monkey/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py

import dataclasses

from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, Password, Username

from .noop import noop_test_configuration
from .utils import (
    add_credential_collectors,
    add_exploiters,
    add_fingerprinters,
    add_http_ports,
    add_subnets,
    add_tcp_ports,
    replace_agent_configuration,
    replace_propagation_credentials,
    set_maximum_depth,
)

# Tests:
#     Hadoop (10.2.2.2, 10.2.2.3)
#     Log4shell (10.2.3.55, 10.2.3.56, 10.2.3.49, 10.2.3.50, 10.2.3.51, 10.2.3.52)
#     MSSQL (10.2.2.16)
#     SMB mimikatz password stealing and brute force (10.2.2.14 and 10.2.2.15)


def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
    brute_force = [
        PluginConfiguration(name="MSSQLExploiter", options={}),
        PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}),
        PluginConfiguration(name="SSHExploiter", options={}),
    ]
    vulnerability = [
        PluginConfiguration(name="HadoopExploiter", options={}),
        PluginConfiguration(name="Log4ShellExploiter", options={}),
    ]

    return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability)


def _add_fingerprinters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
    fingerprinters = [PluginConfiguration(name="http", options={})]

    return add_fingerprinters(agent_configuration, fingerprinters)


def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
    subnets = [
        "10.2.2.2",
        "10.2.2.3",
        "10.2.3.55",
        "10.2.3.56",
        "10.2.3.49",
        "10.2.3.50",
        "10.2.3.51",
        "10.2.3.52",
        "10.2.2.16",
        "10.2.2.14",
        "10.2.2.15",
    ]
    return add_subnets(agent_configuration, subnets)


def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:
    return add_credential_collectors(
        agent_configuration, [PluginConfiguration(name="MimikatzCollector", options={})]
    )


HTTP_PORTS = [8080, 8983, 9600]


def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
    ports = [22, 445] + HTTP_PORTS
    return add_tcp_ports(agent_configuration, ports)


def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
    return add_http_ports(agent_configuration, HTTP_PORTS)


test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_fingerprinters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
test_agent_configuration = _add_credential_collectors(test_agent_configuration)
test_agent_configuration = _add_http_ports(test_agent_configuration)

CREDENTIALS = (
    Credentials(identity=Username(username="m0nk3y"), secret=None),
    Credentials(identity=None, secret=Password(password="Ivrrw5zEzs")),
    Credentials(identity=None, secret=Password(password="Xk8VDTsC")),
)

depth_1_a_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
    test_configuration=depth_1_a_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
    test_configuration=depth_1_a_test_configuration, propagation_credentials=CREDENTIALS
)
BB: Fix configuration modification logic in all test configurations since TestConfiguration is a dataclass 2022-09-01 21:04:26 +08:00			`import dataclasses`

Common: Rename configuration package to agent_configuration 2022-07-26 14:32:05 +08:00			`from common.agent_configuration import AgentConfiguration, PluginConfiguration`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00			`from common.credentials import Credentials, Password, Username`

			`from .noop import noop_test_configuration`
			`from .utils import (`
			`add_credential_collectors,`
			`add_exploiters,`
BB: Add http fingerprnter to depth_1_a tests 2022-07-27 22:57:43 +08:00			`add_fingerprinters,`
BB: Add HTTP ports to depth_1_a_test_configuration 2022-07-19 20:13:09 +08:00			`add_http_ports,`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00			`add_subnets,`
BB: Add tcp ports to depth_1_a_test_configuration 2022-07-19 03:15:10 +08:00			`add_tcp_ports,`
BB: Use `replace_agent_configuration()` and `replace_propagation_credentials()` for all test configuration modifications 2022-09-01 19:39:53 +08:00			`replace_agent_configuration,`
			`replace_propagation_credentials,`
BB: Set maximum depth in depth_1_a_test_configuration 2022-07-19 03:10:05 +08:00			`set_maximum_depth,`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00			`)`

BB: Add "Tests" comment to depth_1_a.py 2022-07-20 01:29:46 +08:00			`# Tests:`
			`# Hadoop (10.2.2.2, 10.2.2.3)`
			`# Log4shell (10.2.3.55, 10.2.3.56, 10.2.3.49, 10.2.3.50, 10.2.3.51, 10.2.3.52)`
			`# MSSQL (10.2.2.16)`
			`# SMB mimikatz password stealing and brute force (10.2.2.14 and 10.2.2.15)`

BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00
			`def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:`
			`brute_force = [`
			`PluginConfiguration(name="MSSQLExploiter", options={}),`
BB: Add smb_download_timeout to test_configurations 2022-07-20 19:47:27 +08:00			`PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}),`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00			`PluginConfiguration(name="SSHExploiter", options={}),`
			`]`
BB: Move Hadoop and Log4Shell to vulnerability exploiters 2022-07-20 02:17:06 +08:00			`vulnerability = [`
			`PluginConfiguration(name="HadoopExploiter", options={}),`
			`PluginConfiguration(name="Log4ShellExploiter", options={}),`
			`]`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00
BB: Move Hadoop and Log4Shell to vulnerability exploiters 2022-07-20 02:17:06 +08:00			`return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability)`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00

BB: Add http fingerprnter to depth_1_a tests 2022-07-27 22:57:43 +08:00			`def _add_fingerprinters(agent_configuration: AgentConfiguration) -> AgentConfiguration:`
			`fingerprinters = [PluginConfiguration(name="http", options={})]`

			`return add_fingerprinters(agent_configuration, fingerprinters)`


BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00			`def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:`
			`subnets = [`
			`"10.2.2.2",`
			`"10.2.2.3",`
			`"10.2.3.55",`
			`"10.2.3.56",`
			`"10.2.3.49",`
			`"10.2.3.50",`
			`"10.2.3.51",`
			`"10.2.3.52",`
			`"10.2.2.16",`
			`"10.2.2.14",`
			`"10.2.2.15",`
			`]`
			`return add_subnets(agent_configuration, subnets)`


			`def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:`
			`return add_credential_collectors(`
BB: Use positional arguments for PluginConfiguration object creation where missed in depth_1_a.py 2022-09-01 19:42:16 +08:00			`agent_configuration, [PluginConfiguration(name="MimikatzCollector", options={})]`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00			`)`


BB: Add TCP ports to depth_1_a_test_configuration 2022-07-19 20:13:23 +08:00			`HTTP_PORTS = [8080, 8983, 9600]`


BB: Add tcp ports to depth_1_a_test_configuration 2022-07-19 03:15:10 +08:00			`def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:`
BB: Add TCP ports to depth_1_a_test_configuration 2022-07-19 20:13:23 +08:00			`ports = [22, 445] + HTTP_PORTS`
BB: Add tcp ports to depth_1_a_test_configuration 2022-07-19 03:15:10 +08:00			`return add_tcp_ports(agent_configuration, ports)`


BB: Add HTTP ports to depth_1_a_test_configuration 2022-07-19 20:13:09 +08:00			`def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:`
BB: Add TCP ports to depth_1_a_test_configuration 2022-07-19 20:13:23 +08:00			`return add_http_ports(agent_configuration, HTTP_PORTS)`
BB: Add HTTP ports to depth_1_a_test_configuration 2022-07-19 20:13:09 +08:00

BB: Fix configuration modification logic in depth_1_a.py 2022-09-01 19:15:32 +08:00			`test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)`
			`test_agent_configuration = _add_exploiters(test_agent_configuration)`
			`test_agent_configuration = _add_fingerprinters(test_agent_configuration)`
			`test_agent_configuration = _add_subnets(test_agent_configuration)`
			`test_agent_configuration = _add_tcp_ports(test_agent_configuration)`
			`test_agent_configuration = _add_credential_collectors(test_agent_configuration)`
			`test_agent_configuration = _add_http_ports(test_agent_configuration)`
BB: Add depth_1_a_test_configuration 2022-07-19 03:00:06 +08:00
BB: Reorder some things in depth_1_a.py 2022-07-19 20:59:10 +08:00			`CREDENTIALS = (`
BB: Use keyword parameters when creating Username/Password/NTHash objects 2022-09-15 16:30:14 +08:00			`Credentials(identity=Username(username="m0nk3y"), secret=None),`
			`Credentials(identity=None, secret=Password(password="Ivrrw5zEzs")),`
			`Credentials(identity=None, secret=Password(password="Xk8VDTsC")),`
BB: Reorder some things in depth_1_a.py 2022-07-19 20:59:10 +08:00			`)`
BB: Fix configuration modification logic in depth_1_a.py 2022-09-01 19:15:32 +08:00
BB: Fix configuration modification logic in all test configurations since TestConfiguration is a dataclass 2022-09-01 21:04:26 +08:00			`depth_1_a_test_configuration = dataclasses.replace(noop_test_configuration)`
BB: Use `replace_agent_configuration()` and `replace_propagation_credentials()` for all test configuration modifications 2022-09-01 19:39:53 +08:00			`replace_agent_configuration(`
			`test_configuration=depth_1_a_test_configuration, agent_configuration=test_agent_configuration`
			`)`
			`replace_propagation_credentials(`
			`test_configuration=depth_1_a_test_configuration, propagation_credentials=CREDENTIALS`
			`)`