p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UI: Initialize a new json schema

This commit is contained in:
Ilija Lazoroski 2022-06-29 18:31:19 +02:00
parent bcb97ce35d
commit f6d0482c2e
10 changed files with 318 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js Normal file
View File

@ -0,0 +1,58 @@
import {customPBAConfigurationSchema} from './definitions/custom_pbas.js';
import {pluginConfigurationSchema} from './definitions/plugins.js';
import {propagationConfigurationSchema} from './definitions/propagation.js';
export const SCHEMA = {
'title': 'Monkey',
'type': 'object',
'properties': {
'propagation': propagationConfigurationSchema,
'post_breach_actions': {
'title': 'Post-breach actions',
'type': 'object',
'properties': {
'pba_list': {
'title': 'PBAs',
'type': 'array',
'items': pluginConfigurationSchema,
'default': [
{'name': 'CommunicateAsBackdoorUser','safe': true, 'options': {}},
{'name': 'ModifyShellStartupFiles', 'safe': true, 'options': {}}
]
},
'custom_pbas': customPBAConfigurationSchema
}
},
'payloads': {
'title': 'Payloads',
'type': 'array',
'items': pluginConfigurationSchema,
'default': [
{'name': 'ransomware', 'safe': true, 'options': {}}
]
},
'credential_collectors': {
'title': 'Credential collectors',
'type': 'array',
'items': pluginConfigurationSchema,
'default': [
{'name': 'MimikatzCollector', 'safe': true, 'options':{}},
{'name': 'SSHCollector', 'safe': true, 'options':{}}
]
},
'advanced': {
'title': 'Advanced',
'type': 'object',
'properties':{
'keep_tunnel_open_time': {
'title': 'Keep tunnel open time',
'format': 'float',
'type': 'number',
'default': 30,
'description': 'Time to keep tunnel open before going down after last exploit (in seconds)'
}
}
}
},
'options': {'collapsed': true}
}

42
monkey/monkey_island/cc/ui/src/services/configuration/definitions/custom_pbas.js Normal file
View File

@ -0,0 +1,42 @@
export const customPBAConfigurationSchema = {
'title': 'Custom post-breach action',
'type': 'object',
'properties': {
'linux_command': {
'title': 'Linux post-breach command',
'type': 'string',
'default': '',
'description': 'Command to be executed after breaching. ' +
'Use this field to run custom commands or execute uploaded ' +
'files on exploited machines.\nExample: ' +
'"chmod +x ./my_script.sh; ./my_script.sh ; rm ./my_script.sh"'
},
'linux_filename': {
'title': 'Linux post-breach file',
'type': 'string',
'format': 'data-url',
'description': 'File to be uploaded after braeaching. ' +
'Use the "Linux post-breach command" field to ' +
'change permissions, run, or delete the file. ' +
'Reference your file by filename.'
},
'windows_command': {
'title': 'Windows post-breach command',
'type': 'string',
'default': '',
'description': 'Command to be executed after breaching. ' +
'Use this field to run custom commands or execute uploaded ' +
'file on exploited machine.\nExample: ' +
'"my_script.bat & del my_script.bat"'
},
'windows_filename':{
'title': 'Windows post-breach file',
'type': 'string',
'format': 'data-url',
'description': 'File to be uploaded after breaching. ' +
'Use the "Windows post-breach command" filed to ' +
'change permissions, run or delete the file. ' +
'Reference your file by filename.'
}
}
}

37
monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js Normal file
View File

@ -0,0 +1,37 @@
import {exploitationOptionsConfigurationSchema} from './exploitation_options.js';
import {pluginConfigurationSchema} from './plugins.js';
export const exploitationConfigurationSchema = {
'type': 'object',
'properties': {
'brute_force': {
'title': 'Brute force exploiters',
'type': 'string',
'anyOf': [
{
'type': 'string',
'enum': ['SmbExploiter'],
'info': 'bla',
'link': 'link'
},
{
'type': 'string',
'enum': ['SmbExploiter'],
'info': 'bla',
'link': 'link'
}
]
},
'vulnerability': {
'title': 'Vulnerability exploiters',
'type': 'string',
'items': pluginConfigurationSchema,
'default': [
{'name': 'Log4ShellExploiter', 'safe': true, 'options': {}},
{'name': 'HadoopExploiter', 'safe': true, 'options': {}}
]
},
'options': exploitationOptionsConfigurationSchema
}
}

14
monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation_options.js Normal file
View File

@ -0,0 +1,14 @@
export const exploitationOptionsConfigurationSchema = {
'type': 'object',
'properties': {
'http_ports': {
'title': 'HTTP Ports',
'type': 'array',
'items': {
'type': 'integer'
},
'default': [80, 8080, 443, 8008, 7001, 9200, 8983, 9600],
'description': 'List of ports the monkey will check if are being used for HTTP'
}
}
}

12
monkey/monkey_island/cc/ui/src/services/configuration/definitions/icmp_scan.js Normal file
View File

@ -0,0 +1,12 @@
export const icmpScanConfigurationSchema = {
'title': 'Ping scanner',
'type': 'object',
'properties': {
'timeout': {
'format': 'float',
'title': 'Ping scan timeout',
'type': 'number',
'description': 'Maximum time to wait for ping response'
}
}
}

26
monkey/monkey_island/cc/ui/src/services/configuration/definitions/network_scan.js Normal file
View File

@ -0,0 +1,26 @@
import {pluginConfigurationSchema} from './plugins.js';
import {icmpScanConfigurationSchema} from './icmp_scan.js';
import {scanTargetConfigurationSchema} from './scan_target.js';
import {tcpScanConfigurationSchema} from './tcp_scan.js';
export const networkScanConfigurationSchema = {
'type': 'object',
'additionalProperties': false,
'properties': {
'fingerprinters': {
'title': 'Fingerprinters',
'type': 'array',
'items': pluginConfigurationSchema,
'default': [
{'name': 'SMBFinger', 'safe': true, 'options': {}},
{'name': 'SSHFinger', 'safe': true, 'options': {}},
{'name': 'HTTPFinger', 'safe': true, 'options': {}},
{'name': 'MSSQLFinger', 'safe': true, 'options': {}},
{'name': 'ElasticFinger', 'safe': true, 'options': {}}
]
},
'icmp': icmpScanConfigurationSchema,
'targets': scanTargetConfigurationSchema,
'tcp': tcpScanConfigurationSchema
}
}

15
monkey/monkey_island/cc/ui/src/services/configuration/definitions/plugins.js Normal file
View File

@ -0,0 +1,15 @@
export const pluginConfigurationSchema = {
'type': 'object',
'properties': {
'name': {
'title': 'Name',
'type': 'string'
},
'safe': {
'type': 'boolean'
},
'options': {
'type': 'object'
}
}
}

23
monkey/monkey_island/cc/ui/src/services/configuration/definitions/propagation.js Normal file
View File

@ -0,0 +1,23 @@
import {exploitationConfigurationSchema} from './exploitation.js';
import {networkScanConfigurationSchema} from './network_scan.js';
export const propagationConfigurationSchema = {
'title': 'Propagation',
'type': 'object',
'properties': {
'exploitation': exploitationConfigurationSchema,
'maximum_depth': {
'title': 'Maximum scan depth',
'type': 'integer',
'minimum': 1,
'default': 2,
'description': 'Amount of hops alloed for the monkey to spread from the ' +
'Island server. \n' +
' \u26A0' +
' Note that setting this value too high may result in the ' +
'Monkey propagating too far, '+
'if the "Local network scan" is enabled'
},
'network_scan': networkScanConfigurationSchema
}
}

70
monkey/monkey_island/cc/ui/src/services/configuration/definitions/scan_target.js Normal file
View File

@ -0,0 +1,70 @@
export const scanTargetConfigurationSchema = {
'title': 'Network',
'type': 'object',
'properties': {
'info_box': {
'info': 'The Monkey scans its subnet if "Local network scan" is checked. '+
'Additionally, the Monkey scans machines according to "Scan target list". '
},
'blocked_ips': {
'title': 'Blocked IPs',
'type': 'array',
'uniqueItems': true,
'items': {
'type': 'string',
'format': 'ip'
},
'default': [],
'description': 'List of IPs that the monkey will not scan.'
},
'inaccessible_sbunets': {
'title': 'Network segmentation testing',
'type': 'array',
'uniqueItems': true,
'items': {
'type': 'string',
'format': 'ip-range'
},
'default': [],
'description': 'Test for network segmentation by providing a list of network segments that should NOT be accessible to each other.\n\n ' +
'For example, if you configured the following three segments: ' +
'"10.0.0.0/24", "11.0.0.2/32" and "12.2.3.0/24",' +
'a Monkey running on 10.0.0.5 will try to access machines in ' +
'the following subnets: ' +
'11.0.0.2/32, 12.2.3.0/24. An alert on successful cross-segment connections ' +
'will be shown in the reports. \n\n' +
'Network segments can be IPs, subnets or hosts. Examples:\n' +
'\tDefine a single-IP segment: "192.168.0.1"\n' +
'\tDefine a segment using a network range: ' +
'"192.168.0.5-192.168.0.20"\n' +
'\tDefine a segment using an subnet IP mask: "192.168.0.5/24"\n' +
'\tDefine a single-host segment: "printer.example"'
},
'local_network_scan': {
'title': 'Local network scan',
'type': 'boolean',
'default': true,
'description': 'Determines whether the Monkey will scan the local subnets of machines it runs on, ' +
'in addition to the IPs that are configured manually in the "Scan target list"'
},
'subnets': {
'title': 'Scan target list',
'type': 'array',
'uniqueItems': true,
'items': {
'type': 'string',
'format': 'ip-range'
},
'default': [],
'description': 'List of targets the Monkey will try to scan. Targets can be ' +
'IPs, subnets or hosts. ' +
'Examples:\n' +
'\tTarget a specific IP: "192.168.0.1"\n' +
'\tTarget a subnet using a network range: ' +
'"192.168.0.5-192.168.0.20"\n'+
'\tTarget a subnet using an IP mask: "192.168.0.5/24"\n' +
'\tTarget a specific host: "printer.example"'
}
}
}

21
monkey/monkey_island/cc/ui/src/services/configuration/definitions/tcp_scan.js Normal file
View File

@ -0,0 +1,21 @@
export const tcpScanConfigurationSchema = {
'title': 'TCP scanner',
'type': 'object',
'properties': {
'ports': {
'title': 'TCP target ports',
'type': 'array',
'items': {
'type': 'integer'
},
'default': [22,2222,445,135,389,80,8080,443,8008,3306,7001,8088,5885,5986],
'description': 'List of TCP ports the monkey will check whether they\'re open'
},
'timeout': {
'title': 'TCP scan timeout',
'format': 'float',
'type': 'number',
'description': 'Maximum time to wait for TCP response.'
}
}
}