diff --git a/envs/monkey_zoo/blackbox/island_client/island_config_parser.py b/envs/monkey_zoo/blackbox/island_client/island_config_parser.py index ee9a8b7ad..d9e81957e 100644 --- a/envs/monkey_zoo/blackbox/island_client/island_config_parser.py +++ b/envs/monkey_zoo/blackbox/island_client/island_config_parser.py @@ -1,18 +1,30 @@ import json -import os + +import dpath.util +from typing_extensions import Type + +from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate -class IslandConfigParser(object): - - def __init__(self, config_filename): - self.config_raw = open(IslandConfigParser.get_conf_file_path(config_filename), 'r').read() - self.config_json = json.loads(self.config_raw) - - def get_ips_of_targets(self): - return self.config_json['basic_network']['scope']['subnet_scan_list'] +class IslandConfigParser: @staticmethod - def get_conf_file_path(conf_file_name): - return os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), - "island_configs", - conf_file_name) + def get_raw_config(config_template: Type[ConfigTemplate], + island_client: MonkeyIslandClient) -> str: + response = island_client.get_config() + config = IslandConfigParser.apply_template_to_config(config_template, response['configuration']) + return json.dumps(config) + + @staticmethod + def apply_template_to_config(config_template: Type[ConfigTemplate], + config: dict) -> dict: + for path, value in config_template.config_values.items(): + dpath.util.set(config, path, value, '.') + return config + + @staticmethod + def get_ips_of_targets(raw_config): + return dpath.util.get(json.loads(raw_config), + "basic_network.scope.subnet_scan_list", + '.') diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py index e3ecb6eb8..050cfe04c 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py @@ -24,6 +24,9 @@ class MonkeyIslandClient(object): def get_api_status(self): return self.requests.get("api") + def get_config(self): + return json.loads(self.requests.get("api/configuration/island").content) + @avoid_race_condition def import_config(self, config_contents): _ = self.requests.post("api/configuration/island", data=config_contents) diff --git a/envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf b/envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf deleted file mode 100644 index d8790f744..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf +++ /dev/null @@ -1,185 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "ElasticGroovyExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.4", - "10.2.2.5" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf b/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf deleted file mode 100644 index a65de1bf7..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf +++ /dev/null @@ -1,186 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "HadoopExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.3", - "10.2.2.2" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/MSSQL.conf b/envs/monkey_zoo/blackbox/island_configs/MSSQL.conf deleted file mode 100644 index a88c57ac7..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/MSSQL.conf +++ /dev/null @@ -1,180 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "Xk8VDTsC", - "password", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "MSSQLExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": true, - "subnet_scan_list": [] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf b/envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf deleted file mode 100644 index c57b06430..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf +++ /dev/null @@ -1,227 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Xk8VDTsC", - "^NgDvY59~8", - "Ivrrw5zEzs", - "3Q=(Ge(+&w]*", - "`))jU7L(w}", - "t67TC5ZDmz" - ], - "exploit_user_list": [ - "m0nk3y" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "ShellShockExploiter", - "SambaCryExploiter", - "ElasticGroovyExploiter", - "Struts2Exploiter", - "WebLogicExploiter", - "HadoopExploiter", - "VSFTPDExploiter", - "MSSQLExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [ - "10.2.2.0/30", - "10.2.2.8/30", - "10.2.2.24/32", - "10.2.2.23/32", - "10.2.2.21/32", - "10.2.2.19/32", - "10.2.2.18/32", - "10.2.2.17/32" - ] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.2", - "10.2.2.3", - "10.2.2.4", - "10.2.2.5", - "10.2.2.8", - "10.2.2.9", - "10.2.1.10", - "10.2.0.11", - "10.2.0.12", - "10.2.2.11", - "10.2.2.12", - "10.2.2.14", - "10.2.2.15", - "10.2.2.16", - "10.2.2.18", - "10.2.2.19", - "10.2.2.20", - "10.2.2.21", - "10.2.2.23", - "10.2.2.24" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - "BackdoorUser", - "CommunicateAsNewUser", - "ModifyShellStartupFiles", - "HiddenFiles", - "TrapCommand", - "ChangeSetuidSetgid", - "ScheduleJobs" - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf b/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf deleted file mode 100644 index 82cba0b70..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf +++ /dev/null @@ -1,181 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "1234", - "password", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "ShellShockExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.8" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf b/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf deleted file mode 100644 index c14fdfd99..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf +++ /dev/null @@ -1,180 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "Ivrrw5zEzs" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.14", - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf b/envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf deleted file mode 100644 index 42a5245a6..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf +++ /dev/null @@ -1,179 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [ "5da0889ea2081aa79f6852294cba4a5e", - "50c9987a6bf1ac59398df9f911122c9b" ], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SSH.conf b/envs/monkey_zoo/blackbox/island_configs/SSH.conf deleted file mode 100644 index b3ba08d77..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SSH.conf +++ /dev/null @@ -1,182 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "12345678", - "^NgDvY59~8" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SSHExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.11", - "10.2.2.12" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 2, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf b/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf deleted file mode 100644 index 92207e0a8..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf +++ /dev/null @@ -1,183 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "1234", - "password", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user", - "vakaris_zilius" - ] - }, - "exploiters": { - "exploiter_classes": [ - "Struts2Exploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.23", - "10.2.2.24" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf b/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf deleted file mode 100644 index fff01c1ff..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf +++ /dev/null @@ -1,188 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "3Q=(Ge(+&w]*", - "`))jU7L(w}", - "t67TC5ZDmz", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "MSSQLExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 3, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.9", - "10.2.1.10", - "10.2.0.11", - "10.2.0.12" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf b/envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf deleted file mode 100644 index dba3e9639..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf +++ /dev/null @@ -1,185 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "WebLogicExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.18", - "10.2.2.19" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf b/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf deleted file mode 100644 index 15cb346a5..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf +++ /dev/null @@ -1,180 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "Ivrrw5zEzs" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "WmiExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.14", - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf b/envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf deleted file mode 100644 index f0bece5e8..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf +++ /dev/null @@ -1,179 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "WmiExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [ "5da0889ea2081aa79f6852294cba4a5e", - "50c9987a6bf1ac59398df9f911122c9b"], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/__init__.py b/envs/monkey_zoo/blackbox/island_configs/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/envs/monkey_zoo/blackbox/island_configs/base_template.py b/envs/monkey_zoo/blackbox/island_configs/base_template.py new file mode 100644 index 000000000..13a480286 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/base_template.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate + + +# Disables a lot of config values not required for a specific feature test +class BaseTemplate(ConfigTemplate): + + config_values = { + "basic.exploiters.exploiter_classes": [], + "basic_network.scope.local_network_scan": False, + "internal.classes.finger_classes": ["PingScanner", "HTTPFinger"], + "internal.monkey.system_info.system_info_collector_classes": + ["EnvironmentCollector", "HostnameCollector"], + "monkey.post_breach.post_breach_actions": [] + } diff --git a/envs/monkey_zoo/blackbox/island_configs/config_template.py b/envs/monkey_zoo/blackbox/island_configs/config_template.py new file mode 100644 index 000000000..e0ff4e568 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_template.py @@ -0,0 +1,9 @@ +from abc import ABC, abstractmethod + + +class ConfigTemplate(ABC): + + @property + @abstractmethod + def config_values(self) -> dict: + pass diff --git a/envs/monkey_zoo/blackbox/island_configs/elastic.py b/envs/monkey_zoo/blackbox/island_configs/elastic.py new file mode 100644 index 000000000..97598f718 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/elastic.py @@ -0,0 +1,14 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate + + +class Elastic(ConfigTemplate): + + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["ElasticGroovyExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.4", "10.2.2.5"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/hadoop.py b/envs/monkey_zoo/blackbox/island_configs/hadoop.py new file mode 100644 index 000000000..8c42b8ee3 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/hadoop.py @@ -0,0 +1,13 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Hadoop(BaseTemplate): + + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["HadoopExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.2", "10.2.2.3"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/mssql.py b/envs/monkey_zoo/blackbox/island_configs/mssql.py new file mode 100644 index 000000000..5406494ee --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/mssql.py @@ -0,0 +1,19 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Mssql(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["MSSQLExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.16"], + "basic.credentials.exploit_password_list": ["Password1!", + "Xk8VDTsC", + "password", + "12345678"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/performance.py b/envs/monkey_zoo/blackbox/island_configs/performance.py new file mode 100644 index 000000000..3a9a48e9f --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/performance.py @@ -0,0 +1,54 @@ +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate + + +class Performance(ConfigTemplate): + config_values = { + "basic.credentials.exploit_password_list": ["Xk8VDTsC", + "^NgDvY59~8", + "Ivrrw5zEzs", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz"], + "basic.credentials.exploit_user_list": ["m0nk3y"], + "basic.exploiters.exploiter_classes": ["SmbExploiter", + "WmiExploiter", + "SSHExploiter", + "ShellShockExploiter", + "SambaCryExploiter", + "ElasticGroovyExploiter", + "Struts2Exploiter", + "WebLogicExploiter", + "HadoopExploiter", + "VSFTPDExploiter", + "MSSQLExploiter", + "ZerologonExploiter"], + "basic_network.network_analysis.inaccessible_subnets": ["10.2.2.0/30", + "10.2.2.8/30", + "10.2.2.24/32", + "10.2.2.23/32", + "10.2.2.21/32", + "10.2.2.19/32", + "10.2.2.18/32", + "10.2.2.17/32"], + "basic_network.scope.subnet_scan_list": ["10.2.2.2", + "10.2.2.3", + "10.2.2.4", + "10.2.2.5", + "10.2.2.8", + "10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12", + "10.2.2.11", + "10.2.2.12", + "10.2.2.14", + "10.2.2.15", + "10.2.2.16", + "10.2.2.18", + "10.2.2.19", + "10.2.2.20", + "10.2.2.21", + "10.2.2.23", + "10.2.2.24", + "10.2.2.25"] + } diff --git a/envs/monkey_zoo/blackbox/island_configs/shellshock.py b/envs/monkey_zoo/blackbox/island_configs/shellshock.py new file mode 100644 index 000000000..27e0dc34d --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/shellshock.py @@ -0,0 +1,12 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class ShellShock(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["ShellShockExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.8"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py new file mode 100644 index 000000000..aed4ee9c7 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py @@ -0,0 +1,19 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class SmbMimikatz(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["SmbExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.14", "10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"], + "internal.classes.finger_classes": ["SMBFinger", "PingScanner", "HTTPFinger"], + "monkey.system_info.system_info_collector_classes": ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/smb_pth.py b/envs/monkey_zoo/blackbox/island_configs/smb_pth.py new file mode 100644 index 000000000..3bb92347e --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/smb_pth.py @@ -0,0 +1,21 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class SmbPth(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_value_list = { + "basic.exploiters.exploiter_classes": ["SmbExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["SMBFinger", + "PingScanner", + "HTTPFinger"], + "internal.classes.exploits.exploit_ntlm_hash_list": ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b"] + } diff --git a/envs/monkey_zoo/blackbox/island_configs/ssh.py b/envs/monkey_zoo/blackbox/island_configs/ssh.py new file mode 100644 index 000000000..f6a5b1762 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/ssh.py @@ -0,0 +1,20 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Ssh(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["SSHExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.11", + "10.2.2.12"], + "basic.credentials.exploit_password_list": ["Password1!", + "12345678", + "^NgDvY59~8"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["SSHFinger", + "PingScanner", + "HTTPFinger"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/struts2.py b/envs/monkey_zoo/blackbox/island_configs/struts2.py new file mode 100644 index 000000000..e88c0899f --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/struts2.py @@ -0,0 +1,11 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Struts2(BaseTemplate): + + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["Struts2Exploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.23", "10.2.2.24"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/tunneling.py b/envs/monkey_zoo/blackbox/island_configs/tunneling.py new file mode 100644 index 000000000..458b89794 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/tunneling.py @@ -0,0 +1,28 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Tunneling(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["SmbExploiter", + "WmiExploiter", + "SSHExploiter" + ], + "basic_network.scope.subnet_scan_list": ["10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12"], + "basic.credentials.exploit_password_list": ["Password1!", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz", + "12345678"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["SSHFinger", + "PingScanner", + "HTTPFinger", + "SMBFinger"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/weblogic.py b/envs/monkey_zoo/blackbox/island_configs/weblogic.py new file mode 100644 index 000000000..433067cb9 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/weblogic.py @@ -0,0 +1,11 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Weblogic(BaseTemplate): + + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["WebLogicExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.18", "10.2.2.19"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py new file mode 100644 index 000000000..73bd913cd --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py @@ -0,0 +1,20 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class WmiMimikatz(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["WmiExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.14", + "10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!", + "Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "monkey.system_info.system_info_collector_classes": ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/wmi_pth.py b/envs/monkey_zoo/blackbox/island_configs/wmi_pth.py new file mode 100644 index 000000000..dcb735c78 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/wmi_pth.py @@ -0,0 +1,18 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class WmiPth(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["WmiExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["PingScanner", + "HTTPFinger"], + "internal.classes.exploits.exploit_ntlm_hash_list": ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b"] + }) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index ce5e34ec0..e5a77ef45 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -3,25 +3,48 @@ import os from time import sleep import pytest +from typing_extensions import Type -from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer -from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser -from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient -from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler +from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \ + CommunicationAnalyzer +from envs.monkey_zoo.blackbox.island_client.island_config_parser import \ + IslandConfigParser +from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \ + MonkeyIslandClient +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate +from envs.monkey_zoo.blackbox.island_configs.elastic import Elastic +from envs.monkey_zoo.blackbox.island_configs.hadoop import Hadoop +from envs.monkey_zoo.blackbox.island_configs.mssql import Mssql +from envs.monkey_zoo.blackbox.island_configs.performance import Performance +from envs.monkey_zoo.blackbox.island_configs.shellshock import ShellShock +from envs.monkey_zoo.blackbox.island_configs.smb_mimikatz import SmbMimikatz +from envs.monkey_zoo.blackbox.island_configs.smb_pth import SmbPth +from envs.monkey_zoo.blackbox.island_configs.ssh import Ssh +from envs.monkey_zoo.blackbox.island_configs.struts2 import Struts2 +from envs.monkey_zoo.blackbox.island_configs.tunneling import Tunneling +from envs.monkey_zoo.blackbox.island_configs.weblogic import Weblogic +from envs.monkey_zoo.blackbox.island_configs.wmi_mimikatz import WmiMimikatz +from envs.monkey_zoo.blackbox.island_configs.wmi_pth import WmiPth +from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \ + TestLogsHandler from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest -from envs.monkey_zoo.blackbox.tests.performance.map_generation import MapGenerationTest -from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import MapGenerationFromTelemetryTest -from envs.monkey_zoo.blackbox.tests.performance.report_generation import ReportGenerationTest +from envs.monkey_zoo.blackbox.tests.performance.map_generation import \ + MapGenerationTest +from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import \ + MapGenerationFromTelemetryTest +from envs.monkey_zoo.blackbox.tests.performance.report_generation import \ + ReportGenerationTest from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \ ReportGenerationFromTelemetryTest -from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest +from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \ + TelemetryPerformanceTest from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers DEFAULT_TIMEOUT_SECONDS = 5*60 MACHINE_BOOTUP_WAIT_SECONDS = 30 GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'hadoop-2', 'hadoop-3', 'mssql-16', 'mimikatz-14', 'mimikatz-15', 'struts2-23', 'struts2-24', 'tunneling-9', 'tunneling-10', - 'tunneling-11', 'tunneling-12', 'weblogic-18', 'weblogic-19', 'shellshock-8'] + 'tunneling-11', 'tunneling-12', 'weblogic-18', 'weblogic-19', 'shellshock-8', 'zerologon-25'] LOG_DIR_PATH = "./logs" LOGGER = logging.getLogger(__name__) @@ -59,31 +82,35 @@ def island_client(island, quick_performance_tests): @pytest.mark.usefixtures('island_client') # noinspection PyUnresolvedReferences -class TestMonkeyBlackbox(object): +class TestMonkeyBlackbox: @staticmethod - def run_exploitation_test(island_client, conf_filename, test_name, timeout_in_seconds=DEFAULT_TIMEOUT_SECONDS): - config_parser = IslandConfigParser(conf_filename) - analyzer = CommunicationAnalyzer(island_client, config_parser.get_ips_of_targets()) + def run_exploitation_test(island_client: MonkeyIslandClient, + config_template: Type[ConfigTemplate], + test_name: str, + timeout_in_seconds=DEFAULT_TIMEOUT_SECONDS): + raw_config = IslandConfigParser.get_raw_config(config_template, island_client) + analyzer = CommunicationAnalyzer(island_client, + IslandConfigParser.get_ips_of_targets(raw_config)) log_handler = TestLogsHandler(test_name, island_client, TestMonkeyBlackbox.get_log_dir_path()) ExploitationTest( name=test_name, island_client=island_client, - config_parser=config_parser, + raw_config=raw_config, analyzers=[analyzer], timeout=timeout_in_seconds, log_handler=log_handler).run() @staticmethod def run_performance_test(performance_test_class, island_client, - conf_filename, timeout_in_seconds, break_on_timeout=False): - config_parser = IslandConfigParser(conf_filename) + config_template, timeout_in_seconds, break_on_timeout=False): + raw_config = IslandConfigParser.get_raw_config(config_template, island_client) log_handler = TestLogsHandler(performance_test_class.TEST_NAME, island_client, TestMonkeyBlackbox.get_log_dir_path()) - analyzers = [CommunicationAnalyzer(island_client, config_parser.get_ips_of_targets())] + analyzers = [CommunicationAnalyzer(island_client, IslandConfigParser.get_ips_of_targets(raw_config))] performance_test_class(island_client=island_client, - config_parser=config_parser, + raw_config=raw_config, analyzers=analyzers, timeout=timeout_in_seconds, log_handler=log_handler, @@ -97,40 +124,40 @@ class TestMonkeyBlackbox(object): assert island_client.get_api_status() is not None def test_ssh_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SSH.conf", "SSH_exploiter_and_keys") + TestMonkeyBlackbox.run_exploitation_test(island_client, Ssh, "SSH_exploiter_and_keys") def test_hadoop_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "HADOOP.conf", "Hadoop_exploiter", 6 * 60) + TestMonkeyBlackbox.run_exploitation_test(island_client, Hadoop, "Hadoop_exploiter", 6 * 60) def test_mssql_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "MSSQL.conf", "MSSQL_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Mssql, "MSSQL_exploiter") def test_smb_and_mimikatz_exploiters(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SMB_MIMIKATZ.conf", "SMB_exploiter_mimikatz") + TestMonkeyBlackbox.run_exploitation_test(island_client, SmbMimikatz, "SMB_exploiter_mimikatz") def test_smb_pth(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SMB_PTH.conf", "SMB_PTH") + TestMonkeyBlackbox.run_exploitation_test(island_client, SmbPth, "SMB_PTH") def test_elastic_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "ELASTIC.conf", "Elastic_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Elastic, "Elastic_exploiter") def test_struts_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "STRUTS2.conf", "Strtuts2_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Strtuts2_exploiter") def test_weblogic_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "WEBLOGIC.conf", "Weblogic_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Weblogic, "Weblogic_exploiter") def test_shellshock_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SHELLSHOCK.conf", "Shellschock_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, ShellShock, "Shellschock_exploiter") def test_tunneling(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "TUNNELING.conf", "Tunneling_exploiter", 15 * 60) + TestMonkeyBlackbox.run_exploitation_test(island_client, Tunneling, "Tunneling_exploiter", 15 * 60) def test_wmi_and_mimikatz_exploiters(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "WMI_MIMIKATZ.conf", "WMI_exploiter,_mimikatz") + TestMonkeyBlackbox.run_exploitation_test(island_client, WmiMimikatz, "WMI_exploiter,_mimikatz") def test_wmi_pth(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "WMI_PTH.conf", "WMI_PTH") + TestMonkeyBlackbox.run_exploitation_test(island_client, WmiPth, "WMI_PTH") @pytest.mark.skip(reason="Perfomance test that creates env from fake telemetries is faster, use that instead.") def test_report_generation_performance(self, island_client, quick_performance_tests): @@ -144,7 +171,7 @@ class TestMonkeyBlackbox(object): if not quick_performance_tests: TestMonkeyBlackbox.run_performance_test(ReportGenerationTest, island_client, - "PERFORMANCE.conf", + Performance, timeout_in_seconds=10*60) else: LOGGER.error("This test doesn't support 'quick_performance_tests' option.") diff --git a/envs/monkey_zoo/blackbox/tests/exploitation.py b/envs/monkey_zoo/blackbox/tests/exploitation.py index 2d55f2294..d6332bc75 100644 --- a/envs/monkey_zoo/blackbox/tests/exploitation.py +++ b/envs/monkey_zoo/blackbox/tests/exploitation.py @@ -1,6 +1,7 @@ import logging from time import sleep +from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest from envs.monkey_zoo.blackbox.utils.test_timer import TestTimer @@ -13,16 +14,16 @@ LOGGER = logging.getLogger(__name__) class ExploitationTest(BasicTest): - def __init__(self, name, island_client, config_parser, analyzers, timeout, log_handler): + def __init__(self, name, island_client, raw_config, analyzers, timeout, log_handler): self.name = name self.island_client = island_client - self.config_parser = config_parser + self.raw_config = raw_config self.analyzers = analyzers self.timeout = timeout self.log_handler = log_handler def run(self): - self.island_client.import_config(self.config_parser.config_raw) + self.island_client.import_config(self.raw_config) self.print_test_starting_info() try: self.island_client.run_monkey_local() @@ -36,7 +37,8 @@ class ExploitationTest(BasicTest): def print_test_starting_info(self): LOGGER.info("Started {} test".format(self.name)) - LOGGER.info("Machines participating in test: " + ", ".join(self.config_parser.get_ips_of_targets())) + machine_list = ", ".join(IslandConfigParser.get_ips_of_targets(self.raw_config)) + LOGGER.info(f"Machines participating in test: {machine_list}") print("") def test_until_timeout(self): diff --git a/envs/monkey_zoo/blackbox/tests/performance/map_generation.py b/envs/monkey_zoo/blackbox/tests/performance/map_generation.py index eb95fdc6a..42d2265e7 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/map_generation.py +++ b/envs/monkey_zoo/blackbox/tests/performance/map_generation.py @@ -17,12 +17,11 @@ class MapGenerationTest(PerformanceTest): TEST_NAME = "Map generation performance test" - def __init__(self, island_client, config_parser, analyzers, + def __init__(self, island_client, raw_config, analyzers, timeout, log_handler, break_on_timeout): self.island_client = island_client - self.config_parser = config_parser exploitation_test = ExploitationTest(MapGenerationTest.TEST_NAME, island_client, - config_parser, analyzers, timeout, log_handler) + raw_config, analyzers, timeout, log_handler) performance_config = PerformanceTestConfig(max_allowed_single_page_time=MAX_ALLOWED_SINGLE_PAGE_TIME, max_allowed_total_time=MAX_ALLOWED_TOTAL_TIME, endpoints_to_test=MAP_RESOURCES, diff --git a/envs/monkey_zoo/blackbox/tests/performance/performance_test.py b/envs/monkey_zoo/blackbox/tests/performance/performance_test.py index b26c20f93..dd6af8065 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/performance_test.py +++ b/envs/monkey_zoo/blackbox/tests/performance/performance_test.py @@ -6,7 +6,7 @@ from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest class PerformanceTest(BasicTest, metaclass=ABCMeta): @abstractmethod - def __init__(self, island_client, config_parser, analyzers, + def __init__(self, island_client, raw_config, analyzers, timeout, log_handler, break_on_timeout): pass diff --git a/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py b/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py index 4e708ed9d..7799e3d29 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py +++ b/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py @@ -10,11 +10,11 @@ class PerformanceTestWorkflow(BasicTest): self.name = name self.exploitation_test = exploitation_test self.island_client = exploitation_test.island_client - self.config_parser = exploitation_test.config_parser + self.raw_config = exploitation_test.raw_config self.performance_config = performance_config def run(self): - self.island_client.import_config(self.config_parser.config_raw) + self.island_client.import_config(self.raw_config) self.exploitation_test.print_test_starting_info() try: self.island_client.run_monkey_local() diff --git a/envs/monkey_zoo/blackbox/tests/performance/report_generation.py b/envs/monkey_zoo/blackbox/tests/performance/report_generation.py index e204cc29f..f05661682 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/report_generation.py +++ b/envs/monkey_zoo/blackbox/tests/performance/report_generation.py @@ -20,12 +20,11 @@ REPORT_RESOURCES = [ class ReportGenerationTest(PerformanceTest): TEST_NAME = "Report generation performance test" - def __init__(self, island_client, config_parser, analyzers, + def __init__(self, island_client, raw_config, analyzers, timeout, log_handler, break_on_timeout): self.island_client = island_client - self.config_parser = config_parser exploitation_test = ExploitationTest(ReportGenerationTest.TEST_NAME, island_client, - config_parser, analyzers, timeout, log_handler) + raw_config, analyzers, timeout, log_handler) performance_config = PerformanceTestConfig(max_allowed_single_page_time=MAX_ALLOWED_SINGLE_PAGE_TIME, max_allowed_total_time=MAX_ALLOWED_TOTAL_TIME, endpoints_to_test=REPORT_RESOURCES,