forked from p34709852/monkey
Expand config env variables on demand
This commit is contained in:
Itay Mizeretz
parent
5e133b78f3
commit
22ce3d9387
|
|
@ -102,9 +102,9 @@ class Configuration(object):
|
||||||
###########################
|
###########################
|
||||||
|
|
||||||
use_file_logging = True
|
use_file_logging = True
|
||||||
dropper_log_path_windows = os.path.expandvars("%temp%\~df1562.tmp")
|
dropper_log_path_windows = '%temp%\\~df1562.tmp'
|
||||||
dropper_log_path_linux = '/tmp/user-1562'
|
dropper_log_path_linux = '/tmp/user-1562'
|
||||||
monkey_log_path_windows = os.path.expandvars("%temp%\~df1563.tmp")
|
monkey_log_path_windows = '%temp%\\~df1563.tmp'
|
||||||
monkey_log_path_linux = '/tmp/user-1563'
|
monkey_log_path_linux = '/tmp/user-1563'
|
||||||
|
|
||||||
###########################
|
###########################
|
||||||
|
|
@ -113,14 +113,15 @@ class Configuration(object):
|
||||||
|
|
||||||
dropper_try_move_first = sys.argv[0].endswith(".exe")
|
dropper_try_move_first = sys.argv[0].endswith(".exe")
|
||||||
dropper_set_date = True
|
dropper_set_date = True
|
||||||
dropper_date_reference_path = r"\windows\system32\kernel32.dll" if sys.platform == "win32" else '/bin/sh'
|
dropper_date_reference_path_windows = r"%windir%\system32\kernel32.dll"
|
||||||
|
dropper_date_reference_path_linux = '/bin/sh'
|
||||||
dropper_target_path = r"C:\Windows\monkey.exe"
|
dropper_target_path = r"C:\Windows\monkey.exe"
|
||||||
dropper_target_path_linux = '/tmp/monkey'
|
dropper_target_path_linux = '/tmp/monkey'
|
||||||
|
|
||||||
###########################
|
###########################
|
||||||
# Kill file
|
# Kill file
|
||||||
###########################
|
###########################
|
||||||
kill_file_path_windows = os.path.expandvars("%windir%\monkey.not")
|
kill_file_path_windows = '%windir%\\monkey.not'
|
||||||
kill_file_path_linux = '/var/run/monkey.not'
|
kill_file_path_linux = '/var/run/monkey.not'
|
||||||
|
|
||||||
###########################
|
###########################
|
||||||
|
|
|
||||||
|
|
@ -83,11 +83,15 @@ class MonkeyDrops(object):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
if WormConfiguration.dropper_set_date:
|
if WormConfiguration.dropper_set_date:
|
||||||
|
if sys.platform == 'win32':
|
||||||
|
dropper_date_reference_path = os.path.expandvars(WormConfiguration.dropper_date_reference_path_windows)
|
||||||
|
else:
|
||||||
|
dropper_date_reference_path = WormConfiguration.dropper_date_reference_path_linux
|
||||||
try:
|
try:
|
||||||
ref_stat = os.stat(WormConfiguration.dropper_date_reference_path)
|
ref_stat = os.stat(dropper_date_reference_path)
|
||||||
except:
|
except:
|
||||||
LOG.warn("Cannot set reference date using '%s', file not found",
|
LOG.warn("Cannot set reference date using '%s', file not found",
|
||||||
WormConfiguration.dropper_date_reference_path)
|
dropper_date_reference_path)
|
||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
os.utime(self._config['destination_path'],
|
os.utime(self._config['destination_path'],
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,8 @@
|
||||||
"collect_system_info": true,
|
"collect_system_info": true,
|
||||||
"depth": 2,
|
"depth": 2,
|
||||||
|
|
||||||
"dropper_date_reference_path": "/bin/sh",
|
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
|
||||||
|
"dropper_date_reference_path_linux": "/bin/sh",
|
||||||
"dropper_log_path_windows": "%temp%\\~df1562.tmp",
|
"dropper_log_path_windows": "%temp%\\~df1562.tmp",
|
||||||
"dropper_log_path_linux": "/tmp/user-1562",
|
"dropper_log_path_linux": "/tmp/user-1562",
|
||||||
"dropper_set_date": true,
|
"dropper_set_date": true,
|
||||||
|
|
|
||||||
|
|
@ -68,7 +68,7 @@ def main():
|
||||||
print "Loaded Configuration: %r" % WormConfiguration.as_dict()
|
print "Loaded Configuration: %r" % WormConfiguration.as_dict()
|
||||||
|
|
||||||
# Make sure we're not in a machine that has the kill file
|
# Make sure we're not in a machine that has the kill file
|
||||||
kill_path = WormConfiguration.kill_file_path_windows if sys.platform == "win32" else WormConfiguration.kill_file_path_linux
|
kill_path = os.path.expandvars(WormConfiguration.kill_file_path_windows) if sys.platform == "win32" else WormConfiguration.kill_file_path_linux
|
||||||
if os.path.exists(kill_path):
|
if os.path.exists(kill_path):
|
||||||
print "Kill path found, finished run"
|
print "Kill path found, finished run"
|
||||||
return True
|
return True
|
||||||
|
|
|
||||||
|
|
@ -333,7 +333,7 @@ SCHEMA = {
|
||||||
"kill_file_path_windows": {
|
"kill_file_path_windows": {
|
||||||
"title": "Kill file path on Windows",
|
"title": "Kill file path on Windows",
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"default": "C:\\Windows\\monkey.not",
|
"default": "%windir%\\monkey.not",
|
||||||
"description": "Path of file which kills monkey if it exists (on Windows)"
|
"description": "Path of file which kills monkey if it exists (on Windows)"
|
||||||
},
|
},
|
||||||
"kill_file_path_linux": {
|
"kill_file_path_linux": {
|
||||||
|
|
@ -354,11 +354,17 @@ SCHEMA = {
|
||||||
"default": True,
|
"default": True,
|
||||||
"description": "Determines whether the dropper should set the monkey's file date to be the same as another file"
|
"description": "Determines whether the dropper should set the monkey's file date to be the same as another file"
|
||||||
},
|
},
|
||||||
"dropper_date_reference_path": {
|
"dropper_date_reference_path_windows": {
|
||||||
"title": "Droper date reference path",
|
"title": "Dropper date reference path (Windows)",
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"default": "\\windows\\system32\\kernel32.dll",
|
"default": "%windir%\\system32\\kernel32.dll",
|
||||||
"description": "Determines which file the dropper should copy the date from if it's configured to do so (use fullpath)"
|
"description": "Determines which file the dropper should copy the date from if it's configured to do so on Windows (use fullpath)"
|
||||||
|
},
|
||||||
|
"dropper_date_reference_path_linux": {
|
||||||
|
"title": "Dropper date reference path (Linux)",
|
||||||
|
"type": "string",
|
||||||
|
"default": "/bin/sh",
|
||||||
|
"description": "Determines which file the dropper should copy the date from if it's configured to do so on Linux (use fullpath)"
|
||||||
},
|
},
|
||||||
"dropper_target_path_linux": {
|
"dropper_target_path_linux": {
|
||||||
"title": "Dropper target path on Linux",
|
"title": "Dropper target path on Linux",
|
||||||
|
|
@ -393,7 +399,7 @@ SCHEMA = {
|
||||||
"dropper_log_path_windows": {
|
"dropper_log_path_windows": {
|
||||||
"title": "Dropper log file path on Windows",
|
"title": "Dropper log file path on Windows",
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"default": "C:\\Users\\user\\AppData\\Local\\Temp\\~df1562.tmp",
|
"default": "%temp%\\~df1562.tmp",
|
||||||
"description": "The fullpath of the dropper log file on Windows"
|
"description": "The fullpath of the dropper log file on Windows"
|
||||||
},
|
},
|
||||||
"monkey_log_path_linux": {
|
"monkey_log_path_linux": {
|
||||||
|
|
@ -405,7 +411,7 @@ SCHEMA = {
|
||||||
"monkey_log_path_windows": {
|
"monkey_log_path_windows": {
|
||||||
"title": "Monkey log file path on Windows",
|
"title": "Monkey log file path on Windows",
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"default":"C:\\Users\\user\\AppData\\Local\\Temp\\~df1563.tmp",
|
"default": "%temp%\\~df1563.tmp",
|
||||||
"description": "The fullpath of the monkey log file on Windows"
|
"description": "The fullpath of the monkey log file on Windows"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue