forked from p34709852/monkey
Agent: Add realistic puppet exploit telemetry info and attempts
Fix logging consistency in mock master.
This commit is contained in:
Ilija Lazoroski
parent
137afa6473
commit
44d3ad8586
|
|
@ -33,7 +33,7 @@ class MockMaster(IMaster):
|
|||
self._run_payload()
|
||||
|
||||
def _run_sys_info_collectors(self):
|
||||
logging.info("Running system info collectors")
|
||||
logger.info("Running system info collectors")
|
||||
system_info_telemetry = {}
|
||||
system_info_telemetry["ProcessListCollector"] = self._puppet.run_sys_info_collector(
|
||||
"ProcessListCollector"
|
||||
|
|
@ -43,10 +43,10 @@ class MockMaster(IMaster):
|
|||
)
|
||||
system_info = self._puppet.run_sys_info_collector("LinuxInfoCollector")
|
||||
self._telemetry_messenger.send_telemetry(SystemInfoTelem(system_info))
|
||||
logging.info("Finished running system info collectors")
|
||||
logger.info("Finished running system info collectors")
|
||||
|
||||
def _run_pbas(self):
|
||||
logging.info("Running post breach actions")
|
||||
logger.info("Running post breach actions")
|
||||
name = "AccountDiscovery"
|
||||
command, result = self._puppet.run_pba(name, {})
|
||||
self._telemetry_messenger.send_telemetry(PostBreachTelem(name, command, result))
|
||||
|
|
@ -54,10 +54,10 @@ class MockMaster(IMaster):
|
|||
name = "CommunicateAsBackdoorUser"
|
||||
command, result = self._puppet.run_pba(name, {})
|
||||
self._telemetry_messenger.send_telemetry(PostBreachTelem(name, command, result))
|
||||
logging.info("Finished running post breach actions")
|
||||
logger.info("Finished running post breach actions")
|
||||
|
||||
def _scan_victims(self):
|
||||
logging.info("Scanning network for potential victims")
|
||||
logger.info("Scanning network for potential victims")
|
||||
ips = ["10.0.0.1", "10.0.0.2", "10.0.0.3"]
|
||||
ports = [22, 445, 3389, 8008]
|
||||
for ip in ips:
|
||||
|
|
@ -78,10 +78,10 @@ class MockMaster(IMaster):
|
|||
h.services[port_scan_data.service]["banner"] = port_scan_data.banner
|
||||
|
||||
self._telemetry_messenger.send_telemetry(ScanTelem(h))
|
||||
logging.info("Finished scanning network for potential victims")
|
||||
logger.info("Finished scanning network for potential victims")
|
||||
|
||||
def _fingerprint(self):
|
||||
logging.info("Running fingerprinters on potential victims")
|
||||
logger.info("Running fingerprinters on potential victims")
|
||||
machine_1 = self._hosts["10.0.0.1"]
|
||||
machine_3 = self._hosts["10.0.0.3"]
|
||||
|
||||
|
|
@ -93,29 +93,31 @@ class MockMaster(IMaster):
|
|||
|
||||
self._puppet.fingerprint("HTTPFinger", machine_3)
|
||||
self._telemetry_messenger.send_telemetry(ScanTelem(machine_3))
|
||||
logging.info("Finished running fingerprinters on potential victims")
|
||||
logger.info("Finished running fingerprinters on potential victims")
|
||||
|
||||
def _exploit(self):
|
||||
logging.info("Exploiting victims")
|
||||
logger.info("Exploiting victims")
|
||||
result, info, attempts = self._puppet.exploit_host(
|
||||
"PowerShellExploiter", "10.0.0.1", {}, None
|
||||
)
|
||||
logger.info(f"Attempts for exploiting {attempts}")
|
||||
self._telemetry_messenger.send_telemetry(
|
||||
ExploitTelem("PowerShellExploiter", self._hosts["10.0.0.1"], result, info, attempts)
|
||||
)
|
||||
|
||||
result, info, attempts = self._puppet.exploit_host("SSHExploiter", "10.0.0.3", {}, None)
|
||||
logger.info(f"Attempts for exploiting {attempts}")
|
||||
self._telemetry_messenger.send_telemetry(
|
||||
ExploitTelem("SSHExploiter", self._hosts["10.0.0.3"], result, info, attempts)
|
||||
)
|
||||
logging.info("Finished exploiting victims")
|
||||
logger.info("Finished exploiting victims")
|
||||
|
||||
def _run_payload(self):
|
||||
logging.info("Running payloads")
|
||||
logger.info("Running payloads")
|
||||
# TODO: modify what FileEncryptionTelem gets
|
||||
path, success, error = self._puppet.run_payload("RansomwarePayload", {}, None)
|
||||
self._telemetry_messenger.send_telemetry(FileEncryptionTelem(path, success, error))
|
||||
logging.info("Finished running payloads")
|
||||
logger.info("Finished running payloads")
|
||||
|
||||
def terminate(self) -> None:
|
||||
logger.info("Terminating MockMaster")
|
||||
|
|
|
|||
|
|
@ -220,17 +220,48 @@ class MockPuppet(IPuppet):
|
|||
self, name: str, host: str, options: Dict, interrupt: threading.Event
|
||||
) -> ExploiterResultData:
|
||||
logger.debug(f"exploit_hosts({name}, {host}, {options})")
|
||||
attempts = [
|
||||
{
|
||||
"result": False,
|
||||
"user": "Administrator",
|
||||
"password": "",
|
||||
"lm_hash": "",
|
||||
"ntlm_hash": "",
|
||||
"ssh_key": host,
|
||||
},
|
||||
{
|
||||
"result": False,
|
||||
"user": "root",
|
||||
"password": "",
|
||||
"lm_hash": "",
|
||||
"ntlm_hash": "",
|
||||
"ssh_key": host,
|
||||
},
|
||||
]
|
||||
info_powershell = {
|
||||
"display_name": "PowerShell",
|
||||
"started": "2021-11-25T15:57:06.307696",
|
||||
"finished": "2021-11-25T15:58:33.788238",
|
||||
"vulnerable_urls": [],
|
||||
"vulnerable_ports": [],
|
||||
"executed_cmds": [
|
||||
{
|
||||
"cmd": "/tmp/monkey m0nk3y -s 10.10.10.10:5000 -d 1 >git s /dev/null 2>&1 &",
|
||||
"powershell": True,
|
||||
}
|
||||
],
|
||||
}
|
||||
info_ssh = {
|
||||
"display_name": "SSH",
|
||||
"started": "2021-11-25T15:57:06.307696",
|
||||
"finished": "2021-11-25T15:58:33.788238",
|
||||
"vulnerable_urls": [],
|
||||
"vulnerable_ports": [22],
|
||||
"executed_cmds": [],
|
||||
}
|
||||
successful_exploiters = {
|
||||
DOT_1: {
|
||||
"PowerShellExploiter": ExploiterResultData(
|
||||
True, {"info": "important success stuff"}, ["attempt 1"]
|
||||
)
|
||||
},
|
||||
DOT_3: {
|
||||
"SSHExploiter": ExploiterResultData(
|
||||
False, {"info": "important failure stuff"}, ["attempt 2"]
|
||||
)
|
||||
},
|
||||
DOT_1: {"PowerShellExploiter": ExploiterResultData(True, info_powershell, attempts)},
|
||||
DOT_3: {"SSHExploiter": ExploiterResultData(False, info_ssh, attempts)},
|
||||
}
|
||||
|
||||
return successful_exploiters[host][name]
|
||||
|
|
|
|||
Loading…
Reference in New Issue