forked from p34709852/monkey
back-merge with develop
This commit is contained in:
commit
25ab7f6ffe
11
.travis.yml
11
.travis.yml
|
@ -4,14 +4,11 @@ cache: pip
|
||||||
python:
|
python:
|
||||||
- 2.7
|
- 2.7
|
||||||
- 3.6
|
- 3.6
|
||||||
#- nightly
|
|
||||||
#- pypy
|
|
||||||
#- pypy3
|
|
||||||
matrix:
|
matrix:
|
||||||
allow_failures:
|
include:
|
||||||
- python: nightly
|
- python: 3.7
|
||||||
- python: pypy
|
dist: xenial # required for Python 3.7 (travis-ci/travis-ci#9069)
|
||||||
- python: pypy3
|
sudo: required # required for Python 3.7 (travis-ci/travis-ci#9069)
|
||||||
install:
|
install:
|
||||||
#- pip install -r requirements.txt
|
#- pip install -r requirements.txt
|
||||||
- pip install flake8 # pytest # add another testing frameworks later
|
- pip install flake8 # pytest # add another testing frameworks later
|
||||||
|
|
|
@ -28,7 +28,6 @@ class WebRCE(HostExploiter):
|
||||||
Dict in format {'linux': '/tmp/monkey.sh', 'win32': './monkey32.exe', 'win64':... }
|
Dict in format {'linux': '/tmp/monkey.sh', 'win32': './monkey32.exe', 'win64':... }
|
||||||
"""
|
"""
|
||||||
super(WebRCE, self).__init__(host)
|
super(WebRCE, self).__init__(host)
|
||||||
self._config = __import__('config').WormConfiguration
|
|
||||||
if monkey_target_paths:
|
if monkey_target_paths:
|
||||||
self.monkey_target_paths = monkey_target_paths
|
self.monkey_target_paths = monkey_target_paths
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -1,9 +1,14 @@
|
||||||
import logging
|
import logging
|
||||||
|
import sys
|
||||||
|
import subprocess
|
||||||
import select
|
import select
|
||||||
import socket
|
import socket
|
||||||
import struct
|
import struct
|
||||||
import time
|
import time
|
||||||
|
|
||||||
|
from six import text_type
|
||||||
|
import ipaddress
|
||||||
|
|
||||||
DEFAULT_TIMEOUT = 10
|
DEFAULT_TIMEOUT = 10
|
||||||
BANNER_READ = 1024
|
BANNER_READ = 1024
|
||||||
|
|
||||||
|
@ -128,10 +133,9 @@ def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False):
|
||||||
|
|
||||||
if len(possible_ports) != 0:
|
if len(possible_ports) != 0:
|
||||||
timeout = int(round(timeout)) # clamp to integer, to avoid checking input
|
timeout = int(round(timeout)) # clamp to integer, to avoid checking input
|
||||||
time_left = timeout
|
|
||||||
sockets_to_try = possible_ports[:]
|
sockets_to_try = possible_ports[:]
|
||||||
connected_ports_sockets = []
|
connected_ports_sockets = []
|
||||||
while (time_left >= 0) and len(sockets_to_try):
|
while (timeout >= 0) and len(sockets_to_try):
|
||||||
sock_objects = [s[1] for s in sockets_to_try]
|
sock_objects = [s[1] for s in sockets_to_try]
|
||||||
|
|
||||||
_, writeable_sockets, _ = select.select(sock_objects, sock_objects, sock_objects, 0)
|
_, writeable_sockets, _ = select.select(sock_objects, sock_objects, sock_objects, 0)
|
||||||
|
@ -168,3 +172,60 @@ def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False):
|
||||||
|
|
||||||
def tcp_port_to_service(port):
|
def tcp_port_to_service(port):
|
||||||
return 'tcp-' + str(port)
|
return 'tcp-' + str(port)
|
||||||
|
|
||||||
|
|
||||||
|
def traceroute(target_ip, ttl):
|
||||||
|
"""
|
||||||
|
Traceroute for a specific IP.
|
||||||
|
:param target_ip: Destination
|
||||||
|
:param ttl: Max TTL
|
||||||
|
:return: Sequence of IPs in the way
|
||||||
|
"""
|
||||||
|
if sys.platform == "win32":
|
||||||
|
try:
|
||||||
|
# we'll just use tracert because that's always there
|
||||||
|
cli = ["tracert",
|
||||||
|
"-d",
|
||||||
|
"-w", "250",
|
||||||
|
"-h", str(ttl),
|
||||||
|
target_ip]
|
||||||
|
proc_obj = subprocess.Popen(cli, stdout=subprocess.PIPE)
|
||||||
|
stdout, stderr = proc_obj.communicate()
|
||||||
|
ip_lines = stdout.split('\r\n')[3:-3]
|
||||||
|
trace_list = []
|
||||||
|
for line in ip_lines:
|
||||||
|
tokens = line.split()
|
||||||
|
last_token = tokens[-1]
|
||||||
|
try:
|
||||||
|
ip_addr = ipaddress.ip_address(text_type(last_token))
|
||||||
|
except ValueError:
|
||||||
|
ip_addr = ""
|
||||||
|
trace_list.append(ip_addr)
|
||||||
|
return trace_list
|
||||||
|
except:
|
||||||
|
return []
|
||||||
|
else: # linux based hopefully
|
||||||
|
# implementation note: We're currently going to just use ping.
|
||||||
|
# reason is, implementing a non root requiring user is complicated (see traceroute(8) code)
|
||||||
|
# while this is just ugly
|
||||||
|
# we can't use traceroute because it's not always installed
|
||||||
|
current_ttl = 1
|
||||||
|
trace_list = []
|
||||||
|
while current_ttl <= ttl:
|
||||||
|
try:
|
||||||
|
cli = ["ping",
|
||||||
|
"-c", "1",
|
||||||
|
"-w", "1",
|
||||||
|
"-t", str(current_ttl),
|
||||||
|
target_ip]
|
||||||
|
proc_obj = subprocess.Popen(cli, stdout=subprocess.PIPE)
|
||||||
|
stdout, stderr = proc_obj.communicate()
|
||||||
|
ip_line = stdout.split('\n')
|
||||||
|
ip_line = ip_line[1]
|
||||||
|
ip = ip_line.split()[1]
|
||||||
|
trace_list.append(ipaddress.ip_address(text_type(ip)))
|
||||||
|
except (IndexError, ValueError):
|
||||||
|
# assume we failed parsing output
|
||||||
|
trace_list.append("")
|
||||||
|
current_ttl += 1
|
||||||
|
return trace_list
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import os
|
import os
|
||||||
|
import uuid
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
||||||
import bson
|
import bson
|
||||||
|
@ -83,7 +84,7 @@ def init_app(mongo_url):
|
||||||
|
|
||||||
app.config['MONGO_URI'] = mongo_url
|
app.config['MONGO_URI'] = mongo_url
|
||||||
|
|
||||||
app.config['SECRET_KEY'] = os.urandom(32)
|
app.config['SECRET_KEY'] = uuid.getnode()
|
||||||
app.config['JWT_AUTH_URL_RULE'] = '/api/auth'
|
app.config['JWT_AUTH_URL_RULE'] = '/api/auth'
|
||||||
app.config['JWT_EXPIRATION_DELTA'] = env.get_auth_expiration_time()
|
app.config['JWT_EXPIRATION_DELTA'] = env.get_auth_expiration_time()
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ if BASE_PATH not in sys.path:
|
||||||
|
|
||||||
from cc.island_logger import json_setup_logging
|
from cc.island_logger import json_setup_logging
|
||||||
# This is here in order to catch EVERYTHING, some functions are being called on imports the log init needs to be on top.
|
# This is here in order to catch EVERYTHING, some functions are being called on imports the log init needs to be on top.
|
||||||
json_setup_logging(default_path='island_logger_default_config.json', default_level=logging.DEBUG)
|
json_setup_logging(default_path='.\\monkey_island\\cc\\island_logger_default_config.json', default_level=logging.DEBUG)
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
from cc.app import init_app
|
from cc.app import init_app
|
||||||
|
|
|
@ -1,15 +1,14 @@
|
||||||
import logging
|
|
||||||
import json
|
import json
|
||||||
|
import logging
|
||||||
import os
|
import os
|
||||||
from flask import request, send_from_directory
|
|
||||||
import flask_restful
|
import flask_restful
|
||||||
|
from flask import request, send_from_directory
|
||||||
|
|
||||||
__author__ = 'Barak'
|
__author__ = 'Barak'
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
MONKEY_DOWNLOADS = [
|
MONKEY_DOWNLOADS = [
|
||||||
{
|
{
|
||||||
'type': 'linux',
|
'type': 'linux',
|
||||||
|
@ -81,7 +80,8 @@ class MonkeyDownload(flask_restful.Resource):
|
||||||
result = get_monkey_executable(host_os.get('type'), host_os.get('machine'))
|
result = get_monkey_executable(host_os.get('type'), host_os.get('machine'))
|
||||||
|
|
||||||
if result:
|
if result:
|
||||||
real_path = os.path.join('binaries', result['filename'])
|
# change resulting from new base path
|
||||||
|
real_path = os.path.join("monkey_island", "cc", 'binaries', result['filename'])
|
||||||
if os.path.isfile(real_path):
|
if os.path.isfile(real_path):
|
||||||
result['size'] = os.path.getsize(real_path)
|
result['size'] = os.path.getsize(real_path)
|
||||||
return result
|
return result
|
||||||
|
|
|
@ -76,7 +76,7 @@ class AppComponent extends AuthComponent {
|
||||||
|
|
||||||
componentDidMount() {
|
componentDidMount() {
|
||||||
this.updateStatus();
|
this.updateStatus();
|
||||||
this.interval = setInterval(this.updateStatus, 2000);
|
this.interval = setInterval(this.updateStatus, 5000);
|
||||||
}
|
}
|
||||||
|
|
||||||
componentWillUnmount() {
|
componentWillUnmount() {
|
||||||
|
|
|
@ -27,7 +27,7 @@ class MapPageComponent extends AuthComponent {
|
||||||
|
|
||||||
componentDidMount() {
|
componentDidMount() {
|
||||||
this.updateMapFromServer();
|
this.updateMapFromServer();
|
||||||
this.interval = setInterval(this.timedEvents, 1000);
|
this.interval = setInterval(this.timedEvents, 5000);
|
||||||
}
|
}
|
||||||
|
|
||||||
componentWillUnmount() {
|
componentWillUnmount() {
|
||||||
|
|
Loading…
Reference in New Issue