Zoo: Remove ShellShock Exploiter

envs/monkey_zoo/blackbox/config_templates/performance.py

@@ -16,7 +16,6 @@ class Performance(ConfigTemplate):
             "SmbExploiter",
             "WmiExploiter",
             "SSHExploiter",
-            "ShellShockExploiter",
             "ElasticGroovyExploiter",
             "Struts2Exploiter",
             "WebLogicExploiter",

envs/monkey_zoo/blackbox/config_templates/shellshock.py

@@ -1,17 +0,0 @@
-from copy import copy
-
-from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate
-from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate
-
-
-class ShellShock(ConfigTemplate):
-    config_values = copy(BaseTemplate.config_values)
-
-    config_values.update(
-        {
-            "basic.exploiters.exploiter_classes": ["ShellShockExploiter"],
-            "basic_network.scope.subnet_scan_list": ["10.2.2.8"],
-            "internal.network.tcp_scanner.HTTP_PORTS": [80, 8080],
-            "internal.network.tcp_scanner.tcp_target_ports": [],
-        }
-    )

envs/monkey_zoo/blackbox/gcp_test_machine_list.py

@@ -17,7 +17,6 @@ GCP_TEST_MACHINE_LIST = {
         "tunneling-12",
         "weblogic-18",
         "weblogic-19",
-        "shellshock-8",
         "zerologon-25",
         "drupal-28",
     ],

envs/monkey_zoo/blackbox/test_blackbox.py

@@ -20,7 +20,6 @@ from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell
 from envs.monkey_zoo.blackbox.config_templates.powershell_credentials_reuse import (
     PowerShellCredentialsReuse,
 )
-from envs.monkey_zoo.blackbox.config_templates.shellshock import ShellShock
 from envs.monkey_zoo.blackbox.config_templates.smb_mimikatz import SmbMimikatz
 from envs.monkey_zoo.blackbox.config_templates.smb_pth import SmbPth
 from envs.monkey_zoo.blackbox.config_templates.ssh import Ssh
@@ -200,9 +199,6 @@ class TestMonkeyBlackbox:
     def test_weblogic_exploiter(self, island_client):
         TestMonkeyBlackbox.run_exploitation_test(island_client, Weblogic, "Weblogic_exploiter")
 
-    def test_shellshock_exploiter(self, island_client):
-        TestMonkeyBlackbox.run_exploitation_test(island_client, ShellShock, "Shellshock_exploiter")
-
     def test_log4j_solr_exploiter(self, island_client):
         TestMonkeyBlackbox.run_exploitation_test(
             island_client, Log4jSolr, "Log4Shell_Solr_exploiter"

envs/monkey_zoo/blackbox/utils/config_generation_script.py

@@ -12,7 +12,6 @@ from envs.monkey_zoo.blackbox.config_templates.log4j_tomcat import Log4jTomcat
 from envs.monkey_zoo.blackbox.config_templates.mssql import Mssql
 from envs.monkey_zoo.blackbox.config_templates.performance import Performance
 from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell
-from envs.monkey_zoo.blackbox.config_templates.shellshock import ShellShock
 from envs.monkey_zoo.blackbox.config_templates.smb_mimikatz import SmbMimikatz
 from envs.monkey_zoo.blackbox.config_templates.smb_pth import SmbPth
 from envs.monkey_zoo.blackbox.config_templates.ssh import Ssh
@@ -45,7 +44,6 @@ CONFIG_TEMPLATES = [
     Mssql,
     Performance,
     PowerShell,
-    ShellShock,
     SmbMimikatz,
     SmbPth,
     Ssh,

envs/monkey_zoo/docs/fullDocs.md

@@ -11,7 +11,6 @@ This document describes Infection Monkey’s test network, how to deploy and use
 [Nr. 3 Hadoop](#_Toc526517183)<br>
 [Nr. 4 Elastic](#_Toc526517184)<br>
 [Nr. 5 Elastic](#_Toc526517185)<br>
-[Nr. 8 Shellshock](#_Toc536021461)<br>
 [Nr. 9 Tunneling M1](#_Toc536021462)<br>
 [Nr. 10 Tunneling M2](#_Toc536021463)<br>
 [Nr. 11 SSH key steal](#_Toc526517190)<br>
@@ -326,38 +325,6 @@ Update all requirements using deployment script:<br>
 </tbody>
 </table>
 
-<table>
-<thead>
-<tr class="header">
-<th><p><span id="_Toc536021461" class="anchor"></span>Nr. <strong>8</strong> Shellshock</p>
-<p>(10.2.2.8)</p></th>
-<th>(Vulnerable)</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td>OS:</td>
-<td><strong>Ubuntu 12.04 LTS x64</strong></td>
-</tr>
-<tr class="even">
-<td>Software:</td>
-<td>Apache2, bash 4.2.</td>
-</tr>
-<tr class="odd">
-<td>Default server’s port:</td>
-<td>80</td>
-</tr>
-<tr class="even">
-<td>Scan results:</td>
-<td>Machine exploited using Shellshock exploiter</td>
-</tr>
-<tr class="odd">
-<td>Notes:</td>
-<td>Vulnerable app is under /cgi-bin/test.cgi</td>
-</tr>
-</tbody>
-</table>
-
 <table>
 <thead>
 <tr class="header">

envs/monkey_zoo/terraform/images.tf

@@ -15,11 +15,6 @@ data "google_compute_image" "elastic-5" {
   name = "elastic-5"
   project = local.monkeyzoo_project
 }
-
-data "google_compute_image" "shellshock-8" {
-  name = "shellshock-8"
-  project = local.monkeyzoo_project
-}
 data "google_compute_image" "tunneling-9" {
   name = "tunneling-9"
   project = local.monkeyzoo_project

envs/monkey_zoo/terraform/monkey_zoo.tf

@@ -106,21 +106,6 @@ resource "google_compute_instance_from_template" "elastic-5" {
   }
 }
 
-resource "google_compute_instance_from_template" "shellshock-8" {
-  name = "${local.resource_prefix}shellshock-8"
-  source_instance_template = local.default_ubuntu
-  boot_disk{
-    initialize_params {
-      image = data.google_compute_image.shellshock-8.self_link
-    }
-    auto_delete = true
-  }
-  network_interface {
-    subnetwork="${local.resource_prefix}monkeyzoo-main"
-    network_ip="10.2.2.8"
-  }
-}
-
 resource "google_compute_instance_from_template" "tunneling-9" {
   name = "${local.resource_prefix}tunneling-9"
   source_instance_template = local.default_ubuntu