forked from p15670423/monkey
docs: Minor rewording in 'Adding Exploits' page based on review
This commit is contained in:
Shreya Malviya
parent
94ddd7c760
commit
f55b348291
|
|
@ -10,27 +10,27 @@ weight: 50
|
|||
|
||||
This guide will show you how to add a new _Exploit_ to the Infection Monkey.
|
||||
|
||||
An exploit is a sequence of commands which takes advantage of a security vulnerability to gain unauthorised access to a system on your network. If successful, a Monkey agent is released on the exploited system. The result of an attempted exploit is sent back to the Monkey Island as part of the telemetry.
|
||||
An exploit is a sequence of commands that takes advantage of a security vulnerability to gain unauthorized access to a system on your network. If successful, an Infection Monkey agent is released on the exploited system. The result of an attempted exploit is sent back to the Monkey Island as part of the telemetry.
|
||||
|
||||
### Do I need a new Exploit?
|
||||
|
||||
If all you want to do is execute a shell command, configure the required commands in the Monkey Island's configuration's post-breach action (PBA) section or [add a new PBA](../adding-post-breach-actions/). If you would like the Monkey agent to collect specific information, [add a new System Info Collector](../adding-system-info-collectors/).
|
||||
If all you want to do is execute a shell command, configure the required commands in the Monkey Island's post-breach action (PBA) configuration section or [add a new PBA](../adding-post-breach-actions/). If you would like the Infection Monkey agent to collect specific information, [add a new System Info Collector](../adding-system-info-collectors/).
|
||||
|
||||
However, if you have your eyes on an interesting CVE that you would like the Monkey to support, you must add a new exploit. Keep reading to learn the steps of adding an exploit.
|
||||
However, if you have your eye on an interesting CVE that you would like the Infection Monkey to support, you must add a new exploit. Keep reading to learn how to add a new exploit.
|
||||
|
||||
|
||||
## How to add a new Exploit
|
||||
|
||||
### From the Infection Monkey Side
|
||||
### Modify the Infection Monkey Agent
|
||||
|
||||
The Infection Monkey exploiters are all built in a similar way. Each exploiter class inherits from the [`HostExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/HostExploiter.py) class which exposes two interface functions:
|
||||
The Infection Monkey exploiters are all built in a similar way. Each exploiter class inherits from the [`HostExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/HostExploiter.py) class, which exposes two interface functions:
|
||||
|
||||
* `is_os_supported` - Returns a boolean value denoting whether the victim machine is supported by the exploiter (for example, returns `False` on Windows victim machines for the `SSHExploiter`). This can be used to thoroughly inspect a potential victim machine and decide whether to attempt the exploit on that particular machine (for example, by checking for open services matching specific versions).
|
||||
* `exploit_host` - Exploits the host and returns a boolean value indicating whether the exploit was successful or not.
|
||||
* `exploit_host` - Exploits the host and returns a boolean value indicating whether or not the exploit was successful.
|
||||
|
||||
#### Adding a new exploiter
|
||||
|
||||
In the [Infection Monkey's exploit directory](https://github.com/guardicore/monkey/tree/develop/monkey/infection_monkey/exploit), add the **exploit's logic** by defining a new class inheriting [`HostExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/HostExploiter.py), or if your new exploit is a web RCE (remote code execution) exploit, inheriting [`WebRCE`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/web_rce.py).
|
||||
In the [Infection Monkey's exploit directory](https://github.com/guardicore/monkey/tree/develop/monkey/infection_monkey/exploit), add the **exploit's logic** by defining a new class that inherits from [`HostExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/HostExploiter.py). If your new exploit is a web RCE (remote code execution) exploit, inherit from [`WebRCE`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/web_rce.py).
|
||||
|
||||
```py
|
||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||
|
|
@ -39,10 +39,10 @@ class MyNewExploiter(HostExploiter):
|
|||
...
|
||||
```
|
||||
|
||||
A good example of an exploiter class in the Monkey is the [`SSHExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/sshexec.py). The [Drupal exploiter is a recently added web RCE exploit](https://github.com/guardicore/monkey/pull/808) that is a good reference as well.
|
||||
A good example of an exploiter class is the [`SSHExploiter`](https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/sshexec.py). The [Drupal exploiter is a recently added web RCE exploit](https://github.com/guardicore/monkey/pull/808) that is a good reference as well.
|
||||
|
||||
|
||||
### From the Monkey Island Side
|
||||
### Modify the Monkey Island
|
||||
|
||||
#### Configuration
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue