p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UI: Add field for ransomed file extension

This commit is contained in:
Kekoa Kaaikala 2022-08-17 20:10:23 +00:00
parent 639fb26445
commit 4f776f0102
3 changed files with 33 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationErrorMessages.js
View File

@ -1,4 +1,4 @@
import {IP, IP_RANGE, VALID_RANSOMWARE_TARGET_PATH_LINUX, VALID_RANSOMWARE_TARGET_PATH_WINDOWS} from './ValidationFormats'; import { IP, IP_RANGE, VALID_FILE_EXTENSION, VALID_RANSOMWARE_TARGET_PATH_LINUX, VALID_RANSOMWARE_TARGET_PATH_WINDOWS } from './ValidationFormats';
let invalidDirMessage = 'Invalid directory. Path should be absolute or begin with an environment variable.'; let invalidDirMessage = 'Invalid directory. Path should be absolute or begin with an environment variable.';
@ -10,6 +10,8 @@ export default function transformErrors(errors) {
error.message = 'Invalid IP range, refer to description for valid examples.' error.message = 'Invalid IP range, refer to description for valid examples.'
} else if (error.name === 'format' && error.params.format === IP) { } else if (error.name === 'format' && error.params.format === IP) {
error.message = 'Invalid IP.' error.message = 'Invalid IP.'
} else if (error.name === 'format' && error.params.format === VALID_FILE_EXTENSION) {
error.message = 'Invalid file extension.'
} else if (error.name === 'format' && error.params.format === VALID_RANSOMWARE_TARGET_PATH_LINUX) { } else if (error.name === 'format' && error.params.format === VALID_RANSOMWARE_TARGET_PATH_LINUX) {
error.message = invalidDirMessage error.message = invalidDirMessage
} else if (error.name === 'format' && error.params.format === VALID_RANSOMWARE_TARGET_PATH_WINDOWS) { } else if (error.name === 'format' && error.params.format === VALID_RANSOMWARE_TARGET_PATH_WINDOWS) {

21
monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
View File

@ -2,6 +2,7 @@ const ipRegex = '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0
const cidrNotationRegex = '([0-9]|1[0-9]|2[0-9]|3[0-2])' const cidrNotationRegex = '([0-9]|1[0-9]|2[0-9]|3[0-2])'
const hostnameRegex = '^([A-Za-z0-9]*[A-Za-z]+[A-Za-z0-9]*.?)*([A-Za-z0-9]*[A-Za-z]+[A-Za-z0-9]*)$' const hostnameRegex = '^([A-Za-z0-9]*[A-Za-z]+[A-Za-z0-9]*.?)*([A-Za-z0-9]*[A-Za-z]+[A-Za-z0-9]*)$'
const fileExtensionRegex = /^(\.[A-Za-z0-9_]+)*$/
const linuxAbsolutePathRegex = /^\// // path starts with `/` const linuxAbsolutePathRegex = /^\// // path starts with `/`
const linuxPathStartsWithEnvVariableRegex = /^\$/ // path starts with `$` const linuxPathStartsWithEnvVariableRegex = /^\$/ // path starts with `$`
@ -11,7 +12,7 @@ const linuxPathStartsWithTildeRegex = /^~/ // path starts with `~`
const windowsAbsolutePathRegex = /^([A-Za-z]:(\\|\/))/ // path starts like `C:\` OR `C:/` const windowsAbsolutePathRegex = /^([A-Za-z]:(\\|\/))/ // path starts like `C:\` OR `C:/`
const windowsEnvVarNonNumeric = '[A-Za-z#\\$\'\\(\\)\\*\\+,\\-\\.\\?@\\[\\]_`\\{\\}~ ]' const windowsEnvVarNonNumeric = '[A-Za-z#\\$\'\\(\\)\\*\\+,\\-\\.\\?@\\[\\]_`\\{\\}~ ]'
const windowsPathStartsWithEnvVariableRegex = new RegExp( const windowsPathStartsWithEnvVariableRegex = new RegExp(
`^%(${windowsEnvVarNonNumeric}+(${windowsEnvVarNonNumeric}|\\d)*)%` `^%(${windowsEnvVarNonNumeric}+(${windowsEnvVarNonNumeric}|\\d)*)%`
) // path starts like `$` OR `%abc%` ) // path starts like `$` OR `%abc%`
const windowsUncPathRegex = /^\\{2}/ // Path starts like `\\` const windowsUncPathRegex = /^\\{2}/ // Path starts like `\\`
const emptyRegex = /^$/ const emptyRegex = /^$/
@ -19,32 +20,34 @@ const emptyRegex = /^$/
export const IP_RANGE = 'ip-range'; export const IP_RANGE = 'ip-range';
export const IP = 'ip'; export const IP = 'ip';
export const VALID_FILE_EXTENSION = 'valid-file-extension'
export const VALID_RANSOMWARE_TARGET_PATH_LINUX = 'valid-ransomware-target-path-linux' export const VALID_RANSOMWARE_TARGET_PATH_LINUX = 'valid-ransomware-target-path-linux'
export const VALID_RANSOMWARE_TARGET_PATH_WINDOWS = 'valid-ransomware-target-path-windows' export const VALID_RANSOMWARE_TARGET_PATH_WINDOWS = 'valid-ransomware-target-path-windows'
export const formValidationFormats = { export const formValidationFormats = {
[IP_RANGE]: buildIpRangeRegex(), [IP_RANGE]: buildIpRangeRegex(),
[IP]: buildIpRegex(), [IP]: buildIpRegex(),
[VALID_FILE_EXTENSION]: fileExtensionRegex,
[VALID_RANSOMWARE_TARGET_PATH_LINUX]: buildValidRansomwarePathLinuxRegex(), [VALID_RANSOMWARE_TARGET_PATH_LINUX]: buildValidRansomwarePathLinuxRegex(),
[VALID_RANSOMWARE_TARGET_PATH_WINDOWS]: buildValidRansomwarePathWindowsRegex() [VALID_RANSOMWARE_TARGET_PATH_WINDOWS]: buildValidRansomwarePathWindowsRegex()
}; };
function buildIpRangeRegex(){ function buildIpRangeRegex() {
return new RegExp([ return new RegExp([
'^'+ipRegex+'$|', // Single: IP '^' + ipRegex + '$|', // Single: IP
'^'+ipRegex+'-'+ipRegex+'$|', // IP range: IP-IP '^' + ipRegex + '-' + ipRegex + '$|', // IP range: IP-IP
'^'+ipRegex+'/'+cidrNotationRegex+'$|', // IP range with cidr notation: IP/cidr '^' + ipRegex + '/' + cidrNotationRegex + '$|', // IP range with cidr notation: IP/cidr
hostnameRegex // Hostname: target.tg hostnameRegex // Hostname: target.tg
].join('')) ].join(''))
} }
function buildIpRegex(){ function buildIpRegex() {
return new RegExp('^'+ipRegex+'$') return new RegExp('^' + ipRegex + '$')
} }
function buildValidRansomwarePathLinuxRegex() { function buildValidRansomwarePathLinuxRegex() {
return new RegExp([ return new RegExp([
emptyRegex.source, emptyRegex.source,
linuxAbsolutePathRegex.source, linuxAbsolutePathRegex.source,
linuxPathStartsWithEnvVariableRegex.source, linuxPathStartsWithEnvVariableRegex.source,
linuxPathStartsWithTildeRegex.source linuxPathStartsWithTildeRegex.source
@ -53,7 +56,7 @@ function buildValidRansomwarePathLinuxRegex() {
function buildValidRansomwarePathWindowsRegex() { function buildValidRansomwarePathWindowsRegex() {
return new RegExp([ return new RegExp([
emptyRegex.source, emptyRegex.source,
windowsAbsolutePathRegex.source, windowsAbsolutePathRegex.source,
windowsPathStartsWithEnvVariableRegex.source, windowsPathStartsWithEnvVariableRegex.source,
windowsUncPathRegex.source windowsUncPathRegex.source

28
monkey/monkey_island/cc/ui/src/services/configuration/ransomware.js
View File

@ -1,24 +1,32 @@
const RANSOMWARE_SCHEMA = { const RANSOMWARE_SCHEMA = {
'title': 'Payloads', 'title': 'Payloads',
'properties': { 'properties': {
'encryption': { 'encryption': {
'title': 'Ransomware simulation', 'title': 'Ransomware simulation',
'type': 'object', 'type': 'object',
'description': 'To simulate ransomware encryption, you\'ll need to provide Infection ' + 'description': 'To simulate ransomware encryption, you\'ll need to provide Infection ' +
'Monkey with files that it can safely encrypt. On each machine where you would like ' + 'Monkey with files that it can safely encrypt. On each machine where you would like ' +
'the ransomware simulation to run, create a directory and put some files in it.' + 'the ransomware simulation to run, create a directory and put some files in it.' +
'\n\nProvide the path to the directory that was created on each machine.', '\n\nProvide the path to the directory that was created on each machine.',
'properties': { 'properties': {
'enabled': { 'enabled': {
'title': 'Encrypt files', 'title': 'Encrypt files',
'type': 'boolean', 'type': 'boolean',
'default': true, 'default': true,
'description': 'Ransomware encryption will be simulated by flipping every bit ' + 'description': 'Ransomware encryption will be simulated by flipping every bit ' +
'in the files contained within the target directories.' 'in the files contained within the target directories.'
}, },
'info_box': { 'info_box': {
'info': 'No files will be encrypted if a directory is not specified or doesn\'t ' + 'info': 'No files will be encrypted if a directory is not specified or doesn\'t ' +
'exist on a victim machine.' 'exist on a victim machine.'
},
'file_extension': {
'title': 'File extension',
'type': 'string',
'format': 'valid-file-extension',
'default': '.m0nk3y',
'description': 'The file extension that the Infection Monkey will use for the ' +
'encrypted file.'
}, },
'directories': { 'directories': {
'title': 'Directories to encrypt', 'title': 'Directories to encrypt',
@ -30,8 +38,8 @@ const RANSOMWARE_SCHEMA = {
'format': 'valid-ransomware-target-path-linux', 'format': 'valid-ransomware-target-path-linux',
'default': '', 'default': '',
'description': 'A path to a directory on Linux systems that contains ' + 'description': 'A path to a directory on Linux systems that contains ' +
'files that you will allow Infection Monkey to encrypt. If no ' + 'files that you will allow Infection Monkey to encrypt. If no ' +
'directory is specified, no files will be encrypted.' 'directory is specified, no files will be encrypted.'
}, },
'windows_target_dir': { 'windows_target_dir': {
'title': 'Windows target directory', 'title': 'Windows target directory',
@ -39,8 +47,8 @@ const RANSOMWARE_SCHEMA = {
'format': 'valid-ransomware-target-path-windows', 'format': 'valid-ransomware-target-path-windows',
'default': '', 'default': '',
'description': 'A path to a directory on Windows systems that contains ' + 'description': 'A path to a directory on Windows systems that contains ' +
'files that you will allow Infection Monkey to encrypt. If no ' + 'files that you will allow Infection Monkey to encrypt. If no ' +
'directory is specified, no files will be encrypted.' 'directory is specified, no files will be encrypted.'
} }
} }
}, },