Zoo: Update terraform scripts. Update gcp test machine list with new zone

envs/monkey_zoo/blackbox/config_templates/performance.py

@@ -10,6 +10,7 @@ class Performance(ConfigTemplate):
             "3Q=(Ge(+&w]*",
             "`))jU7L(w}",
             "t67TC5ZDmz",
+            "Passw0rd!",
         ],
         "basic.credentials.exploit_user_list": ["m0nk3y"],
         "basic.exploiters.exploiter_classes": [
@@ -24,6 +25,7 @@ class Performance(ConfigTemplate):
             "HadoopExploiter",
             "VSFTPDExploiter",
             "MSSQLExploiter",
+            "PowerShellExploiter",
             "ZerologonExploiter",
         ],
         "basic_network.network_analysis.inaccessible_subnets": [
@@ -58,5 +60,7 @@ class Performance(ConfigTemplate):
             "10.2.2.23",
             "10.2.2.24",
             "10.2.2.25",
+            "10.2.2.45",
+            "10.2.3.47",
         ],
     }

envs/monkey_zoo/blackbox/gcp_test_machine_list.py

@@ -1,22 +1,28 @@
-GCP_TEST_MACHINE_LIST = [
+GCP_TEST_MACHINE_LIST = {
-    "sshkeys-11",
+    "europe-west3-a": [
-    "sshkeys-12",
+        "sshkeys-11",
-    "elastic-4",
+        "sshkeys-12",
-    "elastic-5",
+        "elastic-4",
-    "hadoop-2",
+        "elastic-5",
-    "hadoop-3",
+        "hadoop-2",
-    "mssql-16",
+        "hadoop-3",
-    "mimikatz-14",
+        "mssql-16",
-    "mimikatz-15",
+        "powershell-45",
-    "struts2-23",
+        "mimikatz-14",
-    "struts2-24",
+        "mimikatz-15",
-    "tunneling-9",
+        "struts2-23",
-    "tunneling-10",
+        "struts2-24",
-    "tunneling-11",
+        "tunneling-9",
-    "tunneling-12",
+        "tunneling-10",
-    "weblogic-18",
+        "tunneling-11",
-    "weblogic-19",
+        "tunneling-12",
-    "shellshock-8",
+        "weblogic-18",
-    "zerologon-25",
+        "weblogic-19",
-    "drupal-28",
+        "shellshock-8",
-]
+        "zerologon-25",
+        "drupal-28",
+    ],
+    "europe-west1-b": [
+        "powershell-3-47",
+    ],
+}

envs/monkey_zoo/blackbox/start_all_gcp_machines.py

@@ -4,4 +4,4 @@ from gcp_test_machine_list import GCP_TEST_MACHINE_LIST
 from utils.gcp_machine_handlers import GCPHandler
 
 gcp_handler = GCPHandler()
-gcp_handler.start_machines(" ".join(GCP_TEST_MACHINE_LIST))
+gcp_handler.start_machines(GCP_TEST_MACHINE_LIST)

envs/monkey_zoo/blackbox/stop_all_gcp_machines.py

@@ -4,4 +4,4 @@ from gcp_test_machine_list import GCP_TEST_MACHINE_LIST
 from utils.gcp_machine_handlers import GCPHandler
 
 gcp_handler = GCPHandler()
-gcp_handler.stop_machines(" ".join(GCP_TEST_MACHINE_LIST))
+gcp_handler.stop_machines(GCP_TEST_MACHINE_LIST)

envs/monkey_zoo/blackbox/test_blackbox.py

@@ -55,14 +55,14 @@ def GCPHandler(request, no_gcp):
     if not no_gcp:
         try:
             GCPHandler = gcp_machine_handlers.GCPHandler()
-            GCPHandler.start_machines(" ".join(GCP_TEST_MACHINE_LIST))
+            GCPHandler.start_machines(GCP_TEST_MACHINE_LIST)
         except Exception as e:
             LOGGER.error("GCP Handler failed to initialize: %s." % e)
             pytest.exit("Encountered an error while starting GCP machines. Stopping the tests.")
         wait_machine_bootup()
 
         def fin():
-            GCPHandler.stop_machines(" ".join(GCP_TEST_MACHINE_LIST))
+            GCPHandler.stop_machines(GCP_TEST_MACHINE_LIST)
 
         request.addfinalizer(fin)
 

envs/monkey_zoo/blackbox/utils/gcp_machine_handlers.py

@@ -13,15 +13,12 @@ class GCPHandler(object):
 
     # Key path location relative to this file's directory
     RELATIVE_KEY_PATH = "../../gcp_keys/gcp_key.json"
-    DEFAULT_ZONE = "europe-west3-a"
     DEFAULT_PROJECT = "guardicore-22050661"
 
     def __init__(
         self,
-        zone=DEFAULT_ZONE,
         project_id=DEFAULT_PROJECT,
     ):
-        self.zone = zone
         abs_key_path = GCPHandler.get_absolute_key_path()
 
         subprocess.call(GCPHandler.get_auth_command(abs_key_path), shell=True)  # noqa: DUO116
@@ -43,26 +40,31 @@ class GCPHandler(object):
             )
         return absolute_key_path
 
-    def start_machines(self, machine_list):
+    @staticmethod
+    def start_machines(machine_list):
         """
         Start all the machines in the list.
-        :param machine_list: A space-separated string with all the machine names. Example:
+        :param machine_list: A dictionary with zone and machines per zone.
-        start_machines(`" ".join(["elastic-3", "mssql-16"])`)
         """
         LOGGER.info("Setting up all GCP machines...")
         try:
-            subprocess.call(  # noqa: DUO116
+            for zone in machine_list:
-                (GCPHandler.MACHINE_STARTING_COMMAND % (machine_list, self.zone)), shell=True
+                subprocess.call(  # noqa: DUO116
-            )
+                    (GCPHandler.MACHINE_STARTING_COMMAND % (" ".join(machine_list[zone]), zone)),
+                    shell=True,
+                )
             LOGGER.info("GCP machines successfully started.")
         except Exception as e:
             LOGGER.error("GCP Handler failed to start GCP machines: %s" % e)
 
-    def stop_machines(self, machine_list):
+    @staticmethod
+    def stop_machines(machine_list):
         try:
-            subprocess.call(  # noqa: DUO116
+            for zone in machine_list:
-                (GCPHandler.MACHINE_STOPPING_COMMAND % (machine_list, self.zone)), shell=True
+                subprocess.call(  # noqa: DUO116
-            )
+                    (GCPHandler.MACHINE_STOPPING_COMMAND % (" ".join(machine_list[zone]), zone)),
+                    shell=True,
+                )
             LOGGER.info("GCP machines stopped successfully.")
         except Exception as e:
             LOGGER.error("GCP Handler failed to stop network machines: %s" % e)

envs/monkey_zoo/terraform/images.tf

@@ -57,6 +57,14 @@ data "google_compute_image" "mssql-16" {
   name = "mssql-16"
   project = local.monkeyzoo_project
 }
+data "google_compute_image" "powershell-3-47" {
+  name = "powershell-3-47"
+  project = local.monkeyzoo_project
+}
+data "google_compute_image" "powershell-45" {
+  name = "powershell-45"
+  project = local.monkeyzoo_project
+}
 data "google_compute_image" "weblogic-18" {
   name = "weblogic-18"
   project = local.monkeyzoo_project

envs/monkey_zoo/terraform/monkey_zoo.tf

@@ -26,6 +26,12 @@ resource "google_compute_subnetwork" "monkeyzoo-main" {
   network         = google_compute_network.monkeyzoo.self_link
 }
 
+resource "google_compute_subnetwork" "monkeyzoo-main-1" {
+  name = "${local.resource_prefix}monkeyzoo-main-1"
+  ip_cidr_range   = "10.2.3.0/24"
+  network         = google_compute_network.monkeyzoo.self_link
+}
+
 resource "google_compute_subnetwork" "tunneling-main" {
   name = "${local.resource_prefix}tunneling-main"
   ip_cidr_range   = "10.2.1.0/28"
@@ -307,6 +313,36 @@ resource "google_compute_instance_from_template" "mssql-16" {
   }
 }
 
+resource "google_compute_instance_from_template" "powershell-3-47" {
+  name = "${local.resource_prefix}powershell-3-47"
+  source_instance_template = local.default_windows
+  boot_disk{
+    initialize_params {
+      image = data.google_compute_image.powershell-3-47.self_link
+    }
+    auto_delete = true
+  }
+  network_interface {
+    subnetwork="${local.resource_prefix}monkeyzoo-main-1"
+    network_ip="10.2.3.47"
+  }
+}
+
+resource "google_compute_instance_from_template" "powershell-45" {
+  name = "${local.resource_prefix}powershell-45"
+  source_instance_template = local.default_windows
+  boot_disk{
+    initialize_params {
+      image = data.google_compute_image.powershell-45.self_link
+    }
+    auto_delete = true
+  }
+  network_interface {
+    subnetwork="${local.resource_prefix}monkeyzoo-main"
+    network_ip="10.2.2.45"
+  }
+}
+
 /* We need to alter monkey's behavior for this to upload 32-bit monkey instead of 64-bit (not yet developed)
 resource "google_compute_instance_from_template" "upgrader-17" {
   name = "${local.resource_prefix}upgrader-17"