forked from p34709852/monkey
Merge branch 'develop' into snyk-upgrade-a73b21ca3d3b12638dce5cc24f064d49
This commit is contained in:
commit
767a5f9200
11
README.md
11
README.md
|
@ -51,17 +51,16 @@ The Infection Monkey uses the following techniques and exploits to propagate to
|
|||
* SambaCry
|
||||
* Elastic Search (CVE-2015-1427)
|
||||
* Weblogic server
|
||||
* and more
|
||||
* and more, see our [Documentation hub](https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/) for more information about our RCE exploiters.
|
||||
|
||||
## Setup
|
||||
Check out the [Setup](https://github.com/guardicore/monkey/wiki/setup) page in the Wiki or a quick getting [started guide](https://www.guardicore.com/infectionmonkey/wt/).
|
||||
Check out the [Setup](https://www.guardicore.com/infectionmonkey/docs/setup/) page in the Wiki or a quick getting [started guide](https://www.guardicore.com/infectionmonkey/docs/usage/getting-started/).
|
||||
|
||||
The Infection Monkey supports a variety of platforms, documented [in the wiki](https://github.com/guardicore/monkey/wiki/OS-compatibility).
|
||||
The Infection Monkey supports a variety of platforms, documented [in our documentation hub](https://www.guardicore.com/infectionmonkey/docs/reference/operating_systems_support/).
|
||||
|
||||
## Building the Monkey from source
|
||||
To deploy development version of monkey you should refer to readme in the [deployment scripts](deployment_scripts) folder.
|
||||
If you only want to build the monkey from source, see [Setup](https://github.com/guardicore/monkey/wiki/Setup#compile-it-yourself)
|
||||
and follow the instructions at the readme files under [infection_monkey](monkey/infection_monkey) and [monkey_island](monkey/monkey_island).
|
||||
To deploy development version of monkey you should refer to readme in the [deployment scripts](deployment_scripts)
|
||||
folder or follow documentation in [documentation hub](https://www.guardicore.com/infectionmonkey/docs/development/setup-development-environment/).
|
||||
|
||||
### Build status
|
||||
| Branch | Status |
|
||||
|
|
|
@ -14,11 +14,11 @@ To extract the `tar.gz` file, run `tar -xvzf monkey-island-docker.tar.gz`.
|
|||
Once you’ve extracted the container from the tar.gz file, run the following commands:
|
||||
|
||||
```sh
|
||||
sudo docker load -i dk.monkeyisland.latest.tar
|
||||
sudo docker load -i dk.monkeyisland.1.9.0.tar
|
||||
sudo docker pull mongo
|
||||
sudo mkdir -p /var/monkey-mongo/data/db
|
||||
sudo docker run --name monkey-mongo --network=host -v /var/monkey-mongo/data/db:/data/db -d mongo
|
||||
sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.8.2
|
||||
sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.9.0
|
||||
```
|
||||
|
||||
## Upgrading
|
||||
|
|
|
@ -35,6 +35,24 @@ sha256sum monkey-linux-64
|
|||
|
||||
## Latest version checksums
|
||||
|
||||
| Filename | Type | Version | SHA256 hash |
|
||||
|-|-|-|-|
|
||||
monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068`
|
||||
monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8`
|
||||
monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956`
|
||||
monkey-linux-32 | Linux Agent | 1.9.0 | `4c24318026239530ed2437bfef1a01147bb1f3479696eb4eee6009326ce6b380`
|
||||
infection_monkey_deb.tgz | Debian Package | 1.9.0 | `33c23ddae283e3aafe965d264bc88464b66db3dd6874fd7e5cbcd4e931b3bb25`
|
||||
infection_monkey_debzt.tgz | Debian Package | 1.9.0 | `cc53fe9632f44248357d6bd20cf8629be9baf8688468fa6d3e186dcebf10cef6`
|
||||
Monkey Island v1.9.0_3546_windows.exe | Windows Installer | 1.9.0 | `371f6d25e8cb16ea7ebdfd367092ee65b33db2ec35b44d96705716641eaa59e8`
|
||||
Monkey Island v1.9.0_3546_windowszt.exe | Windows Installer | 1.9.0 | `662c611fb83bb8c7ef5f99c5d5ae04f5758727c688238d6a3cd4c58675581695`
|
||||
infection_monkey_docker_docker_20200806_153913.tgz | Docker | 1.9.0 | `5da11c539045a395ced5dd572d331c4f0e9315a3ee192c06279ff4fef668b96e`
|
||||
infection_monkey_docker_dockerzt_20200806_154742.tgz | Docker | 1.9.0 | `a84dbaad32ae42cc2d359ffbe062aec493a7253cf706a2d45f0d0b1c230f9348`
|
||||
monkey-island-vmware.ova | OVA | 1.9.0 | `3861d46518e8a92e49992b26dbff9fe8e8a4ac5fd24d68e68b13e7fd3fa22247`
|
||||
monkey-island-vmwarezt.ova | OVA | 1.9.0 | `03d356eb35e6515146f5bd798bb62cb15c56fcdf83a5281cf6cdc9b901586026`
|
||||
|
||||
|
||||
## Older checksums
|
||||
|
||||
| Filename | Type | Version | SHA256 hash |
|
||||
|-|-|-|-|
|
||||
monkey-windows-64.exe | Windows Agent | 1.8.2 | `2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550`
|
||||
|
@ -46,9 +64,15 @@ Monkey Island v1.8.2_3536_windows.exe | Windows Installer | 1.8.2 | `2be528685d6
|
|||
Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | `f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a`
|
||||
infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | `0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d`
|
||||
infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | `0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75`
|
||||
|
||||
## All checksums
|
||||
|
||||
### 1.8.0 and older
|
||||
|
||||
You can find all these checksums in [this page](https://www.guardicore.com/infectionmonkey/checksums.html).
|
||||
monkey-windows-64.exe | Windows Agent | 1.8.0 | `f0bc144ba4ff46094225adaf70d3e92e9aaddb13b59e4e47aa3c2b26fd7d9ad7`
|
||||
monkey-windows-32.exe | Windows Agent | 1.8.0 | `1ddb093f9088a4d4c0af289ff568bbe7a0d057e725e6447055d4fe6c5f4e2c08`
|
||||
monkey-linux-64 | Linux Agent | 1.8.0 | `d41314e5df72d5a470974522935c0b03dcb1c1e6b094d4ab700b04d5fec59ae6`
|
||||
monkey-linux-32 | Linux Agent | 1.8.0 | `217cc2b9481f6454fa0a13adf12d9b29ce4e1e6a319971c8db9b446952ce3fb2`
|
||||
infection_monkey_deb.tgz | Debian Package | 1.8.0 | `9c5254583ce786768ea55df8063152bd19e0f21a83e6f4f873c5dccc5a1c9d5e`
|
||||
infection_monkey_debzt.tgz | Debian Package | 1.8.0 | `90A0824EC98680944B15B86CF5CFA09D48EDA406300C4CAE54432DB05F486D07`
|
||||
Monkey Island v1.8.0_3513_windows.exe | Windows Installer | 1.8.0 | `ce9a9d0539c14ebe2a10cf3b36991b309abd7b62dd7fb7522a549d8987b0f0f4`
|
||||
Monkey Island v1.8.0_3514_windowszt.exe | Windows Installer | 1.8.0 | `0b535a802ac43455d702b45673859b940c1feb7702b46a6a2cbc699672b0c89d`
|
||||
infection_monkey_docker_docker_20200330_201419.tgz | Docker | 1.8.0 | `4f15a5008e43d8c5184456771dd9e8d70104b4ec79e34b53d230662604a7d190`
|
||||
infection_monkey_docker_dockerzt_20200401_174529.tgz | Docker | 1.8.0 | `d94404134d879f3d859c77454df4abd0dbca00b8cae4b1c52d3b38e847f34e4c`
|
||||
monkey-island-vmware.ova | OVA | 1.8.0 | `6BC4E85A0EA81045BD88E2D5A9F98F0DD40DE99E94D1E343D13FA418045A6915`
|
||||
monkey-island-vmwarezt.ova | OVA | 1.8.0 | `79A043D85521F94024F8B0428A7A33B4D3F5B13F9D2B83F72C73C8D0BB12ED91`
|
||||
|
|
|
@ -88,7 +88,8 @@ SCHEMA = {
|
|||
"link": "https://attack.mitre.org/techniques/T1156",
|
||||
"description": "Adversaries may abuse shell scripts by "
|
||||
"inserting arbitrary shell commands to gain persistence, which "
|
||||
"would be executed every time the user logs in or opens a new shell."
|
||||
"would be executed every time the user logs in or opens a new shell.",
|
||||
"depends_on": ["T1504"]
|
||||
},
|
||||
"T1136": {
|
||||
"title": "Create account",
|
||||
|
@ -117,7 +118,8 @@ SCHEMA = {
|
|||
"link": "https://attack.mitre.org/techniques/T1168/",
|
||||
"description": "Linux supports multiple methods for creating pre-scheduled and "
|
||||
"periodic background jobs. Job scheduling can be used by adversaries to "
|
||||
"schedule running malicious code at some specified date and time."
|
||||
"schedule running malicious code at some specified date and time.",
|
||||
"depends_on": ["T1053"]
|
||||
},
|
||||
"T1504": {
|
||||
"title": "PowerShell profile",
|
||||
|
@ -127,7 +129,8 @@ SCHEMA = {
|
|||
"link": "https://attack.mitre.org/techniques/T1504",
|
||||
"description": "Adversaries may gain persistence and elevate privileges "
|
||||
"in certain situations by abusing PowerShell profiles which "
|
||||
"are scripts that run when PowerShell starts."
|
||||
"are scripts that run when PowerShell starts.",
|
||||
"depends_on": ["T1156"]
|
||||
},
|
||||
"T1053": {
|
||||
"title": "Scheduled task",
|
||||
|
@ -137,7 +140,8 @@ SCHEMA = {
|
|||
"link": "https://attack.mitre.org/techniques/T1053",
|
||||
"description": "Windows utilities can be used to schedule programs or scripts to "
|
||||
"be executed at a date and time. An adversary may use task scheduling to "
|
||||
"execute programs at system startup or on a scheduled basis for persistence."
|
||||
"execute programs at system startup or on a scheduled basis for persistence.",
|
||||
"depends_on": ["T1168"]
|
||||
},
|
||||
"T1166": {
|
||||
"title": "Setuid and Setgid",
|
||||
|
|
|
@ -1310,9 +1310,9 @@
|
|||
}
|
||||
},
|
||||
"@sindresorhus/is": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.0.0.tgz",
|
||||
"integrity": "sha512-kqA5I6Yun7PBHk8WN9BBP1c7FfN2SrD05GuVSEYPqDb4nerv7HqYfgBfMIKmT/EuejURkJKLZuLyGKGs6WEG9w=="
|
||||
"version": "3.1.0",
|
||||
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.0.tgz",
|
||||
"integrity": "sha512-n4J+zu52VdY43kdi/XdI9DzuMr1Mur8zFL5ZRG2opCans9aiFwkPxHYFEb5Xgy7n1Z4K6WfI4FpqUqsh3E8BPQ=="
|
||||
},
|
||||
"@snyk/cli-interface": {
|
||||
"version": "2.8.0",
|
||||
|
@ -3726,9 +3726,9 @@
|
|||
"integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw=="
|
||||
},
|
||||
"clipanion": {
|
||||
"version": "2.4.2",
|
||||
"resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.2.tgz",
|
||||
"integrity": "sha512-kBCYtQKI4/R/zjierdwoDAsNUSvoh4pX2tseYxgLYQcKIpdPsHZrFWiQOfbe2Scd/btsqJEc4q6g55q0p5DZAw=="
|
||||
"version": "2.4.4",
|
||||
"resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.4.tgz",
|
||||
"integrity": "sha512-KjyCBz8xplftHjIK/nOqq/9b3hPlXbAAo/AxoITrO4yySpQ6a9QSJDAfOx9PfcRUHteeqbdNxZKSPfeFqQ7plg=="
|
||||
},
|
||||
"cliui": {
|
||||
"version": "5.0.0",
|
||||
|
@ -6550,9 +6550,9 @@
|
|||
}
|
||||
},
|
||||
"got": {
|
||||
"version": "11.5.0",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-11.5.0.tgz",
|
||||
"integrity": "sha512-vOZEcEaK0b6x11uniY0HcblZObKPRO75Jvz53VKuqGSaKCM/zEt0sj2LGYVdqDYJzO3wYdG+FPQQ1hsgoXy7vQ==",
|
||||
"version": "11.5.1",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-11.5.1.tgz",
|
||||
"integrity": "sha512-reQEZcEBMTGnujmQ+Wm97mJs/OK6INtO6HmLI+xt3+9CvnRwWjXutUvb2mqr+Ao4Lu05Rx6+udx9sOQAmExMxA==",
|
||||
"requires": {
|
||||
"@sindresorhus/is": "^3.0.0",
|
||||
"@szmarczak/http-timer": "^4.0.5",
|
||||
|
@ -6561,7 +6561,7 @@
|
|||
"cacheable-lookup": "^5.0.3",
|
||||
"cacheable-request": "^7.0.1",
|
||||
"decompress-response": "^6.0.0",
|
||||
"http2-wrapper": "^1.0.0-beta.4.8",
|
||||
"http2-wrapper": "^1.0.0-beta.5.0",
|
||||
"lowercase-keys": "^2.0.0",
|
||||
"p-cancelable": "^2.0.0",
|
||||
"responselike": "^2.0.0"
|
||||
|
@ -7497,9 +7497,9 @@
|
|||
}
|
||||
},
|
||||
"is-docker": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz",
|
||||
"integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ=="
|
||||
"version": "2.1.1",
|
||||
"resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.1.1.tgz",
|
||||
"integrity": "sha512-ZOoqiXfEwtGknTiuDEy8pN2CfE3TxMHprvNer1mXiqwkOT77Rw3YVrUQ52EqAOU3QAWDQ+bQdx7HJzrv7LS2Hw=="
|
||||
},
|
||||
"is-extendable": {
|
||||
"version": "0.1.1",
|
||||
|
@ -8170,9 +8170,9 @@
|
|||
}
|
||||
},
|
||||
"macos-release": {
|
||||
"version": "2.4.0",
|
||||
"resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.4.0.tgz",
|
||||
"integrity": "sha512-ko6deozZYiAkqa/0gmcsz+p4jSy3gY7/ZsCEokPaYd8k+6/aXGkiTgr61+Owup7Sf+xjqW8u2ElhoM9SEcEfuA=="
|
||||
"version": "2.4.1",
|
||||
"resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.4.1.tgz",
|
||||
"integrity": "sha512-H/QHeBIN1fIGJX517pvK8IEK53yQOW7YcEI55oYtgjDdoCQQz7eJS94qt5kNrscReEyuD/JcdFCm2XBEcGOITg=="
|
||||
},
|
||||
"make-dir": {
|
||||
"version": "2.1.0",
|
||||
|
@ -12302,9 +12302,9 @@
|
|||
}
|
||||
},
|
||||
"open": {
|
||||
"version": "7.0.4",
|
||||
"resolved": "https://registry.npmjs.org/open/-/open-7.0.4.tgz",
|
||||
"integrity": "sha512-brSA+/yq+b08Hsr4c8fsEW2CRzk1BmfN3SAK/5VCHQ9bdoZJ4qa/+AfR0xHjlbbZUyPkUHs1b8x1RqdyZdkVqQ==",
|
||||
"version": "7.1.0",
|
||||
"resolved": "https://registry.npmjs.org/open/-/open-7.1.0.tgz",
|
||||
"integrity": "sha512-lLPI5KgOwEYCDKXf4np7y1PBEkj7HYIyP2DY8mVDRnx0VIIu6bNrRB0R66TuO7Mack6EnTNLm4uvcl1UoklTpA==",
|
||||
"requires": {
|
||||
"is-docker": "^2.0.0",
|
||||
"is-wsl": "^2.1.1"
|
||||
|
@ -14844,9 +14844,9 @@
|
|||
}
|
||||
},
|
||||
"snyk": {
|
||||
"version": "1.361.3",
|
||||
"resolved": "https://registry.npmjs.org/snyk/-/snyk-1.361.3.tgz",
|
||||
"integrity": "sha512-93SxV9WD+pN/9bGRizfoiYwfKHy5mDyTCdOYtWcVbTFMi7Gf+I4Q5YprunHBTeJLLh0+qsD6l77QBo9GiYyiaA==",
|
||||
"version": "1.362.0",
|
||||
"resolved": "https://registry.npmjs.org/snyk/-/snyk-1.362.0.tgz",
|
||||
"integrity": "sha512-NT6OH1aPjDv9MvXriB0GVok7hmmWmo/TrTrUOKQsmKJi6ILqEAmDFk2EhaSHP2Niz5lrrFkSetYUmHAlWela6w==",
|
||||
"requires": {
|
||||
"@snyk/cli-interface": "2.8.0",
|
||||
"@snyk/dep-graph": "1.18.3",
|
||||
|
|
|
@ -105,7 +105,7 @@
|
|||
"react-tooltip-lite": "^1.12.0",
|
||||
"redux": "^4.0.4",
|
||||
"sha3": "^2.1.3",
|
||||
"snyk": "^1.361.3"
|
||||
"snyk": "^1.362.0"
|
||||
},
|
||||
"snyk": true
|
||||
}
|
||||
|
|
|
@ -23,7 +23,7 @@ function aggregateShellStartupPba(results) {
|
|||
failedOutputs += results[i].result[0];
|
||||
}
|
||||
}
|
||||
if(aggregatedPbaResult === undefined) return;
|
||||
if(aggregatedPbaResult === undefined) return results;
|
||||
|
||||
results = results.filter(result => result.name !== SHELL_STARTUP_NAME);
|
||||
aggregatedPbaResult.result[0] = successfulOutputs + failedOutputs;
|
||||
|
|
Loading…
Reference in New Issue