forked from p34709852/monkey
Swimm: update exercise Add a new System Info Collector (id: OwcKMnALpn7tuBaJY1US).
This commit is contained in:
Mike Salvatore
parent
2881b11be3
commit
874a88ced0
|
|
@ -58,38 +58,36 @@
|
||||||
"type": "snippet",
|
"type": "snippet",
|
||||||
"path": "monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py",
|
"path": "monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py",
|
||||||
"comments": [],
|
"comments": [],
|
||||||
"firstLineNumber": 1,
|
"firstLineNumber": 4,
|
||||||
"lines": [
|
"lines": [
|
||||||
" from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, AZURE_CRED_COLLECTOR,\r",
|
" ENVIRONMENT_COLLECTOR,",
|
||||||
"* ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,\r",
|
"* HOSTNAME_COLLECTOR,",
|
||||||
" MIMIKATZ_COLLECTOR, PROCESS_LIST_COLLECTOR)\r",
|
" MIMIKATZ_COLLECTOR,",
|
||||||
" \r",
|
" PROCESS_LIST_COLLECTOR,",
|
||||||
" SYSTEM_INFO_COLLECTOR_CLASSES = {\r"
|
" )"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "snippet",
|
"type": "snippet",
|
||||||
"path": "monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py",
|
"path": "monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py",
|
||||||
"comments": [],
|
"comments": [],
|
||||||
"firstLineNumber": 37,
|
"firstLineNumber": 36,
|
||||||
"lines": [
|
"lines": [
|
||||||
" \"info\": \"If on AWS, collects more information about the AWS instance currently running on.\",",
|
" \"info\": \"If on AWS, collects more information about the AWS instance currently running on.\",",
|
||||||
" \"attack_techniques\": [\"T1082\"]",
|
" \"attack_techniques\": [\"T1082\"],",
|
||||||
" },",
|
" },",
|
||||||
"* {",
|
"* {",
|
||||||
"+ # SWIMMER: Collector config goes here. Tip: Hostname collection relates to the T1082 and T1016 techniques.",
|
"+ # SWIMMER: Collector config goes here. Tip: Hostname collection relates to the T1082 and T1016 techniques.",
|
||||||
"* \"type\": \"string\",",
|
"* \"type\": \"string\",",
|
||||||
"* \"enum\": [",
|
"* \"enum\": [HOSTNAME_COLLECTOR],",
|
||||||
"* HOSTNAME_COLLECTOR",
|
|
||||||
"* ],",
|
|
||||||
"* \"title\": \"Hostname collector\",",
|
"* \"title\": \"Hostname collector\",",
|
||||||
"* \"safe\": True,",
|
"* \"safe\": True,",
|
||||||
"* \"info\": \"Collects machine's hostname.\",",
|
"* \"info\": \"Collects machine's hostname.\",",
|
||||||
"* \"attack_techniques\": [\"T1082\", \"T1016\"]",
|
"* \"attack_techniques\": [\"T1082\", \"T1016\"],",
|
||||||
"* },",
|
"* },",
|
||||||
" {",
|
" {",
|
||||||
" \"type\": \"string\",",
|
" \"type\": \"string\",",
|
||||||
" \"enum\": ["
|
" \"enum\": [PROCESS_LIST_COLLECTOR],"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
@ -98,20 +96,20 @@
|
||||||
"comments": [],
|
"comments": [],
|
||||||
"firstLineNumber": 1,
|
"firstLineNumber": 1,
|
||||||
"lines": [
|
"lines": [
|
||||||
" from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, AZURE_CRED_COLLECTOR,",
|
" from common.common_consts.system_info_collectors_names import (",
|
||||||
" ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,",
|
" AWS_COLLECTOR,",
|
||||||
" MIMIKATZ_COLLECTOR, PROCESS_LIST_COLLECTOR)",
|
" AZURE_CRED_COLLECTOR,",
|
||||||
"* HOSTNAME_COLLECTOR,",
|
"* HOSTNAME_COLLECTOR,",
|
||||||
" MONKEY = {",
|
" HOSTNAME_COLLECTOR,",
|
||||||
" \"title\": \"Monkey\",",
|
" MIMIKATZ_COLLECTOR,",
|
||||||
" \"type\": \"object\","
|
" PROCESS_LIST_COLLECTOR,"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "snippet",
|
"type": "snippet",
|
||||||
"path": "monkey/monkey_island/cc/services/config_schema/monkey.py",
|
"path": "monkey/monkey_island/cc/services/config_schema/monkey.py",
|
||||||
"comments": [],
|
"comments": [],
|
||||||
"firstLineNumber": 85,
|
"firstLineNumber": 92,
|
||||||
"lines": [
|
"lines": [
|
||||||
" \"default\": [",
|
" \"default\": [",
|
||||||
" ENVIRONMENT_COLLECTOR,",
|
" ENVIRONMENT_COLLECTOR,",
|
||||||
|
|
@ -119,7 +117,7 @@
|
||||||
"* HOSTNAME_COLLECTOR,",
|
"* HOSTNAME_COLLECTOR,",
|
||||||
" PROCESS_LIST_COLLECTOR,",
|
" PROCESS_LIST_COLLECTOR,",
|
||||||
" MIMIKATZ_COLLECTOR,",
|
" MIMIKATZ_COLLECTOR,",
|
||||||
" AZURE_CRED_COLLECTOR"
|
" AZURE_CRED_COLLECTOR,"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
@ -148,26 +146,26 @@
|
||||||
"comments": [],
|
"comments": [],
|
||||||
"firstLineNumber": 1,
|
"firstLineNumber": 1,
|
||||||
"lines": [
|
"lines": [
|
||||||
" import logging\r",
|
" import logging",
|
||||||
" import typing\r",
|
" import typing",
|
||||||
" \r",
|
" ",
|
||||||
"*from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,\r",
|
"*from common.common_consts.system_info_collectors_names import (",
|
||||||
" PROCESS_LIST_COLLECTOR)\r",
|
" AWS_COLLECTOR,",
|
||||||
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry\r",
|
" ENVIRONMENT_COLLECTOR,",
|
||||||
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import \\\r"
|
" HOSTNAME_COLLECTOR,"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "snippet",
|
"type": "snippet",
|
||||||
"path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
|
"path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
|
||||||
"comments": [],
|
"comments": [],
|
||||||
"firstLineNumber": 14,
|
"firstLineNumber": 25,
|
||||||
"lines": [
|
"lines": [
|
||||||
" SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {",
|
" SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {",
|
||||||
" AWS_COLLECTOR: [process_aws_telemetry],",
|
" AWS_COLLECTOR: [process_aws_telemetry],",
|
||||||
" ENVIRONMENT_COLLECTOR: [process_environment_telemetry],",
|
" ENVIRONMENT_COLLECTOR: [process_environment_telemetry],",
|
||||||
"* HOSTNAME_COLLECTOR: [process_hostname_telemetry],",
|
"* HOSTNAME_COLLECTOR: [process_hostname_telemetry],",
|
||||||
" PROCESS_LIST_COLLECTOR: [check_antivirus_existence]",
|
" PROCESS_LIST_COLLECTOR: [check_antivirus_existence],",
|
||||||
" }",
|
" }",
|
||||||
" "
|
" "
|
||||||
]
|
]
|
||||||
|
|
@ -175,15 +173,18 @@
|
||||||
{
|
{
|
||||||
"type": "snippet",
|
"type": "snippet",
|
||||||
"lines": [
|
"lines": [
|
||||||
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry\r",
|
" )",
|
||||||
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import \\\r",
|
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import (",
|
||||||
" process_environment_telemetry\r",
|
" process_environment_telemetry,",
|
||||||
"*from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry\r",
|
"*)",
|
||||||
" from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import check_antivirus_existence\r",
|
"*from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (",
|
||||||
" \r",
|
"* process_hostname_telemetry,",
|
||||||
" logger = logging.getLogger(__name__)\r"
|
"*)",
|
||||||
|
" from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import (",
|
||||||
|
" check_antivirus_existence,",
|
||||||
|
" )"
|
||||||
],
|
],
|
||||||
"firstLineNumber": 6,
|
"firstLineNumber": 12,
|
||||||
"path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
|
"path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
|
||||||
"comments": []
|
"comments": []
|
||||||
},
|
},
|
||||||
|
|
@ -192,9 +193,17 @@
|
||||||
"text": "System info collectors are useful to get more data for various things, such as ZT tests or MITRE techniques. Take a look at some other techniques!"
|
"text": "System info collectors are useful to get more data for various things, such as ZT tests or MITRE techniques. Take a look at some other techniques!"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"file_version": "2.0.0",
|
"symbols": {},
|
||||||
|
"file_version": "2.0.1",
|
||||||
"meta": {
|
"meta": {
|
||||||
"app_version": "0.3.7-0",
|
"app_version": "0.4.1-1",
|
||||||
"file_blobs": {}
|
"file_blobs": {
|
||||||
|
"monkey/common/common_consts/system_info_collectors_names.py": "c93cb2537ca94c9e46980d0cd06cc86a0ab34e29",
|
||||||
|
"monkey/infection_monkey/system_info/collectors/hostname_collector.py": "0aeecd9fb7bde83cccd4501ec03e0da199ec5fc3",
|
||||||
|
"monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py": "487166ec6f6d0559abd07e04d72fe55f230fc518",
|
||||||
|
"monkey/monkey_island/cc/services/config_schema/monkey.py": "0d69c5aa4fee48943f7847048942d257d27c2472",
|
||||||
|
"monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/hostname.py": "e2de4519cbd71bba70e81cf3ff61817437d95a21",
|
||||||
|
"monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py": "894bdce75f0ae2b892bd5b3c6c70949be52b36e7"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue