p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cc: format exploiter_classes.py with black

This commit is contained in:
Mike Salvatore 2021-02-24 13:40:49 -05:00
parent b5b8d289ca
commit b6bb6d8221
1 changed files with 49 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py
View File

@ -2,169 +2,142 @@ from monkey_island.cc.services.utils.typographic_symbols import WARNING_SIGN
EXPLOITER_CLASSES = {
"title": "Exploit class",
"description": "Click on exploiter to get more information about it." + WARNING_SIGN +
" Note that using unsafe exploits may cause crashes of the exploited machine/service.",
"description": "Click on exploiter to get more information about it."
+ WARNING_SIGN
+ " Note that using unsafe exploits may cause crashes of the exploited machine/service.",
"type": "string",
"anyOf": [
{
"type": "string",
"enum": [
"SmbExploiter"
],
"enum": ["SmbExploiter"],
"title": "SMB Exploiter",
"safe": True,
"attack_techniques": ["T1110", "T1075", "T1035"],
"info": "Brute forces using credentials provided by user and"
" hashes gathered by mimikatz.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/smbexec/"
" hashes gathered by mimikatz.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/smbexec/",
},
{
"type": "string",
"enum": [
"WmiExploiter"
],
"enum": ["WmiExploiter"],
"title": "WMI Exploiter",
"safe": True,
"attack_techniques": ["T1110", "T1106"],
"info": "Brute forces WMI (Windows Management Instrumentation) "
"using credentials provided by user and hashes gathered by mimikatz.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/wmiexec/"
"using credentials provided by user and hashes gathered by mimikatz.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/wmiexec/",
},
{
"type": "string",
"enum": [
"MSSQLExploiter"
],
"enum": ["MSSQLExploiter"],
"title": "MSSQL Exploiter",
"safe": True,
"attack_techniques": ["T1110"],
"info": "Tries to brute force into MsSQL server and uses insecure "
"configuration to execute commands on server.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/mssql/"
"configuration to execute commands on server.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/mssql/",
},
{
"type": "string",
"enum": [
"Ms08_067_Exploiter"
],
"enum": ["Ms08_067_Exploiter"],
"title": "MS08-067 Exploiter",
"safe": False,
"info": "Unsafe exploiter, that might cause system crash due to the use of buffer overflow. "
"Uses MS08-067 vulnerability.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/ms08-067/"
"Uses MS08-067 vulnerability.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/ms08-067/",
},
{
"type": "string",
"enum": [
"SSHExploiter"
],
"enum": ["SSHExploiter"],
"title": "SSH Exploiter",
"safe": True,
"attack_techniques": ["T1110", "T1145", "T1106"],
"info": "Brute forces using credentials provided by user and SSH keys gathered from systems.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sshexec/"
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sshexec/",
},
{
"type": "string",
"enum": [
"ShellShockExploiter"
],
"enum": ["ShellShockExploiter"],
"title": "ShellShock Exploiter",
"safe": True,
"info": "CVE-2014-6271, based on logic from "
"https://github.com/nccgroup/shocker/blob/master/shocker.py .",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/shellshock/"
"https://github.com/nccgroup/shocker/blob/master/shocker.py .",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/shellshock/",
},
{
"type": "string",
"enum": [
"SambaCryExploiter"
],
"enum": ["SambaCryExploiter"],
"title": "SambaCry Exploiter",
"safe": True,
"info": "Bruteforces and searches for anonymous shares. Uses Impacket.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sambacry/"
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/sambacry/",
},
{
"type": "string",
"enum": [
"ElasticGroovyExploiter"
],
"enum": ["ElasticGroovyExploiter"],
"title": "ElasticGroovy Exploiter",
"safe": True,
"info": "CVE-2015-1427. Logic is based on Metasploit module.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/elasticgroovy/"
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/elasticgroovy/",
},
{
"type": "string",
"enum": [
"Struts2Exploiter"
],
"enum": ["Struts2Exploiter"],
"title": "Struts2 Exploiter",
"safe": True,
"info": "Exploits struts2 java web framework. CVE-2017-5638. Logic based on "
"https://www.exploit-db.com/exploits/41570 .",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/struts2/"
"https://www.exploit-db.com/exploits/41570 .",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/struts2/",
},
{
"type": "string",
"enum": [
"WebLogicExploiter"
],
"enum": ["WebLogicExploiter"],
"title": "WebLogic Exploiter",
"safe": True,
"info": "Exploits CVE-2017-10271 and CVE-2019-2725 vulnerabilities on WebLogic server.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/weblogic/"
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/weblogic/",
},
{
"type": "string",
"enum": [
"HadoopExploiter"
],
"enum": ["HadoopExploiter"],
"title": "Hadoop/Yarn Exploiter",
"safe": True,
"info": "Remote code execution on HADOOP server with YARN and default settings. "
"Logic based on https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/hadoop/"
"Logic based on https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/hadoop/",
},
{
"type": "string",
"enum": [
"VSFTPDExploiter"
],
"enum": ["VSFTPDExploiter"],
"title": "VSFTPD Exploiter",
"safe": True,
"info": "Exploits a malicious backdoor that was added to the VSFTPD download archive. "
"Logic based on Metasploit module.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/vsftpd/"
"Logic based on Metasploit module.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/vsftpd/",
},
{
"type": "string",
"enum": [
"DrupalExploiter"
],
"enum": ["DrupalExploiter"],
"title": "Drupal Exploiter",
"safe": True,
"info": "Exploits a remote command execution vulnerability in a Drupal server,"
"for which certain modules (such as RESTful Web Services) are enabled.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/drupal/"
"for which certain modules (such as RESTful Web Services) are enabled.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/drupal/",
},
{
"type": "string",
"enum": [
"ZerologonExploiter"
],
"enum": ["ZerologonExploiter"],
"title": "Zerologon Exploiter",
"safe": False,
"info": "Exploits a privilege escalation vulnerability (CVE-2020-1472) in a Windows "
"server domain controller by using the Netlogon Remote Protocol (MS-NRPC). "
"This exploiter changes the password of a Windows server domain controller "
"account and could prevent the victim domain controller from communicating "
"with other domain controllers. While it attempts to undo "
"its changes and reset the password back to the original after the "
"vulnerability is exploited, this is not successful in all cases. For "
"instructions on how to reset the domain controller's password, see the documentation.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/zerologon/"
}
]
"server domain controller by using the Netlogon Remote Protocol (MS-NRPC). "
"This exploiter changes the password of a Windows server domain controller "
"account and could prevent the victim domain controller from communicating "
"with other domain controllers. While it attempts to undo "
"its changes and reset the password back to the original after the "
"vulnerability is exploited, this is not successful in all cases. For "
"instructions on how to reset the domain controller's password, see the documentation.",
"link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/zerologon/",
},
],
}