From 18c21513afe3f09e7789d610b827187ca833dc37 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 2 Sep 2021 17:06:22 +0200 Subject: [PATCH] Zoo: Add new machine for powershell exploiter --- .../blackbox/config_templates/powershell.py | 5 ++- .../blackbox/gcp_test_machine_list.py | 1 + envs/monkey_zoo/docs/fullDocs.md | 37 +++++++++++++++++-- envs/monkey_zoo/terraform/images.tf | 4 ++ envs/monkey_zoo/terraform/monkey_zoo.tf | 15 ++++++++ 5 files changed, 57 insertions(+), 5 deletions(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell.py b/envs/monkey_zoo/blackbox/config_templates/powershell.py index e6d2467ab..4ca0863dd 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell.py @@ -10,12 +10,15 @@ class PowerShell(ConfigTemplate): config_values.update( { "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], - "basic_network.scope.subnet_scan_list": ["10.2.3.45", "10.2.3.46"], + "basic_network.scope.subnet_scan_list": ["10.2.3.45", "10.2.3.46", "10.2.3.47"], "basic.credentials.exploit_password_list": ["Passw0rd!"], "basic_network.scope.depth": 2, "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user"], "internal.classes.finger_classes": ["PingScanner"], "internal.network.tcp_scanner.HTTP_PORTS": [], "internal.network.tcp_scanner.tcp_target_ports": [], + "internal.classes.exploits.exploit_ntlm_hash_list": [ + "d0f0132b308a0c4e5d1029cc06f48692", + ], } ) diff --git a/envs/monkey_zoo/blackbox/gcp_test_machine_list.py b/envs/monkey_zoo/blackbox/gcp_test_machine_list.py index 86999ab6d..968e2026d 100644 --- a/envs/monkey_zoo/blackbox/gcp_test_machine_list.py +++ b/envs/monkey_zoo/blackbox/gcp_test_machine_list.py @@ -24,5 +24,6 @@ GCP_TEST_MACHINE_LIST = { "europe-west1-b": [ "powershell-3-45", "powershell-3-46", + "powershell-3-47", ], } diff --git a/envs/monkey_zoo/docs/fullDocs.md b/envs/monkey_zoo/docs/fullDocs.md index 80ecf5f55..4008b464d 100644 --- a/envs/monkey_zoo/docs/fullDocs.md +++ b/envs/monkey_zoo/docs/fullDocs.md @@ -33,8 +33,9 @@ This document describes Infection Monkey’s test network, how to deploy and use [Nr. 25 Zerologon](#_Toc536021478)
[Nr. 3-45 Powershell](#_Toc536021479)
[Nr. 3-46 Powershell](#_Toc536021480)
-[Nr. 250 MonkeyIsland](#_Toc536021481)
-[Nr. 251 MonkeyIsland](#_Toc536021482)
+[Nr. 3-47 Powershell](#_Toc536021481)
+[Nr. 250 MonkeyIsland](#_Toc536021482)
+[Nr. 251 MonkeyIsland](#_Toc536021483)
[Network topography](#network-topography)
# Warning\! @@ -1142,7 +1143,35 @@ fullTest.conf is a good config to start, because it covers all machines. - + + + + + + + + + + + + + + + + + + + + + +

Nr. 250 MonkeyIsland

+

Nr. 3-47 Powershell

+

(10.2.3.47)

(Vulnerable)
OS:Windows Server 2016 x64
Software:WinRM service
Default server’s port:-
Notes:User: m0nk3y, Password: Xk8VDTsC
+ + + + + @@ -1174,7 +1203,7 @@ fullTest.conf is a good config to start, because it covers all machines.

Nr. 250 MonkeyIsland

(10.2.2.250)

- diff --git a/envs/monkey_zoo/terraform/images.tf b/envs/monkey_zoo/terraform/images.tf index 3f293736d..949aa50ac 100644 --- a/envs/monkey_zoo/terraform/images.tf +++ b/envs/monkey_zoo/terraform/images.tf @@ -57,6 +57,10 @@ data "google_compute_image" "mssql-16" { name = "mssql-16" project = local.monkeyzoo_project } +data "google_compute_image" "powershell-3-47" { + name = "powershell-3-47" + project = local.monkeyzoo_project +} data "google_compute_image" "powershell-3-46" { name = "powershell-3-46" project = local.monkeyzoo_project diff --git a/envs/monkey_zoo/terraform/monkey_zoo.tf b/envs/monkey_zoo/terraform/monkey_zoo.tf index 241828557..ffa5efbe1 100644 --- a/envs/monkey_zoo/terraform/monkey_zoo.tf +++ b/envs/monkey_zoo/terraform/monkey_zoo.tf @@ -313,6 +313,21 @@ resource "google_compute_instance_from_template" "mssql-16" { } } +resource "google_compute_instance_from_template" "powershell-3-47" { + name = "${local.resource_prefix}powershell-3-47" + source_instance_template = local.default_windows + boot_disk{ + initialize_params { + image = data.google_compute_image.powershell-3-47.self_link + } + auto_delete = true + } + network_interface { + subnetwork="${local.resource_prefix}monkeyzoo-main-1" + network_ip="10.2.3.47" + } +} + resource "google_compute_instance_from_template" "powershell-3-46" { name = "${local.resource_prefix}powershell-3-46" source_instance_template = local.default_windows

Nr. 251 MonkeyIsland

+

Nr. 251 MonkeyIsland

(10.2.2.251)