Add option for post breach actions to configuration

2018-12-31 18:26:46 +02:00 · 2018-12-31 18:26:46 +02:00 · 382b95c75d
parent 077d536526
commit 382b95c75d
3 changed files with 34 additions and 2 deletions
--- a/monkey/infection_monkey/config.py
+++ b/monkey/infection_monkey/config.py
@ -20,6 +20,7 @@ class Configuration(object):
        # now we won't work at <2.7 for sure
        network_import = importlib.import_module('infection_monkey.network')
        exploit_import = importlib.import_module('infection_monkey.exploit')
+        post_breach_import = importlib.import_module('infection_monkey.post_breach')

        unknown_items = []
        for key, value in formatted_data.items():
@ -39,6 +40,9 @@ class Configuration(object):
            elif key == 'exploiter_classes':
                class_objects = [getattr(exploit_import, val) for val in value]
                setattr(self, key, class_objects)
+            elif key == 'post_breach_actions':
+                class_objects = [getattr(post_breach_import, val) for val in value]
+                setattr(self, key, class_objects)
            else:
                if hasattr(self, key):
                    setattr(self, key, value)
@ -266,5 +270,7 @@ class Configuration(object):

    extract_azure_creds = True

+    post_breach_actions = []
+

 WormConfiguration = Configuration()
--- a/monkey/infection_monkey/example.conf
+++ b/monkey/infection_monkey/example.conf
@ -97,5 +97,6 @@
    "timeout_between_iterations": 10,
    "use_file_logging": true,
    "victims_max_exploit": 7,
-    "victims_max_find": 30
+    "victims_max_find": 30,
+    "post_breach_actions" : []
 }
--- a/monkey/monkey_island/cc/services/config_schema.py
+++ b/monkey/monkey_island/cc/services/config_schema.py
@ -88,6 +88,19 @@ SCHEMA = {
                }
            ]
        },
+        "post_breach_acts": {
+            "title": "Post breach actions",
+            "type": "string",
+            "anyOf": [
+                {
+                    "type": "string",
+                    "enum": [
+                        "BackdoorUser"
+                    ],
+                    "title": "Back door user",
+                },
+            ],
+        },
        "finger_classes": {
            "title": "Fingerprint class",
            "type": "string",
@ -276,7 +289,19 @@ SCHEMA = {
                            "type": "boolean",
                            "default": True,
                            "description": "Is the monkey alive"
-                        }
+                        },
+                        "post_breach_actions": {
+                            "title": "Post breach actions",
+                            "type": "array",
+                            "uniqueItems": True,
+                            "items": {
+                                "$ref": "#/definitions/post_breach_acts"
+                            },
+                            "default": [
+                                "BackdoorUser",
+                            ],
+                            "description": "List of actions the Monkey will run post breach"
+                        },
                    }
                },
                "behaviour": {