UI: Add exploiter classes to the json schema

2022-06-30 22:45:41 +02:00 · 2022-06-30 22:45:41 +02:00 · c4f34939ec
parent afbd3789e8
commit c4f34939ec
3 changed files with 142 additions and 25 deletions
--- a/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
@ -1,10 +1,15 @@
 import {customPBAConfigurationSchema} from './definitions/custom_pbas.js';
 import {pluginConfigurationSchema} from './definitions/plugins.js';
 import {propagationConfigurationSchema} from './definitions/propagation.js';
+import {bruteForceExploiters, vulnerabilityExploiters} from './definitions/exploiter_classes.js';

 export const SCHEMA = {
  'title': 'Monkey',
  'type': 'object',
+  'definitions': {
+    'brute_force_classes': bruteForceExploiters,
+    'vulnerability_classes': vulnerabilityExploiters
+  },
  'properties': {
    'propagation': propagationConfigurationSchema,
    'post_breach_actions': {
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
@ -1,37 +1,46 @@
 import {exploitationOptionsConfigurationSchema} from './exploitation_options.js';
-import {pluginConfigurationSchema} from './plugins.js';

 export const exploitationConfigurationSchema = {
+  'title': 'Exploiters',
  'type': 'object',
+  'description': 'Choose which exploiters the Monkey will attempt.',
  'properties': {
    'brute_force': {
-      'title': 'Brute force exploiters',
-      'type': 'string',
-      'anyOf': [
-        {
-          'type': 'string',
-          'enum': ['SmbExploiter'],
-          'info': 'bla',
-          'link': 'link'
-        },
-        {
-          'type': 'string',
-          'enum': ['SmbExploiter'],
-          'info': 'bla',
-          'link': 'link'
+      'title': 'Brute force exploiter',
+      'type': 'object',
+      'properties': {
+        'brute_force_classes': {
+          'type': 'array',
+          'uniqueItems': true,
+          'items': {
+            '$ref': '#/definitions/brute_force_classes'
+          },
+          'default' : [
+            'SmbExploiter',
+            'WmiExploiter',
+            'SSHExploiter',
+            'MSSQLExploiter'
+          ]
        }
-
-      ]
+      }
    },
    'vulnerability': {
-      'title': 'Vulnerability exploiters',
-      'type': 'string',
-      'items': pluginConfigurationSchema,
-      'default': [
-        {'name': 'Log4ShellExploiter', 'safe': true, 'options': {}},
-        {'name': 'HadoopExploiter', 'safe': true, 'options': {}}
-      ]
+      'title': 'Vulnerability Exploiters',
+      'type': 'object',
+      'properties': {
+        'vulnerability_classes': {
+          'type': 'array',
+          'uniqueItems': true,
+          'items': {
+            '$ref': '#/definitions/vulnerability_classes'
+          },
+          'default' : [
+            'Log4ShellExploiter',
+            'HadoopExploiter'
+]
+        }
+      }
    },
    'options': exploitationOptionsConfigurationSchema
  }
-}
+};
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
@ -0,0 +1,103 @@
+export const bruteForceExploiters = {
+    'title': 'Brute force exploiters',
+    'description': 'Click on exploiter to get more information about it.'
+    + '\u26A0'
+    + ' Note that using unsafe exploits may cause crashes of the exploited ' +
+    'machine/service.',
+    'type': 'string',
+    'anyOf': [
+        {
+            'type': 'string',
+            'enum': ['SmbExploiter'],
+            'title': 'SMB Exploiter',
+            'safe': true,
+            'attack_techniques': ['T1110', 'T1075', 'T1035'],
+            'info': 'Brute forces using credentials provided by user and' +
+            ' hashes gathered by mimikatz.',
+            'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+            '/exploiters/smbexec/'
+        },
+        {
+            'type': 'string',
+            'enum': ['WmiExploiter'],
+            'title': 'WMI Exploiter',
+            'safe': true,
+            'attack_techniques': ['T1110', 'T1106'],
+            'info': 'Brute forces WMI (Windows Management Instrumentation) ' +
+            'using credentials provided by user and hashes gathered by ' +
+            'mimikatz.',
+            'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+            '/exploiters/wmiexec/'
+        },
+        {
+            'type': 'string',
+            'enum': ['MSSQLExploiter'],
+            'title': 'MSSQL Exploiter',
+            'safe': true,
+            'attack_techniques': ['T1110'],
+            'info': 'Tries to brute force into MsSQL server and uses insecure ' +
+            'configuration to execute commands on server.',
+            'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+            '/exploiters/mssql/'
+        },
+        {
+            'type': 'string',
+            'enum': ['SSHExploiter'],
+            'title': 'SSH Exploiter',
+            'safe': true,
+            'attack_techniques': ['T1110', 'T1145', 'T1106'],
+            'info': 'Brute forces using credentials provided by user and SSH keys ' +
+            'gathered from systems.',
+            'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+            '/exploiters/sshexec/'
+        }
+    ]
+}
+
+export const vulnerabilityExploiters = {
+  'title': 'Vulnerability exploiters',
+  'description': 'Click on exploiter to get more information about it.' +
+  '\u26A0 Note that using unsafe exploits may cause craches of the exploited ' +
+  'machine/service.',
+  'type': 'string',
+  'anyOf': [
+    {
+      'type': 'string',
+      'enum': ['ZerologonExploiter'],
+      'title': 'Zerologon Exploiter',
+      'safe': false,
+      'info': 'Exploits a privilege escalation vulnerability (CVE-2020-1472) in a Windows ' +
+      'server domain controller (DC) by using the Netlogon Remote Protocol (MS-NRPC). ' +
+      'This exploiter changes the password of a Windows server DC account, steals ' +
+      'credentials, and then attempts to restore the original DC password. The victim DC ' +
+      'will be unable to communicate with other DCs until the original ' +
+      'password has been restored. If Infection Monkey fails to restore the ' +
+      'password automatically, you\'ll have to do it manually. For more ' +
+      'information, see the documentation.',
+      'link': 'https://www.guardicore.com/infectionmonkey' +
+      '/docs/reference/exploiters/zerologon/'
+    },
+    {
+      'type': 'string',
+      'enum': ['PowerShellExploiter'],
+      'title': 'PowerShell Remoting Exploiter',
+      'info': 'Exploits PowerShell remote execution setups. PowerShell Remoting uses Windows ' +
+      'Remote Management (WinRM) to allow users to run PowerShell commands on remote ' +
+      'computers.',
+      'safe': true,
+      'link': 'https://www.guardicore.com/infectionmonkey' +
+      '/docs/reference/exploiters/powershell'
+    },
+    {
+      'type': 'string',
+      'enum': ['Log4ShellExploiter'],
+      'title': 'Log4Shell Exploiter',
+      'safe': true,
+      'info': 'Exploits a software vulnerability (CVE-2021-44228) in Apache Log4j, a Java ' +
+      'logging framework. Exploitation is attempted on the following services — ' +
+      'Apache Solr, Apache Tomcat, Logstash.',
+      'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+      '/exploiters/log4shell/'
+    }
+  ]
+}