forked from p15670423/monkey
Agent: Load PBA's into puppet
This commit is contained in:
parent
703dc315bc
commit
0877b0a885
|
@ -37,6 +37,19 @@ from infection_monkey.network_scanning.mssql_fingerprinter import MSSQLFingerpri
|
||||||
from infection_monkey.network_scanning.smb_fingerprinter import SMBFingerprinter
|
from infection_monkey.network_scanning.smb_fingerprinter import SMBFingerprinter
|
||||||
from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter
|
from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter
|
||||||
from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload
|
from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload
|
||||||
|
from infection_monkey.post_breach.actions.change_file_privileges import ChangeSetuidSetgid
|
||||||
|
from infection_monkey.post_breach.actions.clear_command_history import ClearCommandHistory
|
||||||
|
from infection_monkey.post_breach.actions.collect_processes_list import ProcessListCollection
|
||||||
|
from infection_monkey.post_breach.actions.communicate_as_backdoor_user import (
|
||||||
|
CommunicateAsBackdoorUser,
|
||||||
|
)
|
||||||
|
from infection_monkey.post_breach.actions.discover_accounts import AccountDiscovery
|
||||||
|
from infection_monkey.post_breach.actions.hide_files import HiddenFiles
|
||||||
|
from infection_monkey.post_breach.actions.modify_shell_startup_files import ModifyShellStartupFiles
|
||||||
|
from infection_monkey.post_breach.actions.schedule_jobs import ScheduleJobs
|
||||||
|
from infection_monkey.post_breach.actions.timestomping import Timestomping
|
||||||
|
from infection_monkey.post_breach.actions.use_signed_scripts import SignedScriptProxyExecution
|
||||||
|
from infection_monkey.post_breach.actions.use_trap_command import TrapCommand
|
||||||
from infection_monkey.puppet.puppet import Puppet
|
from infection_monkey.puppet.puppet import Puppet
|
||||||
from infection_monkey.system_singleton import SystemSingleton
|
from infection_monkey.system_singleton import SystemSingleton
|
||||||
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
|
||||||
|
@ -234,6 +247,29 @@ class InfectionMonkey:
|
||||||
PluginType.EXPLOITER,
|
PluginType.EXPLOITER,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
puppet.load_plugin(
|
||||||
|
"CommunicateAsBackdoorUser", CommunicateAsBackdoorUser, PluginType.POST_BREACH_ACTION
|
||||||
|
)
|
||||||
|
puppet.load_plugin(
|
||||||
|
"ModifyShellStartupFiles", ModifyShellStartupFiles, PluginType.POST_BREACH_ACTION
|
||||||
|
)
|
||||||
|
puppet.load_plugin("HiddenFiles", HiddenFiles, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin("TrapCommand", CommunicateAsBackdoorUser, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin("ChangeSetuidSetgid", ChangeSetuidSetgid, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin("ScheduleJobs", ScheduleJobs, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin("Timestomping", Timestomping, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin("AccountDiscovery", AccountDiscovery, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin(
|
||||||
|
"ProcessListCollection", ProcessListCollection, PluginType.POST_BREACH_ACTION
|
||||||
|
)
|
||||||
|
puppet.load_plugin("TrapCommand", TrapCommand, PluginType.POST_BREACH_ACTION)
|
||||||
|
puppet.load_plugin(
|
||||||
|
"SignedScriptProxyExecution", SignedScriptProxyExecution, PluginType.POST_BREACH_ACTION
|
||||||
|
)
|
||||||
|
puppet.load_plugin(
|
||||||
|
"ClearCommandHistory", ClearCommandHistory, PluginType.POST_BREACH_ACTION
|
||||||
|
)
|
||||||
|
|
||||||
puppet.load_plugin("ransomware", RansomwarePayload(), PluginType.PAYLOAD)
|
puppet.load_plugin("ransomware", RansomwarePayload(), PluginType.PAYLOAD)
|
||||||
|
|
||||||
return puppet
|
return puppet
|
||||||
|
|
Loading…
Reference in New Issue