p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed host IP address retrieval and system_info_collection bugs

This commit is contained in:
VakarisZ 2019-07-10 08:40:31 +03:00
parent eb574c8fff
commit a91421aaf0
5 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
monkey/infection_monkey/exploit/sambacry.py
View File

@ -270,8 +270,8 @@ class SambaCryExploiter(HostExploiter):
with monkeyfs.open(monkey_bin_64_src_path, "rb") as monkey_bin_file: with monkeyfs.open(monkey_bin_64_src_path, "rb") as monkey_bin_file:
smb_client.putFile(share, "\\%s" % self.SAMBACRY_MONKEY_FILENAME_64, monkey_bin_file.read) smb_client.putFile(share, "\\%s" % self.SAMBACRY_MONKEY_FILENAME_64, monkey_bin_file.read)
T1105Telem(ScanStatus.USED, T1105Telem(ScanStatus.USED,
get_interface_to_target(self.host.ip_addr[0]), get_interface_to_target(self.host.ip_addr),
self.host.ip_addr[0], self.host.ip_addr,
monkey_bin_64_src_path).send() monkey_bin_64_src_path).send()
smb_client.disconnectTree(tree_id) smb_client.disconnectTree(tree_id)

8
monkey/infection_monkey/exploit/sshexec.py
View File

@ -165,15 +165,15 @@ class SSHExploiter(HostExploiter):
callback=self.log_transfer) callback=self.log_transfer)
ftp.chmod(self._config.dropper_target_path_linux, 0o777) ftp.chmod(self._config.dropper_target_path_linux, 0o777)
T1105Telem(ScanStatus.USED, T1105Telem(ScanStatus.USED,
get_interface_to_target(self.host.ip_addr[0]), get_interface_to_target(self.host.ip_addr),
self.host.ip_addr[0], self.host.ip_addr,
src_path).send() src_path).send()
ftp.close() ftp.close()
except Exception as exc: except Exception as exc:
LOG.debug("Error uploading file into victim %r: (%s)", self.host, exc) LOG.debug("Error uploading file into victim %r: (%s)", self.host, exc)
T1105Telem(ScanStatus.SCANNED, T1105Telem(ScanStatus.SCANNED,
get_interface_to_target(self.host.ip_addr[0]), get_interface_to_target(self.host.ip_addr),
self.host.ip_addr[0], self.host.ip_addr,
src_path).send() src_path).send()
return False return False

8
monkey/infection_monkey/exploit/tools/smb_tools.py
View File

@ -140,8 +140,8 @@ class SmbTools(object):
file_uploaded = True file_uploaded = True
T1105Telem(ScanStatus.USED, T1105Telem(ScanStatus.USED,
get_interface_to_target(host.ip_addr[0]), get_interface_to_target(host.ip_addr),
host.ip_addr[0], host.ip_addr,
dst_path).send() dst_path).send()
LOG.info("Copied monkey file '%s' to remote share '%s' [%s] on victim %r", LOG.info("Copied monkey file '%s' to remote share '%s' [%s] on victim %r",
src_path, share_name, share_path, host) src_path, share_name, share_path, host)
@ -151,8 +151,8 @@ class SmbTools(object):
LOG.debug("Error uploading monkey to share '%s' on victim %r: %s", LOG.debug("Error uploading monkey to share '%s' on victim %r: %s",
share_name, host, exc) share_name, host, exc)
T1105Telem(ScanStatus.SCANNED, T1105Telem(ScanStatus.SCANNED,
get_interface_to_target(host.ip_addr[0]), get_interface_to_target(host.ip_addr),
host.ip_addr[0], host.ip_addr,
dst_path).send() dst_path).send()
continue continue
finally: finally:

6
monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
View File

@ -12,9 +12,9 @@ class T1003(AttackTechnique):
scanned_msg = "" scanned_msg = ""
used_msg = "Monkey successfully obtained some credentials from systems on the network." used_msg = "Monkey successfully obtained some credentials from systems on the network."
query = {'telem_category': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}}, query = {'telem_category': 'system_info', '$and': [{'data.credentials': {'$exists': True}},
# $gt: {} checks if field is not an empty object # $gt: {} checks if field is not an empty object
{'data.credentials': {'$gt': {}}}]} {'data.credentials': {'$gt': {}}}]}
@staticmethod @staticmethod
def get_report_data(): def get_report_data():

2
monkey/monkey_island/cc/services/attack/technique_reports/T1082.py
View File

@ -12,7 +12,7 @@ class T1082(AttackTechnique):
scanned_msg = "" scanned_msg = ""
used_msg = "Monkey gathered system info from machines in the network." used_msg = "Monkey gathered system info from machines in the network."
query = [{'$match': {'telem_category': 'system_info_collection'}}, query = [{'$match': {'telem_category': 'system_info'}},
{'$project': {'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'}, {'$project': {'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'},
'aws': '$data.aws', 'aws': '$data.aws',
'netstat': '$data.network_info.netstat', 'netstat': '$data.network_info.netstat',