p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1654 from guardicore/1597-remove-unneeded-options 

1597 remove unneeded options
This commit is contained in:
Mike Salvatore 2021-12-14 10:15:33 -05:00 committed by GitHub
parent 6cd481637d 0bf7067cea
commit 966bef25d8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 6 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
.swm/AzD8XysWg1BBXCjCDkfq.swm
View File

@ -1,67 +0,0 @@
{
"id": "AzD8XysWg1BBXCjCDkfq",
"name": "Add a new configuration setting to the Agent ⚙",
"task": {
"dod": "Make the max victim number that Monkey will find before stopping configurable by the user instead of constant.",
"tests": [],
"hints": [
"Look for `victims_max_exploit` - it's rather similar."
]
},
"content": [
{
"type": "text",
"text": "# Make something configurable\n\nIn this unit, you will learn how to add a configuration option to Monkey and how to use it in the Monkey Agent code. \n\n![computer fire](https://media.giphy.com/media/7J4P7cUur2DlErijp3/giphy.gif \"computer fire\")\n\n## Why is this important?\n\nEnabling users to configure the Monkey's behaviour gives them a lot more freedom in how they want to use the Monkey and enables more use cases.\n\n## What is \"Max victims to find\"?\n\nThe Monkey has a function which finds \"victim\" machines on the network for the Monkey to try and exploit. It's called `get_victim_machines`. This function accepts an argument which limits how many machines the Monkey should find.\n\nWe want to make that value editable by the user instead of constant in the code.\n\n## Manual testing\n\n1. After you've performed the required changes, reload the Server and check your value exists in the Internal tab of the config (see image).\n\n![](https://i.imgur.com/e0XAxuV.png)\n\n2. Set the new value to 1, and run Monkey locally (from source). See that the Monkey only scans one machine."
},
{
"type": "snippet",
"path": "monkey/infection_monkey/config.py",
"comments": [],
"firstLineNumber": 103,
"lines": [
" exploiter_classes = []",
" system_info_collector_classes = []",
" ",
"* # how many victims to look for in a single scan iteration",
"* victims_max_find = 100",
" ",
" # how many victims to exploit before stopping",
" victims_max_exploit = 100"
]
},
{
"type": "snippet",
"path": "monkey/monkey_island/cc/services/config_schema/internal.py",
"comments": [],
"firstLineNumber": 28,
"lines": [
" \"title\": \"Monkey\",",
" \"type\": \"object\",",
" \"properties\": {",
"* \"victims_max_find\": {",
"* \"title\": \"Max victims to find\",",
"* \"type\": \"integer\",",
"* \"default\": 100,",
"* \"description\": \"Determines the maximum number of machines the monkey is \"",
"* \"allowed to scan\",",
"* },",
" \"victims_max_exploit\": {",
" \"title\": \"Max victims to exploit\",",
" \"type\": \"integer\","
]
},
{
"type": "text",
"text": "* When changing config schema by adding or deleting keys, you need to update the Blackbox Test configurations as well [here](https://github.com/guardicore/monkey/tree/develop/envs/monkey_zoo/blackbox/config_templates)."
}
],
"symbols": {},
"file_version": "2.0.3",
"meta": {
"app_version": "0.6.6-2",
"file_blobs": {
"monkey/infection_monkey/config.py": "8f4984ba6563564343282765ab498efca5d89ba8",
"monkey/monkey_island/cc/services/config_schema/internal.py": "86318eaf19b9991a8af5de861a3eb085238e17a4"
}
}
}

1
CHANGELOG.md
View File

@ -36,6 +36,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- MITRE ATT&CK configuration screen. #1532
- Propagation credentials from "GET /api/monkey/<string:guid>" endpoint. #1538
- "GET /api/monkey_control/check_remote_port/<string:port>" endpoint. #1635
- Max victims to find/exploit, TCP scan interval and TCP scan get banner internal options. #1597
- MySQL fingerprinter. #1648
### Fixed

8
monkey/infection_monkey/config.py
View File

@ -103,12 +103,6 @@ class Configuration(object):
exploiter_classes = []
system_info_collector_classes = []
# how many victims to look for in a single scan iteration
victims_max_find = 100
# how many victims to exploit before stopping
victims_max_exploit = 100
# depth of propagation
depth = 2
max_depth = None
@ -142,8 +136,6 @@ class Configuration(object):
tcp_target_ports = [22, 2222, 445, 135, 3389, 80, 8080, 443, 8008, 3306, 9200]
tcp_target_ports.extend(HTTP_PORTS)
tcp_scan_timeout = 3000 # 3000 Milliseconds
tcp_scan_interval = 0 # in milliseconds
tcp_scan_get_banner = True
# Ping Scanner
ping_scan_timeout = 1000

4
monkey/infection_monkey/example.conf
View File

@ -56,8 +56,6 @@
"exploit_ntlm_hash_list": [],
"exploit_ssh_keys": [],
"local_network_scan": false,
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 10000,
"tcp_target_ports": [
22,
@ -73,8 +71,6 @@
7001,
8088
],
"victims_max_exploit": 100,
"victims_max_find": 100,
"post_breach_actions": []
custom_PBA_linux_cmd = ""
custom_PBA_windows_cmd = ""

4
monkey/infection_monkey/network/network_scanner.py
View File

@ -1,5 +1,4 @@
import logging
import time
from multiprocessing.dummy import Pool
from common.network.network_range import NetworkRange
@ -108,9 +107,6 @@ class NetworkScanner(object):
if victims_count >= max_find:
logger.debug("Found max needed victims (%d), stopping scan", max_find)
return
if WormConfiguration.tcp_scan_interval:
# time.sleep uses seconds, while config is in milliseconds
time.sleep(WormConfiguration.tcp_scan_interval / float(1000))
@staticmethod
def _is_any_ip_in_subnet(ip_addresses, subnet_str):

7
monkey/infection_monkey/network/tools.py
View File

@ -76,14 +76,13 @@ def check_tcp_port(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
return True, banner
def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False):
def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT):
"""
Checks whether any of the given ports are open on a target IP.
:param ip: IP of host to attack
:param ports: List of ports to attack. Must not be empty.
:param timeout: Amount of time to wait for connection
:param get_banner: T/F if to get first packets from server
:return: list of open ports. If get_banner=True, then a matching list of banners.
:return: List of open ports.
"""
sockets = [socket.socket(socket.AF_INET, socket.SOCK_STREAM) for _ in range(len(ports))]
[s.setblocking(False) for s in sockets]
@ -130,7 +129,7 @@ def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False):
% (str(ip), ",".join([str(s[0]) for s in connected_ports_sockets]))
)
banners = []
if get_banner and (len(connected_ports_sockets) != 0):
if len(connected_ports_sockets) != 0:
readable_sockets, _, _ = select.select(
[s[1] for s in connected_ports_sockets], [], [], 0
)

33
monkey/monkey_island/cc/services/config_schema/internal.py
View File

@ -1,5 +1,3 @@
from monkey_island.cc.services.utils.typographic_symbols import WARNING_SIGN
INTERNAL = {
"title": "Internal",
"type": "object",
@ -21,24 +19,6 @@ INTERNAL = {
"title": "Monkey",
"type": "object",
"properties": {
"victims_max_find": {
"title": "Max victims to find",
"type": "integer",
"default": 100,
"description": "Determines the maximum number of machines the monkey is "
"allowed to scan",
},
"victims_max_exploit": {
"title": "Max victims to exploit",
"type": "integer",
"default": 100,
"description": "Determines the maximum number of machines the monkey"
" is allowed to successfully exploit. "
+ WARNING_SIGN
+ " Note that setting this value too high may result in the "
"monkey propagating to "
"a high number of machines",
},
"alive": {
"title": "Alive",
"type": "boolean",
@ -116,12 +96,6 @@ INTERNAL = {
"description": "List of TCP ports the monkey will check whether "
"they're open",
},
"tcp_scan_interval": {
"title": "TCP scan interval",
"type": "integer",
"default": 0,
"description": "Time to sleep (in milliseconds) between scans",
},
"tcp_scan_timeout": {
"title": "TCP scan timeout",
"type": "integer",
@ -129,13 +103,6 @@ INTERNAL = {
"description": "Maximum time (in milliseconds) "
"to wait for TCP response",
},
"tcp_scan_get_banner": {
"title": "TCP scan - get banner",
"type": "boolean",
"default": True,
"description": "Determines whether the TCP scan should try to get the "
"banner",
},
},
},
"ping_scanner": {

1
monkey/monkey_island/cc/ui/src/components/configuration-components/InternalConfig.js
View File

@ -4,7 +4,6 @@ import {Nav} from 'react-bootstrap';
const sectionOrder = [
'network',
'monkey',
'island_server',
'logging',
'exploits',

8
monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
View File

@ -123,14 +123,6 @@ export default function UiSchema(props) {
'ui:widget': AdvancedMultiSelect
}
},
monkey: {
alive: {
classNames: 'config-field-hidden'
},
aws_keys: {
classNames: 'config-field-hidden'
}
},
exploits: {
exploit_lm_hash_list:{
items: {

4
monkey/monkey_island/cc/ui/src/styles/pages/ConfigurationPage.scss
View File

@ -49,10 +49,6 @@
font-size: 1.2em;
}
.config-field-hidden {
display: none;
}
.field-description {
white-space: pre-wrap;
}

6
monkey/tests/data_for_tests/monkey_configs/flat_config.json
View File

@ -105,8 +105,6 @@
"ProcessListCollector",
"MimikatzCollector"
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
@ -122,7 +120,5 @@
7001,
8088
],
"user_to_add": "Monkey_IUSER_SUPPORT",
"victims_max_exploit": 100,
"victims_max_find": 100
"user_to_add": "Monkey_IUSER_SUPPORT"
}

6
monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
View File

@ -47,8 +47,6 @@
"keep_tunnel_open_time": 60
},
"monkey": {
"victims_max_find": 100,
"victims_max_exploit": 100,
"alive": true,
"aws_keys": {
"aws_access_key_id": "",
@ -88,9 +86,7 @@
7001,
8088
],
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_scan_get_banner": true
"tcp_scan_timeout": 3000
},
"ping_scanner": {
"ping_scan_timeout": 1000