p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Fix CR

This commit is contained in:
Itay Mizeretz 2017-10-16 10:58:11 +03:00
parent ee4d206745
commit 81051009d0
9 changed files with 23 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
chaos_monkey/exploit/__init__.py
View File

@ -6,14 +6,16 @@ __author__ = 'itamar'
class HostExploiter(object): class HostExploiter(object):
__metaclass__ = ABCMeta __metaclass__ = ABCMeta
_TARGET_OS_TYPE = []
def __init__(self, host): def __init__(self, host):
self._target_os_type = []
self._exploit_info = {} self._exploit_info = {}
self._exploit_attempts = [] self._exploit_attempts = []
self.host = host self.host = host
def is_os_supported(self): def is_os_supported(self):
return self.host.os.get('type') in self._target_os_type return self.host.os.get('type') in self._TARGET_OS_TYPE
def send_exploit_telemetry(self, result): def send_exploit_telemetry(self, result):
from control import ControlClient from control import ControlClient

5
chaos_monkey/exploit/elasticgroovy.py
View File

@ -34,9 +34,10 @@ class ElasticGroovyExploiter(HostExploiter):
DOWNLOAD_TIMEOUT = 300 # copied from rdpgrinder DOWNLOAD_TIMEOUT = 300 # copied from rdpgrinder
_TARGET_OS_TYPE = ['linux', 'windows']
def __init__(self, host): def __init__(self, host):
super(ElasticGroovyExploiter, self).__init__(host) super(ElasticGroovyExploiter, self).__init__(host)
self._target_os_type = ['linux', 'windows']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self.skip_exist = self._config.skip_exploit_if_file_exist self.skip_exist = self._config.skip_exploit_if_file_exist
@ -46,7 +47,7 @@ class ElasticGroovyExploiter(HostExploiter):
Either using version string or by trying to attack Either using version string or by trying to attack
:return: :return:
""" """
if self.host.os.get('type') not in self._target_os_type: if not super(ElasticGroovyExploiter, self).is_os_supported():
return False return False
if ES_SERVICE not in self.host.services: if ES_SERVICE not in self.host.services:

5
chaos_monkey/exploit/rdpgrinder.py
View File

@ -233,14 +233,15 @@ class CMDClientFactory(rdp.ClientFactory):
class RdpExploiter(HostExploiter): class RdpExploiter(HostExploiter):
_TARGET_OS_TYPE = ['windows']
def __init__(self, host): def __init__(self, host):
super(RdpExploiter, self).__init__(host) super(RdpExploiter, self).__init__(host)
self._target_os_type = ['windows']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self._guid = __import__('config').GUID self._guid = __import__('config').GUID
def is_os_supported(self): def is_os_supported(self):
if self.host.os.get('type') in self._target_os_type: if super(RdpExploiter, self).is_os_supported():
return True return True
if not self.host.os.get('type'): if not self.host.os.get('type'):

2
chaos_monkey/exploit/sambacry.py
View File

@ -32,6 +32,7 @@ class SambaCryExploiter(HostExploiter):
https://github.com/CoreSecurity/impacket/blob/master/examples/sambaPipe.py https://github.com/CoreSecurity/impacket/blob/master/examples/sambaPipe.py
""" """
_TARGET_OS_TYPE = ['linux']
# Name of file which contains the monkey's commandline # Name of file which contains the monkey's commandline
SAMBACRY_COMMANDLINE_FILENAME = "monkey_commandline.txt" SAMBACRY_COMMANDLINE_FILENAME = "monkey_commandline.txt"
# Name of file which contains the runner's result # Name of file which contains the runner's result
@ -51,7 +52,6 @@ class SambaCryExploiter(HostExploiter):
def __init__(self, host): def __init__(self, host):
super(SambaCryExploiter, self).__init__(host) super(SambaCryExploiter, self).__init__(host)
self._target_os_type = ['linux']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
def exploit_host(self): def exploit_host(self):

3
chaos_monkey/exploit/shellshock.py
View File

@ -25,9 +25,10 @@ class ShellShockExploiter(HostExploiter):
"Content-type": "() { :;}; echo; " "Content-type": "() { :;}; echo; "
} }
_TARGET_OS_TYPE = ['linux']
def __init__(self, host): def __init__(self, host):
super(ShellShockExploiter, self).__init__(host) super(ShellShockExploiter, self).__init__(host)
self._target_os_type = ['linux']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self.HTTP = [str(port) for port in self._config.HTTP_PORTS] self.HTTP = [str(port) for port in self._config.HTTP_PORTS]
self.success_flag = ''.join( self.success_flag = ''.join(

6
chaos_monkey/exploit/smbexec.py
View File

@ -14,6 +14,7 @@ LOG = getLogger(__name__)
class SmbExploiter(HostExploiter): class SmbExploiter(HostExploiter):
_TARGET_OS_TYPE = ['windows']
KNOWN_PROTOCOLS = { KNOWN_PROTOCOLS = {
'139/SMB': (r'ncacn_np:%s[\pipe\svcctl]', 139), '139/SMB': (r'ncacn_np:%s[\pipe\svcctl]', 139),
'445/SMB': (r'ncacn_np:%s[\pipe\svcctl]', 445), '445/SMB': (r'ncacn_np:%s[\pipe\svcctl]', 445),
@ -22,12 +23,11 @@ class SmbExploiter(HostExploiter):
def __init__(self, host): def __init__(self, host):
super(SmbExploiter, self).__init__(host) super(SmbExploiter, self).__init__(host)
self._target_os_type = ['windows']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self._guid = __import__('config').GUID self._guid = __import__('config').GUID
def is_os_supported(self): def is_os_supported(self):
if self.host.os.get('type') in self._target_os_type: if super(SmbExploiter, self).is_os_supported():
return True return True
if not self.host.os.get('type'): if not self.host.os.get('type'):
@ -39,7 +39,7 @@ class SmbExploiter(HostExploiter):
is_nb_open, _ = check_port_tcp(self.host.ip_addr, 139) is_nb_open, _ = check_port_tcp(self.host.ip_addr, 139)
if is_nb_open: if is_nb_open:
self.host.os['type'] = 'windows' self.host.os['type'] = 'windows'
return self.host.os.get('type') in self._target_os_type return self.host.os.get('type') in self._TARGET_OS_TYPE
return False return False
def exploit_host(self): def exploit_host(self):

2
chaos_monkey/exploit/sshexec.py
View File

@ -18,10 +18,10 @@ TRANSFER_UPDATE_RATE = 15
class SSHExploiter(HostExploiter): class SSHExploiter(HostExploiter):
_TARGET_OS_TYPE = ['linux', None]
def __init__(self, host): def __init__(self, host):
super(SSHExploiter, self).__init__(host) super(SSHExploiter, self).__init__(host)
self._target_os_type = ['linux', None]
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self._update_timestamp = 0 self._update_timestamp = 0
self.skip_exist = self._config.skip_exploit_if_file_exist self.skip_exist = self._config.skip_exploit_if_file_exist

8
chaos_monkey/exploit/win_ms08_067.py
View File

@ -152,27 +152,27 @@ class SRVSVC_Exploit(object):
class Ms08_067_Exploiter(HostExploiter): class Ms08_067_Exploiter(HostExploiter):
_TARGET_OS_TYPE = ['windows']
_windows_versions = {'Windows Server 2003 3790 Service Pack 2': WindowsVersion.Windows2003_SP2, _windows_versions = {'Windows Server 2003 3790 Service Pack 2': WindowsVersion.Windows2003_SP2,
'Windows Server 2003 R2 3790 Service Pack 2': WindowsVersion.Windows2003_SP2} 'Windows Server 2003 R2 3790 Service Pack 2': WindowsVersion.Windows2003_SP2}
def __init__(self, host): def __init__(self, host):
super(Ms08_067_Exploiter, self).__init__(host) super(Ms08_067_Exploiter, self).__init__(host)
self._target_os_type = ['windows']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self._guid = __import__('config').GUID self._guid = __import__('config').GUID
def is_os_supported(self): def is_os_supported(self):
if self.host.os.get('type') in self._target_os_type and \ if self.host.os.get('type') in self._TARGET_OS_TYPE and \
self.host.os.get('version') in self._windows_versions.keys(): self.host.os.get('version') in self._windows_versions.keys():
return True return True
if not self.host.os.get('type') or ( if not self.host.os.get('type') or (
self.host.os.get('type') in self._target_os_type and not self.host.os.get('version')): self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')):
is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445) is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445)
if is_smb_open: if is_smb_open:
smb_finger = SMBFinger() smb_finger = SMBFinger()
if smb_finger.get_host_fingerprint(self.host): if smb_finger.get_host_fingerprint(self.host):
return self.host.os.get('type') in self._target_os_type and \ return self.host.os.get('type') in self._TARGET_OS_TYPE and \
self.host.os.get('version') in self._windows_versions.keys() self.host.os.get('version') in self._windows_versions.keys()
return False return False

3
chaos_monkey/exploit/wmiexec.py
View File

@ -14,9 +14,10 @@ LOG = logging.getLogger(__name__)
class WmiExploiter(HostExploiter): class WmiExploiter(HostExploiter):
_TARGET_OS_TYPE = ['windows']
def __init__(self, host): def __init__(self, host):
super(WmiExploiter, self).__init__(host) super(WmiExploiter, self).__init__(host)
self._target_os_type = ['windows']
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
self._guid = __import__('config').GUID self._guid = __import__('config').GUID