p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updated all configs used in BB tests

This commit is contained in:
VakarisZ 2020-07-30 15:48:17 +03:00
parent d9ed06d765
commit b996b6e2e8
13 changed files with 656 additions and 1443 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

176
envs/monkey_zoo/blackbox/island_configs/ELASTIC.conf
View File

@ -2,10 +2,13 @@
"basic": { "basic": {
"credentials": { "credentials": {
"exploit_password_list": [ "exploit_password_list": [
"Password1!", "root",
"1234", "123456",
"password", "password",
"12345678" "123456789",
"qwerty",
"111111",
"iloveyou"
], ],
"exploit_user_list": [ "exploit_user_list": [
"Administrator", "Administrator",
@ -13,12 +16,17 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"ElasticGroovyExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -26,70 +34,11 @@
"10.2.2.4", "10.2.2.4",
"10.2.2.5" "10.2.2.5"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"ElasticGroovyExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
"classes": { "classes": {
"finger_classes": [ "finger_classes": [
"SMBFinger",
"SSHFinger",
"PingScanner",
"HTTPFinger",
"MySQLFinger",
"MSSQLFinger",
"ElasticFinger"
] ]
}, },
"dropper": { "dropper": {
@ -107,9 +56,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -121,63 +77,53 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true, "post_breach_actions": [
"serialize_config": false, "BackdoorUser",
"use_file_logging": true "CommunicateAsNewUser",
}, "ModifyShellStartupFiles",
"general": { "HiddenFiles",
"alive": true, "TrapCommand",
"post_breach_actions": [] "ChangeSetuidSetgid",
}, "ScheduleJobs"
"life_cycle": { ]
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
}, },
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

166
envs/monkey_zoo/blackbox/island_configs/HADOOP.conf
View File

@ -2,10 +2,13 @@
"basic": { "basic": {
"credentials": { "credentials": {
"exploit_password_list": [ "exploit_password_list": [
"Password1!", "root",
"1234", "123456",
"password", "password",
"12345678" "123456789",
"qwerty",
"111111",
"iloveyou"
], ],
"exploit_user_list": [ "exploit_user_list": [
"Administrator", "Administrator",
@ -13,12 +16,17 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"HadoopExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -26,58 +34,6 @@
"10.2.2.3", "10.2.2.3",
"10.2.2.2" "10.2.2.2"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"HadoopExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -103,15 +59,20 @@
}, },
"exploits": { "exploits": {
"exploit_lm_hash_list": [], "exploit_lm_hash_list": [],
"exploit_ntlm_hash_list": [ "exploit_ntlm_hash_list": [],
"e1c0dc690821c13b10a41dccfc72e43a"
],
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -123,63 +84,46 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true, "post_breach_actions": [
"serialize_config": false, ]
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": []
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
}, },
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

157
envs/monkey_zoo/blackbox/island_configs/MSSQL.conf
View File

@ -13,70 +13,21 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"MSSQLExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": {
"blocked_ips": [],
"depth": 2,
"local_network_scan": false,
"subnet_scan_list": [
"10.2.2.16"
]
},
"network_analysis": { "network_analysis": {
"inaccessible_subnets": [] "inaccessible_subnets": []
}
}, },
"cnc": { "scope": {
"servers": { "blocked_ips": [],
"command_servers": [ "depth": 2,
"10.2.2.251:5000" "local_network_scan": true,
], "subnet_scan_list": []
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"MSSQLExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -106,9 +57,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -120,63 +78,46 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true, "post_breach_actions": [
"serialize_config": false, ]
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": []
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
}, },
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

191
envs/monkey_zoo/blackbox/island_configs/PERFORMANCE.conf
View File

@ -13,12 +13,36 @@
"m0nk3y" "m0nk3y"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter",
"VSFTPDExploiter",
"MSSQLExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": [
"10.2.2.0/30",
"10.2.2.8/30",
"10.2.2.24/32",
"10.2.2.23/32",
"10.2.2.21/32",
"10.2.2.19/32",
"10.2.2.18/32",
"10.2.2.17/32"
]
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -44,74 +68,6 @@
"10.2.2.23", "10.2.2.23",
"10.2.2.24" "10.2.2.24"
] ]
},
"network_analysis": {
"inaccessible_subnets": [
"10.2.2.0/30",
"10.2.2.8/30",
"10.2.2.24/32",
"10.2.2.23/32",
"10.2.2.21/32",
"10.2.2.19/32",
"10.2.2.18/32",
"10.2.2.17/32"
]
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter",
"VSFTPDExploiter",
"MSSQLExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -143,7 +99,14 @@
"general": { "general": {
"keep_tunnel_open_time": 60, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -156,74 +119,52 @@
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
}, },
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": { "testing": {
"export_monkey_telems": true "export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [ "post_breach_actions": [
"CommunicateAsNewUser" "BackdoorUser",
"CommunicateAsNewUser",
"ModifyShellStartupFiles",
"HiddenFiles",
"TrapCommand",
"ChangeSetuidSetgid",
"ScheduleJobs"
] ]
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 15,
"victims_max_find": 100
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true,
"should_use_mimikatz": true,
"system_info_collectors_classes": [
"EnvironmentCollector", "EnvironmentCollector",
"AwsCollector", "AwsCollector",
"HostnameCollector", "HostnameCollector",
"ProcessListCollector" "ProcessListCollector",
] "MimikatzCollector",
} "AzureCollector"
},
"network": {
"ping_scanner": {
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001,
8088
] ]
} }
} }

150
envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf
View File

@ -13,70 +13,23 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"ShellShockExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.8" "10.2.2.8"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"ShellShockExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -106,9 +59,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -120,63 +80,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [] "post_breach_actions": []
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

155
envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf
View File

@ -1,4 +1,4 @@
{ monkey.conf{
"basic": { "basic": {
"credentials": { "credentials": {
"exploit_password_list": [ "exploit_password_list": [
@ -11,12 +11,17 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"SmbExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -24,58 +29,6 @@
"10.2.2.14", "10.2.2.14",
"10.2.2.15" "10.2.2.15"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"SmbExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -105,9 +58,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -119,63 +79,46 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true, "post_breach_actions": [
"serialize_config": false, ]
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": []
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
}, },
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

150
envs/monkey_zoo/blackbox/island_configs/SMB_PTH.conf
View File

@ -10,70 +10,23 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"SmbExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.15" "10.2.2.15"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"SmbExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -103,9 +56,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -117,63 +77,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [] "post_breach_actions": []
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

162
envs/monkey_zoo/blackbox/island_configs/SSH.conf
View File

@ -12,12 +12,17 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"SSHExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -25,67 +30,6 @@
"10.2.2.11", "10.2.2.11",
"10.2.2.12" "10.2.2.12"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter",
"VSFTPDExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -115,9 +59,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -129,63 +80,46 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true, "post_breach_actions": [
"serialize_config": false, ]
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": []
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
}, },
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

150
envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf
View File

@ -14,12 +14,17 @@
"vakaris_zilius" "vakaris_zilius"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"Struts2Exploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -27,55 +32,6 @@
"10.2.2.23", "10.2.2.23",
"10.2.2.24" "10.2.2.24"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"Struts2Exploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -107,7 +63,14 @@
"general": { "general": {
"keep_tunnel_open_time": 60, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -119,72 +82,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true, "post_breach_actions": []
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [
"CommunicateAsNewUser"
]
},
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 15,
"victims_max_find": 100
}, },
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true,
"should_use_mimikatz": true,
"system_info_collectors_classes": [
"EnvironmentCollector", "EnvironmentCollector",
"AwsCollector", "AwsCollector",
"HostnameCollector", "HostnameCollector",
"ProcessListCollector" "ProcessListCollector",
] "MimikatzCollector",
} "AzureCollector"
},
"network": {
"ping_scanner": {
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001,
8088
] ]
} }
} }

165
envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf
View File

@ -7,24 +7,27 @@
"`))jU7L(w}", "`))jU7L(w}",
"t67TC5ZDmz", "t67TC5ZDmz",
"12345678", "12345678",
"another_one",
"and_another_one",
"one_more"
], ],
"exploit_user_list": [ "exploit_user_list": [
"Administrator", "Administrator",
"rand",
"rand2",
"m0nk3y", "m0nk3y",
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"MSSQLExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 3, "depth": 3,
"local_network_scan": false, "local_network_scan": false,
@ -34,67 +37,6 @@
"10.2.0.11", "10.2.0.11",
"10.2.0.12" "10.2.0.12"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"SmbExploiter",
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter",
"VSFTPDExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -126,7 +68,14 @@
"general": { "general": {
"keep_tunnel_open_time": 60, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -138,63 +87,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [] "post_breach_actions": []
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

159
envs/monkey_zoo/blackbox/island_configs/WEBLOGIC.conf
View File

@ -2,10 +2,13 @@
"basic": { "basic": {
"credentials": { "credentials": {
"exploit_password_list": [ "exploit_password_list": [
"Password1!", "root",
"1234", "123456",
"password", "password",
"12345678" "123456789",
"qwerty",
"111111",
"iloveyou"
], ],
"exploit_user_list": [ "exploit_user_list": [
"Administrator", "Administrator",
@ -13,12 +16,17 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"WebLogicExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -26,58 +34,6 @@
"10.2.2.18", "10.2.2.18",
"10.2.2.19" "10.2.2.19"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"WebLogicExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -107,9 +63,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -121,63 +84,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [] "post_breach_actions": []
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

158
envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf
View File

@ -11,12 +11,17 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"WmiExploiter"
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
@ -24,66 +29,6 @@
"10.2.2.14", "10.2.2.14",
"10.2.2.15" "10.2.2.15"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter",
"VSFTPDExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -113,9 +58,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -127,63 +79,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [] "post_breach_actions": []
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }

158
envs/monkey_zoo/blackbox/island_configs/WMI_PTH.conf
View File

@ -10,78 +10,23 @@
"user" "user"
] ]
}, },
"general": { "exploiters": {
"should_exploit": true "exploiter_classes": [
"WmiExploiter",
]
} }
}, },
"basic_network": { "basic_network": {
"general": { "network_analysis": {
"inaccessible_subnets": []
},
"scope": {
"blocked_ips": [], "blocked_ips": [],
"depth": 2, "depth": 2,
"local_network_scan": false, "local_network_scan": false,
"subnet_scan_list": [ "subnet_scan_list": [
"10.2.2.15" "10.2.2.15"
] ]
},
"network_analysis": {
"inaccessible_subnets": []
}
},
"cnc": {
"servers": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000",
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
]
}
},
"exploits": {
"general": {
"exploiter_classes": [
"WmiExploiter",
"SSHExploiter",
"ShellShockExploiter",
"SambaCryExploiter",
"ElasticGroovyExploiter",
"Struts2Exploiter",
"WebLogicExploiter",
"HadoopExploiter",
"VSFTPDExploiter"
],
"skip_exploit_if_file_exist": false
},
"ms08_067": {
"ms08_067_exploit_attempts": 5,
"remote_user_pass": "Password1!",
"user_to_add": "Monkey_IUSER_SUPPORT"
},
"rdp_grinder": {
"rdp_use_vbs_download": true
},
"sambacry": {
"sambacry_folder_paths_to_guess": [
"/",
"/mnt",
"/tmp",
"/storage",
"/export",
"/share",
"/shares",
"/home"
],
"sambacry_shares_not_to_check": [
"IPC$",
"print$"
],
"sambacry_trigger_timeout": 5
},
"smb_service": {
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey"
} }
}, },
"internal": { "internal": {
@ -111,9 +56,16 @@
"exploit_ssh_keys": [] "exploit_ssh_keys": []
}, },
"general": { "general": {
"keep_tunnel_open_time": 1, "keep_tunnel_open_time": 60,
"monkey_dir_name": "monkey_dir", "monkey_dir_name": "monkey_dir",
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}" "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
"started_on_island": false
},
"island_server": {
"command_servers": [
"10.2.2.251:5000"
],
"current_server": "10.2.2.251:5000"
}, },
"kill_file": { "kill_file": {
"kill_file_path_linux": "/var/run/monkey.not", "kill_file_path_linux": "/var/run/monkey.not",
@ -125,63 +77,45 @@
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_path_linux": "/tmp/user-1563",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_path_windows": "%temp%\\~df1563.tmp",
"send_log_to_server": true "send_log_to_server": true
},
"monkey": {
"alive": true,
"internet_services": [
"monkey.guardicore.com",
"www.google.com"
],
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true,
"victims_max_exploit": 100,
"victims_max_find": 100
},
"network": {},
"testing": {
"export_monkey_telems": false
} }
}, },
"monkey": { "monkey": {
"behaviour": { "persistent_scanning": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100
},
"post_breach": {
"PBA_linux_filename": "", "PBA_linux_filename": "",
"PBA_windows_filename": "", "PBA_windows_filename": "",
"custom_PBA_linux_cmd": "", "custom_PBA_linux_cmd": "",
"custom_PBA_windows_cmd": "", "custom_PBA_windows_cmd": "",
"self_delete_in_cleanup": true,
"serialize_config": false,
"use_file_logging": true
},
"general": {
"alive": true,
"post_breach_actions": [] "post_breach_actions": []
}, },
"life_cycle": {
"max_iterations": 1,
"retry_failed_explotation": true,
"timeout_between_iterations": 100,
"victims_max_exploit": 7,
"victims_max_find": 30
},
"system_info": { "system_info": {
"collect_system_info": true, "system_info_collector_classes": [
"extract_azure_creds": true, "EnvironmentCollector",
"should_use_mimikatz": true "AwsCollector",
} "HostnameCollector",
}, "ProcessListCollector",
"network": { "MimikatzCollector",
"ping_scanner": { "AzureCollector"
"ping_scan_timeout": 1000
},
"tcp_scanner": {
"HTTP_PORTS": [
80,
8080,
443,
8008,
7001
],
"tcp_scan_get_banner": true,
"tcp_scan_interval": 0,
"tcp_scan_timeout": 3000,
"tcp_target_ports": [
22,
2222,
445,
135,
3389,
80,
8080,
443,
8008,
3306,
9200,
7001
] ]
} }
} }