From edc8fff0a7186b895d810898428e0f172bcdb69d Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Mon, 1 Mar 2021 17:11:23 +0200 Subject: [PATCH 1/4] Extracted relevant config parameters for each BB test and made templates from those --- .../config_templates/__init__.py | 0 .../config_templates/base_template.py | 19 +++++ .../config_templates/config_template.py | 32 +++++++++ .../config_templates/elastic.py | 14 ++++ .../island_configs/config_templates/hadoop.py | 14 ++++ .../island_configs/config_templates/mssql.py | 25 +++++++ .../config_templates/performance.py | 71 +++++++++++++++++++ .../config_templates/shellshock.py | 14 ++++ .../config_templates/smb_mimikatz.py | 36 ++++++++++ .../config_templates/smb_pth.py | 33 +++++++++ .../island_configs/config_templates/ssh.py | 31 ++++++++ .../config_templates/struts2.py | 16 +++++ .../config_templates/tunneling.py | 41 +++++++++++ .../config_templates/weblogic.py | 16 +++++ .../config_templates/wmi_mimikatz.py | 31 ++++++++ .../config_templates/wmi_pth.py | 29 ++++++++ .../generated_configs/.gitignore | 1 + 17 files changed, 423 insertions(+) create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py new file mode 100644 index 000000000..8d84c5588 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py @@ -0,0 +1,19 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigTemplate, \ + ConfigValueDescriptor + + +# Disables a lot of config values not required for a specific feature test +class BaseTemplate(ConfigTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return False + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", []), + ConfigValueDescriptor("basic_network.scope.local_network_scan", False), + ConfigValueDescriptor("internal.classes.finger_classes", + ["PingScanner", "HTTPFinger"]), + ConfigValueDescriptor("internal.monkey.system_info.system_info_collector_classes", + ["EnvironmentCollector", "HostnameCollector"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py new file mode 100644 index 000000000..ac8d28a80 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py @@ -0,0 +1,32 @@ +from abc import ABC, abstractmethod +from dataclasses import dataclass +from typing import Any, List + +import envs.monkey_zoo.blackbox.island_configs.config_templates +from infection_monkey.utils.plugins.plugin import Plugin + + +@dataclass +class ConfigValueDescriptor: + path: str # Dot separated config path. E.g. monkey.pba.actions.create_user + content: Any # Contents of config value. Depends on the type of config value. + + +class ConfigTemplate(Plugin, ABC): + + @staticmethod + def base_package_name(): + return envs.monkey_zoo.blackbox.island_configs.config_templates.__package__ + + @staticmethod + def base_package_file(): + return envs.monkey_zoo.blackbox.island_configs.config_templates.__file__ + + @abstractmethod + @property + def config_value_list(self) -> List[ConfigValueDescriptor]: + pass + + @staticmethod + def should_run(class_name: str) -> bool: + return False diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py new file mode 100644 index 000000000..ff215eb39 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Elastic(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["ElasticGroovyExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.4", "10.2.2.5"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py new file mode 100644 index 000000000..ef64996dc --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Hadoop(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["HadoopExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.2", "10.2.2.3"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py new file mode 100644 index 000000000..3d8b18e38 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py @@ -0,0 +1,25 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Mssql(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["MSSQLExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.16"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Xk8VDTsC", + "password", + "12345678" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py new file mode 100644 index 000000000..2d213121e --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py @@ -0,0 +1,71 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor, \ + ConfigTemplate + + +class Performance(ConfigTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Xk8VDTsC", + "^NgDvY59~8", + "Ivrrw5zEzs", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["m0nk3y" + ]), + ConfigValueDescriptor("basic.exploiters.exploiter_classes", + ["SmbExploiter", + "WmiExploiter", + "SSHExploiter", + "ShellShockExploiter", + "SambaCryExploiter", + "ElasticGroovyExploiter", + "Struts2Exploiter", + "WebLogicExploiter", + "HadoopExploiter", + "VSFTPDExploiter", + "MSSQLExploiter", + "ZerologonExploiter" + ]), + ConfigValueDescriptor("basic_network.network_analysis.inaccessible_subnets", + ["10.2.2.0/30", + "10.2.2.8/30", + "10.2.2.24/32", + "10.2.2.23/32", + "10.2.2.21/32", + "10.2.2.19/32", + "10.2.2.18/32", + "10.2.2.17/32" + ]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.2", + "10.2.2.3", + "10.2.2.4", + "10.2.2.5", + "10.2.2.8", + "10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12", + "10.2.2.11", + "10.2.2.12", + "10.2.2.14", + "10.2.2.15", + "10.2.2.16", + "10.2.2.18", + "10.2.2.19", + "10.2.2.20", + "10.2.2.21", + "10.2.2.23", + "10.2.2.24", + "10.2.2.25", + ]) + + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py new file mode 100644 index 000000000..04eab1b62 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class ShellShock(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["ShellShockExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.8"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py new file mode 100644 index 000000000..18646b390 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py @@ -0,0 +1,36 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class SmbMimikatz(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SmbExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.14", + "10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Ivrrw5zEzs" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SMBFinger", + "PingScanner", + "HTTPFinger" + ]), + ConfigValueDescriptor("monkey.system_info.system_info_collector_classes", + ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py new file mode 100644 index 000000000..ad5dd1069 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py @@ -0,0 +1,33 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class SmbPth(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SmbExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Ivrrw5zEzs" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SMBFinger", + "PingScanner", + "HTTPFinger" + ]), + ConfigValueDescriptor("internal.classes.exploits.exploit_ntlm_hash_list", + ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py new file mode 100644 index 000000000..dd0d240a0 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py @@ -0,0 +1,31 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Ssh(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SSHExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.11", + "10.2.2.12"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "12345678", + "^NgDvY59~8" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SSHFinger", + "PingScanner", + "HTTPFinger" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py new file mode 100644 index 000000000..f77dbd5b5 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py @@ -0,0 +1,16 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Struts2(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["Struts2Exploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.23", + "10.2.2.24"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py new file mode 100644 index 000000000..deef4c87d --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py @@ -0,0 +1,41 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Tunneling(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", + ["SmbExploiter", + "WmiExploiter", + "SSHExploiter" + ]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12" + ]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz", + "12345678" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SSHFinger", + "PingScanner", + "HTTPFinger", + "SMBFinger", + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py new file mode 100644 index 000000000..74690c1f3 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py @@ -0,0 +1,16 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Weblogic(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WebLogicExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.18", + "10.2.2.19"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py new file mode 100644 index 000000000..d223fe99f --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py @@ -0,0 +1,31 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class WmiMimikatz(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WmiExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.14", + "10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Ivrrw5zEzs" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("monkey.system_info.system_info_collector_classes", + ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py new file mode 100644 index 000000000..6488979f4 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py @@ -0,0 +1,29 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class WmiPth(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WmiExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!"]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["PingScanner", + "HTTPFinger" + ]), + ConfigValueDescriptor("internal.classes.exploits.exploit_ntlm_hash_list", + ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore b/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore new file mode 100644 index 000000000..9c558e357 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore @@ -0,0 +1 @@ +. From 8ca72bbf31044cd767ceb2a1158c0544f9c99ad8 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Tue, 2 Mar 2021 15:01:56 +0200 Subject: [PATCH 2/4] Simplified test configuration templates even more and removed old and outdated configuration files --- .../blackbox/island_configs/ELASTIC.conf | 185 -------------- .../blackbox/island_configs/HADOOP.conf | 186 -------------- .../blackbox/island_configs/MSSQL.conf | 180 -------------- .../blackbox/island_configs/PERFORMANCE.conf | 227 ------------------ .../blackbox/island_configs/SHELLSHOCK.conf | 181 -------------- .../blackbox/island_configs/SMB_MIMIKATZ.conf | 180 -------------- .../blackbox/island_configs/SMB_PTH.conf | 179 -------------- .../blackbox/island_configs/SSH.conf | 182 -------------- .../blackbox/island_configs/STRUTS2.conf | 183 -------------- .../blackbox/island_configs/TUNNELING.conf | 188 --------------- .../blackbox/island_configs/WEBLOGIC.conf | 185 -------------- .../blackbox/island_configs/WMI_MIMIKATZ.conf | 180 -------------- .../blackbox/island_configs/WMI_PTH.conf | 179 -------------- .../{config_templates => }/__init__.py | 0 .../blackbox/island_configs/base_template.py | 14 ++ .../island_configs/config_template.py | 9 + .../config_templates/base_template.py | 19 -- .../config_templates/config_template.py | 32 --- .../config_templates/elastic.py | 14 -- .../island_configs/config_templates/hadoop.py | 14 -- .../island_configs/config_templates/mssql.py | 25 -- .../config_templates/performance.py | 71 ------ .../config_templates/shellshock.py | 14 -- .../config_templates/smb_mimikatz.py | 36 --- .../config_templates/smb_pth.py | 33 --- .../island_configs/config_templates/ssh.py | 31 --- .../config_templates/struts2.py | 16 -- .../config_templates/tunneling.py | 41 ---- .../config_templates/weblogic.py | 16 -- .../config_templates/wmi_mimikatz.py | 31 --- .../config_templates/wmi_pth.py | 29 --- .../blackbox/island_configs/elastic.py | 14 ++ .../generated_configs/.gitignore | 1 - .../blackbox/island_configs/hadoop.py | 13 + .../blackbox/island_configs/mssql.py | 19 ++ .../blackbox/island_configs/performance.py | 54 +++++ .../blackbox/island_configs/shellshock.py | 12 + .../blackbox/island_configs/smb_mimikatz.py | 19 ++ .../blackbox/island_configs/smb_pth.py | 21 ++ .../monkey_zoo/blackbox/island_configs/ssh.py | 20 ++ .../blackbox/island_configs/struts2.py | 11 + .../blackbox/island_configs/tunneling.py | 28 +++ .../blackbox/island_configs/weblogic.py | 11 + .../blackbox/island_configs/wmi_mimikatz.py | 20 ++ .../blackbox/island_configs/wmi_pth.py | 18 ++ envs/monkey_zoo/blackbox/test_blackbox.py | 89 ++++--- 46 files changed, 341 insertions(+), 2869 deletions(-) delete mode 100644 envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/HADOOP.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/MSSQL.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/SSH.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf delete mode 100644 envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf rename envs/monkey_zoo/blackbox/island_configs/{config_templates => }/__init__.py (100%) create mode 100644 envs/monkey_zoo/blackbox/island_configs/base_template.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_template.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/elastic.py delete mode 100644 envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore create mode 100644 envs/monkey_zoo/blackbox/island_configs/hadoop.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/mssql.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/performance.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/shellshock.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/smb_pth.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/ssh.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/struts2.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/tunneling.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/weblogic.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/wmi_pth.py diff --git a/envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf b/envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf deleted file mode 100644 index d8790f744..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf +++ /dev/null @@ -1,185 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "ElasticGroovyExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.4", - "10.2.2.5" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf b/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf deleted file mode 100644 index a65de1bf7..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf +++ /dev/null @@ -1,186 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "HadoopExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.3", - "10.2.2.2" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/MSSQL.conf b/envs/monkey_zoo/blackbox/island_configs/MSSQL.conf deleted file mode 100644 index a88c57ac7..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/MSSQL.conf +++ /dev/null @@ -1,180 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "Xk8VDTsC", - "password", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "MSSQLExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": true, - "subnet_scan_list": [] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf b/envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf deleted file mode 100644 index c57b06430..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf +++ /dev/null @@ -1,227 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Xk8VDTsC", - "^NgDvY59~8", - "Ivrrw5zEzs", - "3Q=(Ge(+&w]*", - "`))jU7L(w}", - "t67TC5ZDmz" - ], - "exploit_user_list": [ - "m0nk3y" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "ShellShockExploiter", - "SambaCryExploiter", - "ElasticGroovyExploiter", - "Struts2Exploiter", - "WebLogicExploiter", - "HadoopExploiter", - "VSFTPDExploiter", - "MSSQLExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [ - "10.2.2.0/30", - "10.2.2.8/30", - "10.2.2.24/32", - "10.2.2.23/32", - "10.2.2.21/32", - "10.2.2.19/32", - "10.2.2.18/32", - "10.2.2.17/32" - ] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.2", - "10.2.2.3", - "10.2.2.4", - "10.2.2.5", - "10.2.2.8", - "10.2.2.9", - "10.2.1.10", - "10.2.0.11", - "10.2.0.12", - "10.2.2.11", - "10.2.2.12", - "10.2.2.14", - "10.2.2.15", - "10.2.2.16", - "10.2.2.18", - "10.2.2.19", - "10.2.2.20", - "10.2.2.21", - "10.2.2.23", - "10.2.2.24" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - "BackdoorUser", - "CommunicateAsNewUser", - "ModifyShellStartupFiles", - "HiddenFiles", - "TrapCommand", - "ChangeSetuidSetgid", - "ScheduleJobs" - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf b/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf deleted file mode 100644 index 82cba0b70..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf +++ /dev/null @@ -1,181 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "1234", - "password", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "ShellShockExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.8" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf b/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf deleted file mode 100644 index c14fdfd99..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf +++ /dev/null @@ -1,180 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "Ivrrw5zEzs" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.14", - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf b/envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf deleted file mode 100644 index 42a5245a6..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf +++ /dev/null @@ -1,179 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [ "5da0889ea2081aa79f6852294cba4a5e", - "50c9987a6bf1ac59398df9f911122c9b" ], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/SSH.conf b/envs/monkey_zoo/blackbox/island_configs/SSH.conf deleted file mode 100644 index b3ba08d77..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/SSH.conf +++ /dev/null @@ -1,182 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "12345678", - "^NgDvY59~8" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SSHExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.11", - "10.2.2.12" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 2, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [ - ] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf b/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf deleted file mode 100644 index 92207e0a8..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf +++ /dev/null @@ -1,183 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "1234", - "password", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user", - "vakaris_zilius" - ] - }, - "exploiters": { - "exploiter_classes": [ - "Struts2Exploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.23", - "10.2.2.24" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf b/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf deleted file mode 100644 index fff01c1ff..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf +++ /dev/null @@ -1,188 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "3Q=(Ge(+&w]*", - "`))jU7L(w}", - "t67TC5ZDmz", - "12345678" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "MSSQLExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 3, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.9", - "10.2.1.10", - "10.2.0.11", - "10.2.0.12" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf b/envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf deleted file mode 100644 index dba3e9639..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf +++ /dev/null @@ -1,185 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "root", - "123456", - "password", - "123456789", - "qwerty", - "111111", - "iloveyou" - ], - "exploit_user_list": [ - "Administrator", - "root", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "WebLogicExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.18", - "10.2.2.19" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf b/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf deleted file mode 100644 index 15cb346a5..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf +++ /dev/null @@ -1,180 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!", - "Ivrrw5zEzs" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "WmiExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.14", - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf b/envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf deleted file mode 100644 index f0bece5e8..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf +++ /dev/null @@ -1,179 +0,0 @@ -{ - "basic": { - "credentials": { - "exploit_password_list": [ - "Password1!" - ], - "exploit_user_list": [ - "Administrator", - "m0nk3y", - "user" - ] - }, - "exploiters": { - "exploiter_classes": [ - "WmiExploiter" - ] - } - }, - "basic_network": { - "network_analysis": { - "inaccessible_subnets": [] - }, - "scope": { - "blocked_ips": [], - "depth": 2, - "local_network_scan": false, - "subnet_scan_list": [ - "10.2.2.15" - ] - } - }, - "internal": { - "classes": { - "finger_classes": [ - "SMBFinger", - "SSHFinger", - "PingScanner", - "HTTPFinger", - "MySQLFinger", - "MSSQLFinger", - "ElasticFinger" - ] - }, - "dropper": { - "dropper_date_reference_path_linux": "/bin/sh", - "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", - "dropper_set_date": true, - "dropper_target_path_linux": "/tmp/monkey", - "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe", - "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", - "dropper_try_move_first": true - }, - "exploits": { - "exploit_lm_hash_list": [], - "exploit_ntlm_hash_list": [ "5da0889ea2081aa79f6852294cba4a5e", - "50c9987a6bf1ac59398df9f911122c9b"], - "exploit_ssh_keys": [], - "general": { - "skip_exploit_if_file_exist": false - }, - "ms08_067": { - "ms08_067_exploit_attempts": 5, - "user_to_add": "Monkey_IUSER_SUPPORT", - "remote_user_pass": "Password1!" - }, - "sambacry": { - "sambacry_trigger_timeout": 5, - "sambacry_folder_paths_to_guess": [ - "/", - "/mnt", - "/tmp", - "/storage", - "/export", - "/share", - "/shares", - "/home" - ], - "sambacry_shares_not_to_check": [ - "IPC$", - "print$" - ] - } - }, - "general": { - "keep_tunnel_open_time": 60, - "monkey_dir_name": "monkey_dir", - "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "started_on_island": false - }, - "island_server": { - "command_servers": [ - "10.2.2.251:5000" - ], - "current_server": "10.2.2.251:5000" - }, - "kill_file": { - "kill_file_path_linux": "/var/run/monkey.not", - "kill_file_path_windows": "%windir%\\monkey.not" - }, - "logging": { - "dropper_log_path_linux": "/tmp/user-1562", - "dropper_log_path_windows": "%temp%\\~df1562.tmp", - "monkey_log_path_linux": "/tmp/user-1563", - "monkey_log_path_windows": "%temp%\\~df1563.tmp", - "send_log_to_server": true - }, - "monkey": { - "alive": true, - "internet_services": [ - "monkey.guardicore.com", - "www.google.com" - ], - "self_delete_in_cleanup": true, - "serialize_config": false, - "use_file_logging": true, - "victims_max_exploit": 100, - "victims_max_find": 100 - }, - "network": { - "tcp_scanner": { - "HTTP_PORTS": [ - 80, - 8080, - 443, - 8008, - 7001 - ], - "tcp_target_ports": [ - 22, - 2222, - 445, - 135, - 3389, - 80, - 8080, - 443, - 8008, - 3306, - 9200, - 7001, - 8088 - ], - "tcp_scan_interval": 0, - "tcp_scan_timeout": 3000, - "tcp_scan_get_banner": true - }, - "ping_scanner": { - "ping_scan_timeout": 1000 - } - }, - "testing": { - "export_monkey_telems": false - } - }, - "monkey": { - "persistent_scanning": { - "max_iterations": 1, - "retry_failed_explotation": true, - "timeout_between_iterations": 100 - }, - "post_breach": { - "PBA_linux_filename": "", - "PBA_windows_filename": "", - "custom_PBA_linux_cmd": "", - "custom_PBA_windows_cmd": "", - "post_breach_actions": [] - }, - "system_info": { - "system_info_collector_classes": [ - "EnvironmentCollector", - "AwsCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector", - "AzureCollector" - ] - } - } -} diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py b/envs/monkey_zoo/blackbox/island_configs/__init__.py similarity index 100% rename from envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py rename to envs/monkey_zoo/blackbox/island_configs/__init__.py diff --git a/envs/monkey_zoo/blackbox/island_configs/base_template.py b/envs/monkey_zoo/blackbox/island_configs/base_template.py new file mode 100644 index 000000000..13a480286 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/base_template.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate + + +# Disables a lot of config values not required for a specific feature test +class BaseTemplate(ConfigTemplate): + + config_values = { + "basic.exploiters.exploiter_classes": [], + "basic_network.scope.local_network_scan": False, + "internal.classes.finger_classes": ["PingScanner", "HTTPFinger"], + "internal.monkey.system_info.system_info_collector_classes": + ["EnvironmentCollector", "HostnameCollector"], + "monkey.post_breach.post_breach_actions": [] + } diff --git a/envs/monkey_zoo/blackbox/island_configs/config_template.py b/envs/monkey_zoo/blackbox/island_configs/config_template.py new file mode 100644 index 000000000..e0ff4e568 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_template.py @@ -0,0 +1,9 @@ +from abc import ABC, abstractmethod + + +class ConfigTemplate(ABC): + + @property + @abstractmethod + def config_values(self) -> dict: + pass diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py deleted file mode 100644 index 8d84c5588..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py +++ /dev/null @@ -1,19 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigTemplate, \ - ConfigValueDescriptor - - -# Disables a lot of config values not required for a specific feature test -class BaseTemplate(ConfigTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return False - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", []), - ConfigValueDescriptor("basic_network.scope.local_network_scan", False), - ConfigValueDescriptor("internal.classes.finger_classes", - ["PingScanner", "HTTPFinger"]), - ConfigValueDescriptor("internal.monkey.system_info.system_info_collector_classes", - ["EnvironmentCollector", "HostnameCollector"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py deleted file mode 100644 index ac8d28a80..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py +++ /dev/null @@ -1,32 +0,0 @@ -from abc import ABC, abstractmethod -from dataclasses import dataclass -from typing import Any, List - -import envs.monkey_zoo.blackbox.island_configs.config_templates -from infection_monkey.utils.plugins.plugin import Plugin - - -@dataclass -class ConfigValueDescriptor: - path: str # Dot separated config path. E.g. monkey.pba.actions.create_user - content: Any # Contents of config value. Depends on the type of config value. - - -class ConfigTemplate(Plugin, ABC): - - @staticmethod - def base_package_name(): - return envs.monkey_zoo.blackbox.island_configs.config_templates.__package__ - - @staticmethod - def base_package_file(): - return envs.monkey_zoo.blackbox.island_configs.config_templates.__file__ - - @abstractmethod - @property - def config_value_list(self) -> List[ConfigValueDescriptor]: - pass - - @staticmethod - def should_run(class_name: str) -> bool: - return False diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py deleted file mode 100644 index ff215eb39..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py +++ /dev/null @@ -1,14 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Elastic(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["ElasticGroovyExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.4", "10.2.2.5"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py deleted file mode 100644 index ef64996dc..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py +++ /dev/null @@ -1,14 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Hadoop(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["HadoopExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.2", "10.2.2.3"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py deleted file mode 100644 index 3d8b18e38..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py +++ /dev/null @@ -1,25 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Mssql(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["MSSQLExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.16"]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!", - "Xk8VDTsC", - "password", - "12345678" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py deleted file mode 100644 index 2d213121e..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py +++ /dev/null @@ -1,71 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor, \ - ConfigTemplate - - -class Performance(ConfigTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Xk8VDTsC", - "^NgDvY59~8", - "Ivrrw5zEzs", - "3Q=(Ge(+&w]*", - "`))jU7L(w}", - "t67TC5ZDmz" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["m0nk3y" - ]), - ConfigValueDescriptor("basic.exploiters.exploiter_classes", - ["SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "ShellShockExploiter", - "SambaCryExploiter", - "ElasticGroovyExploiter", - "Struts2Exploiter", - "WebLogicExploiter", - "HadoopExploiter", - "VSFTPDExploiter", - "MSSQLExploiter", - "ZerologonExploiter" - ]), - ConfigValueDescriptor("basic_network.network_analysis.inaccessible_subnets", - ["10.2.2.0/30", - "10.2.2.8/30", - "10.2.2.24/32", - "10.2.2.23/32", - "10.2.2.21/32", - "10.2.2.19/32", - "10.2.2.18/32", - "10.2.2.17/32" - ]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.2", - "10.2.2.3", - "10.2.2.4", - "10.2.2.5", - "10.2.2.8", - "10.2.2.9", - "10.2.1.10", - "10.2.0.11", - "10.2.0.12", - "10.2.2.11", - "10.2.2.12", - "10.2.2.14", - "10.2.2.15", - "10.2.2.16", - "10.2.2.18", - "10.2.2.19", - "10.2.2.20", - "10.2.2.21", - "10.2.2.23", - "10.2.2.24", - "10.2.2.25", - ]) - - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py deleted file mode 100644 index 04eab1b62..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py +++ /dev/null @@ -1,14 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class ShellShock(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["ShellShockExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.8"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py deleted file mode 100644 index 18646b390..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py +++ /dev/null @@ -1,36 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class SmbMimikatz(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SmbExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.14", - "10.2.2.15"]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!", - "Ivrrw5zEzs" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]), - ConfigValueDescriptor("internal.classes.finger_classes", - ["SMBFinger", - "PingScanner", - "HTTPFinger" - ]), - ConfigValueDescriptor("monkey.system_info.system_info_collector_classes", - ["EnvironmentCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector" - ]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py deleted file mode 100644 index ad5dd1069..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py +++ /dev/null @@ -1,33 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class SmbPth(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SmbExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.15"]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!", - "Ivrrw5zEzs" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]), - ConfigValueDescriptor("internal.classes.finger_classes", - ["SMBFinger", - "PingScanner", - "HTTPFinger" - ]), - ConfigValueDescriptor("internal.classes.exploits.exploit_ntlm_hash_list", - ["5da0889ea2081aa79f6852294cba4a5e", - "50c9987a6bf1ac59398df9f911122c9b" - ]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py deleted file mode 100644 index dd0d240a0..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py +++ /dev/null @@ -1,31 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Ssh(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SSHExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.11", - "10.2.2.12"]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!", - "12345678", - "^NgDvY59~8" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]), - ConfigValueDescriptor("internal.classes.finger_classes", - ["SSHFinger", - "PingScanner", - "HTTPFinger" - ]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py deleted file mode 100644 index f77dbd5b5..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py +++ /dev/null @@ -1,16 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Struts2(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["Struts2Exploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.23", - "10.2.2.24"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py deleted file mode 100644 index deef4c87d..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py +++ /dev/null @@ -1,41 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Tunneling(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", - ["SmbExploiter", - "WmiExploiter", - "SSHExploiter" - ]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.9", - "10.2.1.10", - "10.2.0.11", - "10.2.0.12" - ]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!", - "3Q=(Ge(+&w]*", - "`))jU7L(w}", - "t67TC5ZDmz", - "12345678" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]), - ConfigValueDescriptor("internal.classes.finger_classes", - ["SSHFinger", - "PingScanner", - "HTTPFinger", - "SMBFinger", - ]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py deleted file mode 100644 index 74690c1f3..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py +++ /dev/null @@ -1,16 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class Weblogic(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WebLogicExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.18", - "10.2.2.19"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py deleted file mode 100644 index d223fe99f..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py +++ /dev/null @@ -1,31 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class WmiMimikatz(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WmiExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.14", - "10.2.2.15"]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!", - "Ivrrw5zEzs" - ]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]), - ConfigValueDescriptor("monkey.system_info.system_info_collector_classes", - ["EnvironmentCollector", - "HostnameCollector", - "ProcessListCollector", - "MimikatzCollector" - ]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py deleted file mode 100644 index 6488979f4..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py +++ /dev/null @@ -1,29 +0,0 @@ -from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate -from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor - - -class WmiPth(BaseTemplate): - - @staticmethod - def should_run(class_name: str) -> bool: - return True - - config_value_list = [ - ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WmiExploiter"]), - ConfigValueDescriptor("basic_network.scope.subnet_scan_list", - ["10.2.2.15"]), - ConfigValueDescriptor("basic.credentials.exploit_password_list", - ["Password1!"]), - ConfigValueDescriptor("basic.credentials.exploit_user_list", - ["Administrator", - "m0nk3y", - "user" - ]), - ConfigValueDescriptor("internal.classes.finger_classes", - ["PingScanner", - "HTTPFinger" - ]), - ConfigValueDescriptor("internal.classes.exploits.exploit_ntlm_hash_list", - ["5da0889ea2081aa79f6852294cba4a5e", - "50c9987a6bf1ac59398df9f911122c9b"]) - ] diff --git a/envs/monkey_zoo/blackbox/island_configs/elastic.py b/envs/monkey_zoo/blackbox/island_configs/elastic.py new file mode 100644 index 000000000..97598f718 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/elastic.py @@ -0,0 +1,14 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate + + +class Elastic(ConfigTemplate): + + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["ElasticGroovyExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.4", "10.2.2.5"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore b/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore deleted file mode 100644 index 9c558e357..000000000 --- a/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore +++ /dev/null @@ -1 +0,0 @@ -. diff --git a/envs/monkey_zoo/blackbox/island_configs/hadoop.py b/envs/monkey_zoo/blackbox/island_configs/hadoop.py new file mode 100644 index 000000000..8c42b8ee3 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/hadoop.py @@ -0,0 +1,13 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Hadoop(BaseTemplate): + + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["HadoopExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.2", "10.2.2.3"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/mssql.py b/envs/monkey_zoo/blackbox/island_configs/mssql.py new file mode 100644 index 000000000..5406494ee --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/mssql.py @@ -0,0 +1,19 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Mssql(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["MSSQLExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.16"], + "basic.credentials.exploit_password_list": ["Password1!", + "Xk8VDTsC", + "password", + "12345678"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/performance.py b/envs/monkey_zoo/blackbox/island_configs/performance.py new file mode 100644 index 000000000..3a9a48e9f --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/performance.py @@ -0,0 +1,54 @@ +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate + + +class Performance(ConfigTemplate): + config_values = { + "basic.credentials.exploit_password_list": ["Xk8VDTsC", + "^NgDvY59~8", + "Ivrrw5zEzs", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz"], + "basic.credentials.exploit_user_list": ["m0nk3y"], + "basic.exploiters.exploiter_classes": ["SmbExploiter", + "WmiExploiter", + "SSHExploiter", + "ShellShockExploiter", + "SambaCryExploiter", + "ElasticGroovyExploiter", + "Struts2Exploiter", + "WebLogicExploiter", + "HadoopExploiter", + "VSFTPDExploiter", + "MSSQLExploiter", + "ZerologonExploiter"], + "basic_network.network_analysis.inaccessible_subnets": ["10.2.2.0/30", + "10.2.2.8/30", + "10.2.2.24/32", + "10.2.2.23/32", + "10.2.2.21/32", + "10.2.2.19/32", + "10.2.2.18/32", + "10.2.2.17/32"], + "basic_network.scope.subnet_scan_list": ["10.2.2.2", + "10.2.2.3", + "10.2.2.4", + "10.2.2.5", + "10.2.2.8", + "10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12", + "10.2.2.11", + "10.2.2.12", + "10.2.2.14", + "10.2.2.15", + "10.2.2.16", + "10.2.2.18", + "10.2.2.19", + "10.2.2.20", + "10.2.2.21", + "10.2.2.23", + "10.2.2.24", + "10.2.2.25"] + } diff --git a/envs/monkey_zoo/blackbox/island_configs/shellshock.py b/envs/monkey_zoo/blackbox/island_configs/shellshock.py new file mode 100644 index 000000000..27e0dc34d --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/shellshock.py @@ -0,0 +1,12 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class ShellShock(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["ShellShockExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.8"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py new file mode 100644 index 000000000..aed4ee9c7 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/smb_mimikatz.py @@ -0,0 +1,19 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class SmbMimikatz(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update({ + "basic.exploiters.exploiter_classes": ["SmbExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.14", "10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["Administrator", "m0nk3y", "user"], + "internal.classes.finger_classes": ["SMBFinger", "PingScanner", "HTTPFinger"], + "monkey.system_info.system_info_collector_classes": ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/smb_pth.py b/envs/monkey_zoo/blackbox/island_configs/smb_pth.py new file mode 100644 index 000000000..3bb92347e --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/smb_pth.py @@ -0,0 +1,21 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class SmbPth(BaseTemplate): + config_values = copy(BaseTemplate.config_values) + + config_value_list = { + "basic.exploiters.exploiter_classes": ["SmbExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!", "Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["SMBFinger", + "PingScanner", + "HTTPFinger"], + "internal.classes.exploits.exploit_ntlm_hash_list": ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b"] + } diff --git a/envs/monkey_zoo/blackbox/island_configs/ssh.py b/envs/monkey_zoo/blackbox/island_configs/ssh.py new file mode 100644 index 000000000..f6a5b1762 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/ssh.py @@ -0,0 +1,20 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Ssh(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["SSHExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.11", + "10.2.2.12"], + "basic.credentials.exploit_password_list": ["Password1!", + "12345678", + "^NgDvY59~8"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["SSHFinger", + "PingScanner", + "HTTPFinger"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/struts2.py b/envs/monkey_zoo/blackbox/island_configs/struts2.py new file mode 100644 index 000000000..e88c0899f --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/struts2.py @@ -0,0 +1,11 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Struts2(BaseTemplate): + + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["Struts2Exploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.23", "10.2.2.24"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/tunneling.py b/envs/monkey_zoo/blackbox/island_configs/tunneling.py new file mode 100644 index 000000000..458b89794 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/tunneling.py @@ -0,0 +1,28 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Tunneling(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["SmbExploiter", + "WmiExploiter", + "SSHExploiter" + ], + "basic_network.scope.subnet_scan_list": ["10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12"], + "basic.credentials.exploit_password_list": ["Password1!", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz", + "12345678"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["SSHFinger", + "PingScanner", + "HTTPFinger", + "SMBFinger"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/weblogic.py b/envs/monkey_zoo/blackbox/island_configs/weblogic.py new file mode 100644 index 000000000..433067cb9 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/weblogic.py @@ -0,0 +1,11 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class Weblogic(BaseTemplate): + + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["WebLogicExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.18", "10.2.2.19"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py new file mode 100644 index 000000000..73bd913cd --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/wmi_mimikatz.py @@ -0,0 +1,20 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class WmiMimikatz(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["WmiExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.14", + "10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!", + "Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "monkey.system_info.system_info_collector_classes": ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector"] + }) diff --git a/envs/monkey_zoo/blackbox/island_configs/wmi_pth.py b/envs/monkey_zoo/blackbox/island_configs/wmi_pth.py new file mode 100644 index 000000000..dcb735c78 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/wmi_pth.py @@ -0,0 +1,18 @@ +from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate + + +class WmiPth(BaseTemplate): + config_values = BaseTemplate.config_values + + config_values.update({ + "basic.exploiters.exploiter_classes": ["WmiExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.15"], + "basic.credentials.exploit_password_list": ["Password1!"], + "basic.credentials.exploit_user_list": ["Administrator", + "m0nk3y", + "user"], + "internal.classes.finger_classes": ["PingScanner", + "HTTPFinger"], + "internal.classes.exploits.exploit_ntlm_hash_list": ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b"] + }) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index ce5e34ec0..e5a77ef45 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -3,25 +3,48 @@ import os from time import sleep import pytest +from typing_extensions import Type -from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer -from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser -from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient -from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler +from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \ + CommunicationAnalyzer +from envs.monkey_zoo.blackbox.island_client.island_config_parser import \ + IslandConfigParser +from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \ + MonkeyIslandClient +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate +from envs.monkey_zoo.blackbox.island_configs.elastic import Elastic +from envs.monkey_zoo.blackbox.island_configs.hadoop import Hadoop +from envs.monkey_zoo.blackbox.island_configs.mssql import Mssql +from envs.monkey_zoo.blackbox.island_configs.performance import Performance +from envs.monkey_zoo.blackbox.island_configs.shellshock import ShellShock +from envs.monkey_zoo.blackbox.island_configs.smb_mimikatz import SmbMimikatz +from envs.monkey_zoo.blackbox.island_configs.smb_pth import SmbPth +from envs.monkey_zoo.blackbox.island_configs.ssh import Ssh +from envs.monkey_zoo.blackbox.island_configs.struts2 import Struts2 +from envs.monkey_zoo.blackbox.island_configs.tunneling import Tunneling +from envs.monkey_zoo.blackbox.island_configs.weblogic import Weblogic +from envs.monkey_zoo.blackbox.island_configs.wmi_mimikatz import WmiMimikatz +from envs.monkey_zoo.blackbox.island_configs.wmi_pth import WmiPth +from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \ + TestLogsHandler from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest -from envs.monkey_zoo.blackbox.tests.performance.map_generation import MapGenerationTest -from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import MapGenerationFromTelemetryTest -from envs.monkey_zoo.blackbox.tests.performance.report_generation import ReportGenerationTest +from envs.monkey_zoo.blackbox.tests.performance.map_generation import \ + MapGenerationTest +from envs.monkey_zoo.blackbox.tests.performance.map_generation_from_telemetries import \ + MapGenerationFromTelemetryTest +from envs.monkey_zoo.blackbox.tests.performance.report_generation import \ + ReportGenerationTest from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetries import \ ReportGenerationFromTelemetryTest -from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import TelemetryPerformanceTest +from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import \ + TelemetryPerformanceTest from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers DEFAULT_TIMEOUT_SECONDS = 5*60 MACHINE_BOOTUP_WAIT_SECONDS = 30 GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'hadoop-2', 'hadoop-3', 'mssql-16', 'mimikatz-14', 'mimikatz-15', 'struts2-23', 'struts2-24', 'tunneling-9', 'tunneling-10', - 'tunneling-11', 'tunneling-12', 'weblogic-18', 'weblogic-19', 'shellshock-8'] + 'tunneling-11', 'tunneling-12', 'weblogic-18', 'weblogic-19', 'shellshock-8', 'zerologon-25'] LOG_DIR_PATH = "./logs" LOGGER = logging.getLogger(__name__) @@ -59,31 +82,35 @@ def island_client(island, quick_performance_tests): @pytest.mark.usefixtures('island_client') # noinspection PyUnresolvedReferences -class TestMonkeyBlackbox(object): +class TestMonkeyBlackbox: @staticmethod - def run_exploitation_test(island_client, conf_filename, test_name, timeout_in_seconds=DEFAULT_TIMEOUT_SECONDS): - config_parser = IslandConfigParser(conf_filename) - analyzer = CommunicationAnalyzer(island_client, config_parser.get_ips_of_targets()) + def run_exploitation_test(island_client: MonkeyIslandClient, + config_template: Type[ConfigTemplate], + test_name: str, + timeout_in_seconds=DEFAULT_TIMEOUT_SECONDS): + raw_config = IslandConfigParser.get_raw_config(config_template, island_client) + analyzer = CommunicationAnalyzer(island_client, + IslandConfigParser.get_ips_of_targets(raw_config)) log_handler = TestLogsHandler(test_name, island_client, TestMonkeyBlackbox.get_log_dir_path()) ExploitationTest( name=test_name, island_client=island_client, - config_parser=config_parser, + raw_config=raw_config, analyzers=[analyzer], timeout=timeout_in_seconds, log_handler=log_handler).run() @staticmethod def run_performance_test(performance_test_class, island_client, - conf_filename, timeout_in_seconds, break_on_timeout=False): - config_parser = IslandConfigParser(conf_filename) + config_template, timeout_in_seconds, break_on_timeout=False): + raw_config = IslandConfigParser.get_raw_config(config_template, island_client) log_handler = TestLogsHandler(performance_test_class.TEST_NAME, island_client, TestMonkeyBlackbox.get_log_dir_path()) - analyzers = [CommunicationAnalyzer(island_client, config_parser.get_ips_of_targets())] + analyzers = [CommunicationAnalyzer(island_client, IslandConfigParser.get_ips_of_targets(raw_config))] performance_test_class(island_client=island_client, - config_parser=config_parser, + raw_config=raw_config, analyzers=analyzers, timeout=timeout_in_seconds, log_handler=log_handler, @@ -97,40 +124,40 @@ class TestMonkeyBlackbox(object): assert island_client.get_api_status() is not None def test_ssh_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SSH.conf", "SSH_exploiter_and_keys") + TestMonkeyBlackbox.run_exploitation_test(island_client, Ssh, "SSH_exploiter_and_keys") def test_hadoop_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "HADOOP.conf", "Hadoop_exploiter", 6 * 60) + TestMonkeyBlackbox.run_exploitation_test(island_client, Hadoop, "Hadoop_exploiter", 6 * 60) def test_mssql_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "MSSQL.conf", "MSSQL_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Mssql, "MSSQL_exploiter") def test_smb_and_mimikatz_exploiters(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SMB_MIMIKATZ.conf", "SMB_exploiter_mimikatz") + TestMonkeyBlackbox.run_exploitation_test(island_client, SmbMimikatz, "SMB_exploiter_mimikatz") def test_smb_pth(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SMB_PTH.conf", "SMB_PTH") + TestMonkeyBlackbox.run_exploitation_test(island_client, SmbPth, "SMB_PTH") def test_elastic_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "ELASTIC.conf", "Elastic_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Elastic, "Elastic_exploiter") def test_struts_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "STRUTS2.conf", "Strtuts2_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Struts2, "Strtuts2_exploiter") def test_weblogic_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "WEBLOGIC.conf", "Weblogic_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, Weblogic, "Weblogic_exploiter") def test_shellshock_exploiter(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "SHELLSHOCK.conf", "Shellschock_exploiter") + TestMonkeyBlackbox.run_exploitation_test(island_client, ShellShock, "Shellschock_exploiter") def test_tunneling(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "TUNNELING.conf", "Tunneling_exploiter", 15 * 60) + TestMonkeyBlackbox.run_exploitation_test(island_client, Tunneling, "Tunneling_exploiter", 15 * 60) def test_wmi_and_mimikatz_exploiters(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "WMI_MIMIKATZ.conf", "WMI_exploiter,_mimikatz") + TestMonkeyBlackbox.run_exploitation_test(island_client, WmiMimikatz, "WMI_exploiter,_mimikatz") def test_wmi_pth(self, island_client): - TestMonkeyBlackbox.run_exploitation_test(island_client, "WMI_PTH.conf", "WMI_PTH") + TestMonkeyBlackbox.run_exploitation_test(island_client, WmiPth, "WMI_PTH") @pytest.mark.skip(reason="Perfomance test that creates env from fake telemetries is faster, use that instead.") def test_report_generation_performance(self, island_client, quick_performance_tests): @@ -144,7 +171,7 @@ class TestMonkeyBlackbox(object): if not quick_performance_tests: TestMonkeyBlackbox.run_performance_test(ReportGenerationTest, island_client, - "PERFORMANCE.conf", + Performance, timeout_in_seconds=10*60) else: LOGGER.error("This test doesn't support 'quick_performance_tests' option.") From aaab827e3271a7f428053a006a6157fe10d5bf64 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Tue, 2 Mar 2021 15:14:33 +0200 Subject: [PATCH 3/4] Refactored configuration parser to pull configs, apply template and submit them instead of loading configs from file. --- .../island_client/island_config_parser.py | 38 ++++++++++++------- .../island_client/monkey_island_client.py | 3 ++ 2 files changed, 28 insertions(+), 13 deletions(-) diff --git a/envs/monkey_zoo/blackbox/island_client/island_config_parser.py b/envs/monkey_zoo/blackbox/island_client/island_config_parser.py index ee9a8b7ad..d9e81957e 100644 --- a/envs/monkey_zoo/blackbox/island_client/island_config_parser.py +++ b/envs/monkey_zoo/blackbox/island_client/island_config_parser.py @@ -1,18 +1,30 @@ import json -import os + +import dpath.util +from typing_extensions import Type + +from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient +from envs.monkey_zoo.blackbox.island_configs.config_template import ConfigTemplate -class IslandConfigParser(object): - - def __init__(self, config_filename): - self.config_raw = open(IslandConfigParser.get_conf_file_path(config_filename), 'r').read() - self.config_json = json.loads(self.config_raw) - - def get_ips_of_targets(self): - return self.config_json['basic_network']['scope']['subnet_scan_list'] +class IslandConfigParser: @staticmethod - def get_conf_file_path(conf_file_name): - return os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), - "island_configs", - conf_file_name) + def get_raw_config(config_template: Type[ConfigTemplate], + island_client: MonkeyIslandClient) -> str: + response = island_client.get_config() + config = IslandConfigParser.apply_template_to_config(config_template, response['configuration']) + return json.dumps(config) + + @staticmethod + def apply_template_to_config(config_template: Type[ConfigTemplate], + config: dict) -> dict: + for path, value in config_template.config_values.items(): + dpath.util.set(config, path, value, '.') + return config + + @staticmethod + def get_ips_of_targets(raw_config): + return dpath.util.get(json.loads(raw_config), + "basic_network.scope.subnet_scan_list", + '.') diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py index e3ecb6eb8..050cfe04c 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_client.py @@ -24,6 +24,9 @@ class MonkeyIslandClient(object): def get_api_status(self): return self.requests.get("api") + def get_config(self): + return json.loads(self.requests.get("api/configuration/island").content) + @avoid_race_condition def import_config(self, config_contents): _ = self.requests.post("api/configuration/island", data=config_contents) From 5837240107bc52f750996031f9e59ea259cc83ff Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Tue, 2 Mar 2021 15:15:11 +0200 Subject: [PATCH 4/4] Refactored tests to use the new configuration parser --- envs/monkey_zoo/blackbox/tests/exploitation.py | 10 ++++++---- .../blackbox/tests/performance/map_generation.py | 5 ++--- .../blackbox/tests/performance/performance_test.py | 2 +- .../tests/performance/performance_test_workflow.py | 4 ++-- .../blackbox/tests/performance/report_generation.py | 5 ++--- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/envs/monkey_zoo/blackbox/tests/exploitation.py b/envs/monkey_zoo/blackbox/tests/exploitation.py index 2d55f2294..d6332bc75 100644 --- a/envs/monkey_zoo/blackbox/tests/exploitation.py +++ b/envs/monkey_zoo/blackbox/tests/exploitation.py @@ -1,6 +1,7 @@ import logging from time import sleep +from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest from envs.monkey_zoo.blackbox.utils.test_timer import TestTimer @@ -13,16 +14,16 @@ LOGGER = logging.getLogger(__name__) class ExploitationTest(BasicTest): - def __init__(self, name, island_client, config_parser, analyzers, timeout, log_handler): + def __init__(self, name, island_client, raw_config, analyzers, timeout, log_handler): self.name = name self.island_client = island_client - self.config_parser = config_parser + self.raw_config = raw_config self.analyzers = analyzers self.timeout = timeout self.log_handler = log_handler def run(self): - self.island_client.import_config(self.config_parser.config_raw) + self.island_client.import_config(self.raw_config) self.print_test_starting_info() try: self.island_client.run_monkey_local() @@ -36,7 +37,8 @@ class ExploitationTest(BasicTest): def print_test_starting_info(self): LOGGER.info("Started {} test".format(self.name)) - LOGGER.info("Machines participating in test: " + ", ".join(self.config_parser.get_ips_of_targets())) + machine_list = ", ".join(IslandConfigParser.get_ips_of_targets(self.raw_config)) + LOGGER.info(f"Machines participating in test: {machine_list}") print("") def test_until_timeout(self): diff --git a/envs/monkey_zoo/blackbox/tests/performance/map_generation.py b/envs/monkey_zoo/blackbox/tests/performance/map_generation.py index eb95fdc6a..42d2265e7 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/map_generation.py +++ b/envs/monkey_zoo/blackbox/tests/performance/map_generation.py @@ -17,12 +17,11 @@ class MapGenerationTest(PerformanceTest): TEST_NAME = "Map generation performance test" - def __init__(self, island_client, config_parser, analyzers, + def __init__(self, island_client, raw_config, analyzers, timeout, log_handler, break_on_timeout): self.island_client = island_client - self.config_parser = config_parser exploitation_test = ExploitationTest(MapGenerationTest.TEST_NAME, island_client, - config_parser, analyzers, timeout, log_handler) + raw_config, analyzers, timeout, log_handler) performance_config = PerformanceTestConfig(max_allowed_single_page_time=MAX_ALLOWED_SINGLE_PAGE_TIME, max_allowed_total_time=MAX_ALLOWED_TOTAL_TIME, endpoints_to_test=MAP_RESOURCES, diff --git a/envs/monkey_zoo/blackbox/tests/performance/performance_test.py b/envs/monkey_zoo/blackbox/tests/performance/performance_test.py index b26c20f93..dd6af8065 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/performance_test.py +++ b/envs/monkey_zoo/blackbox/tests/performance/performance_test.py @@ -6,7 +6,7 @@ from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest class PerformanceTest(BasicTest, metaclass=ABCMeta): @abstractmethod - def __init__(self, island_client, config_parser, analyzers, + def __init__(self, island_client, raw_config, analyzers, timeout, log_handler, break_on_timeout): pass diff --git a/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py b/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py index 4e708ed9d..7799e3d29 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py +++ b/envs/monkey_zoo/blackbox/tests/performance/performance_test_workflow.py @@ -10,11 +10,11 @@ class PerformanceTestWorkflow(BasicTest): self.name = name self.exploitation_test = exploitation_test self.island_client = exploitation_test.island_client - self.config_parser = exploitation_test.config_parser + self.raw_config = exploitation_test.raw_config self.performance_config = performance_config def run(self): - self.island_client.import_config(self.config_parser.config_raw) + self.island_client.import_config(self.raw_config) self.exploitation_test.print_test_starting_info() try: self.island_client.run_monkey_local() diff --git a/envs/monkey_zoo/blackbox/tests/performance/report_generation.py b/envs/monkey_zoo/blackbox/tests/performance/report_generation.py index e204cc29f..f05661682 100644 --- a/envs/monkey_zoo/blackbox/tests/performance/report_generation.py +++ b/envs/monkey_zoo/blackbox/tests/performance/report_generation.py @@ -20,12 +20,11 @@ REPORT_RESOURCES = [ class ReportGenerationTest(PerformanceTest): TEST_NAME = "Report generation performance test" - def __init__(self, island_client, config_parser, analyzers, + def __init__(self, island_client, raw_config, analyzers, timeout, log_handler, break_on_timeout): self.island_client = island_client - self.config_parser = config_parser exploitation_test = ExploitationTest(ReportGenerationTest.TEST_NAME, island_client, - config_parser, analyzers, timeout, log_handler) + raw_config, analyzers, timeout, log_handler) performance_config = PerformanceTestConfig(max_allowed_single_page_time=MAX_ALLOWED_SINGLE_PAGE_TIME, max_allowed_total_time=MAX_ALLOWED_TOTAL_TIME, endpoints_to_test=REPORT_RESOURCES,