p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #459 from VakarisZ/monkeyzoo_update 

Monkeyzoo update and config_schema improvements
This commit is contained in:
VakarisZ 2019-10-14 16:39:17 +03:00 committed by GitHub
parent f4b2874698 1ce17a3bc8
commit 341dc478bf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 33 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
envs/monkey_zoo/blackbox/island_configs/HADOOP.conf
View File

@ -24,7 +24,7 @@
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.3", "10.2.2.3",
"10.2.2.10" "10.2.2.2"
] ]
}, },
"network_analysis": { "network_analysis": {

2
envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf
View File

@ -23,7 +23,7 @@
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.38" "10.2.2.8"
] ]
}, },
"network_analysis": { "network_analysis": {

2
envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf
View File

@ -21,7 +21,7 @@
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.44", "10.2.2.14",
"10.2.2.15" "10.2.2.15"
] ]
}, },

4
envs/monkey_zoo/blackbox/island_configs/SSH.conf
View File

@ -22,8 +22,8 @@
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.41", "10.2.2.11",
"10.2.2.42" "10.2.2.12"
] ]
}, },
"network_analysis": { "network_analysis": {

4
envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf
View File

@ -23,8 +23,8 @@
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.9", "10.2.2.23",
"10.2.2.11" "10.2.2.24"
] ]
}, },
"network_analysis": { "network_analysis": {

9
envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf
View File

@ -5,10 +5,15 @@
"Password1!", "Password1!",
"3Q=(Ge(+&w]*", "3Q=(Ge(+&w]*",
"`))jU7L(w}", "`))jU7L(w}",
"12345678" "12345678",
"another_one",
"and_another_one",
"one_more"
], ],
"exploit_user_list": [ "exploit_user_list": [
"Administrator", "Administrator",
"rand",
"rand2",
"m0nk3y", "m0nk3y",
"user" "user"
] ]
@ -23,7 +28,7 @@
"depth": 3, "depth": 3,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.32", "10.2.2.9",
"10.2.1.10", "10.2.1.10",
"10.2.0.11" "10.2.0.11"
] ]

2
envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf
View File

@ -21,7 +21,7 @@
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.44", "10.2.2.14",
"10.2.2.15" "10.2.2.15"
] ]
}, },

6
envs/monkey_zoo/blackbox/test_blackbox.py
View File

@ -13,9 +13,9 @@ from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHand
DEFAULT_TIMEOUT_SECONDS = 5*60 DEFAULT_TIMEOUT_SECONDS = 5*60
MACHINE_BOOTUP_WAIT_SECONDS = 30 MACHINE_BOOTUP_WAIT_SECONDS = 30
GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'haddop-2-v3', 'hadoop-3', 'mssql-16', GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'haddop-2', 'hadoop-3', 'mssql-16',
'mimikatz-14', 'mimikatz-15', 'final-test-struts2-23', 'final-test-struts2-24', 'mimikatz-14', 'mimikatz-15', 'struts2-23', 'struts2-24', 'tunneling-9', 'tunneling-10',
'tunneling-9', 'tunneling-10', 'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8'] 'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8']
LOG_DIR_PATH = "./logs" LOG_DIR_PATH = "./logs"
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)

202
envs/monkey_zoo/configs/fullTest.conf
View File

@ -1,202 +0,0 @@
{
"basic": {
"credentials": {
"exploit_password_list": [
"`))jU7L(w}",
"3Q=(Ge(+&w]*",
"^NgDvY59~8",
"Ivrrw5zEzs",
"YbS,<tpS.2av"
],
"exploit_user_list": [
"m0nk3y"
]
}
},
"basic_network": {
"general": {
"blocked_ips": [],
"depth": 2,
"local_network_scan": false,
"subnet_scan_list": [
"10.2.2.2",
"10.2.2.3",
"10.2.2.4",
"10.2.2.5",
"10.2.2.8",
"10.2.2.9",
"10.2.1.9",
"10.2.1.10",
"10.2.2.11",
"10.2.2.12",
"10.2.2.14",
"10.2.2.15",
"10.2.2.16",
"10.2.2.18",
"10.2.2.19",
"10.2.2.20",
"10.2.2.21",
"10.2.2.23",
"10.2.2.24"
]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"192.168.56.1:5000",
"158.129.18.132:5000"
],
"current_server": "192.168.56.1:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"SmbExploiter",
"WmiExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"ms08_067_remote_user_add": "Monkey_IUSER_SUPPORT",
"ms08_067_remote_user_pass": "Password1!",
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
}
},
"internal": {
"classes": {
"finger_classes": [
"SMBFinger",
"SSHFinger",
"PingScanner",
"HTTPFinger",
"MySQLFinger",
"MSSQLFinger",
"ElasticFinger"
],
"scanner_class": "TcpScanner"
},
"dropper": {
"dropper_date_reference_path_linux": "/bin/sh",
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
"dropper_set_date": true,
"dropper_target_path_linux": "/tmp/monkey",
"dropper_target_path_win_32": "C:\\Windows\\monkey32.exe",
"dropper_target_path_win_64": "C:\\Windows\\monkey64.exe",
"dropper_try_move_first": true
},
"exploits": {
"exploit_lm_hash_list": [],
"exploit_ntlm_hash_list": [],
"exploit_ssh_keys": []
},
"general": {
"keep_tunnel_open_time": 60,
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
},
"kill_file": {
"kill_file_path_linux": "/var/run/monkey.not",
"kill_file_path_windows": "%windir%\\monkey.not"
},
"logging": {
"dropper_log_path_linux": "/tmp/user-1562",
"dropper_log_path_windows": "%temp%\\~df1562.tmp",
"monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true
}
},
"monkey": {
"behaviour": {
"self_delete_in_cleanup": false,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [
"BackdoorUser"
]
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 30,
"victims_max_find": 30
},
"system_info": {
"collect_system_info": true,
"extract_azure_creds": true,
"should_use_mimikatz": true
}
},
"network": {
"ping_scanner": {
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 200,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
]
}
}
}

13
envs/monkey_zoo/terraform/firewalls.tf
View File

@ -35,7 +35,7 @@ resource "google_compute_firewall" "monkeyzoo-in" {
direction = "INGRESS" direction = "INGRESS"
priority = "65534" priority = "65534"
source_ranges = ["10.2.2.0/24", "10.2.1.0/27"] source_ranges = ["10.2.2.0/24"]
} }
resource "google_compute_firewall" "monkeyzoo-out" { resource "google_compute_firewall" "monkeyzoo-out" {
@ -48,7 +48,7 @@ resource "google_compute_firewall" "monkeyzoo-out" {
direction = "EGRESS" direction = "EGRESS"
priority = "65534" priority = "65534"
destination_ranges = ["10.2.2.0/24", "10.2.1.0/27"] destination_ranges = ["10.2.2.0/24"]
} }
resource "google_compute_firewall" "tunneling-in" { resource "google_compute_firewall" "tunneling-in" {
@ -60,7 +60,7 @@ resource "google_compute_firewall" "tunneling-in" {
} }
direction = "INGRESS" direction = "INGRESS"
source_ranges = ["10.2.2.0/24", "10.2.0.0/28"] source_ranges = ["10.2.1.0/24"]
} }
resource "google_compute_firewall" "tunneling-out" { resource "google_compute_firewall" "tunneling-out" {
@ -72,8 +72,9 @@ resource "google_compute_firewall" "tunneling-out" {
} }
direction = "EGRESS" direction = "EGRESS"
destination_ranges = ["10.2.2.0/24", "10.2.0.0/28"] destination_ranges = ["10.2.1.0/24"]
} }
resource "google_compute_firewall" "tunneling2-in" { resource "google_compute_firewall" "tunneling2-in" {
name = "${local.resource_prefix}tunneling2-in" name = "${local.resource_prefix}tunneling2-in"
network = "${google_compute_network.tunneling2.name}" network = "${google_compute_network.tunneling2.name}"
@ -83,7 +84,7 @@ resource "google_compute_firewall" "tunneling2-in" {
} }
direction = "INGRESS" direction = "INGRESS"
source_ranges = ["10.2.1.0/27"] source_ranges = ["10.2.0.0/24"]
} }
resource "google_compute_firewall" "tunneling2-out" { resource "google_compute_firewall" "tunneling2-out" {
@ -95,5 +96,5 @@ resource "google_compute_firewall" "tunneling2-out" {
} }
direction = "EGRESS" direction = "EGRESS"
destination_ranges = ["10.2.1.0/27"] destination_ranges = ["10.2.0.0/24"]
} }

6
monkey/infection_monkey/example.conf
View File

@ -44,7 +44,8 @@
"Struts2Exploiter", "Struts2Exploiter",
"WebLogicExploiter", "WebLogicExploiter",
"HadoopExploiter", "HadoopExploiter",
"VSFTPDExploiter" "VSFTPDExploiter",
"MSSQLExploiter"
], ],
"finger_classes": [ "finger_classes": [
"SSHFinger", "SSHFinger",
@ -93,7 +94,8 @@
3306, 3306,
8008, 8008,
9200, 9200,
7001 7001,
8088
], ],
"timeout_between_iterations": 10, "timeout_between_iterations": 10,
"use_file_logging": true, "use_file_logging": true,

6
monkey/monkey_island/cc/services/config_schema.py
View File

@ -753,7 +753,8 @@ SCHEMA = {
"Struts2Exploiter", "Struts2Exploiter",
"WebLogicExploiter", "WebLogicExploiter",
"HadoopExploiter", "HadoopExploiter",
"VSFTPDExploiter" "VSFTPDExploiter",
"MSSQLExploiter"
], ],
"description": "description":
"Determines which exploits to use. " + WARNING_SIGN "Determines which exploits to use. " + WARNING_SIGN
@ -899,7 +900,8 @@ SCHEMA = {
8008, 8008,
3306, 3306,
9200, 9200,
7001 7001,
8088
], ],
"description": "List of TCP ports the monkey will check whether they're open" "description": "List of TCP ports the monkey will check whether they're open"
}, },