forked from p15670423/monkey
Code changes that loosely implement the prototype of bootloader, but there still is a timeout
This commit is contained in:
parent
c8618e91cd
commit
d349f2628c
|
@ -216,6 +216,10 @@ class InfectionMonkey(object):
|
||||||
|
|
||||||
# if host was exploited, before continue to closing the tunnel ensure the exploited host had its chance to
|
# if host was exploited, before continue to closing the tunnel ensure the exploited host had its chance to
|
||||||
# connect to the tunnel
|
# connect to the tunnel
|
||||||
|
|
||||||
|
#TODO change back
|
||||||
|
time.sleep(WormConfiguration.keep_tunnel_open_time)
|
||||||
|
|
||||||
if len(self._exploited_machines) > 0:
|
if len(self._exploited_machines) > 0:
|
||||||
time_to_sleep = WormConfiguration.keep_tunnel_open_time
|
time_to_sleep = WormConfiguration.keep_tunnel_open_time
|
||||||
LOG.info("Sleeping %d seconds for exploited machines to connect to tunnel", time_to_sleep)
|
LOG.info("Sleeping %d seconds for exploited machines to connect to tunnel", time_to_sleep)
|
||||||
|
|
|
@ -7,6 +7,8 @@ import urllib
|
||||||
from logging import getLogger
|
from logging import getLogger
|
||||||
from urllib.parse import urlsplit
|
from urllib.parse import urlsplit
|
||||||
|
|
||||||
|
import requests
|
||||||
|
|
||||||
import infection_monkey.monkeyfs as monkeyfs
|
import infection_monkey.monkeyfs as monkeyfs
|
||||||
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
|
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
|
||||||
from infection_monkey.network.tools import get_interface_to_target
|
from infection_monkey.network.tools import get_interface_to_target
|
||||||
|
@ -110,6 +112,19 @@ class HTTPConnectProxyHandler(http.server.BaseHTTPRequestHandler):
|
||||||
proxy_via = None # pseudonym of the proxy in Via header, set to None not to modify original Via header
|
proxy_via = None # pseudonym of the proxy in Via header, set to None not to modify original Via header
|
||||||
protocol_version = "HTTP/1.1"
|
protocol_version = "HTTP/1.1"
|
||||||
|
|
||||||
|
def do_POST(self):
|
||||||
|
content_length = int(self.headers['Content-Length']) # <--- Gets the size of data
|
||||||
|
post_data = self.rfile.read(content_length).decode() # <--- Gets the data itself
|
||||||
|
r = requests.post(url=self.path, data=post_data)
|
||||||
|
if (r.status_code != 200):
|
||||||
|
# somehow forward post request to the next proxy
|
||||||
|
r = requests.post(url=self.path, data=post_data, proxy=self.path)
|
||||||
|
if (r.status_code != 200):
|
||||||
|
return self.send_response(404)
|
||||||
|
self.send_response(200)
|
||||||
|
self.end_headers()
|
||||||
|
self.wfile.write(r.content)
|
||||||
|
|
||||||
def version_string(self):
|
def version_string(self):
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
|
|
|
@ -126,7 +126,10 @@ class MonkeyTunnel(Thread):
|
||||||
def run(self):
|
def run(self):
|
||||||
self._broad_sock = _set_multicast_socket(self._timeout)
|
self._broad_sock = _set_multicast_socket(self._timeout)
|
||||||
self.l_ips = local_ips()
|
self.l_ips = local_ips()
|
||||||
self.local_port = get_free_tcp_port()
|
|
||||||
|
#TODO change back
|
||||||
|
self.local_port = 5002
|
||||||
|
#self.local_port = get_free_tcp_port()
|
||||||
|
|
||||||
if not self.local_port:
|
if not self.local_port:
|
||||||
return
|
return
|
||||||
|
|
|
@ -0,0 +1,41 @@
|
||||||
|
from http.server import HTTPServer, BaseHTTPRequestHandler
|
||||||
|
from urllib import parse
|
||||||
|
import urllib3
|
||||||
|
|
||||||
|
import requests
|
||||||
|
import pymongo
|
||||||
|
|
||||||
|
# Disable "unverified certificate" warnings when sending requests to island
|
||||||
|
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
|
||||||
|
|
||||||
|
|
||||||
|
class BootloaderHttpServer(HTTPServer):
|
||||||
|
|
||||||
|
def __init__(self, mongo_url):
|
||||||
|
self.mongo_client = pymongo.MongoClient(mongo_url)
|
||||||
|
server_address = ('', 5001)
|
||||||
|
super().__init__(server_address, BootloaderHTTPRequestHandler)
|
||||||
|
|
||||||
|
|
||||||
|
class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
|
||||||
|
|
||||||
|
def do_POST(self):
|
||||||
|
content_length = int(self.headers['Content-Length'])
|
||||||
|
post_data = self.rfile.read(content_length).decode()
|
||||||
|
conf = self.server.mongo_client['monkeyisland']['config'].find_one({'name': 'newconfig'})
|
||||||
|
if not conf:
|
||||||
|
conf = self.server.mongo_client['monkeyisland']['config'].find_one({'name': 'initial'})
|
||||||
|
island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_path_from_config(conf)
|
||||||
|
r = requests.post(url=island_server_path, data=post_data, verify=False)
|
||||||
|
if r.status_code != 200:
|
||||||
|
self.send_response(404)
|
||||||
|
else:
|
||||||
|
self.send_response(200)
|
||||||
|
self.end_headers()
|
||||||
|
self.wfile.write(r.content)
|
||||||
|
self.connection.close()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_bootloader_resource_path_from_config(config):
|
||||||
|
address = config['cnc']['servers']['current_server']
|
||||||
|
return parse.urljoin("https://"+address, "api/bootloader")
|
|
@ -3,6 +3,7 @@ import os.path
|
||||||
import sys
|
import sys
|
||||||
import time
|
import time
|
||||||
import logging
|
import logging
|
||||||
|
from threading import Thread
|
||||||
|
|
||||||
MINIMUM_MONGO_DB_VERSION_REQUIRED = "3.6.0"
|
MINIMUM_MONGO_DB_VERSION_REQUIRED = "3.6.0"
|
||||||
|
|
||||||
|
@ -25,9 +26,24 @@ from monkey_island.cc.utils import local_ip_addresses
|
||||||
from monkey_island.cc.environment.environment import env
|
from monkey_island.cc.environment.environment import env
|
||||||
from monkey_island.cc.database import is_db_server_up, get_db_version
|
from monkey_island.cc.database import is_db_server_up, get_db_version
|
||||||
from monkey_island.cc.resources.monkey_download import MonkeyDownload
|
from monkey_island.cc.resources.monkey_download import MonkeyDownload
|
||||||
|
from monkey_island.cc.bootloader_server import BootloaderHttpServer
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
|
logger.info("Starting bootloader server")
|
||||||
|
mongo_url = os.environ.get('MONGO_URL', env.get_mongo_url())
|
||||||
|
bootloader_server_thread = Thread(target=BootloaderHttpServer(mongo_url).serve_forever, daemon=True)
|
||||||
|
# island_server_thread = Thread(target=start_island_server)
|
||||||
|
|
||||||
|
bootloader_server_thread.start()
|
||||||
|
#island_server_thread.start()
|
||||||
|
start_island_server()
|
||||||
|
bootloader_server_thread.join()
|
||||||
|
#island_server_thread.join()
|
||||||
|
|
||||||
|
|
||||||
|
def start_island_server():
|
||||||
from tornado.wsgi import WSGIContainer
|
from tornado.wsgi import WSGIContainer
|
||||||
from tornado.httpserver import HTTPServer
|
from tornado.httpserver import HTTPServer
|
||||||
from tornado.ioloop import IOLoop
|
from tornado.ioloop import IOLoop
|
||||||
|
|
|
@ -1,24 +1,17 @@
|
||||||
import json
|
|
||||||
from datetime import datetime
|
|
||||||
import dateutil.parser
|
|
||||||
import flask_restful
|
import flask_restful
|
||||||
from flask import request
|
from flask import request, make_response
|
||||||
|
|
||||||
from monkey_island.cc.consts import DEFAULT_MONKEY_TTL_EXPIRY_DURATION_IN_SECONDS
|
|
||||||
from monkey_island.cc.database import mongo
|
|
||||||
from monkey_island.cc.models.monkey_ttl import create_monkey_ttl_document
|
|
||||||
from monkey_island.cc.services.config import ConfigService
|
|
||||||
from monkey_island.cc.services.node import NodeService
|
from monkey_island.cc.services.node import NodeService
|
||||||
|
|
||||||
WINDOWS_VERSIONS = {
|
WINDOWS_VERSIONS = {
|
||||||
"5.0" : "Windows 2000",
|
"5.0": "Windows 2000",
|
||||||
"5.1" : "Windows XP",
|
"5.1": "Windows XP",
|
||||||
"5.2" : "Windows XP/server 2003",
|
"5.2": "Windows XP/server 2003",
|
||||||
"6.0" : "Windows Vista/server 2008",
|
"6.0": "Windows Vista/server 2008",
|
||||||
"6.1" : "Windows 7/server 2008R2",
|
"6.1": "Windows 7/server 2008R2",
|
||||||
"6.2" : "Windows 8/server 2012",
|
"6.2": "Windows 8/server 2012",
|
||||||
"6.3" : "Windows 8.1/server 2012R2",
|
"6.3": "Windows 8.1/server 2012R2",
|
||||||
"10.0" : "Windows 10/server 2016-2019"
|
"10.0": "Windows 10/server 2016-2019"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -27,13 +20,8 @@ class Bootloader(flask_restful.Resource):
|
||||||
# Used by monkey. can't secure.
|
# Used by monkey. can't secure.
|
||||||
def post(self, **kw):
|
def post(self, **kw):
|
||||||
os_version = request.data.decode().split(" ")
|
os_version = request.data.decode().split(" ")
|
||||||
if (os_version[0] == "W"):
|
if (os_version[0][0] == "W"):
|
||||||
os_type = "windows"
|
os_type = "windows"
|
||||||
os_version = os_version[1:]
|
os_version = os_version[1:]
|
||||||
|
|
||||||
|
return make_response({"status": "OK"}, 200)
|
||||||
return {"id": "Abc"}
|
|
||||||
|
|
||||||
def get(self, guid=None, **kw):
|
|
||||||
NodeService.update_dead_monkeys()
|
|
||||||
return {}
|
|
||||||
|
|
Loading…
Reference in New Issue