forked from p34709852/monkey
Test schema's change to production, minor comment improvements
This commit is contained in:
VakarisZ
parent
00c19aa3b9
commit
ae6e83d4c6
|
|
@ -11,7 +11,9 @@ SCHEMA = {
|
||||||
"type": "bool",
|
"type": "bool",
|
||||||
"value": True,
|
"value": True,
|
||||||
"necessary": False,
|
"necessary": False,
|
||||||
"description": "Adversaries may steal the credentials of a specific user or service account using "
|
"description": "Mapped with T1003 Credential dumping because both techniques "
|
||||||
|
"require same credential harvesting modules. "
|
||||||
|
"Adversaries may steal the credentials of a specific user or service account using "
|
||||||
"Credential Access techniques or capture credentials earlier in their "
|
"Credential Access techniques or capture credentials earlier in their "
|
||||||
"reconnaissance process.",
|
"reconnaissance process.",
|
||||||
"depends_on": ["T1003"]
|
"depends_on": ["T1003"]
|
||||||
|
|
@ -48,7 +50,7 @@ SCHEMA = {
|
||||||
"T1110": {
|
"T1110": {
|
||||||
"title": "T1110 Brute force",
|
"title": "T1110 Brute force",
|
||||||
"type": "bool",
|
"type": "bool",
|
||||||
"value": False,
|
"value": True,
|
||||||
"necessary": False,
|
"necessary": False,
|
||||||
"description": "Adversaries may use brute force techniques to attempt access to accounts "
|
"description": "Adversaries may use brute force techniques to attempt access to accounts "
|
||||||
"when passwords are unknown or when password hashes are obtained."
|
"when passwords are unknown or when password hashes are obtained."
|
||||||
|
|
@ -58,7 +60,9 @@ SCHEMA = {
|
||||||
"type": "bool",
|
"type": "bool",
|
||||||
"value": True,
|
"value": True,
|
||||||
"necessary": False,
|
"necessary": False,
|
||||||
"description": "Credential dumping is the process of obtaining account login and password "
|
"description": "Mapped with T1078 Valid Accounts because both techniques require"
|
||||||
|
" same credential harvesting modules. "
|
||||||
|
"Credential dumping is the process of obtaining account login and password "
|
||||||
"information, normally in the form of a hash or a clear text password, "
|
"information, normally in the form of a hash or a clear text password, "
|
||||||
"from the operating system and software.",
|
"from the operating system and software.",
|
||||||
"depends_on": ["T1078"]
|
"depends_on": ["T1078"]
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@ SCHEMA = {
|
||||||
"SmbExploiter"
|
"SmbExploiter"
|
||||||
],
|
],
|
||||||
"title": "SMB Exploiter",
|
"title": "SMB Exploiter",
|
||||||
"attack_techniques": ["T1110", "T1210", "T1021", "T1035", "T1075", "T16616161"]
|
"attack_techniques": ["T1110", "T1210", "T1075"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -22,7 +22,7 @@ SCHEMA = {
|
||||||
"WmiExploiter"
|
"WmiExploiter"
|
||||||
],
|
],
|
||||||
"title": "WMI Exploiter",
|
"title": "WMI Exploiter",
|
||||||
"attack_techniques": ["T1110"]
|
"attack_techniques": ["T1110", "T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -30,7 +30,7 @@ SCHEMA = {
|
||||||
"MSSQLExploiter"
|
"MSSQLExploiter"
|
||||||
],
|
],
|
||||||
"title": "MSSQL Exploiter",
|
"title": "MSSQL Exploiter",
|
||||||
"attack_techniques": ["T1110"]
|
"attack_techniques": ["T1110", "T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -54,7 +54,7 @@ SCHEMA = {
|
||||||
"SSHExploiter"
|
"SSHExploiter"
|
||||||
],
|
],
|
||||||
"title": "SSH Exploiter",
|
"title": "SSH Exploiter",
|
||||||
"attack_techniques": ["T1110"]
|
"attack_techniques": ["T1110", "T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -62,7 +62,7 @@ SCHEMA = {
|
||||||
"ShellShockExploiter"
|
"ShellShockExploiter"
|
||||||
],
|
],
|
||||||
"title": "ShellShock Exploiter",
|
"title": "ShellShock Exploiter",
|
||||||
"attack_techniques": []
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -70,7 +70,7 @@ SCHEMA = {
|
||||||
"SambaCryExploiter"
|
"SambaCryExploiter"
|
||||||
],
|
],
|
||||||
"title": "SambaCry Exploiter",
|
"title": "SambaCry Exploiter",
|
||||||
"attack_techniques": []
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -78,7 +78,7 @@ SCHEMA = {
|
||||||
"ElasticGroovyExploiter"
|
"ElasticGroovyExploiter"
|
||||||
],
|
],
|
||||||
"title": "ElasticGroovy Exploiter",
|
"title": "ElasticGroovy Exploiter",
|
||||||
"attack_techniques": []
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -86,7 +86,7 @@ SCHEMA = {
|
||||||
"Struts2Exploiter"
|
"Struts2Exploiter"
|
||||||
],
|
],
|
||||||
"title": "Struts2 Exploiter",
|
"title": "Struts2 Exploiter",
|
||||||
"attack_techniques": []
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -94,7 +94,7 @@ SCHEMA = {
|
||||||
"WebLogicExploiter"
|
"WebLogicExploiter"
|
||||||
],
|
],
|
||||||
"title": "Oracle Web Logic Exploiter",
|
"title": "Oracle Web Logic Exploiter",
|
||||||
"attack_techniques": []
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -102,7 +102,7 @@ SCHEMA = {
|
||||||
"HadoopExploiter"
|
"HadoopExploiter"
|
||||||
],
|
],
|
||||||
"title": "Hadoop/Yarn Exploiter",
|
"title": "Hadoop/Yarn Exploiter",
|
||||||
"attack_techniques": []
|
"attack_techniques": ["T1210"]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|
@ -116,7 +116,7 @@ SCHEMA = {
|
||||||
"BackdoorUser"
|
"BackdoorUser"
|
||||||
],
|
],
|
||||||
"title": "Back door user",
|
"title": "Back door user",
|
||||||
"attack_techniques": ["T1110"]
|
"attack_techniques": []
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
|
@ -129,7 +129,8 @@ SCHEMA = {
|
||||||
"enum": [
|
"enum": [
|
||||||
"SMBFinger"
|
"SMBFinger"
|
||||||
],
|
],
|
||||||
"title": "SMBFinger"
|
"title": "SMBFinger",
|
||||||
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -137,7 +138,7 @@ SCHEMA = {
|
||||||
"SSHFinger"
|
"SSHFinger"
|
||||||
],
|
],
|
||||||
"title": "SSHFinger",
|
"title": "SSHFinger",
|
||||||
"attack_techniques": ["T1110"]
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
|
|
@ -158,14 +159,16 @@ SCHEMA = {
|
||||||
"enum": [
|
"enum": [
|
||||||
"MySQLFinger"
|
"MySQLFinger"
|
||||||
],
|
],
|
||||||
"title": "MySQLFinger"
|
"title": "MySQLFinger",
|
||||||
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"enum": [
|
"enum": [
|
||||||
"MSSQLFinger"
|
"MSSQLFinger"
|
||||||
],
|
],
|
||||||
"title": "MSSQLFinger"
|
"title": "MSSQLFinger",
|
||||||
|
"attack_techniques": ["T1210"]
|
||||||
},
|
},
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
@ -173,7 +176,8 @@ SCHEMA = {
|
||||||
"enum": [
|
"enum": [
|
||||||
"ElasticFinger"
|
"ElasticFinger"
|
||||||
],
|
],
|
||||||
"title": "ElasticFinger"
|
"title": "ElasticFinger",
|
||||||
|
"attack_techniques": ["T1210"]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
@ -409,7 +413,7 @@ SCHEMA = {
|
||||||
"title": "Should use Mimikatz",
|
"title": "Should use Mimikatz",
|
||||||
"type": "boolean",
|
"type": "boolean",
|
||||||
"default": True,
|
"default": True,
|
||||||
"attack_techniques": ["T1110", "T1078", "T123123123"],
|
"attack_techniques": ["T1110", "T1078"],
|
||||||
"description": "Determines whether to use Mimikatz"
|
"description": "Determines whether to use Mimikatz"
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@ let findMaxTechniques = function (data){
|
||||||
return maxLen
|
return maxLen
|
||||||
};
|
};
|
||||||
|
|
||||||
// Parses config schema into data suitable for react-table (ATT&CK matrix)
|
// Parses ATT&CK config schema into data suitable for react-table (ATT&CK matrix)
|
||||||
let parseTechniques = function (data, maxLen) {
|
let parseTechniques = function (data, maxLen) {
|
||||||
let techniques = [];
|
let techniques = [];
|
||||||
// Create rows with attack techniques
|
// Create rows with attack techniques
|
||||||
|
|
@ -46,7 +46,7 @@ let parseTechniques = function (data, maxLen) {
|
||||||
class MatrixComponent extends AuthComponent {
|
class MatrixComponent extends AuthComponent {
|
||||||
constructor(props) {
|
constructor(props) {
|
||||||
super(props);
|
super(props);
|
||||||
// Copy configuration and parse it for ATT&CK matrix table
|
// Copy ATT&CK configuration and parse it for ATT&CK matrix table
|
||||||
let configCopy = JSON.parse(JSON.stringify(this.props.configuration));
|
let configCopy = JSON.parse(JSON.stringify(this.props.configuration));
|
||||||
this.state = {lastAction: 'none',
|
this.state = {lastAction: 'none',
|
||||||
configData: this.props.configuration,
|
configData: this.props.configuration,
|
||||||
|
|
@ -117,6 +117,7 @@ class MatrixComponent extends AuthComponent {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Updates state based on values in config supplied.
|
||||||
updateStateFromConfig = (config, lastAction = '') => {
|
updateStateFromConfig = (config, lastAction = '') => {
|
||||||
let configCopy = JSON.parse(JSON.stringify(config));
|
let configCopy = JSON.parse(JSON.stringify(config));
|
||||||
let maxTechniques = findMaxTechniques(Object.values(configCopy));
|
let maxTechniques = findMaxTechniques(Object.values(configCopy));
|
||||||
|
|
@ -131,6 +132,7 @@ class MatrixComponent extends AuthComponent {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Handles change in technique, when user toggles it
|
||||||
handleTechniqueChange = (technique, value, mapped=false) => {
|
handleTechniqueChange = (technique, value, mapped=false) => {
|
||||||
// Change value on configuration
|
// Change value on configuration
|
||||||
Object.entries(this.state.configData).forEach(techType => {
|
Object.entries(this.state.configData).forEach(techType => {
|
||||||
|
|
@ -139,9 +141,7 @@ class MatrixComponent extends AuthComponent {
|
||||||
tempMatrix[techType[0]].properties[technique].value = value;
|
tempMatrix[techType[0]].properties[technique].value = value;
|
||||||
// Toggle all mapped techniques
|
// Toggle all mapped techniques
|
||||||
if (! mapped && tempMatrix[techType[0]].properties[technique].hasOwnProperty('depends_on')){
|
if (! mapped && tempMatrix[techType[0]].properties[technique].hasOwnProperty('depends_on')){
|
||||||
console.log("Triggered");
|
|
||||||
tempMatrix[techType[0]].properties[technique].depends_on.forEach(mappedTechnique => {
|
tempMatrix[techType[0]].properties[technique].depends_on.forEach(mappedTechnique => {
|
||||||
console.log(mappedTechnique)
|
|
||||||
this.handleTechniqueChange(mappedTechnique, value, true)
|
this.handleTechniqueChange(mappedTechnique, value, true)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -277,7 +277,6 @@ class ConfigurePageComponent extends AuthComponent {
|
||||||
displayedSchema = this.state.schema['properties'][this.state.selectedSection];
|
displayedSchema = this.state.schema['properties'][this.state.selectedSection];
|
||||||
displayedSchema['definitions'] = this.state.schema['definitions'];
|
displayedSchema['definitions'] = this.state.schema['definitions'];
|
||||||
}
|
}
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<Col xs={12} lg={8}>
|
<Col xs={12} lg={8}>
|
||||||
<h1 className="page-title">Monkey Configuration</h1>
|
<h1 className="page-title">Monkey Configuration</h1>
|
||||||
|
|
@ -299,9 +298,11 @@ class ConfigurePageComponent extends AuthComponent {
|
||||||
}
|
}
|
||||||
{ this.state.selectedSection ?
|
{ this.state.selectedSection ?
|
||||||
<Form schema={displayedSchema}
|
<Form schema={displayedSchema}
|
||||||
|
uiSchema={this.uiSchema}
|
||||||
formData={this.state.configuration[this.state.selectedSection]}
|
formData={this.state.configuration[this.state.selectedSection]}
|
||||||
onSubmit={this.onSubmit}
|
onSubmit={this.onSubmit}
|
||||||
onChange={this.onChange}>
|
onChange={this.onChange}
|
||||||
|
noValidate={true}>
|
||||||
<div>
|
<div>
|
||||||
{ this.state.allMonkeysAreDead ?
|
{ this.state.allMonkeysAreDead ?
|
||||||
'' :
|
'' :
|
||||||
|
|
@ -364,7 +365,6 @@ class ConfigurePageComponent extends AuthComponent {
|
||||||
</div>
|
</div>
|
||||||
: ''}
|
: ''}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</Col>
|
</Col>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,6 @@ class Checkbox extends React.PureComponent {
|
||||||
this.composeStateClasses = this.composeStateClasses.bind(this);
|
this.composeStateClasses = this.composeStateClasses.bind(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
|
||||||
toggleChecked() {
|
toggleChecked() {
|
||||||
if (this.state.isAnimating) return false;
|
if (this.state.isAnimating) return false;
|
||||||
this.setState({
|
this.setState({
|
||||||
|
|
@ -30,12 +29,12 @@ class Checkbox extends React.PureComponent {
|
||||||
}, () => { this.props.changeHandler(this.props.name, this.state.checked)});
|
}, () => { this.props.changeHandler(this.props.name, this.state.checked)});
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
// Stops animation
|
||||||
ping() {
|
ping() {
|
||||||
this.setState({ isAnimating: false })
|
this.setState({ isAnimating: false })
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
// Creates class string for component
|
||||||
composeStateClasses(core) {
|
composeStateClasses(core) {
|
||||||
let result = core;
|
let result = core;
|
||||||
if (this.state.necessary){
|
if (this.state.necessary){
|
||||||
|
|
@ -48,7 +47,6 @@ class Checkbox extends React.PureComponent {
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
|
||||||
render() {
|
render() {
|
||||||
const cl = this.composeStateClasses('ui-checkbox-btn');
|
const cl = this.composeStateClasses('ui-checkbox-btn');
|
||||||
return (
|
return (
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue