Adds configuration option to turn Azure collection on and off

Merge mimikatz and Azure into system info collection settings.
2018-03-27 10:40:03 +03:00 · 2018-03-27 10:40:03 +03:00 · 9b44fc8b98
parent 9d7b345d1d
commit 9b44fc8b98
4 changed files with 15 additions and 3 deletions
--- a/infection_monkey/config.py
+++ b/infection_monkey/config.py
@ -272,5 +272,7 @@ class Configuration(object):

    mimikatz_dll_name = "mk.dll"

+    extract_azure_creds = True
+

 WormConfiguration = Configuration()
--- a/infection_monkey/example.conf
+++ b/infection_monkey/example.conf
@ -15,6 +15,7 @@
    "current_server": "41.50.73.31:5000",
    "alive": true,
    "collect_system_info": true,
+    "extract_azure_creds": true,
    "depth": 2,

    "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
--- a/infection_monkey/system_info/init.py
+++ b/infection_monkey/system_info/init.py
@ -6,7 +6,6 @@ import psutil
 from enum import IntEnum

 from network.info import get_host_subnets
-
 from azure_cred_collector import AzureCollector

 LOG = logging.getLogger(__name__)
@ -113,6 +112,9 @@ class InfoCollector(object):
        Updates the credentials structure, creating it if neccesary (compat with mimikatz)
        :return: None. Updates class information
        """
+        from config import WormConfiguration
+        if not WormConfiguration.extract_azure_creds:
+            return
        LOG.debug("Harvesting creds if on an Azure machine")
        azure_collector = AzureCollector()
        if 'credentials' not in self.info:
--- a/monkey_island/cc/services/config.py
+++ b/monkey_island/cc/services/config.py
@ -521,8 +521,8 @@ SCHEMA = {
                        }
                    }
                },
-                "mimikatz": {
-                    "title": "Mimikatz",
+                "systemInfo": {
+                    "title": "System collection",
                    "type": "object",
                    "properties": {
                        "mimikatz_dll_name": {
@ -531,6 +531,13 @@ SCHEMA = {
                            "default": "mk.dll",
                            "description":
                                "Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)"
+                        },
+                        "extract_azure_creds": {
+                            "title": "Harvest Azure Credentials",
+                            "type": "boolean",
+                            "default": True,
+                            "description":
+                                "Determine if the Monkey should try to harvest password credentials from Azure VMs"
                        }
                    }
                }