p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Change trap command signal to TERM

This commit is contained in:
Ilija Lazoroski 2021-09-01 18:22:17 +02:00 committed by Mike Salvatore
parent 473fe36ba7
commit cd9d5b4c5e
4 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGELOG.md
View File

@ -28,9 +28,11 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
language systems. #1175 language systems. #1175
- Malfunctioning timestomping PBA. #1405 - Malfunctioning timestomping PBA. #1405
- Malfunctioning shell startup script PBA. #1419 - Malfunctioning shell startup script PBA. #1419
- Trap command produced no output. #1406
### Security ### Security
- Generate a random password when creating a new user for CommunicateAsNewUser PBA. #1434 - Generate a random password when creating a new user for CommunicateAsNewUser
PBA. #1434
## [1.11.0] - 2021-08-13 ## [1.11.0] - 2021-08-13
### Added ### Added
@ -62,8 +64,8 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
instead of $HOME. #1143 instead of $HOME. #1143
- Put environment config options in `server_config.json` into a separate - Put environment config options in `server_config.json` into a separate
section named "environment". #1161 section named "environment". #1161
- Automatically register if BlackBox tests are run on a fresh installation. - Automatically register if BlackBox tests are run on a fresh
#1180 installation. #1180
- Limit the ports used for scanning in blackbox tests. #1368 - Limit the ports used for scanning in blackbox tests. #1368
- Limit the propagation depth of most blackbox tests. #1400 - Limit the propagation depth of most blackbox tests. #1400
- Wait less time for monkeys to die when running BlackBox tests. #1400 - Wait less time for monkeys to die when running BlackBox tests. #1400

2
monkey/infection_monkey/post_breach/actions/use_trap_command.py
View File

@ -6,4 +6,4 @@ from infection_monkey.post_breach.trap_command.trap_command import get_trap_comm
class TrapCommand(PBA): class TrapCommand(PBA):
def __init__(self): def __init__(self):
linux_cmds = get_trap_commands() linux_cmds = get_trap_commands()
super(TrapCommand, self).__init__(POST_BREACH_TRAP_COMMAND, linux_cmd=linux_cmds) super(TrapCommand, self).__init__(POST_BREACH_TRAP_COMMAND, linux_cmd=" ".join(linux_cmds))

6
monkey/infection_monkey/post_breach/trap_command/linux_trap_command.py
View File

@ -1,6 +1,6 @@
def get_linux_trap_commands(): def get_linux_trap_commands():
return [ return [
# trap and send SIGINT signal # trap and send SIGTERM signal
"trap 'echo \"Successfully used trap command\"' INT && kill -2 $$ ;", "trap 'echo \"Successfully used trap command\"' TERM && kill -15 $$ ;",
"trap - INT", # untrap SIGINT "trap - TERM", # untrap SIGTERM
] ]

2
monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py
View File

@ -39,7 +39,7 @@ POST_BREACH_ACTIONS = {
"enum": ["TrapCommand"], "enum": ["TrapCommand"],
"title": "Trap", "title": "Trap",
"safe": True, "safe": True,
"info": "On Linux systems, attempts to trap an interrupt signal in order " "info": "On Linux systems, attempts to trap a terminate signal in order "
"to execute a command " "to execute a command "
"upon receiving that signal. Removes the trap afterwards.", "upon receiving that signal. Removes the trap afterwards.",
"attack_techniques": ["T1154"], "attack_techniques": ["T1154"],