p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #262 from guardicore/bugfix/require-tr-only-linux 

Bugfix/require tr only linux
This commit is contained in:
Daniel Goldberg 2019-02-11 19:18:23 +02:00 committed by GitHub
parent e7d9bb59db 1528966f6b
commit 64ed770d2d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 45 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/monkey.spec
View File

@ -69,7 +69,6 @@ def process_datas(orig_datas):
def get_binaries(): def get_binaries():
binaries = get_windows_only_binaries() if is_windows() else get_linux_only_binaries() binaries = get_windows_only_binaries() if is_windows() else get_linux_only_binaries()
binaries += get_sc_binaries() binaries += get_sc_binaries()
binaries += get_traceroute_binaries()
return binaries return binaries
@ -81,6 +80,7 @@ def get_windows_only_binaries():
def get_linux_only_binaries(): def get_linux_only_binaries():
binaries = [] binaries = []
binaries += get_traceroute_binaries()
return binaries return binaries

52
monkey/infection_monkey/readme.txt
View File

@ -5,6 +5,7 @@ The monkey is composed of three separate parts.
* The Infection Monkey itself - PyInstaller compressed python archives * The Infection Monkey itself - PyInstaller compressed python archives
* Sambacry binaries - Two linux binaries, 32/64 bit. * Sambacry binaries - Two linux binaries, 32/64 bit.
* Mimikatz binaries - Two windows binaries, 32/64 bit. * Mimikatz binaries - Two windows binaries, 32/64 bit.
* Traceroute binaries - Two linux binaries, 32/64bit.
--- Windows --- --- Windows ---
@ -51,8 +52,11 @@ Tested on Ubuntu 16.04 and 17.04.
pip install -r requirements.txt pip install -r requirements.txt
2. Build Sambacry binaries 2. Build Sambacry binaries
a. Build/Download according to sections at the end of this readme. a. Build/Download according to sections at the end of this readme.
b. Place the binaries under [code location]\infection_monkey\bin b. Place the binaries under [code location]\infection_monkey\bin, under the names 'sc_monkey_runner32.so', 'sc_monkey_runner64.so'
3. To build, run in terminal: 3. Build Traceroute binaries
a. Build/Download according to sections at the end of this readme.
b. Place the binaries under [code location]\infection_monkey\bin, under the names 'traceroute32', 'traceroute64'
4. To build, run in terminal:
cd [code location]/infection_monkey cd [code location]/infection_monkey
chmod +x build_linux.sh chmod +x build_linux.sh
./build_linux.sh ./build_linux.sh
@ -61,19 +65,45 @@ Tested on Ubuntu 16.04 and 17.04.
-- Sambacry -- -- Sambacry --
Sambacry requires two standalone binaries to execute remotely. Sambacry requires two standalone binaries to execute remotely.
1. Install gcc-multilib if it's not installed a. Build sambacry binaries yourself
a.1. Install gcc-multilib if it's not installed
sudo apt-get install gcc-multilib sudo apt-get install gcc-multilib
2. Build the binaries a.2. Build the binaries
cd [code location]/infection_monkey/monkey_utils/sambacry_monkey_runner cd [code location]/infection_monkey/monkey_utils/sambacry_monkey_runner
./build.sh ./build.sh
b. Download our pre-built sambacry binaries
b.1. Available here:
32bit: https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner32.so
64bit: https://github.com/guardicore/monkey/releases/download/1.6/sc_monkey_runner64.so
-- Mimikatz -- -- Mimikatz --
Mimikatz is required for the Monkey to be able to steal credentials on Windows. It's possible to either compile from sources (requires Visual Studio 2013 and up) or download the binaries from Mimikatz is required for the Monkey to be able to steal credentials on Windows. It's possible to either compile from sources (requires Visual Studio 2013 and up) or download the binaries from
https://github.com/guardicore/mimikatz/releases/tag/1.0.0 You can either build them yourself or download pre-built binaries.
Download both 32 and 64 bit zipped DLLs and place them under [code location]\infection_monkey\bin a. Build Mimikatz yourself
Alternatively, if you build Mimikatz, put each version in a zip file. a.0. Building mimikatz requires Visual Studio 2013 and up
1. The zip should contain only the Mimikatz DLL named tmpzipfile123456.dll a.1. Clone our version of mimikatz from https://github.com/guardicore/mimikatz/tree/1.1.0
2. It should be protected using the password 'VTQpsJPXgZuXhX6x3V84G'. a.2. Build using Visual Studio.
3. The zip file should be named mk32.zip/mk64.zip accordingly. a.3. Put each version in a zip file
4. Zipping with 7zip has been tested. Other zipping software may not work. a.3.1. The zip should contain only the Mimikatz DLL named tmpzipfile123456.dll
a.3.2. It should be protected using the password 'VTQpsJPXgZuXhX6x3V84G'.
a.3.3. The zip file should be named mk32.zip/mk64.zip accordingly.
a.3.4. Zipping with 7zip has been tested. Other zipping software may not work.
b. Download our pre-built traceroute binaries
b.1. Download both 32 and 64 bit zipped DLLs from https://github.com/guardicore/mimikatz/releases/tag/1.1.0
b.2. Place them under [code location]\infection_monkey\bin
-- Traceroute --
Traceroute requires two standalone binaries to execute remotely.
The monkey carries the standalone binaries since traceroute isn't built in all Linux distributions.
You can either build them yourself or download pre-built binaries.
a. Build traceroute yourself
a.1. The sources of traceroute are available here with building instructions: http://traceroute.sourceforge.net
b. Download our pre-built traceroute binaries
b.1. Available here:
32bit: https://github.com/guardicore/monkey/releases/download/1.6/traceroute32
64bit: https://github.com/guardicore/monkey/releases/download/1.6/traceroute64