p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Merge pull request #1689 from guardicore/1676-remove-agent-bootloader 

Remove agent bootloader
This commit is contained in:
Mike Salvatore 2022-02-03 12:13:27 -05:00 committed by GitHub
parent da58392050 3f639d40f3
commit d77af7de0b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 92 additions and 571 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -41,6 +41,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- Max victims to find/exploit, TCP scan interval and TCP scan get banner internal options. #1597
- MySQL fingerprinter. #1648
- MS08-067 (Conficker) exploiter. #1677
- Agent bootloader. #1676
### Fixed
- A bug in network map page that caused delay of telemetry log loading. #1545

17
docs/content/reference/operating_systems_support.md
View File

@ -44,21 +44,4 @@ Compatibility depends on GLIBC version (2.14+)[^1]. By default, these distributi
We also provide a Dockerfile on our [website](http://infectionmonkey.com/) that lets the Monkey Island run inside a container.
### Old machine bootloader
Some **older machines** still have partial compatibility and will be exploited and reported, but the Infection Monkey agent can't run on them. In these cases, old machine bootloader (a small C program) will be run, which reports some minor info like network interface configuration, GLIBC version, OS, etc.
**Old machine bootloader** also has a GLIBC 2.14+ requirement for Linux because the bootloader is included in the Pyinstaller bootloader, which uses Python 3.7 that in turn requires GLIBC 2.14+. If you think partial support for older machines is important, don't hesitate to open a new issue about it.
**Old machine bootloader** runs on machines with:
- Centos 7+
- Debian 7+
- Kali 2019+
- Oracle 7+
- Rhel 7+
- Suse 12+
- Ubuntu 14+
- **Windows XP/Server 2003+**
[^1]: The GLIBC >= 2.14 requirement exists because the Infection Monkey was built using this GLIBC version, and GLIBC is not backward compatible. We are also limited to the oldest GLIBC version compatible with Python 3.7.

6
monkey/infection_monkey/Pipfile
View File

@ -5,10 +5,9 @@ name = "pypi"
[packages]
cryptography = "==2.5" # We can't build 32bit ubuntu12 binary with newer versions of cryptography
pyinstaller = {git = "git://github.com/guardicore/pyinstaller"}
pyinstaller-hooks-contrib = "==2021.1" # Required to build docker with our pyinstaller branch
pyinstaller = "==4.2"
setuptools = "<=60.6.0" # https://github.com/pypa/setuptools/issues/3072 and https://github.com/pyinstaller/pyinstaller/issues/6564
impacket = ">=0.9"
importlib-metadata = "==4.0.1" # Required to build docker with our pyinstaller branch
ipaddress = ">=1.0.23"
netifaces = ">=0.10.9"
odict = "==1.7.0"
@ -23,7 +22,6 @@ ScoutSuite = {git = "git://github.com/guardicode/ScoutSuite"}
pyopenssl = "==19.0.0" # We can't build 32bit ubuntu12 binary with newer versions of pyopenssl
pypsrp = "*"
typing-extensions = "*" # Allows us to use 3.9 typing features on 3.7 project
altgraph = "*" # Required for pyinstaller branch, without it agents fail to build
pysmb = "*"
"WinSys-3.x" = "*"
ldaptor = "*"

251
monkey/infection_monkey/Pipfile.lock generated
View File

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "945e6a45bb4d4e87d66a82b788937b323596e4366daa44f743bca6eaf193045d"
"sha256": "250fc3013e7083083999fbf289f8898d63ceffc95a02e87920d254950832ea68"
},
"pipfile-spec": 6,
"requires": {
@ -29,7 +29,6 @@
"sha256:743628f2ac6a7c26f5d9223c91ed8ecbba535f506f4b6f558885a8a56a105857",
"sha256:ebf2269361b47d97b3b88e696439f6e4cbc607c17c51feb1754f90fb79839158"
],
"index": "pypi",
"version": "==0.17.2"
},
"asn1crypto": {
@ -48,11 +47,11 @@
},
"asysocks": {
"hashes": [
"sha256:9b33fe5ab6853ed2ac9eb1652f4a8593a78ad5ba258bd10fa4b81801e38729c2",
"sha256:a0a20e583fedb08c962a68dd50764a34424c41bd59a0ae952d8bb368a03eaa45"
"sha256:5ec0582252b0085d9337d13c6b03ab7fd062e487070667f9140e6972bd9db256",
"sha256:b97ac905cd4ca1e7a8e7c295f9cb22ced5dfd3f17e888e71cbf05a1d67a4d393"
],
"markers": "python_version >= '3.6'",
"version": "==0.1.2"
"version": "==0.1.6"
},
"attrs": {
"hashes": [
@ -87,19 +86,19 @@
},
"boto3": {
"hashes": [
"sha256:49499acf3f1dbb5f09eb93abfeb4025cd76fb7880c16a01a2901dfa335496f0d",
"sha256:d2fce99e42cb7cb263f3ff272bc707aa6a66bc6ab30d90bf0ff6cbdddd867cfa"
"sha256:1903e4462b08f7696a8d0977361fe9e35e7a50d9e70d7abd72a3a17012741938",
"sha256:34e5ae33ef65b1c4e2e197009e88df5dc217386699939ae897d7fcdb5a6ff295"
],
"markers": "python_version >= '3.6'",
"version": "==1.20.42"
"version": "==1.20.47"
},
"botocore": {
"hashes": [
"sha256:a58f1e559ff2c65495f55ac48217afefb56f2d709d30f7377c40287e8c5765d0",
"sha256:e2e5509934e634a374afa560de4ddc770bb562c7259cb63cd92aa7e54f943bc1"
"sha256:82da38e309bd6fd6303394e6e9d1ea50626746f2911e3fec996f9046c5d85085",
"sha256:a89b1be0a7f235533d8279d90b0b15dc2130d0552a9f7654ba302b564ab5688a"
],
"markers": "python_version >= '3.6'",
"version": "==1.23.42"
"version": "==1.23.47"
},
"certifi": {
"hashes": [
@ -173,11 +172,11 @@
},
"charset-normalizer": {
"hashes": [
"sha256:876d180e9d7432c5d1dfd4c5d26b72f099d503e8fcc0feb7532c9289be60fcbd",
"sha256:cb957888737fc0bbcd78e3df769addb41fd1ff8cf950dc9e7ad7793f1bf44455"
"sha256:2842d8f5e82a1f6aa437380934d5e1cd4fcf2003b06fed6940769c164a480a45",
"sha256:98398a9d69ee80548c762ba991a4728bfc3836768ed226b3945908d1a688371c"
],
"markers": "python_version >= '3'",
"version": "==2.0.10"
"version": "==2.0.11"
},
"cheroot": {
"hashes": [
@ -211,14 +210,6 @@
"markers": "python_version >= '3.6'",
"version": "==8.0.3"
},
"colorama": {
"hashes": [
"sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b",
"sha256:9f47eda37229f68eee03b24b9748937c7dc3868f906e8ba69fbcbdd3bc5dc3e2"
],
"markers": "platform_system == 'Windows' and sys_platform == 'win32' and platform_system == 'Windows'",
"version": "==0.4.4"
},
"coloredlogs": {
"hashes": [
"sha256:34fad2e342d5a559c31b6c889e8d14f97cb62c47d9a2ae7b5ed14ea10a79eff8",
@ -263,7 +254,7 @@
"sha256:081649da27ced5e75709a1ee542136eaba9842a0fe4c03da4fb0a3d3ed1f3c44",
"sha256:e79351e032d0b606b98d38a4b0e6e2275b31a5b85c873e587cc11b73aca026d6"
],
"markers": "python_version >= '3.6' and python_version < '4'",
"markers": "python_version >= '3.6' and python_version < '4.0'",
"version": "==2.2.0"
},
"flask": {
@ -283,9 +274,9 @@
},
"httpagentparser": {
"hashes": [
"sha256:ef763d31993dd761825acee6c8b34be32b95cf1675d1c73c3cd35f9e52831b26"
"sha256:a190dfdc5e63b2f1c87729424b19cbc49263d6a1fb585a16ac1c9d9ce127a4bf"
],
"version": "==1.9.1"
"version": "==1.9.2"
},
"humanfriendly": {
"hashes": [
@ -319,11 +310,11 @@
},
"importlib-metadata": {
"hashes": [
"sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581",
"sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"
"sha256:899e2a40a8c4a1aec681feef45733de8a6c58f3f6a0dbed2eb6574b4387a77b6",
"sha256:951f0d8a5b7260e9db5e41d429285b5f451e928479f19d80818878527d36e95e"
],
"index": "pypi",
"version": "==4.0.1"
"markers": "python_version < '3.8'",
"version": "==4.10.1"
},
"importlib-resources": {
"hashes": [
@ -523,18 +514,18 @@
},
"minikerberos": {
"hashes": [
"sha256:30d0fbaf81a4c7d46710c80497ad905c562bd4d125a22850d87794f61ca1b31f",
"sha256:ef64434457cf1c89d8f5d6ae91748775ac8adfa917ddc21d12838d3c43e6e979"
"sha256:eba89d5c649241a3367839ebd1c0333b9a9e4fe514746e246a6a1f2cb7bde26e",
"sha256:f556a6015904147c3302e9038b49f766c975df6aeb1725027cd7fc68ba993864"
],
"markers": "python_version >= '3.6'",
"version": "==0.2.14"
"version": "==0.2.16"
},
"more-itertools": {
"hashes": [
"sha256:43e6dd9942dffd72661a2c4ef383ad7da1e6a3e968a927ad7a6083ab410a688b",
"sha256:7dc6ad46f05f545f900dd59e8dfb4e84a4827b97b3cfecb175ea0c7d247f6064"
],
"markers": "python_version >= '3.6'",
"markers": "python_version >= '3.5'",
"version": "==8.12.0"
},
"msldap": {
@ -634,11 +625,11 @@
},
"prompt-toolkit": {
"hashes": [
"sha256:1bb05628c7d87b645974a1bad3f17612be0c29fa39af9f7688030163f680bad6",
"sha256:e56f2ff799bacecd3e88165b1e2f5ebf9bcd59e80e06d395fa0cc4b8bd7bb506"
"sha256:4bcf119be2200c17ed0d518872ef922f1de336eb6d1ddbd1e089ceb6447d97c6",
"sha256:a51d41a6a45fd9def54365bca8f0402c8f182f2b6f7e29c74d55faeb9fb38ac4"
],
"markers": "python_full_version >= '3.6.2'",
"version": "==3.0.24"
"version": "==3.0.26"
},
"psutil": {
"hashes": [
@ -722,89 +713,55 @@
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.21"
},
"pycryptodome": {
"hashes": [
"sha256:008ef2c631f112cd5a58736e0b29f4a28b4bb853e68878689f8b476fd56e0691",
"sha256:073dedf0f9c490ae22ca081b86357646ac9b76f3e2bd89119d137fc697a9e3b6",
"sha256:0896d5d15ffe584d46cb9b69a75cf14a2bc8f6daf635b7bf16c1b041342a44b1",
"sha256:1fb7a6f222072412f320b9e48d3ce981920efbfce37b06d028ec9bd94093b37f",
"sha256:4f1b594d0cf35bd12ec4244df1155a7f565bf6e6245976ac36174c1564688c90",
"sha256:51ebe9624ad0a0b4da1aaaa2d43aabadf8537737fd494cee0ffa37cd6326de02",
"sha256:681ac47c538c64305d710eaed2bb49532f62b3f4c93aa7c423c520df981392e5",
"sha256:702446a012fd9337b9327d168bb0c7dc714eb93ad361f6f61af9ca8305a301f1",
"sha256:720fafdf3e5c5de93039d8308f765cc60b8e9e7e852ad7135aa65dd89238191f",
"sha256:72de8c4d71e6b11d54528bb924447fa4fdabcbb3d76cc0e7f61d3b6075def6b3",
"sha256:765b8b16bc1fd699e183dde642c7f2653b8f3c9c1a50051139908e9683f97732",
"sha256:7a8b0e526ff239b4f4c61dd6898e2474d609843ffc437267f3a27ddff626e6f6",
"sha256:7b3478a187d897f003b2aa1793bcc59463e8d57a42e2aafbcbbe9cd47ec46863",
"sha256:857c16bffd938254e3a834cd6b2a755ed24e1a953b1a86e33da136d3e4c16a6f",
"sha256:88d6d54e83cf9bbd665ce1e7b9079983ee2d97a05f42e0569ff00a70f1dd8b1e",
"sha256:95bacf9ff7d1b90bba537d3f5f6c834efe6bfbb1a0195cb3573f29e6716ef08d",
"sha256:9c8e0e6c5e982699801b20fa74f43c19aa080d2b53a39f3c132d35958e153bd4",
"sha256:9ea70f6c3f6566159e3798e4593a4a8016994a0080ac29a45200615b45091a1b",
"sha256:b3af53dddf848afb38b3ac2bae7159ddad1feb9bac14aa3acec6ef1797b82f8d",
"sha256:ca6db61335d07220de0b665bfee7b8e9615b2dfc67a54016db4826dac34c2dd2",
"sha256:cb9453c981554984c6f5c5ce7682d7286e65e2173d7416114c3593a977a01bf5",
"sha256:d92a5eddffb0ad39f582f07c1de26e9daf6880e3e782a94bb7ebaf939567f8bf",
"sha256:deede160bdf87ddb71f0a1314ad5a267b1a960be314ea7dc6b7ad86da6da89a3",
"sha256:e3affa03c49cce7b0a9501cc7f608d4f8e61fb2522b276d599ac049b5955576d",
"sha256:e420cdfca73f80fe15f79bb34756959945231a052440813e5fce531e6e96331a",
"sha256:e468724173df02f9d83f3fea830bf0d04aa291b5add22b4a78e01c97aab04873",
"sha256:e5d72be02b17e6bd7919555811264403468d1d052fa67c946e402257c3c29a27",
"sha256:eec02d9199af4b1ccfe1f9c587691a07a1fa39d949d2c1dc69d079ab9af8212f",
"sha256:f5457e44d3f26d9946091e92b28f3e970a56538b96c87b4b155a84e32a40b7b5",
"sha256:f7aad304575d075faf2806977b726b67da7ba294adc97d878f92a062e357a56a"
],
"index": "pypi",
"version": "==3.13.0"
},
"pycryptodomex": {
"hashes": [
"sha256:00e37d478c0f040639ab41a9d5280291ad2b3b5f25b9aad5baa1d5ecb578a3f6",
"sha256:04a38a7dc484f5e3152a69e4eab89d9340c2ad3b7c4a27d2ee256e5fb878c469",
"sha256:05e0e3b78b7ccc0b7c5f88596d51fdc8533adb91070b93e18cec12ca3b43deb3",
"sha256:0ec86fca2114e8c58fe6bfc7e04ee91568a813139dcf4334819aa44876764bcf",
"sha256:182962b3612c0d12748fa770f1ef0556ba8ba2c442834450e08acb31d9e6d2ed",
"sha256:2f2bcee2ef59597bfcb755eef2c98294094c1c9b64e9b9195cc9e71be83adb92",
"sha256:2f7db8d85294c1123e700097af407425fd4c9e6c58b688f391de7053c6a60317",
"sha256:3b7656189c259bb2b838559f0a11b533d4d18409ab6d9119c00bae436c3d3e34",
"sha256:5a2014598ceb19c34f14815a26536e5cc24167ea4d402f0aec2a52b18960c668",
"sha256:63443230247837dd03c5d4028cae5cb2e6793a9ae110e321798bee48a04ff3e9",
"sha256:68fb861b41a889c2efdf2795b0d46aa05d4748543bc4e0bca5886c929c7cbdef",
"sha256:6b3c06e6d235f475395a7e150f2e562a3e9d749fb40c6d81240596f73809346c",
"sha256:6d50723984ba802904618ef5bfe257a0f9644e76821d323f79f27be5adb9ece7",
"sha256:7fb188c9a0f69d4f7b607780641ef7aec7f02a8dad689512b17bdf04c96ce6e3",
"sha256:7fb9d1ab6a10cfc8c8c7e11f004e01c8a1beff5fd4118370d95110735cc23117",
"sha256:80eedc23c4c4d3655c6a7d315a01f0e9d460c7070c5c3af4952937b4f2c0da6f",
"sha256:9fa76261100b450e5aca2990ba982e5294ba383f653da041a71b4ac1cbaed1ff",
"sha256:b11331510cfd08ec4416f37dc8f072541d7b7240ba924c71288f7218aad36bdf",
"sha256:b4240991748ae0f57a0120b8d905b2d9f835fee02968fc11faec929ef6915ee6",
"sha256:b7b059517d84c57f25c6fd3b2e03a1b2945df2e585b96109bcd11e56f6c9e610",
"sha256:b975ce778ea2c65f399ab889a661e118bb68b85db47d93e0442eb1ba1f554794",
"sha256:c87f62de9e167031ad4179efb1fda4012bb6f7363472a61254e4426bda6bcb64",
"sha256:ccd301d2e71d243b0fad8c4642116c538d7d405d35b6026cf4dcee463a667a2e",
"sha256:dce2bfd0f285c3fcff89e4239c55f5fbe664ff435ee45abfc154aac0f222ab14",
"sha256:dfb8bcd45e504e1c26f0bfc404f3edd08f8c8057dfe04fbf6159adc8694ff97a",
"sha256:e1900d7f16a03b869be3572e7664757c14316329a4d79ecee5a0083fad8c81b0",
"sha256:e2ddfbcb2c4c7cb8f79db49e284280be468699c701b92d30fd1e46a786b39f5b",
"sha256:eb4eea028a7ad28458abf8b98ae14af2fd9baeb327a0adb6af05a488e4d9e9a1",
"sha256:f3a29bb51e5f9b46004b5be16bcbe4e1b2d2754cbe201e1a0b142c307bdf4c73",
"sha256:f553abcb3572242fed87e308a6b91a9bc5a74b801b5d093969391b0500be718b"
"sha256:00eb17ee2b8eb9d84df37d54bc7070ff45903b90535558c2e0ddb5e6957521d3",
"sha256:05b36726ce5521ce0feb25ea11e866261089edd7fad44df4ced9f7f45a9d4c3b",
"sha256:110b319189915a66d14df13d233a2dbb54f00df21f3167de1cad340bf4dd88bd",
"sha256:15e6f5b4a81109eb8e9a02c954fe119f6c57836fd55a9891ba703ddfbd690587",
"sha256:1b07a13ed73d00a97af7c3733b807007d2249cd236a33955a7dec1939c232b28",
"sha256:2040a22a30780da743835c7c71307558688065d6c22e18ac3e44082dc3323d8f",
"sha256:264a701bb6e8aedf4b71bcb9eb83b93020041e96112ccfe873a16964d41ade74",
"sha256:2d8bda8f949b79b78b293706aa7fc1e5c171c62661252bfdd5d12c70acd03282",
"sha256:2e2da1eabb426cbeb4922c981bb843f36427f8365ef7e46bc581a55d7ea67643",
"sha256:3ad75e24a0e25396901273a9a2aaba0286fa74703e5b61731942f6914a1e1cbe",
"sha256:3c06abf17c68cf87c4e81e1745f0afbe4427413684a122a9d044a8a1d3c6d959",
"sha256:3c195eecd43e48d0a06267df6945958f5f566eef160a5b01c519434cfa6d368a",
"sha256:3c9ee5e77dd9cb19fe09765b6c02e3784cdbd2e5ecfbc67c8e9628073f79b981",
"sha256:484ad0f50fd49bec4d2b8c0e5a3ad70e278ed3390bfd5c4515dc896f31b45d6c",
"sha256:4b046c3d50fe4bb57386567ff47a588b1bbe1ddf3d9e2b23aede09fa97511f5f",
"sha256:50684f16b12f1dcca8018d2711fb87044c74038ce9322d36f6ee9d09fcda7e6f",
"sha256:6940b6730bab7128c993b562abf018560aa5b861da92854cf050b5f96d4713df",
"sha256:76fe9ad943480507952cd7c96c20f6c8af78145f944cb66bbba63f2872d9988e",
"sha256:7bcc5d3904abe5cfac5acc67679e330b0402473e839f94b59e13efdc2c2945d5",
"sha256:8310782ac84fa1df93703081af6791549451a380ad88670c2484f75e26c6485f",
"sha256:88eb239d6af71ba2098a4cfea516add37881d55b76b38d9e297f77a65bb9a8cf",
"sha256:9afea78c31f3714b06673d2c5b8874f31c19c03258645733546a320da2e6df23",
"sha256:a11884621c2a5fe241ccf2adf34e4fdde162e91fbc3207f0a0db122ad2b7a061",
"sha256:b0277a201196b7825b21a405e0a70167f277b8d5666031e65c9af7a715cb0833",
"sha256:b5ff95687c4008f76091849e5333692e6a54a93399cd8fda7e1ba523734136f4",
"sha256:c565b89fb91ecb60273b2dcedb5149b48a1ec4227cef8c63fd77ec0f33eaf75a",
"sha256:d689b368ca8b3ec1e60cc609eae14d4e352d10fe807ca9906f77f0712ab05a37",
"sha256:f3bb1e722ad57de1999c8db54b58507b47771de4a294115c00f785f1d5913ec1",
"sha256:fbff384c2080106b3f5f7cfa96728f02e627be7f7cd1657d9cf63300a16d0864",
"sha256:fd2657134b633523db551b96b095387083a459d77e93b9cc888c9f13edb7a6f6"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==3.13.0"
"version": "==3.14.0"
},
"pyinstaller": {
"git": "git://github.com/guardicore/pyinstaller",
"ref": "913259a5cd2baece06b0eed3618eb75b1bc7fad6"
"hashes": [
"sha256:f5c0eeb2aa663cce9a5404292c0195011fa500a6501c873a466b2e8cad3c950c"
],
"index": "pypi",
"version": "==4.2"
},
"pyinstaller-hooks-contrib": {
"hashes": [
"sha256:27558072021857d89524c42136feaa2ffe4f003f1bdf0278f9b24f6902c1759c",
"sha256:892310e6363655838485ee748bf1c5e5cade7963686d9af8650ee218a3e0b031"
"sha256:29f0bd8fbb2ff6f2df60a0c147e5b5ad65ae5c1a982d90641a5f712de03fa161",
"sha256:61b667f51b2525377fae30793f38fd9752a08032c72b209effabf707c840cc38"
],
"index": "pypi",
"version": "==2021.1"
"version": "==2022.0"
},
"pymssql": {
"hashes": [
@ -875,11 +832,11 @@
},
"pypsrp": {
"hashes": [
"sha256:c0912096858ff8c53a3cf22cc46c3ce20e6ec5e2deade342088e87a81dbadac8",
"sha256:d7144ad7c798a4dcded20a71c712d63eb4bfb32debe62f3a98f01481384a5558"
"sha256:50d0dce9bf2cb852e3395029e40501ca1f5466ccc5c683c960ce527117676c20",
"sha256:84e8ee098c87858b0a8ba84deec674ebf3f286d3159cf3da9d6a4bfdd06bf3af"
],
"index": "pypi",
"version": "==0.7.0"
"version": "==0.8.0"
},
"pypykatz": {
"hashes": [
@ -889,15 +846,6 @@
"index": "pypi",
"version": "==0.3.12"
},
"pyreadline": {
"hashes": [
"sha256:4530592fc2e85b25b1a9f79664433da09237c1a270e4d78ea5aa3a2c7229e2d1",
"sha256:65540c21bfe14405a3a77e4c085ecfce88724743a4ead47c66b84defcf82c32e",
"sha256:9ce5fa65b8992dfa373bddc5b6e0864ead8f291c94fbfec05fbd5c836162e67b"
],
"markers": "python_version < '3.8' and sys_platform == 'win32'",
"version": "==2.1"
},
"pysmb": {
"hashes": [
"sha256:298605b8f467ce15b412caaf9af331c135e88fa2172333af14b1b2916361cb6b"
@ -938,24 +886,6 @@
],
"version": "==2021.3"
},
"pywin32": {
"hashes": [
"sha256:2a09632916b6bb231ba49983fe989f2f625cea237219530e81a69239cd0c4559",
"sha256:51cb52c5ec6709f96c3f26e7795b0bf169ee0d8395b2c1d7eb2c029a5008ed51",
"sha256:5f9ec054f5a46a0f4dfd72af2ce1372f3d5a6e4052af20b858aa7df2df7d355b",
"sha256:6fed4af057039f309263fd3285d7b8042d41507343cd5fa781d98fcc5b90e8bb",
"sha256:793bf74fce164bcffd9d57bb13c2c15d56e43c9542a7b9687b4fccf8f8a41aba",
"sha256:79cbb862c11b9af19bcb682891c1b91942ec2ff7de8151e2aea2e175899cda34",
"sha256:7d3271c98434617a11921c5ccf74615794d97b079e22ed7773790822735cc352",
"sha256:aad484d52ec58008ca36bd4ad14a71d7dd0a99db1a4ca71072213f63bf49c7d9",
"sha256:b1675d82bcf6dbc96363fca747bac8bff6f6e4a447a4287ac652aa4b9adc796e",
"sha256:c268040769b48a13367221fced6d4232ed52f044ffafeda247bd9d2c6bdc29ca",
"sha256:d9b5d87ca944eb3aa4cd45516203ead4b37ab06b8b777c54aedc35975dec0dee",
"sha256:fcf44032f5b14fcda86028cdf49b6ebdaea091230eb0a757282aa656e4732439"
],
"markers": "python_version < '3.10' and sys_platform == 'win32' and implementation_name == 'cpython'",
"version": "==303"
},
"requests": {
"hashes": [
"sha256:68d7c56fd5a8999887728ef304a6d12edc7be74f1cfa47714fc8b414525c9a61",
@ -966,11 +896,11 @@
},
"s3transfer": {
"hashes": [
"sha256:50ed823e1dc5868ad40c8dc92072f757aa0e653a192845c94a3b676f4a62da4c",
"sha256:9c1dc369814391a6bda20ebbf4b70a0f34630592c9aa520856bf384916af2803"
"sha256:25c140f5c66aa79e1ac60be50dcd45ddc59e83895f062a3aab263b870102911f",
"sha256:69d264d3e760e569b78aaa0f22c97e955891cd22e32b10c51f784eeda4d9d10a"
],
"markers": "python_version >= '3.6'",
"version": "==0.5.0"
"version": "==0.5.1"
},
"scoutsuite": {
"git": "git://github.com/guardicode/ScoutSuite",
@ -983,6 +913,14 @@
],
"version": "==21.1.0"
},
"setuptools": {
"hashes": [
"sha256:c99207037c38984eae838c2fd986f39a9ddf4fabfe0fddd957e622d1d1dcdd05",
"sha256:eb83b1012ae6bf436901c2a2cee35d45b7260f31fd4b65fd1e50a9f99c11d7f8"
],
"index": "pypi",
"version": "==60.6.0"
},
"six": {
"hashes": [
"sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926",
@ -999,11 +937,11 @@
},
"tempora": {
"hashes": [
"sha256:8d743059a4ea496d925f35480c6d206a7160cacebcd6a31e147fb495dcb732af",
"sha256:aa21dd1956e29559ecb2f2f2e14fcdb950085222fbbf86e6c946b5e1a8c36b26"
"sha256:cba0f197a64883bf3e73657efbc0324d5bf17179e7769b1385b4d75d26cd9127",
"sha256:fbca6a229af666ea4ea8b2f9f80ac9a074f7cf53a97987855b1d15b6e93fd63b"
],
"markers": "python_version >= '3.7'",
"version": "==5.0.0"
"version": "==5.0.1"
},
"tqdm": {
"hashes": [
@ -1024,24 +962,6 @@
"markers": "python_full_version >= '3.6.7'",
"version": "==21.7.0"
},
"twisted-iocpsupport": {
"hashes": [
"sha256:306becd6e22ab6e8e4f36b6bdafd9c92e867c98a5ce517b27fdd27760ee7ae41",
"sha256:3c61742cb0bc6c1ac117a7e5f422c129832f0c295af49e01d8a6066df8cfc04d",
"sha256:72068b206ee809c9c596b57b5287259ea41ddb4774d86725b19f35bf56aa32a9",
"sha256:7d972cfa8439bdcb35a7be78b7ef86d73b34b808c74be56dfa785c8a93b851bf",
"sha256:81b3abe3527b367da0220482820cb12a16c661672b7bcfcde328902890d63323",
"sha256:851b3735ca7e8102e661872390e3bce88f8901bece95c25a0c8bb9ecb8a23d32",
"sha256:985c06a33f5c0dae92c71a036d1ea63872ee86a21dd9b01e1f287486f15524b4",
"sha256:9dbb8823b49f06d4de52721b47de4d3b3026064ef4788ce62b1a21c57c3fff6f",
"sha256:b435857b9efcbfc12f8c326ef0383f26416272260455bbca2cd8d8eca470c546",
"sha256:b76b4eed9b27fd63ddb0877efdd2d15835fdcb6baa745cb85b66e5d016ac2878",
"sha256:b9fed67cf0f951573f06d560ac2f10f2a4bbdc6697770113a2fc396ea2cb2565",
"sha256:bf4133139d77fc706d8f572e6b7d82871d82ec7ef25d685c2351bdacfb701415"
],
"markers": "platform_system == 'Windows'",
"version": "==1.0.2"
},
"typing-extensions": {
"hashes": [
"sha256:4ca091dea149f945ec56afb48dae714f21e8692ef22a395223bcd328961b6a0e",
@ -1086,7 +1006,7 @@
"sha256:a2ad9c0f6d70f6e0e0d1f54b8582054c62d8a09f346b5ccaf55da68628ca10e1",
"sha256:a64624a25fc2d3663a2c5376c5291f3c7531e9c8051571de9ca9db8bf25746c2"
],
"markers": "platform_system == 'Windows'",
"markers": "python_version >= '3.6'",
"version": "==0.0.9"
},
"winsys-3.x": {
@ -1101,7 +1021,6 @@
"sha256:1d6b085e5c445141c475476000b661f60fff1aaa19f76bf82b7abb92e0ff4942",
"sha256:b6a6be5711b1b6c8d55bda7a8befd75c48c12b770b9d227d31c1737dbf0d40a6"
],
"index": "pypi",
"markers": "sys_platform == 'win32'",
"version": "==1.5.1"
},
@ -1117,7 +1036,7 @@
"sha256:9f50f446828eb9d45b267433fd3e9da8d801f614129124863f9c51ebceafb87d",
"sha256:b47250dd24f92b7dd6a0a8fc5244da14608f3ca90a5efcd37a3b1642fac9a375"
],
"markers": "python_version < '3.10'",
"markers": "python_version >= '3.7'",
"version": "==3.7.0"
},
"zope.interface": {

1
monkey/infection_monkey/monkey.spec
View File

@ -74,6 +74,7 @@ def get_hidden_imports():
imports = ['_cffi_backend', '_mssql']
if is_windows():
imports.append('queue')
imports.append('pkg_resources.py2_warn')
return imports

30
monkey/infection_monkey/transport/http.py
View File

@ -7,11 +7,7 @@ import urllib
from logging import getLogger
from urllib.parse import urlsplit
import requests
import infection_monkey.control
import infection_monkey.monkeyfs as monkeyfs
from common.common_consts.timeouts import SHORT_REQUEST_TIMEOUT
from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
@ -114,32 +110,6 @@ class FileServHTTPRequestHandler(http.server.BaseHTTPRequestHandler):
class HTTPConnectProxyHandler(http.server.BaseHTTPRequestHandler):
timeout = 30 # timeout with clients, set to None not to make persistent connection
def do_POST(self):
try:
content_length = int(self.headers["Content-Length"])
post_data = self.rfile.read(content_length).decode()
logger.info("Received bootloader's request: {}".format(post_data))
try:
dest_path = self.path
r = requests.post( # noqa: DUO123
url=dest_path,
data=post_data,
verify=False,
proxies=infection_monkey.control.ControlClient.proxies,
timeout=SHORT_REQUEST_TIMEOUT,
)
self.send_response(r.status_code)
except requests.exceptions.ConnectionError as e:
logger.error("Couldn't forward request to the island: {}".format(e))
self.send_response(404)
except Exception as e:
logger.error("Failed to forward bootloader request: {}".format(e))
finally:
self.end_headers()
self.wfile.write(r.content)
except Exception as e:
logger.error("Failed receiving bootloader telemetry: {}".format(e))
def version_string(self):
return ""

2
monkey/monkey_island/cc/app.py
View File

@ -18,7 +18,6 @@ from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyB
from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (
TelemetryBlackboxEndpoint,
)
from monkey_island.cc.resources.bootloader import Bootloader
from monkey_island.cc.resources.client_run import ClientRun
from monkey_island.cc.resources.configuration_export import ConfigurationExport
from monkey_island.cc.resources.configuration_import import ConfigurationImport
@ -127,7 +126,6 @@ def init_api_resources(api):
"/api/monkey/<string:guid>",
"/api/monkey/<string:guid>/<string:config_format>",
)
api.add_resource(Bootloader, "/api/bootloader/<string:os>")
api.add_resource(LocalRun, "/api/local-monkey")
api.add_resource(ClientRun, "/api/client-monkey")
api.add_resource(Telemetry, "/api/telemetry", "/api/telemetry/<string:monkey_guid>")

2
monkey/monkey_island/cc/models/config.py
View File

@ -1,4 +1,4 @@
from mongoengine import EmbeddedDocument, BooleanField
from mongoengine import BooleanField, EmbeddedDocument
class Config(EmbeddedDocument):

41
monkey/monkey_island/cc/resources/bootloader.py
View File

@ -1,41 +0,0 @@
import json
from typing import Dict
import flask_restful
from flask import make_response, request
from monkey_island.cc.services.bootloader import BootloaderService
class Bootloader(flask_restful.Resource):
# Used by monkey. can't secure.
def post(self, os):
if os == "linux":
data = Bootloader._get_request_contents_linux(request.data)
elif os == "windows":
data = Bootloader._get_request_contents_windows(request.data)
else:
return make_response({"status": "OS_NOT_FOUND"}, 404)
result = BootloaderService.parse_bootloader_telem(data)
if result:
return make_response({"status": "RUN"}, 200)
else:
return make_response({"status": "ABORT"}, 200)
@staticmethod
def _get_request_contents_linux(request_data: bytes) -> Dict[str, str]:
parsed_data = json.loads(
request_data.decode()
.replace('"\n', "")
.replace("\n", "")
.replace('NAME="', "")
.replace('":",', '":"",')
)
return parsed_data
@staticmethod
def _get_request_contents_windows(request_data: bytes) -> Dict[str, str]:
return json.loads(request_data.decode("utf-16", "ignore"))

14
monkey/monkey_island/cc/server_setup.py
View File

@ -3,7 +3,6 @@ import json
import logging
import sys
from pathlib import Path
from threading import Thread
import gevent.hub
from gevent.pywsgi import WSGIServer
@ -22,7 +21,6 @@ from monkey_island.cc.app import init_app # noqa: E402
from monkey_island.cc.arg_parser import IslandCmdArgs # noqa: E402
from monkey_island.cc.arg_parser import parse_cli_args # noqa: E402
from monkey_island.cc.resources.monkey_download import MonkeyDownload # noqa: E402
from monkey_island.cc.server_utils.bootloader_server import BootloaderHttpServer # noqa: E402
from monkey_island.cc.server_utils.consts import ( # noqa: E402
GEVENT_EXCEPTION_LOG,
MONGO_CONNECTION_TIMEOUT,
@ -137,8 +135,6 @@ def _start_island_server(should_setup_only, config_options: IslandConfigOptions)
logger.warning("Setup only flag passed. Exiting.")
return
bootloader_server_thread = _start_bootloader_server()
logger.info(
f"Using certificate path: {config_options.crt_path}, and key path: "
f"{config_options.key_path}."
@ -155,16 +151,6 @@ def _start_island_server(should_setup_only, config_options: IslandConfigOptions)
_log_init_info()
http_server.serve_forever()
bootloader_server_thread.join()
def _start_bootloader_server() -> Thread:
bootloader_server_thread = Thread(target=BootloaderHttpServer().serve_forever, daemon=True)
bootloader_server_thread.start()
return bootloader_server_thread
def _log_init_info():
MonkeyDownload.log_executable_hashes()

52
monkey/monkey_island/cc/server_utils/bootloader_server.py
View File

@ -1,52 +0,0 @@
import logging
from http.server import BaseHTTPRequestHandler, HTTPServer
from socketserver import ThreadingMixIn
from urllib import parse
import requests
import urllib3
from common.common_consts.timeouts import SHORT_REQUEST_TIMEOUT
from monkey_island.cc.server_utils.consts import ISLAND_PORT
# Disable "unverified certificate" warnings when sending requests to island
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) # noqa: DUO131
logger = logging.getLogger(__name__)
class BootloaderHttpServer(ThreadingMixIn, HTTPServer):
def __init__(self):
server_address = ("", 5001)
super().__init__(server_address, BootloaderHTTPRequestHandler)
class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
def do_POST(self):
content_length = int(self.headers["Content-Length"])
post_data = self.rfile.read(content_length).decode()
island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_url(
self.request.getsockname()[0]
)
island_server_path = parse.urljoin(island_server_path, self.path[1:])
# The island server doesn't always have a correct SSL cert installed
# (By default it comes with a self signed one),
# that's why we're not verifying the cert in this request.
r = requests.post( # noqa: DUO123
url=island_server_path, data=post_data, verify=False, timeout=SHORT_REQUEST_TIMEOUT
)
try:
if r.status_code != 200:
self.send_response(404)
else:
self.send_response(200)
self.end_headers()
self.wfile.write(r.content)
except Exception as e:
logger.error("Failed to respond to bootloader: {}".format(e))
finally:
self.connection.close()
@staticmethod
def get_bootloader_resource_url(server_ip):
return "https://" + server_ip + ":" + str(ISLAND_PORT) + "/api/bootloader/"

71
monkey/monkey_island/cc/services/bootloader.py
View File

@ -1,71 +0,0 @@
from typing import Dict, List
from bson import ObjectId
from monkey_island.cc.database import mongo
from monkey_island.cc.services.node import NodeCreationException, NodeService
from monkey_island.cc.services.utils.bootloader_config import (
MIN_GLIBC_VERSION,
SUPPORTED_WINDOWS_VERSIONS,
)
from monkey_island.cc.services.utils.node_states import NodeStates
class BootloaderService:
@staticmethod
def parse_bootloader_telem(telem: Dict) -> bool:
telem["ips"] = BootloaderService.remove_local_ips(telem["ips"])
if telem["os_version"] == "":
telem["os_version"] = "Unknown OS"
telem_id = BootloaderService.get_mongo_id_for_bootloader_telem(telem)
mongo.db.bootloader_telems.update({"_id": telem_id}, {"$setOnInsert": telem}, upsert=True)
will_monkey_run = BootloaderService.is_os_compatible(telem)
try:
node = NodeService.get_or_create_node_from_bootloader_telem(telem, will_monkey_run)
except NodeCreationException:
# Didn't find the node, but allow monkey to run anyways
return True
node_group = BootloaderService.get_next_node_state(node, telem["system"], will_monkey_run)
if "group" not in node or node["group"] != node_group.value:
NodeService.set_node_group(node["_id"], node_group)
return will_monkey_run
@staticmethod
def get_next_node_state(node: Dict, system: str, will_monkey_run: bool) -> NodeStates:
group_keywords = [system, "monkey"]
if "group" in node and node["group"] == "island":
group_keywords.extend(["island", "starting"])
else:
group_keywords.append("starting") if will_monkey_run else group_keywords.append("old")
node_group = NodeStates.get_by_keywords(group_keywords)
return node_group
@staticmethod
def get_mongo_id_for_bootloader_telem(bootloader_telem) -> ObjectId:
ip_hash = hex(hash(str(bootloader_telem["ips"])))[3:15]
hostname_hash = hex(hash(bootloader_telem["hostname"]))[3:15]
return ObjectId(ip_hash + hostname_hash)
@staticmethod
def is_os_compatible(bootloader_data) -> bool:
if bootloader_data["system"] == "windows":
return BootloaderService.is_windows_version_supported(bootloader_data["os_version"])
elif bootloader_data["system"] == "linux":
return BootloaderService.is_glibc_supported(bootloader_data["glibc_version"])
@staticmethod
def is_windows_version_supported(windows_version) -> bool:
return SUPPORTED_WINDOWS_VERSIONS.get(windows_version, True)
@staticmethod
def is_glibc_supported(glibc_version_string) -> bool:
glibc_version_string = glibc_version_string.lower()
glibc_version = glibc_version_string.split(" ")[-1]
return glibc_version >= str(MIN_GLIBC_VERSION) and "eglibc" not in glibc_version_string
@staticmethod
def remove_local_ips(ip_list) -> List[str]:
return [i for i in ip_list if not i.startswith("127")]

56
monkey/monkey_island/cc/services/node.py
View File

@ -1,6 +1,5 @@
import socket
from datetime import datetime, timedelta
from typing import Dict
from bson import ObjectId
@ -10,7 +9,7 @@ from monkey_island.cc.database import mongo
from monkey_island.cc.models import Monkey
from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService
from monkey_island.cc.services.edge.edge import EdgeService
from monkey_island.cc.services.utils.network_utils import is_local_ips, local_ip_addresses
from monkey_island.cc.services.utils.network_utils import local_ip_addresses
from monkey_island.cc.services.utils.node_states import NodeStates
@ -209,59 +208,6 @@ class NodeService:
)
return mongo.db.node.find_one({"_id": new_node_insert_result.inserted_id})
@staticmethod
def create_node_from_bootloader_telem(bootloader_telem: Dict, will_monkey_run: bool):
new_node_insert_result = mongo.db.node.insert_one(
{
"ip_addresses": bootloader_telem["ips"],
"domain_name": bootloader_telem["hostname"],
"will_monkey_run": will_monkey_run,
"exploited": False,
"creds": [],
"os": {
"type": bootloader_telem["system"],
"version": bootloader_telem["os_version"],
},
}
)
return mongo.db.node.find_one({"_id": new_node_insert_result.inserted_id})
@staticmethod
def get_or_create_node_from_bootloader_telem(
bootloader_telem: Dict, will_monkey_run: bool
) -> Dict:
if is_local_ips(bootloader_telem["ips"]):
raise NodeCreationException("Bootloader ran on island, no need to create new node.")
new_node = mongo.db.node.find_one({"ip_addresses": {"$in": bootloader_telem["ips"]}})
# Temporary workaround to not create a node after monkey finishes
monkey_node = mongo.db.monkey.find_one({"ip_addresses": {"$in": bootloader_telem["ips"]}})
if monkey_node:
# Don't create new node, monkey node is already present
return monkey_node
if new_node is None:
new_node = NodeService.create_node_from_bootloader_telem(
bootloader_telem, will_monkey_run
)
if bootloader_telem["tunnel"]:
dst_node = NodeService.get_node_or_monkey_by_ip(bootloader_telem["tunnel"])
else:
dst_node = NodeService.get_monkey_island_node()
src_label = NodeService.get_label_for_endpoint(new_node["_id"])
dst_label = NodeService.get_label_for_endpoint(dst_node["id"])
edge = EdgeService.get_or_create_edge(
src_node_id=new_node["_id"],
dst_node_id=dst_node["id"],
src_label=src_label,
dst_label=dst_label,
)
edge.tunnel = bool(bootloader_telem["tunnel"])
edge.ip_address = bootloader_telem["ips"][0]
edge.group = NodeStates.get_by_keywords(["island"]).value
edge.save()
return new_node
@staticmethod
def get_or_create_node(ip_address, domain_name=""):
new_node = mongo.db.node.find_one({"ip_addresses": ip_address})

11
monkey/monkey_island/cc/services/utils/bootloader_config.py
View File

@ -1,11 +0,0 @@
MIN_GLIBC_VERSION = 2.14
SUPPORTED_WINDOWS_VERSIONS = {
"xp_or_lower": False,
"vista": False,
"vista_sp1": False,
"vista_sp2": True,
"windows7": True,
"windows7_sp1": True,
"windows8_or_greater": True,
}

7
monkey/monkey_island/cc/services/utils/network_utils.py
View File

@ -1,10 +1,8 @@
import array
import collections
import ipaddress
import socket
import struct
import sys
from typing import List
from netifaces import AF_INET, ifaddresses, interfaces
from ring import lru
@ -53,11 +51,6 @@ else:
return result
def is_local_ips(ips: List) -> bool:
filtered_local_ips = [ip for ip in local_ip_addresses() if not ip.startswith("169.254")]
return collections.Counter(ips) == collections.Counter(filtered_local_ips)
# The local IP addresses list should not change often. Therefore, we can cache the result and
# never call this function
# more than once. This stopgap measure is here since this function is called a lot of times

6
monkey/monkey_island/cc/services/utils/node_states.py
View File

@ -14,10 +14,8 @@ class NodeStates(Enum):
ISLAND = "island"
ISLAND_MONKEY_LINUX = "island_monkey_linux"
ISLAND_MONKEY_LINUX_RUNNING = "island_monkey_linux_running"
ISLAND_MONKEY_LINUX_STARTING = "island_monkey_linux_starting"
ISLAND_MONKEY_WINDOWS = "island_monkey_windows"
ISLAND_MONKEY_WINDOWS_RUNNING = "island_monkey_windows_running"
ISLAND_MONKEY_WINDOWS_STARTING = "island_monkey_windows_starting"
MANUAL_LINUX = "manual_linux"
MANUAL_LINUX_RUNNING = "manual_linux_running"
MANUAL_WINDOWS = "manual_windows"
@ -26,10 +24,6 @@ class NodeStates(Enum):
MONKEY_LINUX_RUNNING = "monkey_linux_running"
MONKEY_WINDOWS = "monkey_windows"
MONKEY_WINDOWS_RUNNING = "monkey_windows_running"
MONKEY_WINDOWS_STARTING = "monkey_windows_starting"
MONKEY_LINUX_STARTING = "monkey_linux_starting"
MONKEY_WINDOWS_OLD = "monkey_windows_old"
MONKEY_LINUX_OLD = "monkey_linux_old"
@staticmethod
def get_by_keywords(keywords: List) -> NodeStates:

2
monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js
View File

@ -228,7 +228,7 @@ class PreviewPaneComponent extends AuthComponent {
info = this.scanInfo(this.props.item);
break;
case 'node':
if (this.props.item.group.includes('monkey') && this.props.item.group.includes('starting')) {
if (this.props.item.group.includes('monkey')) {
info = this.assetInfo(this.props.item);
} else if (this.props.item.group.includes('monkey', 'manual')) {
info = this.infectedAssetInfo(this.props.item)

BIN
monkey/monkey_island/cc/ui/src/images/nodes/island_manual_linux_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.6 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/island_manual_windows_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.0 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/island_monkey_linux_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.5 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/island_monkey_windows_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.9 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/manual_linux_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.1 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/manual_windows_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.2 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/monkey_linux_old.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.2 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/monkey_linux_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.5 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/monkey_windows_old.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.6 KiB

BIN
monkey/monkey_island/cc/ui/src/images/nodes/monkey_windows_starting.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.1 KiB

66
monkey/tests/unit_tests/monkey_island/cc/resources/test_bootloader.py
View File

@ -1,66 +0,0 @@
from unittest import TestCase
from monkey_island.cc.resources.bootloader import Bootloader
class TestBootloader(TestCase):
def test_get_request_contents_linux(self):
data_without_tunnel = (
b'{"system":"linux", '
b'"os_version":"NAME="Ubuntu"\n", '
b'"glibc_version":"ldd (Ubuntu GLIBC 2.23-0ubuntu11) 2.23\n", '
b'"hostname":"test-TEST", '
b'"tunnel":false, '
b'"ips": ["127.0.0.1", "10.0.2.15", "192.168.56.5"]}'
)
data_with_tunnel = (
b'{"system":"linux", '
b'"os_version":"NAME="Ubuntu"\n", '
b'"glibc_version":"ldd (Ubuntu GLIBC 2.23-0ubuntu11) 2.23\n", '
b'"hostname":"test-TEST", '
b'"tunnel":"192.168.56.1:5002", '
b'"ips": ["127.0.0.1", "10.0.2.15", "192.168.56.5"]}'
)
result1 = Bootloader._get_request_contents_linux(data_without_tunnel)
self.assertTrue(result1["system"] == "linux")
self.assertTrue(result1["os_version"] == "Ubuntu")
self.assertTrue(result1["glibc_version"] == "ldd (Ubuntu GLIBC 2.23-0ubuntu11) 2.23")
self.assertTrue(result1["hostname"] == "test-TEST")
self.assertFalse(result1["tunnel"])
self.assertTrue(result1["ips"] == ["127.0.0.1", "10.0.2.15", "192.168.56.5"])
result2 = Bootloader._get_request_contents_linux(data_with_tunnel)
self.assertTrue(result2["system"] == "linux")
self.assertTrue(result2["os_version"] == "Ubuntu")
self.assertTrue(result2["glibc_version"] == "ldd (Ubuntu GLIBC 2.23-0ubuntu11) 2.23")
self.assertTrue(result2["hostname"] == "test-TEST")
self.assertTrue(result2["tunnel"] == "192.168.56.1:5002")
self.assertTrue(result2["ips"] == ["127.0.0.1", "10.0.2.15", "192.168.56.5"])
def test_get_request_contents_windows(self):
windows_data = (
b'{\x00"\x00s\x00y\x00s\x00t\x00e\x00m\x00"\x00:\x00"\x00w\x00i\x00n\x00d\x00o'
b'\x00w\x00s\x00"\x00,\x00 \x00"\x00o\x00s\x00_\x00v\x00e\x00r\x00s\x00i\x00o\x00n'
b'\x00"\x00:\x00"\x00w\x00i\x00n\x00d\x00o\x00w\x00s\x008\x00_\x00o\x00r\x00_\x00g\x00r'
b'\x00e\x00a\x00t\x00e\x00r\x00"\x00,\x00 '
b'\x00"\x00h\x00o\x00s\x00t\x00n\x00a\x00m\x00e\x00"'
b'\x00:\x00"\x00D\x00E\x00S\x00K\x00T\x00O\x00P\x00-\x00P\x00J\x00H\x00U\x003\x006'
b'\x00B\x00"'
b'\x00,\x00 \x00"\x00t\x00u\x00n\x00n\x00e\x00l\x00"\x00:\x00f\x00a\x00l\x00s\x00e'
b"\x00,\x00 "
b'\x00"\x00i\x00p\x00s\x00"\x00:\x00 \x00['
b'\x00"\x001\x009\x002\x00.\x001\x006\x008\x00.\x005'
b'\x006\x00.\x001\x00"\x00,\x00 '
b'\x00"\x001\x009\x002\x00.\x001\x006\x008\x00.\x002\x004\x009'
b'\x00.\x001\x00"\x00,\x00 '
b'\x00"\x001\x009\x002\x00.\x001\x006\x008\x00.\x002\x001\x007\x00.'
b'\x001\x00"\x00]\x00}\x00'
)
result = Bootloader._get_request_contents_windows(windows_data)
self.assertTrue(result["system"] == "windows")
self.assertTrue(result["os_version"] == "windows8_or_greater")
self.assertTrue(result["hostname"] == "DESKTOP-PJHU36B")
self.assertFalse(result["tunnel"])
self.assertTrue(result["ips"] == ["192.168.56.1", "192.168.249.1", "192.168.217.1"])

24
monkey/tests/unit_tests/monkey_island/cc/services/test_bootloader_service.py
View File

@ -1,24 +0,0 @@
from unittest import TestCase
from monkey_island.cc.services.bootloader import BootloaderService
MIN_GLIBC_VERSION = 2.14
class TestBootloaderService(TestCase):
def test_is_glibc_supported(self):
str1 = "ldd (Ubuntu EGLIBC 2.15-0ubuntu10) 2.15"
str2 = "ldd (GNU libc) 2.12"
str3 = "ldd (GNU libc) 2.28"
str4 = "ldd (Ubuntu GLIBC 2.23-0ubuntu11) 2.23"
self.assertTrue(
not BootloaderService.is_glibc_supported(str1)
and not BootloaderService.is_glibc_supported(str2)
and BootloaderService.is_glibc_supported(str3)
and BootloaderService.is_glibc_supported(str4)
)
def test_remove_local_ips(self):
ips = ["127.1.1.1", "127.0.0.1", "192.168.56.1"]
ips = BootloaderService.remove_local_ips(ips)
self.assertEqual(["192.168.56.1"], ips)

3
vulture_allowlist.py
View File

@ -48,8 +48,6 @@ MONKEY_WINDOWS # unused variable (monkey/monkey_island/cc/services/utils/node_s
MONKEY_WINDOWS_RUNNING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:28)
MONKEY_WINDOWS_STARTING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:29)
MONKEY_LINUX_STARTING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:30)
MONKEY_WINDOWS_OLD # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:31)
MONKEY_LINUX_OLD # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:32)
_.credential_type # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/cred_exploit.py:19)
_.credential_type # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/cred_exploit.py:22)
_.credential_type # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/cred_exploit.py:25)
@ -68,7 +66,6 @@ VSFTPD # unused variable (monkey/monkey_island/cc/services/reporting/issue_proc
DRUPAL # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:48)
POWERSHELL # (\monkey\monkey_island\cc\services\reporting\issue_processing\exploit_processing\exploiter_descriptor_enum.py:52)
ExploiterDescriptorEnum.LOG4SHELL
_.do_POST # unused method (monkey/monkey_island/cc/server_utils/bootloader_server.py:26)
PbaResults # unused class (monkey/monkey_island/cc/models/pba_results.py:4)
internet_access # unused variable (monkey/monkey_island/cc/models/monkey.py:43)
config_error # unused variable (monkey/monkey_island/cc/models/monkey.py:53)