forked from p15670423/monkey
cc: format exploiter_classes.py with black
This commit is contained in:
parent
b5b8d289ca
commit
b6bb6d8221
|
@ -2,169 +2,142 @@ from monkey_island.cc.services.utils.typographic_symbols import WARNING_SIGN
|
|||
|
||||
EXPLOITER_CLASSES = {
|
||||
"title": "Exploit class",
|
||||
"description": "Click on exploiter to get more information about it." + WARNING_SIGN +
|
||||
" Note that using unsafe exploits may cause crashes of the exploited machine/service.",
|
||||
"description": "Click on exploiter to get more information about it."
|
||||
+ WARNING_SIGN
|
||||
+ " Note that using unsafe exploits may cause crashes of the exploited machine/service.",
|
||||
"type": "string",
|
||||
"anyOf": [
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"SmbExploiter"
|
||||
],
|
||||
"enum": ["SmbExploiter"],
|
||||
"title": "SMB Exploiter",
|
||||
"safe": True,
|
||||
"attack_techniques": ["T1110", "T1075", "T1035"],
|
||||
"info": "Brute forces using credentials provided by user and"
|
||||
" hashes gathered by mimikatz.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/smbexec/"
|
||||
" hashes gathered by mimikatz.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/smbexec/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"WmiExploiter"
|
||||
],
|
||||
"enum": ["WmiExploiter"],
|
||||
"title": "WMI Exploiter",
|
||||
"safe": True,
|
||||
"attack_techniques": ["T1110", "T1106"],
|
||||
"info": "Brute forces WMI (Windows Management Instrumentation) "
|
||||
"using credentials provided by user and hashes gathered by mimikatz.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/wmiexec/"
|
||||
"using credentials provided by user and hashes gathered by mimikatz.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/wmiexec/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"MSSQLExploiter"
|
||||
],
|
||||
"enum": ["MSSQLExploiter"],
|
||||
"title": "MSSQL Exploiter",
|
||||
"safe": True,
|
||||
"attack_techniques": ["T1110"],
|
||||
"info": "Tries to brute force into MsSQL server and uses insecure "
|
||||
"configuration to execute commands on server.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/mssql/"
|
||||
"configuration to execute commands on server.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/mssql/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"Ms08_067_Exploiter"
|
||||
],
|
||||
"enum": ["Ms08_067_Exploiter"],
|
||||
"title": "MS08-067 Exploiter",
|
||||
"safe": False,
|
||||
"info": "Unsafe exploiter, that might cause system crash due to the use of buffer overflow. "
|
||||
"Uses MS08-067 vulnerability.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/ms08-067/"
|
||||
"Uses MS08-067 vulnerability.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/ms08-067/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"SSHExploiter"
|
||||
],
|
||||
"enum": ["SSHExploiter"],
|
||||
"title": "SSH Exploiter",
|
||||
"safe": True,
|
||||
"attack_techniques": ["T1110", "T1145", "T1106"],
|
||||
"info": "Brute forces using credentials provided by user and SSH keys gathered from systems.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sshexec/"
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sshexec/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"ShellShockExploiter"
|
||||
],
|
||||
"enum": ["ShellShockExploiter"],
|
||||
"title": "ShellShock Exploiter",
|
||||
"safe": True,
|
||||
"info": "CVE-2014-6271, based on logic from "
|
||||
"https://github.com/nccgroup/shocker/blob/master/shocker.py .",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/shellshock/"
|
||||
"https://github.com/nccgroup/shocker/blob/master/shocker.py .",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/shellshock/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"SambaCryExploiter"
|
||||
],
|
||||
"enum": ["SambaCryExploiter"],
|
||||
"title": "SambaCry Exploiter",
|
||||
"safe": True,
|
||||
"info": "Bruteforces and searches for anonymous shares. Uses Impacket.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sambacry/"
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sambacry/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"ElasticGroovyExploiter"
|
||||
],
|
||||
"enum": ["ElasticGroovyExploiter"],
|
||||
"title": "ElasticGroovy Exploiter",
|
||||
"safe": True,
|
||||
"info": "CVE-2015-1427. Logic is based on Metasploit module.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/elasticgroovy/"
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/elasticgroovy/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"Struts2Exploiter"
|
||||
],
|
||||
"enum": ["Struts2Exploiter"],
|
||||
"title": "Struts2 Exploiter",
|
||||
"safe": True,
|
||||
"info": "Exploits struts2 java web framework. CVE-2017-5638. Logic based on "
|
||||
"https://www.exploit-db.com/exploits/41570 .",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/struts2/"
|
||||
"https://www.exploit-db.com/exploits/41570 .",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/struts2/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"WebLogicExploiter"
|
||||
],
|
||||
"enum": ["WebLogicExploiter"],
|
||||
"title": "WebLogic Exploiter",
|
||||
"safe": True,
|
||||
"info": "Exploits CVE-2017-10271 and CVE-2019-2725 vulnerabilities on WebLogic server.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/weblogic/"
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/weblogic/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"HadoopExploiter"
|
||||
],
|
||||
"enum": ["HadoopExploiter"],
|
||||
"title": "Hadoop/Yarn Exploiter",
|
||||
"safe": True,
|
||||
"info": "Remote code execution on HADOOP server with YARN and default settings. "
|
||||
"Logic based on https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/hadoop/"
|
||||
"Logic based on https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/hadoop/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"VSFTPDExploiter"
|
||||
],
|
||||
"enum": ["VSFTPDExploiter"],
|
||||
"title": "VSFTPD Exploiter",
|
||||
"safe": True,
|
||||
"info": "Exploits a malicious backdoor that was added to the VSFTPD download archive. "
|
||||
"Logic based on Metasploit module.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/vsftpd/"
|
||||
"Logic based on Metasploit module.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/vsftpd/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"DrupalExploiter"
|
||||
],
|
||||
"enum": ["DrupalExploiter"],
|
||||
"title": "Drupal Exploiter",
|
||||
"safe": True,
|
||||
"info": "Exploits a remote command execution vulnerability in a Drupal server,"
|
||||
"for which certain modules (such as RESTful Web Services) are enabled.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/drupal/"
|
||||
"for which certain modules (such as RESTful Web Services) are enabled.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/drupal/",
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"ZerologonExploiter"
|
||||
],
|
||||
"enum": ["ZerologonExploiter"],
|
||||
"title": "Zerologon Exploiter",
|
||||
"safe": False,
|
||||
"info": "Exploits a privilege escalation vulnerability (CVE-2020-1472) in a Windows "
|
||||
"server domain controller by using the Netlogon Remote Protocol (MS-NRPC). "
|
||||
"This exploiter changes the password of a Windows server domain controller "
|
||||
"account and could prevent the victim domain controller from communicating "
|
||||
"with other domain controllers. While it attempts to undo "
|
||||
"its changes and reset the password back to the original after the "
|
||||
"vulnerability is exploited, this is not successful in all cases. For "
|
||||
"instructions on how to reset the domain controller's password, see the documentation.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/zerologon/"
|
||||
}
|
||||
]
|
||||
"server domain controller by using the Netlogon Remote Protocol (MS-NRPC). "
|
||||
"This exploiter changes the password of a Windows server domain controller "
|
||||
"account and could prevent the victim domain controller from communicating "
|
||||
"with other domain controllers. While it attempts to undo "
|
||||
"its changes and reset the password back to the original after the "
|
||||
"vulnerability is exploited, this is not successful in all cases. For "
|
||||
"instructions on how to reset the domain controller's password, see the documentation.",
|
||||
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/zerologon/",
|
||||
},
|
||||
],
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue