From edc8fff0a7186b895d810898428e0f172bcdb69d Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Mon, 1 Mar 2021 17:11:23 +0200 Subject: [PATCH] Extracted relevant config parameters for each BB test and made templates from those --- .../config_templates/__init__.py | 0 .../config_templates/base_template.py | 19 +++++ .../config_templates/config_template.py | 32 +++++++++ .../config_templates/elastic.py | 14 ++++ .../island_configs/config_templates/hadoop.py | 14 ++++ .../island_configs/config_templates/mssql.py | 25 +++++++ .../config_templates/performance.py | 71 +++++++++++++++++++ .../config_templates/shellshock.py | 14 ++++ .../config_templates/smb_mimikatz.py | 36 ++++++++++ .../config_templates/smb_pth.py | 33 +++++++++ .../island_configs/config_templates/ssh.py | 31 ++++++++ .../config_templates/struts2.py | 16 +++++ .../config_templates/tunneling.py | 41 +++++++++++ .../config_templates/weblogic.py | 16 +++++ .../config_templates/wmi_mimikatz.py | 31 ++++++++ .../config_templates/wmi_pth.py | 29 ++++++++ .../generated_configs/.gitignore | 1 + 17 files changed, 423 insertions(+) create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py create mode 100644 envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py new file mode 100644 index 000000000..8d84c5588 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/base_template.py @@ -0,0 +1,19 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigTemplate, \ + ConfigValueDescriptor + + +# Disables a lot of config values not required for a specific feature test +class BaseTemplate(ConfigTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return False + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", []), + ConfigValueDescriptor("basic_network.scope.local_network_scan", False), + ConfigValueDescriptor("internal.classes.finger_classes", + ["PingScanner", "HTTPFinger"]), + ConfigValueDescriptor("internal.monkey.system_info.system_info_collector_classes", + ["EnvironmentCollector", "HostnameCollector"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py new file mode 100644 index 000000000..ac8d28a80 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/config_template.py @@ -0,0 +1,32 @@ +from abc import ABC, abstractmethod +from dataclasses import dataclass +from typing import Any, List + +import envs.monkey_zoo.blackbox.island_configs.config_templates +from infection_monkey.utils.plugins.plugin import Plugin + + +@dataclass +class ConfigValueDescriptor: + path: str # Dot separated config path. E.g. monkey.pba.actions.create_user + content: Any # Contents of config value. Depends on the type of config value. + + +class ConfigTemplate(Plugin, ABC): + + @staticmethod + def base_package_name(): + return envs.monkey_zoo.blackbox.island_configs.config_templates.__package__ + + @staticmethod + def base_package_file(): + return envs.monkey_zoo.blackbox.island_configs.config_templates.__file__ + + @abstractmethod + @property + def config_value_list(self) -> List[ConfigValueDescriptor]: + pass + + @staticmethod + def should_run(class_name: str) -> bool: + return False diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py new file mode 100644 index 000000000..ff215eb39 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/elastic.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Elastic(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["ElasticGroovyExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.4", "10.2.2.5"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py new file mode 100644 index 000000000..ef64996dc --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/hadoop.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Hadoop(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["HadoopExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.2", "10.2.2.3"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py new file mode 100644 index 000000000..3d8b18e38 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/mssql.py @@ -0,0 +1,25 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Mssql(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["MSSQLExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.16"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Xk8VDTsC", + "password", + "12345678" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py new file mode 100644 index 000000000..2d213121e --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/performance.py @@ -0,0 +1,71 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor, \ + ConfigTemplate + + +class Performance(ConfigTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Xk8VDTsC", + "^NgDvY59~8", + "Ivrrw5zEzs", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["m0nk3y" + ]), + ConfigValueDescriptor("basic.exploiters.exploiter_classes", + ["SmbExploiter", + "WmiExploiter", + "SSHExploiter", + "ShellShockExploiter", + "SambaCryExploiter", + "ElasticGroovyExploiter", + "Struts2Exploiter", + "WebLogicExploiter", + "HadoopExploiter", + "VSFTPDExploiter", + "MSSQLExploiter", + "ZerologonExploiter" + ]), + ConfigValueDescriptor("basic_network.network_analysis.inaccessible_subnets", + ["10.2.2.0/30", + "10.2.2.8/30", + "10.2.2.24/32", + "10.2.2.23/32", + "10.2.2.21/32", + "10.2.2.19/32", + "10.2.2.18/32", + "10.2.2.17/32" + ]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.2", + "10.2.2.3", + "10.2.2.4", + "10.2.2.5", + "10.2.2.8", + "10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12", + "10.2.2.11", + "10.2.2.12", + "10.2.2.14", + "10.2.2.15", + "10.2.2.16", + "10.2.2.18", + "10.2.2.19", + "10.2.2.20", + "10.2.2.21", + "10.2.2.23", + "10.2.2.24", + "10.2.2.25", + ]) + + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py new file mode 100644 index 000000000..04eab1b62 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/shellshock.py @@ -0,0 +1,14 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class ShellShock(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["ShellShockExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", ["10.2.2.8"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py new file mode 100644 index 000000000..18646b390 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_mimikatz.py @@ -0,0 +1,36 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class SmbMimikatz(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SmbExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.14", + "10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Ivrrw5zEzs" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SMBFinger", + "PingScanner", + "HTTPFinger" + ]), + ConfigValueDescriptor("monkey.system_info.system_info_collector_classes", + ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py new file mode 100644 index 000000000..ad5dd1069 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/smb_pth.py @@ -0,0 +1,33 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class SmbPth(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SmbExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Ivrrw5zEzs" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SMBFinger", + "PingScanner", + "HTTPFinger" + ]), + ConfigValueDescriptor("internal.classes.exploits.exploit_ntlm_hash_list", + ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py new file mode 100644 index 000000000..dd0d240a0 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/ssh.py @@ -0,0 +1,31 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Ssh(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["SSHExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.11", + "10.2.2.12"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "12345678", + "^NgDvY59~8" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SSHFinger", + "PingScanner", + "HTTPFinger" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py new file mode 100644 index 000000000..f77dbd5b5 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/struts2.py @@ -0,0 +1,16 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Struts2(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["Struts2Exploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.23", + "10.2.2.24"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py new file mode 100644 index 000000000..deef4c87d --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/tunneling.py @@ -0,0 +1,41 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Tunneling(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", + ["SmbExploiter", + "WmiExploiter", + "SSHExploiter" + ]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.9", + "10.2.1.10", + "10.2.0.11", + "10.2.0.12" + ]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz", + "12345678" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["SSHFinger", + "PingScanner", + "HTTPFinger", + "SMBFinger", + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py new file mode 100644 index 000000000..74690c1f3 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/weblogic.py @@ -0,0 +1,16 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class Weblogic(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WebLogicExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.18", + "10.2.2.19"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py new file mode 100644 index 000000000..d223fe99f --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_mimikatz.py @@ -0,0 +1,31 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class WmiMimikatz(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WmiExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.14", + "10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!", + "Ivrrw5zEzs" + ]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("monkey.system_info.system_info_collector_classes", + ["EnvironmentCollector", + "HostnameCollector", + "ProcessListCollector", + "MimikatzCollector" + ]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py new file mode 100644 index 000000000..6488979f4 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/config_templates/wmi_pth.py @@ -0,0 +1,29 @@ +from envs.monkey_zoo.blackbox.island_configs.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.island_configs.config_templates.config_template import ConfigValueDescriptor + + +class WmiPth(BaseTemplate): + + @staticmethod + def should_run(class_name: str) -> bool: + return True + + config_value_list = [ + ConfigValueDescriptor("basic.exploiters.exploiter_classes", ["WmiExploiter"]), + ConfigValueDescriptor("basic_network.scope.subnet_scan_list", + ["10.2.2.15"]), + ConfigValueDescriptor("basic.credentials.exploit_password_list", + ["Password1!"]), + ConfigValueDescriptor("basic.credentials.exploit_user_list", + ["Administrator", + "m0nk3y", + "user" + ]), + ConfigValueDescriptor("internal.classes.finger_classes", + ["PingScanner", + "HTTPFinger" + ]), + ConfigValueDescriptor("internal.classes.exploits.exploit_ntlm_hash_list", + ["5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b"]) + ] diff --git a/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore b/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore new file mode 100644 index 000000000..9c558e357 --- /dev/null +++ b/envs/monkey_zoo/blackbox/island_configs/generated_configs/.gitignore @@ -0,0 +1 @@ +.