2019-10-01 15:42:51 +08:00
|
|
|
import os
|
|
|
|
|
import logging
|
|
|
|
|
|
2019-08-29 20:14:07 +08:00
|
|
|
import pytest
|
2019-09-13 21:12:58 +08:00
|
|
|
from time import sleep
|
2019-08-27 21:23:09 +08:00
|
|
|
|
2020-02-23 21:24:44 +08:00
|
|
|
from envs.monkey_zoo.blackbox.analyzers.performance_analyzer import PerformanceAnalyzer
|
2019-09-13 21:12:58 +08:00
|
|
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
2019-08-29 23:18:25 +08:00
|
|
|
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import CommunicationAnalyzer
|
2019-09-13 21:12:58 +08:00
|
|
|
from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser
|
2019-09-11 17:39:28 +08:00
|
|
|
from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers
|
|
|
|
|
from envs.monkey_zoo.blackbox.tests.basic_test import BasicTest
|
2019-09-17 14:17:29 +08:00
|
|
|
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler
|
2019-08-27 20:52:39 +08:00
|
|
|
|
2019-09-24 20:38:16 +08:00
|
|
|
DEFAULT_TIMEOUT_SECONDS = 5*60
|
2019-09-13 21:12:58 +08:00
|
|
|
MACHINE_BOOTUP_WAIT_SECONDS = 30
|
2019-10-29 20:04:48 +08:00
|
|
|
GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'hadoop-2', 'hadoop-3', 'mssql-16',
|
2019-10-11 22:08:15 +08:00
|
|
|
'mimikatz-14', 'mimikatz-15', 'struts2-23', 'struts2-24', 'tunneling-9', 'tunneling-10',
|
|
|
|
|
'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8']
|
2019-10-01 15:42:51 +08:00
|
|
|
LOG_DIR_PATH = "./logs"
|
2019-10-01 21:11:53 +08:00
|
|
|
LOGGER = logging.getLogger(__name__)
|
2019-08-29 19:57:04 +08:00
|
|
|
|
2019-09-07 01:59:11 +08:00
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
@pytest.fixture(autouse=True, scope='session')
|
|
|
|
|
def GCPHandler(request):
|
|
|
|
|
GCPHandler = gcp_machine_handlers.GCPHandler()
|
2019-09-13 21:12:58 +08:00
|
|
|
GCPHandler.start_machines(" ".join(GCP_TEST_MACHINE_LIST))
|
|
|
|
|
wait_machine_bootup()
|
2019-09-07 01:59:11 +08:00
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
def fin():
|
2019-09-13 21:12:58 +08:00
|
|
|
GCPHandler.stop_machines(" ".join(GCP_TEST_MACHINE_LIST))
|
2019-09-07 01:59:11 +08:00
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
request.addfinalizer(fin)
|
2019-09-07 01:59:11 +08:00
|
|
|
|
|
|
|
|
|
2019-09-13 21:12:58 +08:00
|
|
|
@pytest.fixture(autouse=True, scope='session')
|
|
|
|
|
def delete_logs():
|
2019-10-01 21:11:53 +08:00
|
|
|
LOGGER.info("Deleting monkey logs before new tests.")
|
2019-10-01 15:42:51 +08:00
|
|
|
TestLogsHandler.delete_log_folder_contents(TestMonkeyBlackbox.get_log_dir_path())
|
2019-09-13 21:12:58 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def wait_machine_bootup():
|
|
|
|
|
sleep(MACHINE_BOOTUP_WAIT_SECONDS)
|
|
|
|
|
|
|
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
@pytest.fixture(scope='class')
|
|
|
|
|
def island_client(island):
|
|
|
|
|
island_client_object = MonkeyIslandClient(island)
|
2019-09-19 19:38:17 +08:00
|
|
|
island_client_object.reset_env()
|
2019-09-11 17:39:28 +08:00
|
|
|
yield island_client_object
|
2019-09-07 01:59:11 +08:00
|
|
|
|
|
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
@pytest.mark.usefixtures('island_client')
|
|
|
|
|
# noinspection PyUnresolvedReferences
|
|
|
|
|
class TestMonkeyBlackbox(object):
|
|
|
|
|
|
2019-09-13 21:12:58 +08:00
|
|
|
@staticmethod
|
|
|
|
|
def run_basic_test(island_client, conf_filename, test_name, timeout_in_seconds=DEFAULT_TIMEOUT_SECONDS):
|
2019-09-11 17:39:28 +08:00
|
|
|
config_parser = IslandConfigParser(conf_filename)
|
|
|
|
|
analyzer = CommunicationAnalyzer(island_client, config_parser.get_ips_of_targets())
|
2019-10-01 15:42:51 +08:00
|
|
|
log_handler = TestLogsHandler(test_name, island_client, TestMonkeyBlackbox.get_log_dir_path())
|
2020-02-25 17:24:28 +08:00
|
|
|
BasicTest(
|
|
|
|
|
name=test_name,
|
|
|
|
|
island_client=island_client,
|
|
|
|
|
config_parser=config_parser,
|
|
|
|
|
analyzers=[analyzer],
|
|
|
|
|
timeout=timeout_in_seconds,
|
|
|
|
|
post_exec_analyzers=[],
|
|
|
|
|
log_handler=log_handler).run()
|
2019-10-01 15:42:51 +08:00
|
|
|
|
2020-02-23 21:24:44 +08:00
|
|
|
@staticmethod
|
2020-02-25 20:57:50 +08:00
|
|
|
def run_performance_test(island_client, conf_filename, test_name, timeout_in_seconds):
|
2020-02-23 21:24:44 +08:00
|
|
|
config_parser = IslandConfigParser(conf_filename)
|
|
|
|
|
log_handler = TestLogsHandler(test_name, island_client, TestMonkeyBlackbox.get_log_dir_path())
|
2020-02-25 17:24:28 +08:00
|
|
|
BasicTest(
|
|
|
|
|
name=test_name,
|
|
|
|
|
island_client=island_client,
|
|
|
|
|
config_parser=config_parser,
|
|
|
|
|
analyzers=[CommunicationAnalyzer(island_client, config_parser.get_ips_of_targets())],
|
|
|
|
|
timeout=timeout_in_seconds,
|
|
|
|
|
post_exec_analyzers=[PerformanceAnalyzer(
|
|
|
|
|
island_client,
|
2020-03-15 22:58:49 +08:00
|
|
|
break_if_took_too_long=False
|
2020-02-25 17:24:28 +08:00
|
|
|
)],
|
|
|
|
|
log_handler=log_handler).run()
|
2020-02-23 21:24:44 +08:00
|
|
|
|
2019-10-01 15:42:51 +08:00
|
|
|
@staticmethod
|
|
|
|
|
def get_log_dir_path():
|
|
|
|
|
return os.path.abspath(LOG_DIR_PATH)
|
2019-09-07 01:59:11 +08:00
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
def test_server_online(self, island_client):
|
|
|
|
|
assert island_client.get_api_status() is not None
|
2019-09-07 01:59:11 +08:00
|
|
|
|
2019-10-29 22:29:51 +08:00
|
|
|
def test_ssh_exploiter(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "SSH.conf", "SSH_exploiter_and_keys")
|
2019-08-28 19:56:35 +08:00
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
def test_hadoop_exploiter(self, island_client):
|
2019-09-13 21:12:58 +08:00
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "HADOOP.conf", "Hadoop_exploiter", 6*60)
|
2019-08-28 19:56:35 +08:00
|
|
|
|
2019-10-29 22:29:51 +08:00
|
|
|
def test_mssql_exploiter(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "MSSQL.conf", "MSSQL_exploiter")
|
|
|
|
|
|
|
|
|
|
def test_smb_and_mimikatz_exploiters(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "SMB_MIMIKATZ.conf", "SMB_exploiter_mimikatz")
|
|
|
|
|
|
|
|
|
|
def test_smb_pth(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "SMB_PTH.conf", "SMB_PTH")
|
|
|
|
|
|
|
|
|
|
def test_elastic_exploiter(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "ELASTIC.conf", "Elastic_exploiter")
|
|
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
def test_struts_exploiter(self, island_client):
|
2019-09-13 21:12:58 +08:00
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "STRUTS2.conf", "Strtuts2_exploiter")
|
2019-09-07 01:59:11 +08:00
|
|
|
|
2019-10-29 22:29:51 +08:00
|
|
|
def test_weblogic_exploiter(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "WEBLOGIC.conf", "Weblogic_exploiter")
|
2019-08-27 20:52:39 +08:00
|
|
|
|
2019-09-11 17:39:28 +08:00
|
|
|
def test_shellshock_exploiter(self, island_client):
|
2019-09-13 21:12:58 +08:00
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "SHELLSHOCK.conf", "Shellschock_exploiter")
|
2019-08-29 19:57:04 +08:00
|
|
|
|
2019-10-07 15:39:40 +08:00
|
|
|
@pytest.mark.xfail(reason="Test fails randomly - still investigating.")
|
2019-09-11 17:39:28 +08:00
|
|
|
def test_tunneling(self, island_client):
|
2019-09-24 20:38:16 +08:00
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "TUNNELING.conf", "Tunneling_exploiter", 10*60)
|
2019-08-28 19:56:35 +08:00
|
|
|
|
2019-09-24 20:38:16 +08:00
|
|
|
def test_wmi_and_mimikatz_exploiters(self, island_client):
|
2019-09-13 21:12:58 +08:00
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "WMI_MIMIKATZ.conf", "WMI_exploiter,_mimikatz")
|
2019-09-24 20:38:16 +08:00
|
|
|
|
|
|
|
|
def test_wmi_pth(self, island_client):
|
|
|
|
|
TestMonkeyBlackbox.run_basic_test(island_client, "WMI_PTH.conf", "WMI_PTH")
|
2020-02-23 21:24:44 +08:00
|
|
|
|
|
|
|
|
def test_performance(self, island_client):
|
2020-02-25 17:24:28 +08:00
|
|
|
"""
|
|
|
|
|
This test includes the SSH + Elastic + Hadoop + MSSQL machines all in one test
|
|
|
|
|
for a total of 8 machines including the Monkey Island.
|
|
|
|
|
|
|
|
|
|
Is has 2 analyzers - the regular one which checks all the Monkeys
|
|
|
|
|
and the Timing one which checks how long the report took to execute
|
|
|
|
|
"""
|
|
|
|
|
TestMonkeyBlackbox.run_performance_test(
|
|
|
|
|
island_client,
|
|
|
|
|
"PERFORMANCE.conf",
|
|
|
|
|
"test_report_performance",
|
2020-02-25 20:57:50 +08:00
|
|
|
timeout_in_seconds=10*60)
|
