2" == "" ( - SET "command=%command% -branch %~2" -) -powershell -ExecutionPolicy ByPass -Command %command% \ No newline at end of file From e183f44d145ed0c3780d3eb845a61bec1b53dfaf Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Tue, 4 Feb 2020 15:08:59 +0200 Subject: [PATCH 19/42] Improved deployment_scripts/README.md Fix linter errors and improve English + security recommendations. --- deployment_scripts/README.md | 67 ++++++++++++++++++++++-------------- 1 file changed, 42 insertions(+), 25 deletions(-) diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md index 812337eba..fa8c898f1 100644 --- a/deployment_scripts/README.md +++ b/deployment_scripts/README.md @@ -1,32 +1,49 @@ -# Files used to deploy development version of infection monkey -## Windows +# Deployment guide for a development environemnt -Before running the script you must have git installed.
-`Invoke-WebRequest https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_windows.ps1 -OutFile deploy_windows.ps1` +This guide is for you if you wish to develop for Infection Monkey. If you only want to use it, please download the relevant version from [our website](https://infectionmonkey.com). -Then execute the resulting script with your shell. -First argument is an empty directory (script can create one) and second is branch you want to clone. +## Prerequisites -Example usages:
-`.\deploy_windows.ps1` (Sets up monkey in current directory under .\infection_monkey)
-`.\deploy_windows.ps1 -monkey_home "C:\test"` (Sets up monkey in C:\test)
-`.\deploy_windows.ps1 -branch "master"` (Sets up master branch instead of develop in current dir) +Before running the script you must have `git` installed. If you don't have `git` installed, please follow [this guide](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git). -If you run into Execution Policy warnings, you can disable them by prefixing the following snippet -`powershell -ExecutionPolicy ByPass -Command "[original command here]"` +## Deploy on Windows -Don't forget to add python to PATH or do so while installing it via this script.
+Run the following command in powershell: -## Linux +```powershell +Invoke-WebRequest https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_windows.ps1 -OutFile deploy_windows.ps1 +``` -Linux deployment script is meant for Ubuntu 16.x machines. -You must have root permissions, but don't run the script as root.
-`wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh` -Then execute the resulting script with your shell. -First argument should be an absolute path of an empty directory (script will create one if doesn't exist, default is ./infection_monkey). -Second parameter is the branch you want to clone (develop by default). -Example usages:
-`./deploy_linux.sh` (deploys under ./infection_monkey)
-`./deploy_linux.sh "/home/test/monkey"` (deploys under /home/test/monkey)
-`./deploy_linux.sh "" "master"` (deploys master branch in script directory)
-`./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it)
+This will download our deploy script. It's a good idea to read it quickly before executing it! + +After downloading that script, execute it in a shell (like `cmd` or `powershell`). The first argument is an empty directory (script can create one). The second argument is which branch you want to clone - by default, the script will check out the `develop` branch. Some example usages: + +- `.\deploy_windows.ps1` (Sets up monkey in current directory under .\infection_monkey) +- `.\deploy_windows.ps1 -monkey_home "C:\test"` (Sets up monkey in C:\test) +- `.\deploy_windows.ps1 -branch "master"` (Sets up master branch instead of develop in current dir) + +### Troubleshooting + +- If you run into Execution Policy warnings, you can disable them by prefixing the following snippet: `powershell -ExecutionPolicy ByPass -Command "[original command here]"` +- Don't forget to add python to PATH or do so while installing it via this script. + +## Deploy on Linux + +Linux deployment script is meant for Ubuntu 16 and Ubuntu 18 machines. + +Your user must have root permissions; however, don't run the script as root! + +```sh +wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh +``` + +This will download our deploy script. It's a good idea to read it quickly before executing it! + +Then execute the resulting script with your shell. + +After downloading that script, execute it in a shell. The first argument should be an absolute path of an empty directory (the script will create one if doesn't exist, default is ./infection_monkey). The second parameter is the branch you want to clone (develop by default). Some example usages: + +- `./deploy_linux.sh` (deploys under ./infection_monkey) +- `./deploy_linux.sh "/home/test/monkey"` (deploys under /home/test/monkey) +- `./deploy_linux.sh "" "master"` (deploys master branch in script directory) +- `./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it) From 52d2b6f73d82ea41cdfb7ab7f568065e14aae71e Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 8 Feb 2020 22:37:01 +0200 Subject: [PATCH 20/42] Remove reference to CMD. It's 2020 --- deployment_scripts/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md index fa8c898f1..c533605db 100644 --- a/deployment_scripts/README.md +++ b/deployment_scripts/README.md @@ -16,7 +16,9 @@ Invoke-WebRequest https://raw.githubusercontent.com/guardicore/monkey/develop/de This will download our deploy script. It's a good idea to read it quickly before executing it! -After downloading that script, execute it in a shell (like `cmd` or `powershell`). The first argument is an empty directory (script can create one). The second argument is which branch you want to clone - by default, the script will check out the `develop` branch. Some example usages: +After downloading that script, execute it in `powershell`. + +The first argument is an empty directory (script can create one). The second argument is which branch you want to clone - by default, the script will check out the `develop` branch. Some example usages: - `.\deploy_windows.ps1` (Sets up monkey in current directory under .\infection_monkey) - `.\deploy_windows.ps1 -monkey_home "C:\test"` (Sets up monkey in C:\test) From 9af93be7f6b5bbfd86f0ae2b0fe356f7b38d832e Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 8 Feb 2020 23:24:25 +0200 Subject: [PATCH 21/42] Handle either curl or wget seemlessly. --- deployment_scripts/deploy_linux.sh | 89 +++++++++++++++++++----------- 1 file changed, 58 insertions(+), 31 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 2e1a5a1f8..7b1171e5b 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -26,18 +26,30 @@ log_message() { config_branch=${2:-"develop"} config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config" -if exists curl; then - file=$(mktemp) - curl -s -o $file "$config_url" - log_message "downloaded configuration" - source $file - log_message "loaded configuration" - rm $file -else - echo 'Your system does not have curl, exiting' +curl_exists=$(exists curl) +wget_exists=$(exists wget) +if [[ ! $curl_exists && ! $wget_exists ]]; then + echo 'Your system does not have curl or wget, exiting' exit 1 fi +file=$(mktemp) +if [ $curl_exists ]; then + # shellcheck disable=SC2086 + curl -s -o $file "$config_url" +else + # shellcheck disable=SC2086 + wget --output-file=$file --output-file= +fi + +log_message "downloaded configuration" +# shellcheck source=deployment_scripts/config +# shellcheck disable=SC2086 +source $file +log_message "loaded configuration" +# shellcheck disable=SC2086 +rm $file + # Setup monkey either in dir required or current dir monkey_home=${1:-$(pwd)} if [[ $monkey_home == $(pwd) ]]; then @@ -71,11 +83,6 @@ if ! exists git; then exit 1 fi -if ! exists wget; then - echo 'Your system does not have wget, please install and re-run this script' - exit 1 -fi - log_message "Cloning files from git" branch=${2:-"develop"} if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned @@ -110,9 +117,13 @@ if [[ ${python_cmd} == "" ]]; then fi sudo apt install build-essentials - -curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py +if [ $curl_exists ]; then + curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py +else + wget --output-file=get-pip.py https://bootstrap.pypa.io/get-pip.py +fi ${python_cmd} get-pip.py +rm get-pip.py log_message "Installing island requirements_island" requirements_island="$ISLAND_PATH/requirements.txt" @@ -125,18 +136,22 @@ ${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || han # Download binaries log_message "Downloading binaries" -wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL} -wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL} -wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL} -wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL} +if [ $wget_exists ]; then + wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL} + wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL} + wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL} + wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL} +else + curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-32 ${LINUX_32_BINARY_URL} + curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-64 ${LINUX_64_BINARY_URL} + curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-32.exe ${WINDOWS_32_BINARY_URL} + curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-64.exe ${WINDOWS_64_BINARY_URL} +fi + # Allow them to be executed chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_32_BINARY_NAME" chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME" -# Get machine type/kernel version -kernel=$(uname -m) -linux_dist=$(lsb_release -a 2>/dev/null) - # If a user haven't installed mongo manually check if we can install it with our script log_message "Installing MongoDB" "${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error @@ -157,8 +172,11 @@ openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/ser # Update node log_message "Installing nodejs" cd "$ISLAND_PATH/cc/ui" || handle_error -sudo apt-get install curl -curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - +if [ $curl_exists ]; then + curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - +else + wget -q -O - https://deb.nodesource.com/setup_12.x | sudo -E bash - +fi sudo apt-get install -y nodejs npm install sass-loader node-sass webpack --save-dev npm update @@ -171,13 +189,22 @@ mkdir "${MONKEY_BIN_DIR}" # Download sambacry binaries log_message "Downloading sambacry binaries" -wget -c -N -P "${MONKEY_BIN_DIR}" "${SAMBACRY_64_BINARY_URL}" -wget -c -N -P "${MONKEY_BIN_DIR}" "${SAMBACRY_32_BINARY_URL}" - +if [ $wget_exists ]; then + wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_64_BINARY_URL} + wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_32_BINARY_URL} +else + curl -o ${MONKEY_BIN_DIR}\sc_monkey_runner64.so ${SAMBACRY_64_BINARY_URL} + curl -o ${MONKEY_BIN_DIR}\sc_monkey_runner32.so ${SAMBACRY_32_BINARY_URL} +fi # Download traceroute binaries log_message "Downloading traceroute binaries" -wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_64_BINARY_URL}" -wget -c -N -P "${MONKEY_BIN_DIR}" "${TRACEROUTE_32_BINARY_URL}" +if [ $wget_exists ]; then + wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_64_BINARY_URL} + wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_32_BINARY_URL} +else + curl -o ${MONKEY_BIN_DIR}\traceroute64 ${TRACEROUTE_64_BINARY_URL} + curl -o ${MONKEY_BIN_DIR}\traceroute32 ${TRACEROUTE_32_BINARY_URL} +fi sudo chmod +x "${INFECTION_MONKEY_DIR}/build_linux.sh" From 5f8453dbaefc841beacbeee474d016a8ed70fe4c Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 8 Feb 2020 23:25:10 +0200 Subject: [PATCH 22/42] Delete temp config file from PS script --- deployment_scripts/deploy_windows.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index 9272533fd..210453e8d 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -22,7 +22,7 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $webClient.DownloadFile($config_url, $config_filename) . ./config.ps1 "Config variables from config.ps1 imported" - #Remove-Item $config_filename + Remove-Item $config_filename # If we want monkey in current dir we need to create an empty folder for source files From 0c9a33397614c58d3aac2d8578a381f383511ce8 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 09:13:13 +0200 Subject: [PATCH 23/42] Prefer wget/curl depending on situation (saving files) Revert using curl/wget exists variables. typo fix when pulling config with wget --- deployment_scripts/deploy_linux.sh | 31 ++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 7b1171e5b..d1c73a653 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -26,20 +26,19 @@ log_message() { config_branch=${2:-"develop"} config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config" -curl_exists=$(exists curl) -wget_exists=$(exists wget) -if [[ ! $curl_exists && ! $wget_exists ]]; then +if (! exists curl) && (! exists wget); then echo 'Your system does not have curl or wget, exiting' exit 1 fi file=$(mktemp) -if [ $curl_exists ]; then +# shellcheck disable=SC2086 +if exists wget; then # shellcheck disable=SC2086 - curl -s -o $file "$config_url" + wget --output-document=$file "$config_url" else # shellcheck disable=SC2086 - wget --output-file=$file --output-file= + curl -s -o $file "$config_url" fi log_message "downloaded configuration" @@ -48,7 +47,7 @@ log_message "downloaded configuration" source $file log_message "loaded configuration" # shellcheck disable=SC2086 -rm $file +# rm $file # Setup monkey either in dir required or current dir monkey_home=${1:-$(pwd)} @@ -117,10 +116,11 @@ if [[ ${python_cmd} == "" ]]; then fi sudo apt install build-essentials -if [ $curl_exists ]; then - curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py +# shellcheck disable=SC2086 +if exists wget; then + wget --output-document=get-pip.py https://bootstrap.pypa.io/get-pip.py else - wget --output-file=get-pip.py https://bootstrap.pypa.io/get-pip.py + curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py fi ${python_cmd} get-pip.py rm get-pip.py @@ -136,7 +136,7 @@ ${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || han # Download binaries log_message "Downloading binaries" -if [ $wget_exists ]; then +if exists wget; then wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL} wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL} wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL} @@ -172,7 +172,8 @@ openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/ser # Update node log_message "Installing nodejs" cd "$ISLAND_PATH/cc/ui" || handle_error -if [ $curl_exists ]; then +# shellcheck disable=SC2086 +if exists curl; then curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - else wget -q -O - https://deb.nodesource.com/setup_12.x | sudo -E bash - @@ -189,7 +190,8 @@ mkdir "${MONKEY_BIN_DIR}" # Download sambacry binaries log_message "Downloading sambacry binaries" -if [ $wget_exists ]; then +# shellcheck disable=SC2086 +if exists wget; then wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_64_BINARY_URL} wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_32_BINARY_URL} else @@ -198,7 +200,8 @@ else fi # Download traceroute binaries log_message "Downloading traceroute binaries" -if [ $wget_exists ]; then +# shellcheck disable=SC2086 +if exists wget; then wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_64_BINARY_URL} wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_32_BINARY_URL} else From e4812d401add274a28e9890dcc37762e0d0d54f7 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:04:45 +0200 Subject: [PATCH 24/42] Add some log comments --- deployment_scripts/deploy_linux.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index d1c73a653..664b30926 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -115,7 +115,10 @@ if [[ ${python_cmd} == "" ]]; then python_cmd="python3.7" fi +log_message "Installing build-essentials" sudo apt install build-essentials +log_message "Installing or updating pip" + # shellcheck disable=SC2086 if exists wget; then wget --output-document=get-pip.py https://bootstrap.pypa.io/get-pip.py @@ -125,6 +128,7 @@ fi ${python_cmd} get-pip.py rm get-pip.py + log_message "Installing island requirements_island" requirements_island="$ISLAND_PATH/requirements.txt" ${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error From 798babe4cc5bd9f526a8050681b936517c8c7824 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:07:41 +0200 Subject: [PATCH 25/42] Updated mongodb downloads. Support deb10 --- monkey/monkey_island/linux/install_mongo.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 51091d144..28a7a1237 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -10,16 +10,19 @@ MONGODB_DIR=$1 # If using deb, this should be: /var/monkey/monkey_island/bin/mon if [[ ${os_version_monkey} == "Ubuntu 16.04"* ]]; then echo Detected Ubuntu 16.04 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-3.6.12.tgz" + export tgz_url="https://repo.mongodb.org/apt/ubuntu/dists/xenial/mongodb-org/4.2/multiverse/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" elif [[ ${os_version_monkey} == "Ubuntu 18.04"* ]]; then echo Detected Ubuntu 18.04 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.2.0.tgz" + export tgz_url="https://repo.mongodb.org/apt/ubuntu/dists/bionic/mongodb-org/4.2/multiverse/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" elif [[ ${os_version_monkey} == "Debian GNU/Linux 8"* ]]; then echo Detected Debian 8 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-3.6.12.tgz" + export tgz_url="https://repo.mongodb.org/apt/debian/dists/jessie/mongodb-org/4.0/main/binary-amd64/mongodb-org-server_4.0.16_amd64.deb" elif [[ ${os_version_monkey} == "Debian GNU/Linux 9"* ]]; then echo Detected Debian 9 - export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-3.6.12.tgz" + export tgz_url="https://repo.mongodb.org/apt/debian/dists/stretch/mongodb-org/4.2/main/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" +elif [[ ${os_version_monkey} == "Debian GNU/Linux 10"* ]]; then + echo Detected Debian 9 + export tgz_url="https://repo.mongodb.org/apt/debian/dists/buster/mongodb-org/4.2/main/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" else echo Unsupported OS exit 1 From c10f20f4b74a85e5ef9515e8fbaaefe3a3703278 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:13:17 +0200 Subject: [PATCH 26/42] First install NPM then change directories --- deployment_scripts/deploy_linux.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 664b30926..48991c890 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -175,7 +175,6 @@ openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/ser # Update node log_message "Installing nodejs" -cd "$ISLAND_PATH/cc/ui" || handle_error # shellcheck disable=SC2086 if exists curl; then curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - @@ -183,6 +182,8 @@ else wget -q -O - https://deb.nodesource.com/setup_12.x | sudo -E bash - fi sudo apt-get install -y nodejs + +cd "$ISLAND_PATH/cc/ui" || handle_error npm install sass-loader node-sass webpack --save-dev npm update From fe9ff0d32982dc30f217173ad98f8e5b0b7247ac Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:14:30 +0200 Subject: [PATCH 27/42] Newline at end of deploy_windows.ps1 --- deployment_scripts/deploy_windows.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index 210453e8d..d978042b3 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -254,4 +254,4 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Script finished" } -Deploy-Windows -monkey_home $monkey_home -branch $branch \ No newline at end of file +Deploy-Windows -monkey_home $monkey_home -branch $branch From 0c82f0e98f8cc5b7cb2551552122f8721316badc Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:20:43 +0200 Subject: [PATCH 28/42] Don't randomly install mongod unless required --- deployment_scripts/deploy_linux.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 48991c890..8e9e4c845 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -117,8 +117,8 @@ fi log_message "Installing build-essentials" sudo apt install build-essentials -log_message "Installing or updating pip" +log_message "Installing or updating pip" # shellcheck disable=SC2086 if exists wget; then wget --output-document=get-pip.py https://bootstrap.pypa.io/get-pip.py @@ -128,7 +128,6 @@ fi ${python_cmd} get-pip.py rm get-pip.py - log_message "Installing island requirements_island" requirements_island="$ISLAND_PATH/requirements.txt" ${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error @@ -157,9 +156,10 @@ chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_32_BINARY_NAME" chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME" # If a user haven't installed mongo manually check if we can install it with our script -log_message "Installing MongoDB" -"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error - +if ! exists mongod; then + log_message "Installing MongoDB" + "${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error +fi log_message "Installing openssl" sudo apt-get install openssl From 6429bb559765fe16e54f44af7e6c9f7193f00e0e Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:27:10 +0200 Subject: [PATCH 29/42] Typofix on where to download binaries --- deployment_scripts/deploy_linux.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 8e9e4c845..20b5e030a 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -200,8 +200,8 @@ if exists wget; then wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_64_BINARY_URL} wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_32_BINARY_URL} else - curl -o ${MONKEY_BIN_DIR}\sc_monkey_runner64.so ${SAMBACRY_64_BINARY_URL} - curl -o ${MONKEY_BIN_DIR}\sc_monkey_runner32.so ${SAMBACRY_32_BINARY_URL} + curl -o ${MONKEY_BIN_DIR}/sc_monkey_runner64.so ${SAMBACRY_64_BINARY_URL} + curl -o ${MONKEY_BIN_DIR}/sc_monkey_runner32.so ${SAMBACRY_32_BINARY_URL} fi # Download traceroute binaries log_message "Downloading traceroute binaries" @@ -210,8 +210,8 @@ if exists wget; then wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_64_BINARY_URL} wget -c -N -P "${MONKEY_BIN_DIR}" ${TRACEROUTE_32_BINARY_URL} else - curl -o ${MONKEY_BIN_DIR}\traceroute64 ${TRACEROUTE_64_BINARY_URL} - curl -o ${MONKEY_BIN_DIR}\traceroute32 ${TRACEROUTE_32_BINARY_URL} + curl -o ${MONKEY_BIN_DIR}/traceroute64 ${TRACEROUTE_64_BINARY_URL} + curl -o ${MONKEY_BIN_DIR}/traceroute32 ${TRACEROUTE_32_BINARY_URL} fi sudo chmod +x "${INFECTION_MONKEY_DIR}/build_linux.sh" From 8e109c48243ddbf7db8f8bebf92e4f5828a28994 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:31:12 +0200 Subject: [PATCH 30/42] Don't randomly install npm unless required --- deployment_scripts/deploy_linux.sh | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 20b5e030a..085c30b3a 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -174,14 +174,16 @@ openssl req -new -key cc/server.key -out cc/server.csr -subj "/C=GB/ST=London/L= openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/server.crt # Update node -log_message "Installing nodejs" -# shellcheck disable=SC2086 -if exists curl; then - curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - -else - wget -q -O - https://deb.nodesource.com/setup_12.x | sudo -E bash - +if ! exists npm; then + log_message "Installing nodejs" + # shellcheck disable=SC2086 + if exists curl; then + curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - + else + wget -q -O - https://deb.nodesource.com/setup_12.x | sudo -E bash - + fi + sudo apt-get install -y nodejs fi -sudo apt-get install -y nodejs cd "$ISLAND_PATH/cc/ui" || handle_error npm install sass-loader node-sass webpack --save-dev From f745f4594064b670aad71c1abb641f7998083ab7 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:37:25 +0200 Subject: [PATCH 31/42] Move to single line of code for creating certs on linux --- deployment_scripts/deploy_linux.sh | 5 ++--- monkey/monkey_island/linux/create_certificate.sh | 9 ++++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 085c30b3a..90a6f0769 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -169,9 +169,8 @@ cd "${ISLAND_PATH}" || { echo "cd failed" exit 1 } -openssl genrsa -out cc/server.key 2048 -openssl req -new -key cc/server.key -out cc/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com" -openssl x509 -req -days 366 -in cc/server.csr -signkey cc/server.key -out cc/server.crt + +"${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc # Update node if ! exists npm; then diff --git a/monkey/monkey_island/linux/create_certificate.sh b/monkey/monkey_island/linux/create_certificate.sh index 72aace118..427915340 100644 --- a/monkey/monkey_island/linux/create_certificate.sh +++ b/monkey/monkey_island/linux/create_certificate.sh @@ -1,6 +1,9 @@ #!/bin/bash -openssl genrsa -out ./cc/server.key 2048 -openssl req -new -key ./cc/server.key -out ./cc/server.csr -subj "/OU=Monkey Department/CN=monkey.com" -openssl x509 -req -days 366 -in ./cc/server.csr -signkey ./cc/server.key -out ./cc/server.crt +server_root=${1:-"./cc"} + + +openssl genrsa -out $server_root/server.key 2048 +openssl req -new -key $server_root/server.key -out $server_root/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com" +openssl x509 -req -days 366 -in $server_root/server.csr -signkey $server_root/server.key -out $server_root/server.crt From 3990e354b2d6e7a8b0cbec5bc41d1210b8984284 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 11:53:06 +0200 Subject: [PATCH 32/42] Add error handling. Remove usage of cd --- deployment_scripts/deploy_linux.sh | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 90a6f0769..28dabc0f6 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -91,7 +91,7 @@ fi # Create folders log_message "Creating island dirs under $ISLAND_PATH" -mkdir -p "${MONGO_PATH}" +mkdir -p "${MONGO_PATH}" || handle_error mkdir -p "${ISLAND_BINARIES_PATH}" || handle_error # Detecting command that calls python 3.7 @@ -165,10 +165,6 @@ sudo apt-get install openssl # Generate SSL certificate log_message "Generating certificate" -cd "${ISLAND_PATH}" || { - echo "cd failed" - exit 1 -} "${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc @@ -184,12 +180,13 @@ if ! exists npm; then sudo apt-get install -y nodejs fi -cd "$ISLAND_PATH/cc/ui" || handle_error +pushd "$ISLAND_PATH/cc/ui" || handle_error npm install sass-loader node-sass webpack --save-dev npm update log_message "Generating front end" npm run dist +popd || handle_error # Making dir for binaries mkdir "${MONKEY_BIN_DIR}" From 4b0de32c3d79cf769a94420f74b948e08d88f808 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 12:02:57 +0200 Subject: [PATCH 33/42] Fix mistake in log message --- deployment_scripts/deploy_linux.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 28dabc0f6..a4b355b04 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -128,11 +128,11 @@ fi ${python_cmd} get-pip.py rm get-pip.py -log_message "Installing island requirements_island" +log_message "Installing island requirements" requirements_island="$ISLAND_PATH/requirements.txt" ${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error -log_message "Installing monkey requirements_island" +log_message "Installing monkey requirements" sudo apt-get install libffi-dev upx libssl-dev libc++1 requirements_monkey="$INFECTION_MONKEY_DIR/requirements.txt" ${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || handle_error From 78352a250abde5e85e68d3065eed9649e60c8a03 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 12:06:05 +0200 Subject: [PATCH 34/42] Update linux binary URLs to be 1.7 --- deployment_scripts/config | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/deployment_scripts/config b/deployment_scripts/config index 079359355..d8b09c28a 100644 --- a/deployment_scripts/config +++ b/deployment_scripts/config @@ -5,17 +5,17 @@ MONKEY_FOLDER_NAME="infection_monkey" MONKEY_GIT_URL="https://github.com/guardicore/monkey" # Monkey binaries -LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-32" +LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-linux-32" LINUX_32_BINARY_NAME="monkey-linux-32" -LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-linux-64" +LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-linux-64" LINUX_64_BINARY_NAME="monkey-linux-64" -WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-32.exe" +WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-windows-32.exe" WINDOWS_32_BINARY_NAME="monkey-windows-32.exe" -WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/monkey-windows-64.exe" +WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-windows-64.exe" WINDOWS_64_BINARY_NAME="monkey-windows-64.exe" # Other binaries for monkey -TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute64" -TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/traceroute32" -SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner64.so" -SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so" \ No newline at end of file +TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/traceroute64" +TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/traceroute32" +SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/sc_monkey_runner64.so" +SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/sc_monkey_runner32.so" \ No newline at end of file From 5b6c6a34f6ba10b1422710c82e9ab8aafb15887d Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 15:16:16 +0200 Subject: [PATCH 35/42] Make shellcheck shut up by double quoting all the things --- monkey/monkey_island/linux/create_certificate.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/monkey/monkey_island/linux/create_certificate.sh b/monkey/monkey_island/linux/create_certificate.sh index 427915340..7e306a822 100644 --- a/monkey/monkey_island/linux/create_certificate.sh +++ b/monkey/monkey_island/linux/create_certificate.sh @@ -3,7 +3,7 @@ server_root=${1:-"./cc"} -openssl genrsa -out $server_root/server.key 2048 -openssl req -new -key $server_root/server.key -out $server_root/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com" -openssl x509 -req -days 366 -in $server_root/server.csr -signkey $server_root/server.key -out $server_root/server.crt +openssl genrsa -out "$server_root"/server.key 2048 +openssl req -new -key "$server_root"/server.key -out "$server_root"/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com" +openssl x509 -req -days 366 -in "$server_root"/server.csr -signkey "$server_root"/server.key -out $server_root/server.crt From abbb68ecb8aa177754319fe1dddd6e90ea5cb543 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 9 Feb 2020 15:17:14 +0200 Subject: [PATCH 36/42] Random fixups in run.sh --- monkey/monkey_island/linux/run.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/monkey/monkey_island/linux/run.sh b/monkey/monkey_island/linux/run.sh index 54e1cdd65..2a5c45bbe 100644 --- a/monkey/monkey_island/linux/run.sh +++ b/monkey/monkey_island/linux/run.sh @@ -2,13 +2,13 @@ # Detecting command that calls python 3.7 python_cmd="" -if [[ `python --version 2>&1` == *"Python 3.7"* ]]; then +if [[ $(python --version 2>&1) == *"Python 3.7"* ]]; then python_cmd="python" fi -if [[ `python37 --version 2>&1` == *"Python 3.7"* ]]; then +if [[ $(python37 --version 2>&1) == *"Python 3.7"* ]]; then python_cmd="python37" fi -if [[ `python3.7 --version 2>&1` == *"Python 3.7"* ]]; then +if [[ $(python3.7 --version 2>&1) == *"Python 3.7"* ]]; then python_cmd="python3.7" fi From 2aa729910344eff4da152fbda02bd325905de957 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 10 Feb 2020 13:48:12 +0200 Subject: [PATCH 37/42] Turn agent download into optional, default parameter to true --- deployment_scripts/README.md | 4 ++++ deployment_scripts/deploy_linux.sh | 26 +++++++++++++++----------- deployment_scripts/deploy_windows.ps1 | 25 ++++++++++++++++--------- 3 files changed, 35 insertions(+), 20 deletions(-) diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md index c533605db..16b150852 100644 --- a/deployment_scripts/README.md +++ b/deployment_scripts/README.md @@ -24,6 +24,8 @@ The first argument is an empty directory (script can create one). The second arg - `.\deploy_windows.ps1 -monkey_home "C:\test"` (Sets up monkey in C:\test) - `.\deploy_windows.ps1 -branch "master"` (Sets up master branch instead of develop in current dir) +You may also pass in an optional `agents=$false` parameter to disable downloading the latest agent binaries. + ### Troubleshooting - If you run into Execution Policy warnings, you can disable them by prefixing the following snippet: `powershell -ExecutionPolicy ByPass -Command "[original command here]"` @@ -49,3 +51,5 @@ After downloading that script, execute it in a shell. The first argument should - `./deploy_linux.sh "/home/test/monkey"` (deploys under /home/test/monkey) - `./deploy_linux.sh "" "master"` (deploys master branch in script directory) - `./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it) + +You may also pass in an optional third `false` parameter to disable downloading the latest agent binaries. \ No newline at end of file diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index a4b355b04..88136d9a1 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -137,18 +137,22 @@ sudo apt-get install libffi-dev upx libssl-dev libc++1 requirements_monkey="$INFECTION_MONKEY_DIR/requirements.txt" ${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || handle_error + +agents=${3:-true} # Download binaries -log_message "Downloading binaries" -if exists wget; then - wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL} - wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL} - wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL} - wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL} -else - curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-32 ${LINUX_32_BINARY_URL} - curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-64 ${LINUX_64_BINARY_URL} - curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-32.exe ${WINDOWS_32_BINARY_URL} - curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-64.exe ${WINDOWS_64_BINARY_URL} +if [ "$agents" = true ] ; then + log_message "Downloading binaries" + if exists wget; then + wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL} + wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL} + wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL} + wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL} + else + curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-32 ${LINUX_32_BINARY_URL} + curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-64 ${LINUX_64_BINARY_URL} + curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-32.exe ${WINDOWS_32_BINARY_URL} + curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-64.exe ${WINDOWS_64_BINARY_URL} + fi fi # Allow them to be executed diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index d978042b3..b15538d13 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -4,7 +4,10 @@ param( [Parameter(Mandatory = $false, Position = 1)] [System.String] - $branch = "develop" + $branch = "develop", + [Parameter(Mandatory = $false, Position = 2)] + [Bool] + $agents = $true ) function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, [String] $branch = "develop") { @@ -166,14 +169,18 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, . .\windows\create_certificate.bat Pop-Location - # Adding binaries - "Adding binaries" - $binaries = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\cc\binaries") - New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue - $webClient.DownloadFile($LINUX_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_32_BINARY_PATH)) - $webClient.DownloadFile($LINUX_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_64_BINARY_PATH)) - $webClient.DownloadFile($WINDOWS_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_32_BINARY_PATH)) - $webClient.DownloadFile($WINDOWS_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_64_BINARY_PATH)) + if ($agents) + { + # Adding binaries + "Adding binaries" + $binaries = (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\cc\binaries") + New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue + $webClient.DownloadFile($LINUX_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_32_BINARY_PATH)) + $webClient.DownloadFile($LINUX_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $LINUX_64_BINARY_PATH)) + $webClient.DownloadFile($WINDOWS_32_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_32_BINARY_PATH)) + $webClient.DownloadFile($WINDOWS_64_BINARY_URL, (Join-Path -Path $binaries -ChildPath $WINDOWS_64_BINARY_PATH)) + } + # Check if NPM installed "Installing npm" From 892096a3b310d4ab9aca7aa43a08985ada2c3465 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 10 Feb 2020 13:50:32 +0200 Subject: [PATCH 38/42] Make sure all echo statements are prefixed with the log_message prefix --- deployment_scripts/deploy_linux.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 88136d9a1..829f42bfe 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -27,7 +27,7 @@ config_branch=${2:-"develop"} config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config" if (! exists curl) && (! exists wget); then - echo 'Your system does not have curl or wget, exiting' + log_message 'Your system does not have curl or wget, exiting' exit 1 fi @@ -63,13 +63,13 @@ INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey" MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin" if is_root; then - echo "Please don't run this script as root" + log_message "Please don't run this script as root" exit 1 fi HAS_SUDO=$(has_sudo) if [[ ! $HAS_SUDO ]]; then - echo "You need root permissions for some of this script operations. Quiting." + log_message "You need root permissions for some of this script operations. Quiting." exit 1 fi @@ -78,7 +78,7 @@ if [[ ! -d ${monkey_home} ]]; then fi if ! exists git; then - echo "Please install git and re-run this script" + log_message "Please install git and re-run this script" exit 1 fi From bd79ead2e656d352fe46241e576539fa20a16a42 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 10 Feb 2020 13:53:24 +0200 Subject: [PATCH 39/42] Shell script cleanups --- deployment_scripts/deploy_linux.sh | 11 ++++++----- deployment_scripts/deploy_windows.ps1 | 3 --- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 829f42bfe..995d28140 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -120,10 +120,11 @@ sudo apt install build-essentials log_message "Installing or updating pip" # shellcheck disable=SC2086 +pip_url=https://bootstrap.pypa.io/get-pip.py if exists wget; then - wget --output-document=get-pip.py https://bootstrap.pypa.io/get-pip.py + wget --output-document=get-pip.py $pip_url else - curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py + curl $pip_url -o get-pip.py fi ${python_cmd} get-pip.py rm get-pip.py @@ -175,11 +176,11 @@ log_message "Generating certificate" # Update node if ! exists npm; then log_message "Installing nodejs" - # shellcheck disable=SC2086 + node_src=https://deb.nodesource.com/setup_12.x if exists curl; then - curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - + curl -sL $node_src | sudo -E bash - else - wget -q -O - https://deb.nodesource.com/setup_12.x | sudo -E bash - + wget -q -O - $node_src | sudo -E bash - fi sudo apt-get install -y nodejs fi diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index b15538d13..003fdd061 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -109,9 +109,6 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, return } - "Installing pywin32" - python -m pip install --user pywin32 - "Installing python packages for island" $islandRequirements = Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR | Join-Path -ChildPath "\requirements.txt" -ErrorAction Stop & python -m pip install --user -r $islandRequirements From c4d42f5c33f449c60f38c87ad5a699bb1e148448 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 10 Feb 2020 19:06:39 +0200 Subject: [PATCH 40/42] Fix stupid typo --- deployment_scripts/deploy_linux.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh index 995d28140..65fdd48e6 100755 --- a/deployment_scripts/deploy_linux.sh +++ b/deployment_scripts/deploy_linux.sh @@ -115,8 +115,8 @@ if [[ ${python_cmd} == "" ]]; then python_cmd="python3.7" fi -log_message "Installing build-essentials" -sudo apt install build-essentials +log_message "Installing build-essential" +sudo apt install build-essential log_message "Installing or updating pip" # shellcheck disable=SC2086 From dbcb3fc92cb15319c17c465db3287cd16263f690 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 12 Feb 2020 10:27:12 +0200 Subject: [PATCH 41/42] Fix stupidly broken links --- deployment_scripts/config | 16 ++++++++-------- deployment_scripts/config.ps1 | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/deployment_scripts/config b/deployment_scripts/config index d8b09c28a..5607d37fd 100644 --- a/deployment_scripts/config +++ b/deployment_scripts/config @@ -5,17 +5,17 @@ MONKEY_FOLDER_NAME="infection_monkey" MONKEY_GIT_URL="https://github.com/guardicore/monkey" # Monkey binaries -LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-linux-32" +LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-linux-32" LINUX_32_BINARY_NAME="monkey-linux-32" -LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-linux-64" +LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-linux-64" LINUX_64_BINARY_NAME="monkey-linux-64" -WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-windows-32.exe" +WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-windows-32.exe" WINDOWS_32_BINARY_NAME="monkey-windows-32.exe" -WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/monkey-windows-64.exe" +WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/monkey-windows-64.exe" WINDOWS_64_BINARY_NAME="monkey-windows-64.exe" # Other binaries for monkey -TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/traceroute64" -TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/traceroute32" -SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/sc_monkey_runner64.so" -SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/1.7/sc_monkey_runner32.so" \ No newline at end of file +TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/traceroute64" +TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/traceroute32" +SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/sc_monkey_runner64.so" +SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/v1.7.0/sc_monkey_runner32.so" \ No newline at end of file diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1 index a50f3e935..b18b7c63c 100644 --- a/deployment_scripts/config.ps1 +++ b/deployment_scripts/config.ps1 @@ -3,7 +3,7 @@ $MONKEY_FOLDER_NAME = "infection_monkey" # Url of public git repository that contains monkey's source code $MONKEY_GIT_URL = "https://github.com/guardicore/monkey" $MONKEY_RELEASES_URL = $MONKEY_GIT_URL + "/releases" -$MONKEY_LATEST_VERSION = "1.7.0" +$MONKEY_LATEST_VERSION = "v1.7.0" $MONKEY_DOWNLOAD_URL = $MONKEY_RELEASES_URL + "/download/" + $MONKEY_LATEST_VERSION + "/" # Link to the latest python download or install it manually $PYTHON_URL = "https://www.python.org/ftp/python/3.7.6/python-3.7.6-amd64.exe" From 4e28571623abc0aa36f14d5a314299db70d64f50 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 12 Feb 2020 15:19:47 +0200 Subject: [PATCH 42/42] Fix totally broken part of the install_mongo.sh. Now download tgz again --- monkey/monkey_island/linux/install_mongo.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/monkey/monkey_island/linux/install_mongo.sh b/monkey/monkey_island/linux/install_mongo.sh index 28a7a1237..df2c0160e 100755 --- a/monkey/monkey_island/linux/install_mongo.sh +++ b/monkey/monkey_island/linux/install_mongo.sh @@ -10,19 +10,19 @@ MONGODB_DIR=$1 # If using deb, this should be: /var/monkey/monkey_island/bin/mon if [[ ${os_version_monkey} == "Ubuntu 16.04"* ]]; then echo Detected Ubuntu 16.04 - export tgz_url="https://repo.mongodb.org/apt/ubuntu/dists/xenial/mongodb-org/4.2/multiverse/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-4.2.3.tgz" elif [[ ${os_version_monkey} == "Ubuntu 18.04"* ]]; then echo Detected Ubuntu 18.04 - export tgz_url="https://repo.mongodb.org/apt/ubuntu/dists/bionic/mongodb-org/4.2/multiverse/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.2.3.tgz" elif [[ ${os_version_monkey} == "Debian GNU/Linux 8"* ]]; then echo Detected Debian 8 - export tgz_url="https://repo.mongodb.org/apt/debian/dists/jessie/mongodb-org/4.0/main/binary-amd64/mongodb-org-server_4.0.16_amd64.deb" + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-4.0.16.tgz" elif [[ ${os_version_monkey} == "Debian GNU/Linux 9"* ]]; then echo Detected Debian 9 - export tgz_url="https://repo.mongodb.org/apt/debian/dists/stretch/mongodb-org/4.2/main/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian92-4.2.3.tgz" elif [[ ${os_version_monkey} == "Debian GNU/Linux 10"* ]]; then - echo Detected Debian 9 - export tgz_url="https://repo.mongodb.org/apt/debian/dists/buster/mongodb-org/4.2/main/binary-amd64/mongodb-org-server_4.2.3_amd64.deb" + echo Detected Debian 10 + export tgz_url="https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian10-4.2.3.tgz" else echo Unsupported OS exit 1