p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Manual fixes of long line refactorings gone wrong

This commit is contained in:
VakarisZ 2021-04-07 15:23:38 +03:00 committed by Mike Salvatore
parent 73da6fdc40
commit 56e754eddd
8 changed files with 9 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
monkey/common/common_consts/zero_trust_consts.py
View File

@ -81,10 +81,7 @@ PRINCIPLE_DISASTER_RECOVERY = "data_backup"
PRINCIPLE_SECURE_AUTHENTICATION = "secure_authentication" PRINCIPLE_SECURE_AUTHENTICATION = "secure_authentication"
PRINCIPLE_MONITORING_AND_LOGGING = "monitoring_and_logging" PRINCIPLE_MONITORING_AND_LOGGING = "monitoring_and_logging"
PRINCIPLES = { PRINCIPLES = {
PRINCIPLE_SEGMENTATION: "Apply segmentation and micro-segmentation inside your " PRINCIPLE_SEGMENTATION: "Apply segmentation and micro-segmentation inside your network.",
""
""
"network.",
PRINCIPLE_ANALYZE_NETWORK_TRAFFIC: "Analyze network traffic for malicious activity.", PRINCIPLE_ANALYZE_NETWORK_TRAFFIC: "Analyze network traffic for malicious activity.",
PRINCIPLE_USER_BEHAVIOUR: "Adopt security user behavior analytics.", PRINCIPLE_USER_BEHAVIOUR: "Adopt security user behavior analytics.",
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint " PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint "

6
monkey/infection_monkey/control.py
View File

@ -156,8 +156,7 @@ class ControlClient(object):
try: try:
telemetry = {"monkey_guid": GUID, "telem_category": telem_category, "data": json_data} telemetry = {"monkey_guid": GUID, "telem_category": telem_category, "data": json_data}
requests.post( requests.post(
"https://%s/api/telemetry" % (WormConfiguration.current_server,), "https://%s/api/telemetry" % (WormConfiguration.current_server,), # noqa: DUO123
# noqa: DUO123
data=json.dumps(telemetry), data=json.dumps(telemetry),
headers={"content-type": "application/json"}, headers={"content-type": "application/json"},
verify=False, verify=False,
@ -372,8 +371,7 @@ class ControlClient(object):
def get_pba_file(filename): def get_pba_file(filename):
try: try:
return requests.get( return requests.get(
PBA_FILE_DOWNLOAD % (WormConfiguration.current_server, filename), PBA_FILE_DOWNLOAD % (WormConfiguration.current_server, filename), # noqa: DUO123
# noqa: DUO123
verify=False, verify=False,
proxies=ControlClient.proxies, proxies=ControlClient.proxies,
timeout=LONG_REQUEST_TIMEOUT, timeout=LONG_REQUEST_TIMEOUT,

2
monkey/infection_monkey/exploit/zerologon.py
View File

@ -197,8 +197,8 @@ class ZerologonExploiter(HostExploiter):
def get_all_user_creds(self) -> List[Tuple[str, Dict]]: def get_all_user_creds(self) -> List[Tuple[str, Dict]]:
try: try:
options = OptionsForSecretsdump( options = OptionsForSecretsdump(
target=f"{self.dc_name}$@{self.dc_ip}",
# format for DC account - "NetBIOSName$@0.0.0.0" # format for DC account - "NetBIOSName$@0.0.0.0"
target=f"{self.dc_name}$@{self.dc_ip}",
target_ip=self.dc_ip, target_ip=self.dc_ip,
dc_ip=self.dc_ip, dc_ip=self.dc_ip,
) )

2
monkey/infection_monkey/post_breach/trap_command/linux_trap_command.py
View File

@ -1,6 +1,6 @@
def get_linux_trap_commands(): def get_linux_trap_commands():
return [ return [
"trap 'echo \"Successfully used trap command\"' INT && kill -2 $$ ;",
# trap and send SIGINT signal # trap and send SIGINT signal
"trap 'echo \"Successfully used trap command\"' INT && kill -2 $$ ;",
"trap - INT", # untrap SIGINT "trap - INT", # untrap SIGINT
] ]

2
monkey/infection_monkey/utils/linux/users.py
View File

@ -14,8 +14,8 @@ def get_linux_commands_to_add_user(username):
"-M", # Do not create homedir "-M", # Do not create homedir
"--expiredate", # The date on which the user account will be disabled. "--expiredate", # The date on which the user account will be disabled.
datetime.datetime.today().strftime("%Y-%m-%d"), datetime.datetime.today().strftime("%Y-%m-%d"),
"--inactive",
# The number of days after a password expires until the account is permanently disabled. # The number of days after a password expires until the account is permanently disabled.
"--inactive",
"0", # A value of 0 disables the account as soon as the password has expired "0", # A value of 0 disables the account as soon as the password has expired
"-c", # Comment "-c", # Comment
"MONKEY_USER", # Comment "MONKEY_USER", # Comment

2
monkey/infection_monkey/utils/windows/users.py
View File

@ -53,8 +53,8 @@ class AutoNewWindowsUser(AutoNewUser):
self.username, self.username,
".", # Use current domain. ".", # Use current domain.
self.password, self.password,
win32con.LOGON32_LOGON_INTERACTIVE,
# Logon type - interactive (normal user), since we're using a shell. # Logon type - interactive (normal user), since we're using a shell.
win32con.LOGON32_LOGON_INTERACTIVE,
win32con.LOGON32_PROVIDER_DEFAULT, win32con.LOGON32_PROVIDER_DEFAULT,
) # Which logon provider to use - whatever Windows offers. ) # Which logon provider to use - whatever Windows offers.
except Exception as err: except Exception as err:

2
monkey/monkey_island/cc/models/monkey.py
View File

@ -149,8 +149,8 @@ class Monkey(Document):
return {"ips": self.ip_addresses, "hostname": self.hostname} return {"ips": self.ip_addresses, "hostname": self.hostname}
@ring.lru( @ring.lru(
expire=1
# data has TTL of 1 second. This is useful for rapid calls for report generation. # data has TTL of 1 second. This is useful for rapid calls for report generation.
expire=1
) )
@staticmethod @staticmethod
def is_monkey(object_id): def is_monkey(object_id):

3
monkey/monkey_island/cc/services/edge/displayed_edge.py
View File

@ -37,8 +37,7 @@ class DisplayedEdgeService:
displayed_edge["services"] = services displayed_edge["services"] = services
displayed_edge["os"] = os displayed_edge["os"] = os
# we need to deepcopy all mutable edge properties, because weak-reference link is made # we need to deepcopy all mutable edge properties, because weak-reference link is made
# otherwise, # otherwise, which is destroyed after method is exited and causes an error later.
# which is destroyed after method is exited and causes an error later.
displayed_edge["exploits"] = deepcopy(edge.exploits) displayed_edge["exploits"] = deepcopy(edge.exploits)
displayed_edge["_label"] = edge.get_label() displayed_edge["_label"] = edge.get_label()
return displayed_edge return displayed_edge