p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Remove old configuration schema's properties

This commit is contained in:
Shreya Malviya 2022-06-28 15:48:39 -07:00 committed by Ilija Lazoroski
parent ff17237ea7
commit 2d960fc4d2
5 changed files with 0 additions and 460 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
monkey/monkey_island/cc/services/config_schema/basic.py
View File

@ -1,65 +0,0 @@
BASIC = {
"title": "Exploits",
"type": "object",
"primary": True,
"properties": {
"exploiters": {
"title": "Exploiters",
"type": "object",
"description": "Choose which exploiters the Monkey will attempt.",
"properties": {
"exploiter_classes": {
"title": "Exploiters",
"type": "array",
"uniqueItems": True,
"items": {"$ref": "#/definitions/exploiter_classes"},
"default": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"Log4ShellExploiter",
"HadoopExploiter",
"MSSQLExploiter",
"PowerShellExploiter",
],
}
},
},
"credentials": {
"title": "Credentials",
"type": "object",
"properties": {
"exploit_user_list": {
"title": "Exploit user list",
"type": "array",
"uniqueItems": True,
"items": {"type": "string"},
"default": ["Administrator", "root", "user"],
"description": "List of user names that will be used by exploiters that need "
"credentials, like "
"SSH brute-forcing.",
},
"exploit_password_list": {
"title": "Exploit password list",
"type": "array",
"uniqueItems": True,
"items": {
"type": "string",
},
"default": [
"root",
"123456",
"password",
"123456789",
"qwerty",
"111111",
"iloveyou",
],
"description": "List of passwords that will be used by exploiters that need "
"credentials, like "
"SSH brute-forcing.",
},
},
},
},
}

96
monkey/monkey_island/cc/services/config_schema/basic_network.py
View File

@ -1,96 +0,0 @@
from common.common_consts.validation_formats import IP, IP_RANGE
from monkey_island.cc.services.utils.typographic_symbols import WARNING_SIGN
BASIC_NETWORK = {
"title": "Network",
"type": "object",
"properties": {
"scope": {
"title": "Scope",
"type": "object",
"properties": {
"info_box": {
"info": 'The Monkey scans its subnet if "Local network scan" is checked. '
'Additionally, the Monkey scans machines according to "Scan '
'target list".',
},
"blocked_ips": {
"title": "Blocked IPs",
"type": "array",
"uniqueItems": True,
"items": {
"type": "string",
"format": IP,
},
"default": [],
"description": "List of IPs that the Monkey will not scan.",
},
"local_network_scan": {
"title": "Local network scan",
"type": "boolean",
"default": True,
"description": "Determines whether the Monkey will scan the local subnets of "
"machines it runs on, "
"in addition to the IPs that are configured manually in the "
'"Scan target list".',
},
"depth": {
"title": "Scan depth",
"type": "integer",
"minimum": 1,
"default": 2,
"description": "Amount of hops allowed for the Monkey to spread from the "
"Island server. \n"
+ WARNING_SIGN
+ " Note that setting this value too high may result in the "
"Monkey propagating too far, "
'if the "Local network scan" is enabled.',
},
"subnet_scan_list": {
"title": "Scan target list",
"type": "array",
"uniqueItems": True,
"items": {"type": "string", "format": IP_RANGE},
"default": [],
"description": "List of targets the Monkey will try to scan. Targets can be "
"IPs, subnets or hosts."
" Examples:\n"
'\tTarget a specific IP: "192.168.0.1"\n'
"\tTarget a subnet using a network range: "
'"192.168.0.5-192.168.0.20"\n'
'\tTarget a subnet using an IP mask: "192.168.0.5/24"\n'
'\tTarget a specific host: "printer.example"',
},
},
},
"network_analysis": {
"title": "Network Analysis",
"type": "object",
"properties": {
"inaccessible_subnets": {
"title": "Network segmentation testing",
"type": "array",
"uniqueItems": True,
"items": {"type": "string", "format": IP_RANGE},
"default": [],
"description": "Test for network segmentation by providing a list of network "
"segments "
"that should NOT be accessible to each other.\n\n"
"For example, if you configured the following three segments: "
'"10.0.0.0/24", "11.0.0.2/32", and "12.2.3.0/24", '
"a Monkey running on 10.0.0.5 will try to access machines in "
"the following subnets: "
"11.0.0.2/32, 12.2.3.0/24. An alert on successful cross-segment "
"connections "
"will be shown in the reports. \n\n"
"Network segments can be IPs, subnets or hosts. Examples:\n"
'\tDefine a single-IP segment: "192.168.0.1"\n'
"\tDefine a segment using a network range: "
'"192.168.0.5-192.168.0.20"\n'
'\tDefine a segment using an subnet IP mask: "192.168.0.5/24"\n'
'\tDefine a single-host segment: "printer.example"',
}
},
},
},
}

135
monkey/monkey_island/cc/services/config_schema/internal.py
View File

@ -1,135 +0,0 @@
INTERNAL = {
"title": "Internal",
"type": "object",
"properties": {
"general": {
"title": "General",
"type": "object",
"properties": {
"keep_tunnel_open_time": {
"title": "Keep tunnel open time",
"type": "integer",
"default": 30,
"description": "Time to keep tunnel open before going down after last exploit "
"(in seconds)",
},
},
},
"network": {
"title": "Network",
"type": "object",
"properties": {
"tcp_scanner": {
"title": "TCP scanner",
"type": "object",
"properties": {
"HTTP_PORTS": {
"title": "HTTP ports",
"type": "array",
"uniqueItems": True,
"items": {"type": "integer"},
"default": [80, 8080, 443, 8008, 7001, 9200, 8983, 9600],
"description": "List of ports the monkey will check if are being used "
"for HTTP",
},
"tcp_target_ports": {
"title": "TCP target ports",
"type": "array",
"uniqueItems": True,
"items": {"type": "integer"},
"default": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
7001,
8088,
5985,
5986,
],
"description": "List of TCP ports the monkey will check whether "
"they're open",
},
"tcp_scan_timeout": {
"title": "TCP scan timeout",
"type": "integer",
"default": 3000,
"description": "Maximum time (in milliseconds) "
"to wait for TCP response",
},
},
},
"ping_scanner": {
"title": "Ping scanner",
"type": "object",
"properties": {
"ping_scan_timeout": {
"title": "Ping scan timeout",
"type": "integer",
"default": 1000,
"description": "Maximum time (in milliseconds) to wait for ping "
"response",
}
},
},
},
},
"classes": {
"title": "Classes",
"type": "object",
"properties": {
"finger_classes": {
"title": "Fingerprint classes",
"type": "array",
"uniqueItems": True,
"items": {"$ref": "#/definitions/finger_classes"},
"default": [
"SMBFinger",
"SSHFinger",
"HTTPFinger",
"MSSQLFinger",
"ElasticFinger",
],
}
},
},
"exploits": {
"title": "Exploits",
"type": "object",
"properties": {
"exploit_lm_hash_list": {
"title": "Exploit LM hash list",
"type": "array",
"uniqueItems": True,
"items": {"type": "string"},
"default": [],
"description": "List of LM hashes to use on exploits using credentials",
"related_attack_techniques": ["T1075"],
},
"exploit_ntlm_hash_list": {
"title": "Exploit NTLM hash list",
"type": "array",
"uniqueItems": True,
"items": {"type": "string"},
"default": [],
"description": "List of NTLM hashes to use on exploits using credentials",
"related_attack_techniques": ["T1075"],
},
"exploit_ssh_keys": {
"title": "SSH key pairs list",
"type": "array",
"uniqueItems": True,
"default": [],
"items": {"type": "string"},
"description": "List of SSH key pairs to use, when trying to ssh into servers",
},
},
},
},
}

93
monkey/monkey_island/cc/services/config_schema/monkey.py
View File

@ -1,93 +0,0 @@
from common.common_consts.credential_collector_names import MIMIKATZ_COLLECTOR, SSH_COLLECTOR
MONKEY = {
"title": "Monkey",
"type": "object",
"properties": {
"post_breach": {
"title": "Post breach",
"type": "object",
"properties": {
"custom_PBA_linux_cmd": {
"title": "Linux post-breach command",
"type": "string",
"default": "",
"description": "Command to be executed after breaching. "
"Use this field to run custom commands or execute uploaded "
"files on exploited machines.\nExample: "
'"chmod +x ./my_script.sh; ./my_script.sh ; rm ./my_script.sh"',
},
"PBA_linux_file": {
"title": "Linux post-breach file",
"type": "string",
"format": "data-url",
"description": "File to be uploaded after breaching. "
"Use the 'Linux post-breach command' field to "
"change permissions, run, or delete the file. "
"Reference your file by filename.",
},
"custom_PBA_windows_cmd": {
"title": "Windows post-breach command",
"type": "string",
"default": "",
"description": "Command to be executed after breaching. "
"Use this field to run custom commands or execute uploaded "
"files on exploited machines.\nExample: "
'"my_script.bat & del my_script.bat"',
},
"PBA_windows_file": {
"title": "Windows post-breach file",
"type": "string",
"format": "data-url",
"description": "File to be uploaded after breaching. "
"Use the 'Windows post-breach command' field to "
"change permissions, run, or delete the file. "
"Reference your file by filename.",
},
"PBA_windows_filename": {
"title": "Windows PBA filename",
"type": "string",
"default": "",
},
"PBA_linux_filename": {
"title": "Linux PBA filename",
"type": "string",
"default": "",
},
"post_breach_actions": {
"title": "Post breach actions",
"type": "array",
"uniqueItems": True,
"items": {"$ref": "#/definitions/post_breach_actions"},
"default": [
"CommunicateAsBackdoorUser",
"ModifyShellStartupFiles",
"HiddenFiles",
"TrapCommand",
"ChangeSetuidSetgid",
"ScheduleJobs",
"Timestomping",
"AccountDiscovery",
"ProcessListCollection",
],
},
},
},
"credential_collectors": {
"title": "Credential collection",
"type": "object",
"properties": {
"credential_collectors": {
"title": "Credential collectors",
"type": "array",
"uniqueItems": True,
"items": {"$ref": "#/definitions/credential_collectors"},
"default": [
MIMIKATZ_COLLECTOR,
SSH_COLLECTOR,
],
},
},
},
},
}

71
monkey/monkey_island/cc/services/config_schema/ransomware.py
View File

@ -1,71 +0,0 @@
from common.common_consts.validation_formats import (
VALID_RANSOMWARE_TARGET_PATH_LINUX,
VALID_RANSOMWARE_TARGET_PATH_WINDOWS,
)
RANSOMWARE = {
"title": "Ransomware",
"type": "object",
"properties": {
"encryption": {
"title": "Simulation",
"type": "object",
"description": "To simulate ransomware encryption, you'll need to provide Infection "
"Monkey with files that it can safely encrypt. On each machine where you would like "
"the ransomware simulation to run, create a directory and put some files in it."
"\n\nProvide the path to the directory that was created on each machine.",
"properties": {
"enabled": {
"title": "Encrypt files",
"type": "boolean",
"default": True,
"description": "Ransomware encryption will be simulated by flipping every bit "
"in the files contained within the target directories.",
},
"info_box": {
"info": "No files will be encrypted if a directory is not specified or doesn't "
"exist on a victim machine.",
},
"directories": {
"title": "Directories to encrypt",
"type": "object",
"properties": {
"linux_target_dir": {
"title": "Linux target directory",
"type": "string",
"format": VALID_RANSOMWARE_TARGET_PATH_LINUX,
"default": "",
"description": "A path to a directory on Linux systems that contains "
"files that you will allow Infection Monkey to encrypt. If no "
"directory is specified, no files will be encrypted.",
},
"windows_target_dir": {
"title": "Windows target directory",
"type": "string",
"format": VALID_RANSOMWARE_TARGET_PATH_WINDOWS,
"default": "",
"description": "A path to a directory on Windows systems that contains "
"files that you will allow Infection Monkey to encrypt. If no "
"directory is specified, no files will be encrypted.",
},
},
},
"text_box": {
"text": "Note: A README.txt will be left in the specified target " "directory.",
},
},
},
"other_behaviors": {
"title": "Other behavior",
"type": "object",
"properties": {
"readme": {
"title": "Create a README.txt file",
"type": "boolean",
"default": True,
"description": "Creates a README.txt ransomware note on infected systems.",
}
},
},
},
}