GC-3598: added info collection infrastructure

This commit is contained in:
urihershgc 2015-11-30 15:29:30 +02:00
parent d984641f53
commit 234781bc47
6 changed files with 95 additions and 14 deletions

View File

@ -76,7 +76,7 @@ class Configuration(object):
return result
###########################
### logging config
# logging config
###########################
use_file_logging = True
@ -84,7 +84,7 @@ class Configuration(object):
monkey_log_path = os.path.expandvars("%temp%\~df1563.tmp") if sys.platform == "win32" else '/tmp/user-1563'
###########################
### dropper config
# dropper config
###########################
dropper_try_move_first = sys.argv[0].endswith(".exe")
@ -94,7 +94,7 @@ class Configuration(object):
dropper_target_path_linux = '/bin/monkey'
###########################
### monkey config
# monkey config
###########################
alive = True
@ -128,11 +128,11 @@ class Configuration(object):
retry_failed_explotation = True
###########################
### scanners config
# scanners config
###########################
#range_class = RelativeRange
# range_class = RelativeRange
range_size = 8
range_class = FixedRange
range_fixed = ("10.0.1.39", )
@ -147,7 +147,7 @@ class Configuration(object):
ping_scan_timeout = 1000
###########################
### exploiters config
# exploiters config
###########################
skip_exploit_if_file_exist = True
@ -160,11 +160,14 @@ class Configuration(object):
psexec_user = "Administrator"
psexec_passwords = ["Password1!", "1234", "password", "12345678"]
#ssh exploiter
# ssh exploiter
ssh_user = "root"
ssh_passwords = ["root", "toor", "1234", "12345678"]
#rdp exploiter
# rdp exploiter
rdp_use_vbs_download = True
# system info collection
collect_system_info = True
WormConfiguration = Configuration()

View File

@ -86,7 +86,7 @@ class ControlClient(object):
if not WormConfiguration.current_server:
return
try:
telemetry = {'monkey_guid': GUID, 'telem_type': tele_type, 'data' : data}
telemetry = {'monkey_guid': GUID, 'telem_type': tele_type, 'data': data}
reply = requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,),
data=json.dumps(telemetry),
headers={'content-type': 'application/json'},

View File

@ -2,15 +2,16 @@ import sys
import os
import time
import logging
import tunnel
import argparse
import subprocess
from system_singleton import SystemSingleton
from network.firewall import app as firewall
from control import ControlClient
from config import WormConfiguration
from network.network_scanner import NetworkScanner
import tunnel
import argparse
import subprocess
from model import DELAY_DELETE_CMD
from system_info import SystemInfoCollector
__author__ = 'itamar'
@ -59,6 +60,12 @@ class ChaosMonkey(object):
if monkey_tunnel:
monkey_tunnel.start()
if WormConfiguration.collect_system_info:
LOG.debug("Calling system info collection")
system_info_collector = SystemInfoCollector()
system_info = system_info_collector.get_info()
ControlClient.send_telemetry("system_info_collection", system_info)
for _ in xrange(WormConfiguration.max_iterations):
ControlClient.keepalive()
ControlClient.load_control_config()
@ -167,10 +174,10 @@ class ChaosMonkey(object):
startupinfo = subprocess.STARTUPINFO()
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
startupinfo.wShowWindow = SW_HIDE
subprocess.Popen(DELAY_DELETE_CMD % {'file_path' : sys.executable},
subprocess.Popen(DELAY_DELETE_CMD % {'file_path': sys.executable},
stdin=None, stdout=None, stderr=None,
close_fds=True, startupinfo=startupinfo)
else:
os.remove(sys.executable)
except Exception, exc:
LOG.error("Exception in self delete: %s",exc)
LOG.error("Exception in self delete: %s", exc)

View File

@ -0,0 +1,34 @@
import sys
from enum import IntEnum
__author__ = 'uri'
class OperatingSystem(IntEnum):
Windows = 0
Linux = 1
class SystemInfoCollector(object):
"""
A class that checks the current operating system and calls system information collecting modules accordingly
"""
def __init__(self):
self.os = SystemInfoCollector.get_os()
if OperatingSystem.Windows == self.os:
from windows_info_collector import WindowsInfoCollector
self.collector = WindowsInfoCollector()
else:
from linux_info_collector import LinuxInfoCollector
self.collector = LinuxInfoCollector()
def get_info(self):
return self.collector.get_info()
@staticmethod
def get_os():
if sys.platform.startswith("win"):
return OperatingSystem.Windows
else:
return OperatingSystem.Linux

View File

@ -0,0 +1,19 @@
import socket
__author__ = 'uri'
class LinuxInfoCollector(object):
"""
System information collecting module for Linux operating systems
"""
def __init__(self):
self.info = {}
def collect(self):
self.info['hostname'] = socket.gethostname()
def get_info(self):
self.collect()
return self.info

View File

@ -0,0 +1,18 @@
import socket
__author__ = 'uri'
class WindowsInfoCollector(object):
"""
System information collecting module for Windows operating systems
"""
def __init__(self):
self.info = {}
def collect(self):
self.info['hostname'] = socket.gethostname()
def get_info(self):
self.collect()
return self.info