p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed T1078 attack technique not implemented, empty PBA message and other bugs

This commit is contained in:
VakarisZ 2019-09-05 16:40:02 +03:00
parent f8fe0b9f09
commit 3a290b46ac
4 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/post_breach/actions/users_custom_pba.py
View File

@ -27,7 +27,7 @@ class UsersPBA(PBA):
Defines user's configured post breach action. Defines user's configured post breach action.
""" """
def __init__(self): def __init__(self):
super(UsersPBA, self).__init__("File execution") super(UsersPBA, self).__init__("Custom post breach action")
self.filename = '' self.filename = ''
if not is_windows_os(): if not is_windows_os():
# Add linux commands to PBA's # Add linux commands to PBA's

6
monkey/infection_monkey/post_breach/pba.py
View File

@ -12,6 +12,7 @@ LOG = logging.getLogger(__name__)
__author__ = 'VakarisZ' __author__ = 'VakarisZ'
EXECUTION_WITHOUT_OUTPUT = "(PBA execution produced no output)"
class PBA(object): class PBA(object):
""" """
@ -73,7 +74,10 @@ class PBA(object):
:return: Tuple of command's output string and boolean, indicating if it succeeded :return: Tuple of command's output string and boolean, indicating if it succeeded
""" """
try: try:
return subprocess.check_output(self.command, stderr=subprocess.STDOUT, shell=True), True output = subprocess.check_output(self.command, stderr=subprocess.STDOUT, shell=True)
if not output:
output = EXECUTION_WITHOUT_OUTPUT
return output, True
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError as e:
# Return error output of the command # Return error output of the command
return e.output, False return e.output, False

4
monkey/monkey_island/cc/services/config_schema.py
View File

@ -406,7 +406,7 @@ SCHEMA = {
"title": "Harvest Azure Credentials", "title": "Harvest Azure Credentials",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"attack_techniques": ["T1003", "T1078"], "attack_techniques": ["T1003"],
"description": "description":
"Determine if the Monkey should try to harvest password credentials from Azure VMs" "Determine if the Monkey should try to harvest password credentials from Azure VMs"
}, },
@ -421,7 +421,7 @@ SCHEMA = {
"title": "Should use Mimikatz", "title": "Should use Mimikatz",
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"attack_techniques": ["T1003", "T1078"], "attack_techniques": ["T1003"],
"description": "Determines whether to use Mimikatz" "description": "Determines whether to use Mimikatz"
}, },
} }

2
monkey/monkey_island/cc/ui/src/components/report-components/PostBreach.js
View File

@ -24,7 +24,7 @@ let renderPbaResults = function (results) {
}; };
const subColumns = [ const subColumns = [
{id: 'pba_name', Header: "Name", accessor: x => x.name, style: { 'whiteSpace': 'unset' }}, {id: 'pba_name', Header: "Name", accessor: x => x.name, style: { 'whiteSpace': 'unset' }, width: 160},
{id: 'pba_output', Header: "Output", accessor: x => renderPbaResults(x.result), style: { 'whiteSpace': 'unset' }} {id: 'pba_output', Header: "Output", accessor: x => renderPbaResults(x.result), style: { 'whiteSpace': 'unset' }}
]; ];