forked from p34709852/monkey
44 lines
2.5 KiB
Plaintext
44 lines
2.5 KiB
Plaintext
{
|
|
"id": "xYkxB76pK0peJj2tSxBJ",
|
|
"name": "Define what your new PBA does",
|
|
"task": {
|
|
"dod": "You should add a new PBA const that defines what the PBA does.",
|
|
"tests": [],
|
|
"hints": [
|
|
"See the `Timestomping` PBA. How is the name of the PBA set?"
|
|
]
|
|
},
|
|
"content": [
|
|
{
|
|
"type": "text",
|
|
"text": "The name of your new PBA (which creates scheduled jobs on the machine) will be used in a few places, including the report. <br><br>\nYou should briefly define what your PBA does in a constant variable, such that it can be used by both the Monkey and the Monkey Island.\n\n## Manual test \nOnce you think you're done...\n- Run the Monkey Island\n- Make sure the \"Job scheduling\" PBA is enabled in the \"Monkey\" tab in the configuration — for this test, disable network scanning, exploiting, and all other PBAs\n- Run the Monkey\n- Check the PBA section in the Security report for the name you gave to the new PBA \n\n<img src=\"https://firebasestorage.googleapis.com/v0/b/swimmio-content/o/repositories%2F6Nlb99NtY5Fc3bSd8suH%2Fimg%2Ff0e53e6c-9dbe-41d8-9454-2b5761c3f53a.png?alt=media&token=21aa4bb8-7ebe-4dab-a739-c77e059144dd\" height=400>"
|
|
},
|
|
{
|
|
"firstLineNumber": 5,
|
|
"path": "monkey/common/common_consts/post_breach_consts.py",
|
|
"type": "snippet",
|
|
"lines": [
|
|
" POST_BREACH_HIDDEN_FILES = \"Hide files and directories\"",
|
|
" POST_BREACH_TRAP_COMMAND = \"Execute command when a particular signal is received\"",
|
|
" POST_BREACH_SETUID_SETGID = \"Setuid and Setgid\"",
|
|
"*POST_BREACH_JOB_SCHEDULING = \"Schedule jobs\"",
|
|
"+# Swimmer: PUT THE NEW CONST HERE!",
|
|
" POST_BREACH_TIMESTOMPING = \"Modify files' timestamps\"",
|
|
" POST_BREACH_SIGNED_SCRIPT_PROXY_EXEC = \"Signed script proxy execution\"",
|
|
" POST_BREACH_ACCOUNT_DISCOVERY = \"Account discovery\""
|
|
],
|
|
"comments": []
|
|
},
|
|
{
|
|
"type": "text",
|
|
"text": "- The name defined here for your PBA can be seen on the Monkey Island in the PBA section in the Security report.\n- The results of each PBA stored in the telemetry are also identified by the string defined here for that PBA."
|
|
}
|
|
],
|
|
"file_version": "2.0.0",
|
|
"meta": {
|
|
"app_version": "0.3.7-0",
|
|
"file_blobs": {
|
|
"monkey/common/common_consts/post_breach_consts.py": "25e6679cb1623aae1a732deb05cc011a452743e3"
|
|
}
|
|
}
|
|
} |