2015-12-07 16:15:56 +08:00
|
|
|
{
|
|
|
|
"command_servers": [
|
2016-07-10 16:41:13 +08:00
|
|
|
"41.50.73.31:5000"
|
|
|
|
],
|
2016-08-01 01:40:45 +08:00
|
|
|
"internet_services": [
|
2016-07-10 16:47:07 +08:00
|
|
|
"monkey.guardicore.com",
|
2016-07-10 16:41:13 +08:00
|
|
|
"www.google.com"
|
|
|
|
],
|
2017-10-03 20:47:50 +08:00
|
|
|
"keep_tunnel_open_time": 60,
|
2018-02-26 22:34:23 +08:00
|
|
|
"subnet_scan_list": [
|
2016-07-10 16:41:13 +08:00
|
|
|
""
|
|
|
|
],
|
2016-09-21 16:35:41 +08:00
|
|
|
"blocked_ips": [""],
|
2016-07-10 16:41:13 +08:00
|
|
|
"current_server": "41.50.73.31:5000",
|
|
|
|
"alive": true,
|
|
|
|
"collect_system_info": true,
|
2018-03-27 15:40:03 +08:00
|
|
|
"extract_azure_creds": true,
|
2016-08-01 01:40:45 +08:00
|
|
|
"depth": 2,
|
|
|
|
|
2017-09-27 16:24:42 +08:00
|
|
|
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
|
|
|
|
"dropper_date_reference_path_linux": "/bin/sh",
|
2016-03-02 23:13:36 +08:00
|
|
|
"dropper_log_path_windows": "%temp%\\~df1562.tmp",
|
|
|
|
"dropper_log_path_linux": "/tmp/user-1562",
|
2015-12-07 16:15:56 +08:00
|
|
|
"dropper_set_date": true,
|
2018-03-04 23:05:43 +08:00
|
|
|
"dropper_target_path_win_32": "C:\\Windows\\monkey32.exe",
|
|
|
|
"dropper_target_path_win_64": "C:\\Windows\\monkey64.exe",
|
2016-08-20 20:28:14 +08:00
|
|
|
"dropper_target_path_linux": "/tmp/monkey",
|
2016-07-19 04:43:17 +08:00
|
|
|
|
2016-08-03 14:24:55 +08:00
|
|
|
|
|
|
|
"kill_file_path_linux": "/var/run/monkey.not",
|
2016-08-09 03:25:33 +08:00
|
|
|
"kill_file_path_windows": "%windir%\\monkey.not",
|
2017-10-02 22:11:51 +08:00
|
|
|
"dropper_try_move_first": true,
|
2015-12-07 16:15:56 +08:00
|
|
|
"exploiter_classes": [
|
|
|
|
"SSHExploiter",
|
|
|
|
"SmbExploiter",
|
|
|
|
"WmiExploiter",
|
2017-09-26 20:43:46 +08:00
|
|
|
"ShellShockExploiter",
|
|
|
|
"ElasticGroovyExploiter",
|
|
|
|
"SambaCryExploiter",
|
2015-12-07 16:15:56 +08:00
|
|
|
],
|
|
|
|
"finger_classes": [
|
|
|
|
"SSHFinger",
|
|
|
|
"PingScanner",
|
2016-09-01 18:58:44 +08:00
|
|
|
"HTTPFinger",
|
2017-09-25 17:01:48 +08:00
|
|
|
"SMBFinger",
|
|
|
|
"MySQLFinger"
|
2017-09-25 20:13:36 +08:00
|
|
|
"ElasticFinger",
|
2015-12-07 16:15:56 +08:00
|
|
|
],
|
|
|
|
"max_iterations": 3,
|
2016-03-02 23:13:36 +08:00
|
|
|
"monkey_log_path_windows": "%temp%\\~df1563.tmp",
|
|
|
|
"monkey_log_path_linux": "/tmp/user-1563",
|
2018-02-20 00:32:05 +08:00
|
|
|
"send_log_to_server": true,
|
2015-12-07 16:15:56 +08:00
|
|
|
"ms08_067_exploit_attempts": 5,
|
2016-06-14 22:06:17 +08:00
|
|
|
"ms08_067_remote_user_add": "Monkey_IUSER_SUPPORT",
|
2015-12-07 16:15:56 +08:00
|
|
|
"ms08_067_remote_user_pass": "Password1!",
|
|
|
|
"ping_scan_timeout": 10000,
|
|
|
|
"rdp_use_vbs_download": true,
|
2016-09-05 22:45:27 +08:00
|
|
|
"smb_download_timeout": 300,
|
2016-09-08 00:10:30 +08:00
|
|
|
"smb_service_name": "InfectionMonkey",
|
2015-12-07 16:15:56 +08:00
|
|
|
"retry_failed_explotation": true,
|
|
|
|
"scanner_class": "TcpScanner",
|
2016-08-01 01:40:45 +08:00
|
|
|
"self_delete_in_cleanup": true,
|
2016-07-23 13:59:26 +08:00
|
|
|
"serialize_config": false,
|
2015-12-07 16:15:56 +08:00
|
|
|
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
|
2017-09-28 19:44:18 +08:00
|
|
|
"skip_exploit_if_file_exist": false,
|
2017-08-17 23:04:36 +08:00
|
|
|
"exploit_user_list": [],
|
2017-09-05 22:51:26 +08:00
|
|
|
"exploit_password_list": [],
|
2017-09-26 23:11:13 +08:00
|
|
|
"exploit_lm_hash_list": [],
|
|
|
|
"exploit_ntlm_hash_list": [],
|
2017-09-05 22:51:26 +08:00
|
|
|
"sambacry_trigger_timeout": 5,
|
|
|
|
"sambacry_folder_paths_to_guess": ["", "/mnt", "/tmp", "/storage", "/export", "/share", "/shares", "/home"],
|
|
|
|
"sambacry_shares_not_to_check": ["IPC$", "print$"],
|
2017-09-01 01:03:32 +08:00
|
|
|
"local_network_scan": false,
|
2015-12-07 16:15:56 +08:00
|
|
|
"tcp_scan_get_banner": true,
|
|
|
|
"tcp_scan_interval": 200,
|
|
|
|
"tcp_scan_timeout": 10000,
|
|
|
|
"tcp_target_ports": [
|
|
|
|
22,
|
|
|
|
445,
|
|
|
|
135,
|
2016-08-24 23:31:16 +08:00
|
|
|
3389,
|
|
|
|
80,
|
|
|
|
8080,
|
|
|
|
443,
|
2017-09-25 22:34:19 +08:00
|
|
|
3306,
|
2017-09-25 20:13:36 +08:00
|
|
|
8008,
|
|
|
|
9200
|
2015-12-07 16:15:56 +08:00
|
|
|
],
|
|
|
|
"timeout_between_iterations": 10,
|
|
|
|
"use_file_logging": true,
|
|
|
|
"victims_max_exploit": 7,
|
2017-10-04 19:57:56 +08:00
|
|
|
"victims_max_find": 30
|
2016-09-01 18:58:44 +08:00
|
|
|
}
|