From 88422f97641fa399fc6e67b59adcf267f4264040 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 22 Mar 2022 15:32:16 -0400 Subject: [PATCH 1/6] BB: Fix API call to kill all monkeys --- .../blackbox/island_client/monkey_island_client.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py index 5c5b57e09..d203d8f9c 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py @@ -1,6 +1,6 @@ import json import logging -from time import sleep +import time from typing import Union from bson import json_util @@ -15,7 +15,7 @@ LOGGER = logging.getLogger(__name__) def avoid_race_condition(func): - sleep(SLEEP_BETWEEN_REQUESTS_SECONDS) + time.sleep(SLEEP_BETWEEN_REQUESTS_SECONDS) return func @@ -48,10 +48,15 @@ class MonkeyIslandClient(object): @avoid_race_condition def kill_all_monkeys(self): - if self.requests.get("api", {"action": "killall"}).ok: + response = self.requests.post_json( + "api/monkey_control/stop-all-agents", data={"kill_time": time.time()} + ) + if response.ok: LOGGER.info("Killing all monkeys after the test.") else: LOGGER.error("Failed to kill all monkeys.") + LOGGER.error(response.status_code) + LOGGER.error(response.content) assert False @avoid_race_condition From ef9c3f4f32d298bb12b2eeaaed111711ecdff998 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 22 Mar 2022 15:35:07 -0400 Subject: [PATCH 2/6] BB: Add ports 5985 and 5986 to PowerShell tests --- envs/monkey_zoo/blackbox/config_templates/powershell.py | 2 +- .../blackbox/config_templates/powershell_credentials_reuse.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell.py b/envs/monkey_zoo/blackbox/config_templates/powershell.py index 95137d431..33014de87 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell.py @@ -23,7 +23,7 @@ class PowerShell(ConfigTemplate): "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user"], "internal.classes.finger_classes": [], "internal.network.tcp_scanner.HTTP_PORTS": [], - "internal.network.tcp_scanner.tcp_target_ports": [], + "internal.network.tcp_scanner.tcp_target_ports": [5985, 5986], "internal.exploits.exploit_ntlm_hash_list": [ "d0f0132b308a0c4e5d1029cc06f48692", ], diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py b/envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py index 99e4ce282..622cb6656 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py @@ -16,6 +16,6 @@ class PowerShellCredentialsReuse(ConfigTemplate): "basic_network.scope.depth": 2, "internal.classes.finger_classes": [], "internal.network.tcp_scanner.HTTP_PORTS": [], - "internal.network.tcp_scanner.tcp_target_ports": [], + "internal.network.tcp_scanner.tcp_target_ports": [5985, 5986], } ) From 123606f23d06dd43bc0caf43bfb3e9f934186e65 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 22 Mar 2022 15:38:27 -0400 Subject: [PATCH 3/6] BB: Reduce time to wait for agents to finish Since the agents stop and start so much more quickly now, these delays can be reduced. --- envs/monkey_zoo/blackbox/tests/exploitation.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/envs/monkey_zoo/blackbox/tests/exploitation.py b/envs/monkey_zoo/blackbox/tests/exploitation.py index ddc6bc9c2..30915be4a 100644 --- a/envs/monkey_zoo/blackbox/tests/exploitation.py +++ b/envs/monkey_zoo/blackbox/tests/exploitation.py @@ -6,8 +6,8 @@ from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest from envs.monkey_zoo.blackbox.utils.test_timer import TestTimer MAX_TIME_FOR_MONKEYS_TO_DIE = 5 * 60 -WAIT_TIME_BETWEEN_REQUESTS = 5 -TIME_FOR_MONKEY_PROCESS_TO_FINISH = 10 +WAIT_TIME_BETWEEN_REQUESTS = 1 +TIME_FOR_MONKEY_PROCESS_TO_FINISH = 5 DELAY_BETWEEN_ANALYSIS = 3 LOGGER = logging.getLogger(__name__) From 5835a87d3c752176c15c0cd5018d860e8416593b Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 22 Mar 2022 15:50:25 -0400 Subject: [PATCH 4/6] BB: Reduce the time that tunnels are held open in tunneling test --- envs/monkey_zoo/blackbox/config_templates/tunneling.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/tunneling.py b/envs/monkey_zoo/blackbox/config_templates/tunneling.py index d2dd663f5..6f726466d 100644 --- a/envs/monkey_zoo/blackbox/config_templates/tunneling.py +++ b/envs/monkey_zoo/blackbox/config_templates/tunneling.py @@ -17,7 +17,7 @@ class Tunneling(ConfigTemplate): "10.2.0.11", ], "basic_network.scope.depth": 3, - "internal.general.keep_tunnel_open_time": 150, + "internal.general.keep_tunnel_open_time": 30, "basic.credentials.exploit_password_list": [ "Password1!", "3Q=(Ge(+&w]*", From f8b3b378d63a379bbd6fc4187f6fd2e6475c38e4 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 22 Mar 2022 15:51:30 -0400 Subject: [PATCH 5/6] BB: Skip tests for deprecated exploiters --- envs/monkey_zoo/blackbox/test_blackbox.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index ff80451db..096b8777b 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -186,12 +186,15 @@ class TestMonkeyBlackbox: def test_smb_pth(self, island_client): TestMonkeyBlackbox.run_exploitation_test(island_client, SmbPth, "SMB_PTH") + @pytest.mark.skip(reason="Drupal exploiter is deprecated") def test_drupal_exploiter(self, island_client): TestMonkeyBlackbox.run_exploitation_test(island_client, Drupal, "Drupal_exploiter") + @pytest.mark.skip(reason="Struts2 exploiter is deprecated") def test_struts_exploiter(self, island_client): TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Struts2_exploiter") + @pytest.mark.skip(reason="Weblogic exploiter is deprecated") def test_weblogic_exploiter(self, island_client): TestMonkeyBlackbox.run_exploitation_test(island_client, Weblogic, "Weblogic_exploiter") From 35923c1eb1815ab7e8faa9ae47db9b268a62552f Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Thu, 24 Mar 2022 12:56:59 -0400 Subject: [PATCH 6/6] BB: Reduce the timeouts for tunneling tests --- envs/monkey_zoo/blackbox/config_templates/tunneling.py | 2 +- envs/monkey_zoo/blackbox/test_blackbox.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/tunneling.py b/envs/monkey_zoo/blackbox/config_templates/tunneling.py index 6f726466d..ec876b607 100644 --- a/envs/monkey_zoo/blackbox/config_templates/tunneling.py +++ b/envs/monkey_zoo/blackbox/config_templates/tunneling.py @@ -17,7 +17,7 @@ class Tunneling(ConfigTemplate): "10.2.0.11", ], "basic_network.scope.depth": 3, - "internal.general.keep_tunnel_open_time": 30, + "internal.general.keep_tunnel_open_time": 20, "basic.credentials.exploit_password_list": [ "Password1!", "3Q=(Ge(+&w]*", diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index 096b8777b..3227694f6 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -51,7 +51,7 @@ from envs.monkey_zoo.blackbox.utils.gcp_machine_handlers import ( ) from monkey_island.cc.services.mode.mode_enum import IslandModeEnum -DEFAULT_TIMEOUT_SECONDS = 5 * 60 +DEFAULT_TIMEOUT_SECONDS = 2 * 60 MACHINE_BOOTUP_WAIT_SECONDS = 30 LOG_DIR_PATH = "./logs" logging.basicConfig(level=logging.INFO) @@ -215,7 +215,7 @@ class TestMonkeyBlackbox: def test_tunneling(self, island_client): TestMonkeyBlackbox.run_exploitation_test( - island_client, Tunneling, "Tunneling_exploiter", 15 * 60 + island_client, Tunneling, "Tunneling_exploiter", 3 * 60 ) def test_wmi_and_mimikatz_exploiters(self, island_client):