p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Added advanced selector component to all config definitions, refactored it in a way that allows to define all advanced selector properties on config_schema.py

This commit is contained in:
VakarisZ 2020-07-20 15:10:57 +03:00
parent 6a824efab3
commit fb9428b8a3
5 changed files with 67 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
monkey/monkey_island/cc/services/config_schema.py
View File

@ -9,6 +9,7 @@ SCHEMA = {
"definitions": {
"exploiter_classes": {
"title": "Exploit class",
"description": "Click on exploiter to get more information about it.",
"type": "string",
"anyOf": [
{
@ -70,7 +71,8 @@ SCHEMA = {
"ShellShockExploiter"
],
"title": "ShellShock Exploiter",
"info": "CVE-2014-6271, based on logic in NCC group's github.",
"info": "CVE-2014-6271, based on logic from "
"https://github.com/nccgroup/shocker/blob/master/shocker.py .",
"link": "https://github.com/guardicore/monkey/wiki/Exploiters"
},
{
@ -97,7 +99,8 @@ SCHEMA = {
"Struts2Exploiter"
],
"title": "Struts2 Exploiter",
"info": "Exploits struts2 java web framework. CVE-2017-5638. Logic based on this PoC.",
"info": "Exploits struts2 java web framework. CVE-2017-5638. Logic based on "
"https://www.exploit-db.com/exploits/41570 .",
"link": "https://github.com/guardicore/monkey/wiki/Exploiters"
},
{
@ -133,6 +136,7 @@ SCHEMA = {
},
"system_info_collectors_classes": {
"title": "System Information Collectors",
"description": "Click on a system info collector to find out what it collects.",
"type": "string",
"anyOf": [
{
@ -140,7 +144,8 @@ SCHEMA = {
"enum": [
ENVIRONMENT_COLLECTOR
],
"title": "Collect which environment this machine is on (on prem/cloud)",
"title": "Environment collector",
"info": "Collects information about machine's environment (on premise/GCP/AWS).",
"attack_techniques": []
},
{
@ -148,7 +153,8 @@ SCHEMA = {
"enum": [
AWS_COLLECTOR
],
"title": "If on AWS, collect more information about the instance",
"title": "AWS collector",
"info": "If on AWS, collects more information about the AWS instance currently running on.",
"attack_techniques": []
},
{
@ -156,7 +162,8 @@ SCHEMA = {
"enum": [
HOSTNAME_COLLECTOR
],
"title": "Collect the machine's hostname",
"title": "Hostname collector",
"info": "Collects machine's hostname.",
"attack_techniques": []
},
{
@ -164,13 +171,16 @@ SCHEMA = {
"enum": [
PROCESS_LIST_COLLECTOR
],
"title": "Collect running processes on the machine",
"title": "Process list collector",
"info": "Collects a list of running processes on the machine.",
"attack_techniques": []
},
],
},
"post_breach_actions": {
"title": "Post breach actions",
"description": "Runs scripts/commands on infected machines. These actions safely simulate what an adversary"
"might do after breaching a new machine. Used in ATT&CK and Zero trust reports.",
"type": "string",
"anyOf": [
{
@ -179,6 +189,7 @@ SCHEMA = {
"BackdoorUser"
],
"title": "Back door user",
"info": "Attempts to create a new user on the system and delete it afterwards.",
"attack_techniques": ["T1136"]
},
{
@ -187,6 +198,8 @@ SCHEMA = {
"CommunicateAsNewUser"
],
"title": "Communicate as new user",
"info": "Attempts to create a new user, create HTTPS requests as that user and delete the user "
"afterwards.",
"attack_techniques": ["T1136"]
},
{
@ -195,6 +208,8 @@ SCHEMA = {
"ModifyShellStartupFiles"
],
"title": "Modify shell startup files",
"info": "Attempts to modify shell startup files, like ~/.profile, ~/.bashrc, ~/.bash_profile "
"in linux, and profile.ps1 in windows. Reverts modifications done afterwards.",
"attack_techniques": ["T1156", "T1504"]
},
{
@ -203,12 +218,15 @@ SCHEMA = {
"HiddenFiles"
],
"title": "Hidden files and directories",
"info": "Attempts to create a hidden file and remove it afterward.",
"attack_techniques": ["T1158"]
}
],
},
"finger_classes": {
"title": "Fingerprint class",
"description": "Fingerprint modules collect info about external services "
"Infection Monkey scans.",
"type": "string",
"anyOf": [
{
@ -217,6 +235,7 @@ SCHEMA = {
"SMBFinger"
],
"title": "SMBFinger",
"info": "Figures out if SMB is running and what's the version of it.",
"attack_techniques": ["T1210"]
},
{
@ -225,6 +244,7 @@ SCHEMA = {
"SSHFinger"
],
"title": "SSHFinger",
"info": "Figures out if SSH is running.",
"attack_techniques": ["T1210"]
},
{
@ -232,14 +252,16 @@ SCHEMA = {
"enum": [
"PingScanner"
],
"title": "PingScanner"
"title": "PingScanner",
"info": "Tries to identify if host is alive and which OS it's running by ping scan."
},
{
"type": "string",
"enum": [
"HTTPFinger"
],
"title": "HTTPFinger"
"title": "HTTPFinger",
"info": "Checks if host has HTTP/HTTPS ports open."
},
{
"type": "string",
@ -247,6 +269,7 @@ SCHEMA = {
"MySQLFinger"
],
"title": "MySQLFinger",
"info": "Checks if MySQL server is running and tries to get it's version.",
"attack_techniques": ["T1210"]
},
{
@ -255,6 +278,7 @@ SCHEMA = {
"MSSQLFinger"
],
"title": "MSSQLFinger",
"info": "Checks if Microsoft SQL service is running and tries to gather information about it.",
"attack_techniques": ["T1210"]
},
@ -264,6 +288,7 @@ SCHEMA = {
"ElasticFinger"
],
"title": "ElasticFinger",
"info": "Checks if ElasticSearch is running and attempts to find it's version.",
"attack_techniques": ["T1210"]
}
]

23
monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
View File

@ -9,6 +9,11 @@ export default function UiSchema(props) {
},
basic_network: {},
monkey: {
general: {
post_breach_actions: {
'ui:widget': AdvancedMultiSelect
}
},
behaviour: {
custom_PBA_linux_cmd: {
'ui:widget': 'textarea',
@ -42,6 +47,11 @@ export default function UiSchema(props) {
classNames: 'windows-pba-file-info',
'ui:emptyValue': ''
}
},
system_info: {
system_info_collectors_classes: {
'ui:widget': AdvancedMultiSelect
}
}
},
cnc: {},
@ -49,19 +59,18 @@ export default function UiSchema(props) {
exploits: {
general: {
exploiter_classes: {
'ui:widget': AdvancedMultiSelect,
'ui:options': {
defaultPaneParams: {
title: 'Exploiters',
content: 'Click on exploiter to get more information about it.'
}
}
'ui:widget': AdvancedMultiSelect
}
}
},
internal: {
general: {
started_on_island: {'ui:widget': 'hidden'}
},
classes: {
finger_classes: {
'ui:widget': AdvancedMultiSelect
}
}
}
}

17
monkey/monkey_island/cc/ui/src/components/ui-components/AdvancedMultiSelect.js
View File

@ -32,9 +32,12 @@ function onMasterCheckboxClick(checkboxValue, defaultArray, onChangeFnc) {
// Definitions passed to components only contains value and label,
// custom fields like "info" or "links" must be pulled from registry object using this function
function getFullDefinitionsFromRegistry(refString, registry) {
return getObjectFromRegistryByRef(refString, registry).anyOf;
}
function getObjectFromRegistryByRef(refString, registry) {
let refArray = refString.replace('#', '').split('/');
let definitionObject = resolveObjectPath(refArray, registry);
return definitionObject.anyOf;
return resolveObjectPath(refArray, registry);
}
function getFullDefinitionByKey(refString, registry, itemKey) {
@ -47,6 +50,11 @@ function setPaneInfo(refString, registry, itemKey, setPaneInfoFnc) {
setPaneInfoFnc({title: definitionObj.title, content: definitionObj.info, link: definitionObj.link});
}
function getDefaultPaneParams(refString, registry){
let configSection = getObjectFromRegistryByRef(refString, registry);
return ({title: configSection.title, content: configSection.description});
}
function AdvancedMultiSelect(props) {
const [masterCheckbox, setMasterCheckbox] = useState(true);
const {
@ -62,8 +70,9 @@ function AdvancedMultiSelect(props) {
onChange,
registry
} = props;
const {enumOptions, defaultPaneParams} = options;
const [infoPaneParams, setInfoPaneParams] = useState(defaultPaneParams);
const {enumOptions} = options;
const [infoPaneParams, setInfoPaneParams] = useState(getDefaultPaneParams(schema.items.$ref, registry));
getDefaultPaneParams(schema.items.$ref, registry);
const selectValue = cloneDeep(value);
return (
<div className={'advanced-multi-select'}>

10
monkey/monkey_island/cc/ui/src/components/ui-components/utils/HeightCalculator.js
View File

@ -1,16 +1,14 @@
const defaultMinHeight = 50
const defaultMaxHeight = 300
const defaultSubcomponentHeight = 15
const defaultMinHeight = 25
const defaultMaxHeight = 250
const defaultSubcomponentHeight = 25
export function getComponentHeight(subcomponentCount,
subcomponentHeight = defaultSubcomponentHeight,
minHeight = defaultMinHeight,
maxHeight = defaultMaxHeight) {
let height = subcomponentHeight * subcomponentCount;
let height = defaultMinHeight + (subcomponentHeight*subcomponentCount);
if (height > maxHeight)
height = maxHeight
else if (height < minHeight)
height = minHeight
return height
}

2
monkey/monkey_island/cc/ui/src/styles/components/AdvancedMultiSelect.scss
View File

@ -38,7 +38,7 @@
}
.advanced-multi-select .choice-block .form-group button {
margin: 0 5px 3px 10px;
margin: 0 3px 3px 12px;
padding: 0;
}