p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Ran 2to3 on changes merged from develop

This commit is contained in:
VakarisZ 2019-09-19 10:24:49 +03:00
parent 1eac005563
commit 9bcaf8b512
32 changed files with 222 additions and 224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/common/data/__init__.py
View File

@ -1,2 +1,2 @@
from zero_trust_consts import populate_mappings
from .zero_trust_consts import populate_mappings
populate_mappings()

102
monkey/common/data/zero_trust_consts.py
View File

@ -6,31 +6,31 @@ This file contains static mappings between zero trust components such as: pillar
Some of the mappings are computed when this module is loaded.
"""
AUTOMATION_ORCHESTRATION = u"Automation & Orchestration"
VISIBILITY_ANALYTICS = u"Visibility & Analytics"
WORKLOADS = u"Workloads"
DEVICES = u"Devices"
NETWORKS = u"Networks"
PEOPLE = u"People"
DATA = u"Data"
AUTOMATION_ORCHESTRATION = "Automation & Orchestration"
VISIBILITY_ANALYTICS = "Visibility & Analytics"
WORKLOADS = "Workloads"
DEVICES = "Devices"
NETWORKS = "Networks"
PEOPLE = "People"
DATA = "Data"
PILLARS = (DATA, PEOPLE, NETWORKS, DEVICES, WORKLOADS, VISIBILITY_ANALYTICS, AUTOMATION_ORCHESTRATION)
STATUS_UNEXECUTED = u"Unexecuted"
STATUS_PASSED = u"Passed"
STATUS_VERIFY = u"Verify"
STATUS_FAILED = u"Failed"
STATUS_UNEXECUTED = "Unexecuted"
STATUS_PASSED = "Passed"
STATUS_VERIFY = "Verify"
STATUS_FAILED = "Failed"
# Don't change order! The statuses are ordered by importance/severity.
ORDERED_TEST_STATUSES = [STATUS_FAILED, STATUS_VERIFY, STATUS_PASSED, STATUS_UNEXECUTED]
TEST_DATA_ENDPOINT_ELASTIC = u"unencrypted_data_endpoint_elastic"
TEST_DATA_ENDPOINT_HTTP = u"unencrypted_data_endpoint_http"
TEST_MACHINE_EXPLOITED = u"machine_exploited"
TEST_ENDPOINT_SECURITY_EXISTS = u"endpoint_security_exists"
TEST_SCHEDULED_EXECUTION = u"scheduled_execution"
TEST_MALICIOUS_ACTIVITY_TIMELINE = u"malicious_activity_timeline"
TEST_SEGMENTATION = u"segmentation"
TEST_TUNNELING = u"tunneling"
TEST_COMMUNICATE_AS_NEW_USER = u"communicate_as_new_user"
TEST_DATA_ENDPOINT_ELASTIC = "unencrypted_data_endpoint_elastic"
TEST_DATA_ENDPOINT_HTTP = "unencrypted_data_endpoint_http"
TEST_MACHINE_EXPLOITED = "machine_exploited"
TEST_ENDPOINT_SECURITY_EXISTS = "endpoint_security_exists"
TEST_SCHEDULED_EXECUTION = "scheduled_execution"
TEST_MALICIOUS_ACTIVITY_TIMELINE = "malicious_activity_timeline"
TEST_SEGMENTATION = "segmentation"
TEST_TUNNELING = "tunneling"
TEST_COMMUNICATE_AS_NEW_USER = "communicate_as_new_user"
TESTS = (
TEST_SEGMENTATION,
TEST_MALICIOUS_ACTIVITY_TIMELINE,
@ -43,32 +43,32 @@ TESTS = (
TEST_COMMUNICATE_AS_NEW_USER
)
PRINCIPLE_DATA_TRANSIT = u"data_transit"
PRINCIPLE_ENDPOINT_SECURITY = u"endpoint_security"
PRINCIPLE_USER_BEHAVIOUR = u"user_behaviour"
PRINCIPLE_ANALYZE_NETWORK_TRAFFIC = u"analyze_network_traffic"
PRINCIPLE_SEGMENTATION = u"segmentation"
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES = u"network_policies"
PRINCIPLE_USERS_MAC_POLICIES = u"users_mac_policies"
PRINCIPLE_DATA_TRANSIT = "data_transit"
PRINCIPLE_ENDPOINT_SECURITY = "endpoint_security"
PRINCIPLE_USER_BEHAVIOUR = "user_behaviour"
PRINCIPLE_ANALYZE_NETWORK_TRAFFIC = "analyze_network_traffic"
PRINCIPLE_SEGMENTATION = "segmentation"
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES = "network_policies"
PRINCIPLE_USERS_MAC_POLICIES = "users_mac_policies"
PRINCIPLES = {
PRINCIPLE_SEGMENTATION: u"Apply segmentation and micro-segmentation inside your network.",
PRINCIPLE_ANALYZE_NETWORK_TRAFFIC: u"Analyze network traffic for malicious activity.",
PRINCIPLE_USER_BEHAVIOUR: u"Adopt security user behavior analytics.",
PRINCIPLE_ENDPOINT_SECURITY: u"Use anti-virus and other traditional endpoint security solutions.",
PRINCIPLE_DATA_TRANSIT: u"Secure data at transit by encrypting it.",
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: u"Configure network policies to be as restrictive as possible.",
PRINCIPLE_USERS_MAC_POLICIES: u"Users' permissions to the network and to resources should be MAC (Mandetory "
u"Access Control) only.",
PRINCIPLE_SEGMENTATION: "Apply segmentation and micro-segmentation inside your network.",
PRINCIPLE_ANALYZE_NETWORK_TRAFFIC: "Analyze network traffic for malicious activity.",
PRINCIPLE_USER_BEHAVIOUR: "Adopt security user behavior analytics.",
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandetory "
"Access Control) only.",
}
POSSIBLE_STATUSES_KEY = u"possible_statuses"
PILLARS_KEY = u"pillars"
PRINCIPLE_KEY = u"principle_key"
FINDING_EXPLANATION_BY_STATUS_KEY = u"finding_explanation"
TEST_EXPLANATION_KEY = u"explanation"
POSSIBLE_STATUSES_KEY = "possible_statuses"
PILLARS_KEY = "pillars"
PRINCIPLE_KEY = "principle_key"
FINDING_EXPLANATION_BY_STATUS_KEY = "finding_explanation"
TEST_EXPLANATION_KEY = "explanation"
TESTS_MAP = {
TEST_SEGMENTATION: {
TEST_EXPLANATION_KEY: u"The Monkey tried to scan and find machines that it can communicate with from the machine it's running on, that belong to different network segments.",
TEST_EXPLANATION_KEY: "The Monkey tried to scan and find machines that it can communicate with from the machine it's running on, that belong to different network segments.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey performed cross-segment communication. Check firewall rules and logs.",
STATUS_PASSED: "Monkey couldn't perform cross-segment communication. If relevant, check firewall logs."
@ -78,7 +78,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_PASSED, STATUS_FAILED]
},
TEST_MALICIOUS_ACTIVITY_TIMELINE: {
TEST_EXPLANATION_KEY: u"The Monkeys in the network performed malicious-looking actions, like scanning and attempting exploitation.",
TEST_EXPLANATION_KEY: "The Monkeys in the network performed malicious-looking actions, like scanning and attempting exploitation.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_VERIFY: "Monkey performed malicious actions in the network. Check SOC logs and alerts."
},
@ -87,7 +87,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_VERIFY]
},
TEST_ENDPOINT_SECURITY_EXISTS: {
TEST_EXPLANATION_KEY: u"The Monkey checked if there is an active process of an endpoint security software.",
TEST_EXPLANATION_KEY: "The Monkey checked if there is an active process of an endpoint security software.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey didn't find ANY active endpoint security processes. Install and activate anti-virus software on endpoints.",
STATUS_PASSED: "Monkey found active endpoint security processes. Check their logs to see if Monkey was a security concern."
@ -97,7 +97,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
},
TEST_MACHINE_EXPLOITED: {
TEST_EXPLANATION_KEY: u"The Monkey tries to exploit machines in order to breach them and propagate in the network.",
TEST_EXPLANATION_KEY: "The Monkey tries to exploit machines in order to breach them and propagate in the network.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey successfully exploited endpoints. Check IDS/IPS logs to see activity recognized and see which endpoints were compromised.",
STATUS_PASSED: "Monkey didn't manage to exploit an endpoint."
@ -117,7 +117,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_VERIFY]
},
TEST_DATA_ENDPOINT_ELASTIC: {
TEST_EXPLANATION_KEY: u"The Monkey scanned for unencrypted access to ElasticSearch instances.",
TEST_EXPLANATION_KEY: "The Monkey scanned for unencrypted access to ElasticSearch instances.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey accessed ElasticSearch instances. Limit access to data by encrypting it in in-transit.",
STATUS_PASSED: "Monkey didn't find open ElasticSearch instances. If you have such instances, look for alerts that indicate attempts to access them."
@ -127,7 +127,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
},
TEST_DATA_ENDPOINT_HTTP: {
TEST_EXPLANATION_KEY: u"The Monkey scanned for unencrypted access to HTTP servers.",
TEST_EXPLANATION_KEY: "The Monkey scanned for unencrypted access to HTTP servers.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey accessed HTTP servers. Limit access to data by encrypting it in in-transit.",
STATUS_PASSED: "Monkey didn't find open HTTP servers. If you have such servers, look for alerts that indicate attempts to access them."
@ -137,7 +137,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
},
TEST_TUNNELING: {
TEST_EXPLANATION_KEY: u"The Monkey tried to tunnel traffic using other monkeys.",
TEST_EXPLANATION_KEY: "The Monkey tried to tunnel traffic using other monkeys.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey tunneled its traffic using other monkeys. Your network policies are too permissive - restrict them."
},
@ -146,7 +146,7 @@ TESTS_MAP = {
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED]
},
TEST_COMMUNICATE_AS_NEW_USER: {
TEST_EXPLANATION_KEY: u"The Monkey tried to create a new user and communicate with the internet from it.",
TEST_EXPLANATION_KEY: "The Monkey tried to create a new user and communicate with the internet from it.",
FINDING_EXPLANATION_BY_STATUS_KEY: {
STATUS_FAILED: "Monkey caused a new user to access the network. Your network policies are too permissive - restrict them to MAC only.",
STATUS_PASSED: "Monkey wasn't able to cause a new user to access the network."
@ -184,7 +184,7 @@ def populate_mappings():
def populate_pillars_to_tests():
for pillar in PILLARS:
for test, test_info in TESTS_MAP.items():
for test, test_info in list(TESTS_MAP.items()):
if pillar in test_info[PILLARS_KEY]:
PILLARS_TO_TESTS[pillar].append(test)
@ -192,12 +192,12 @@ def populate_pillars_to_tests():
def populate_principles_to_tests():
for single_principle in PRINCIPLES:
PRINCIPLES_TO_TESTS[single_principle] = []
for test, test_info in TESTS_MAP.items():
for test, test_info in list(TESTS_MAP.items()):
PRINCIPLES_TO_TESTS[test_info[PRINCIPLE_KEY]].append(test)
def populate_principles_to_pillars():
for principle, principle_tests in PRINCIPLES_TO_TESTS.items():
for principle, principle_tests in list(PRINCIPLES_TO_TESTS.items()):
principles_pillars = set()
for test in principle_tests:
for pillar in TESTS_MAP[test][PILLARS_KEY]:

2
monkey/infection_monkey.py
View File

@ -1,4 +1,4 @@
from infection_monkey.main import main
from .infection_monkey.main import main
if "__main__" == __name__:
main()

2
monkey/infection_monkey/exploit/mssqlexec.py
View File

@ -73,7 +73,7 @@ class MSSQLExploiter(HostExploiter):
self.remove_temp_dir()
except Exception as e:
raise ExploitingVulnerableMachineError, e.args, sys.exc_info()[2]
raise ExploitingVulnerableMachineError(e.args).with_traceback(sys.exc_info()[2])
return True

2
monkey/infection_monkey/exploit/shellshock.py
View File

@ -179,7 +179,7 @@ class ShellShockExploiter(HostExploiter):
LOG.debug("Attack Flag is: %s" % self.success_flag)
LOG.debug("Trying exploit for %s" % url)
for header, exploit in attacks.items():
for header, exploit in list(attacks.items()):
attack = exploit + ' echo ' + self.success_flag + "; " + TEST_COMMAND
result = self.attack_page(url, header, attack)
if self.success_flag in result:

6
monkey/infection_monkey/exploit/sshexec.py
View File

@ -1,4 +1,4 @@
import StringIO
import io
import logging
import time
@ -45,7 +45,7 @@ class SSHExploiter(HostExploiter):
for user, ssh_key_pair in user_ssh_key_pairs:
# Creating file-like private key for paramiko
pkey = StringIO.StringIO(ssh_key_pair['private_key'])
pkey = io.StringIO(ssh_key_pair['private_key'])
ssh_string = "%s@%s" % (ssh_key_pair['user'], ssh_key_pair['ip'])
try:
pkey = paramiko.RSAKey.from_private_key(pkey)
@ -104,7 +104,7 @@ class SSHExploiter(HostExploiter):
port = SSH_PORT
# if ssh banner found on different port, use that port.
for servkey, servdata in self.host.services.items():
for servkey, servdata in list(self.host.services.items()):
if servdata.get('name') == 'ssh' and servkey.startswith('tcp-'):
port = int(servkey.replace('tcp-', ''))

6
monkey/infection_monkey/exploit/tools/http_tools.py
View File

@ -1,7 +1,7 @@
import logging
import os
import os.path
import urllib
import urllib.request, urllib.parse, urllib.error
from threading import Lock
from infection_monkey.network.firewall import app as firewall
@ -32,7 +32,7 @@ class HTTPTools(object):
httpd.daemon = True
httpd.start()
return "http://%s:%s/%s" % (local_ip, local_port, urllib.quote(os.path.basename(src_path))), httpd
return "http://%s:%s/%s" % (local_ip, local_port, urllib.parse.quote(os.path.basename(src_path))), httpd
@staticmethod
def try_create_locked_transfer(host, src_path, local_ip=None, local_port=None):
@ -68,7 +68,7 @@ class HTTPTools(object):
httpd = LockedHTTPServer(local_ip, local_port, src_path, lock)
httpd.start()
lock.acquire()
return "http://%s:%s/%s" % (local_ip, local_port, urllib.quote(os.path.basename(src_path))), httpd
return "http://%s:%s/%s" % (local_ip, local_port, urllib.parse.quote(os.path.basename(src_path))), httpd
class MonkeyHTTPServer(HTTPTools):

2
monkey/infection_monkey/exploit/tools/payload_parsing_test.py
View File

@ -1,5 +1,5 @@
from unittest import TestCase
from payload_parsing import Payload, LimitedSizePayload
from .payload_parsing import Payload, LimitedSizePayload
class TestPayload(TestCase):

6
monkey/infection_monkey/exploit/tools/wmi_tools.py
View File

@ -86,9 +86,9 @@ class WmiTools(object):
@staticmethod
def dcom_cleanup():
for port_map in DCOMConnection.PORTMAPS.keys():
for port_map in list(DCOMConnection.PORTMAPS.keys()):
del DCOMConnection.PORTMAPS[port_map]
for oid_set in DCOMConnection.OID_SET.keys():
for oid_set in list(DCOMConnection.OID_SET.keys()):
del DCOMConnection.OID_SET[port_map]
DCOMConnection.OID_SET = {}
@ -132,7 +132,7 @@ class WmiTools(object):
record = next_item.getProperties()
if not fields:
fields = record.keys()
fields = list(record.keys())
query_record = {}
for key in fields:

2
monkey/infection_monkey/exploit/weblogic.py
View File

@ -11,7 +11,7 @@ from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.exploit import HostExploiter
from infection_monkey.exploit.tools.helpers import get_interface_to_target
from infection_monkey.network.info import get_free_tcp_port
from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer
from http.server import BaseHTTPRequestHandler, HTTPServer
__author__ = "VakarisZ"

8
monkey/infection_monkey/main.py
View File

@ -58,17 +58,17 @@ def main():
config_file = opts.config
if os.path.isfile(config_file):
# using print because config can also change log locations
print("Loading config from %s." % config_file)
print(("Loading config from %s." % config_file))
try:
with open(config_file) as config_fo:
json_dict = json.load(config_fo)
WormConfiguration.from_kv(json_dict)
except ValueError as e:
print("Error loading config: %s, using default" % (e,))
print(("Error loading config: %s, using default" % (e,)))
else:
print("Config file wasn't supplied and default path: %s wasn't found, using internal default" % (config_file,))
print(("Config file wasn't supplied and default path: %s wasn't found, using internal default" % (config_file,)))
print("Loaded Configuration: %r" % WormConfiguration.hide_sensitive_info(WormConfiguration.as_dict()))
print(("Loaded Configuration: %r" % WormConfiguration.hide_sensitive_info(WormConfiguration.as_dict())))
# Make sure we're not in a machine that has the kill file
kill_path = os.path.expandvars(

18
monkey/infection_monkey/transport/http.py
View File

@ -1,11 +1,11 @@
import BaseHTTPServer
import http.server
import os.path
import select
import socket
import threading
import urllib
import urllib.request, urllib.parse, urllib.error
from logging import getLogger
from urlparse import urlsplit
from urllib.parse import urlsplit
import infection_monkey.monkeyfs as monkeyfs
from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time
@ -16,7 +16,7 @@ __author__ = 'hoffer'
LOG = getLogger(__name__)
class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
class FileServHTTPRequestHandler(http.server.BaseHTTPRequestHandler):
protocol_version = "HTTP/1.1"
filename = ""
@ -61,7 +61,7 @@ class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
f.close()
def send_head(self):
if self.path != '/' + urllib.quote(os.path.basename(self.filename)):
if self.path != '/' + urllib.parse.quote(os.path.basename(self.filename)):
self.send_error(500, "")
return None, 0, 0
f = None
@ -106,7 +106,7 @@ class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
format % args))
class HTTPConnectProxyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
class HTTPConnectProxyHandler(http.server.BaseHTTPRequestHandler):
timeout = 30 # timeout with clients, set to None not to make persistent connection
proxy_via = None # pseudonym of the proxy in Via header, set to None not to modify original Via header
protocol_version = "HTTP/1.1"
@ -182,7 +182,7 @@ class HTTPServer(threading.Thread):
return True
return False
httpd = BaseHTTPServer.HTTPServer((self._local_ip, self._local_port), TempHandler)
httpd = http.server.HTTPServer((self._local_ip, self._local_port), TempHandler)
httpd.timeout = 0.5 # this is irrelevant?
while not self._stopped and self.downloads < self.max_downloads:
@ -235,7 +235,7 @@ class LockedHTTPServer(threading.Thread):
return True
return False
httpd = BaseHTTPServer.HTTPServer((self._local_ip, self._local_port), TempHandler)
httpd = http.server.HTTPServer((self._local_ip, self._local_port), TempHandler)
self.lock.release()
while not self._stopped and self.downloads < self.max_downloads:
httpd.handle_request()
@ -249,7 +249,7 @@ class LockedHTTPServer(threading.Thread):
class HTTPConnectProxy(TransportProxyBase):
def run(self):
httpd = BaseHTTPServer.HTTPServer((self.local_host, self.local_port), HTTPConnectProxyHandler)
httpd = http.server.HTTPServer((self.local_host, self.local_port), HTTPConnectProxyHandler)
httpd.timeout = 30
while not self._stopped:
httpd.handle_request()

2
monkey/monkey_island.py
View File

@ -1,4 +1,4 @@
from monkey_island.cc.main import main
from .monkey_island.cc.main import main
if "__main__" == __name__:
main()

12
monkey/monkey_island/cc/models/__init__.py
View File

@ -12,9 +12,9 @@ else:
connect(db=env.mongo_db_name, host=env.mongo_db_host, port=env.mongo_db_port)
# Order of importing matters here, for registering the embedded and referenced documents before using them.
from config import Config
from creds import Creds
from monkey_ttl import MonkeyTtl
from pba_results import PbaResults
from command_control_channel import CommandControlChannel
from monkey import Monkey
from .config import Config
from .creds import Creds
from .monkey_ttl import MonkeyTtl
from .pba_results import PbaResults
from .command_control_channel import CommandControlChannel
from .monkey import Monkey

10
monkey/monkey_island/cc/models/monkey_test.py
View File

@ -1,10 +1,10 @@
import uuid
from time import sleep
from monkey import Monkey
from .monkey import Monkey
from monkey_island.cc.models.monkey import MonkeyNotFoundError
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
from monkey_ttl import MonkeyTtl
from .monkey_ttl import MonkeyTtl
class TestMonkey(IslandTestCase):
@ -87,9 +87,9 @@ class TestMonkey(IslandTestCase):
windows_monkey.save()
unknown_monkey.save()
self.assertEquals(1, len(filter(lambda m: m.get_os() == "windows", Monkey.objects())))
self.assertEquals(1, len(filter(lambda m: m.get_os() == "linux", Monkey.objects())))
self.assertEquals(1, len(filter(lambda m: m.get_os() == "unknown", Monkey.objects())))
self.assertEqual(1, len([m for m in Monkey.objects() if m.get_os() == "windows"]))
self.assertEqual(1, len([m for m in Monkey.objects() if m.get_os() == "linux"]))
self.assertEqual(1, len([m for m in Monkey.objects() if m.get_os() == "unknown"]))
def test_get_tunneled_monkeys(self):
self.fail_if_not_testing_env()

22
monkey/monkey_island/cc/models/zero_trust/test_aggregate_finding.py
View File

@ -13,17 +13,17 @@ class TestAggregateFinding(IslandTestCase):
test = TEST_MALICIOUS_ACTIVITY_TIMELINE
status = STATUS_VERIFY
events = [Event.create_event("t", "t", EVENT_TYPE_MONKEY_NETWORK)]
self.assertEquals(len(Finding.objects(test=test, status=status)), 0)
self.assertEqual(len(Finding.objects(test=test, status=status)), 0)
AggregateFinding.create_or_add_to_existing(test, status, events)
self.assertEquals(len(Finding.objects(test=test, status=status)), 1)
self.assertEquals(len(Finding.objects(test=test, status=status)[0].events), 1)
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 1)
AggregateFinding.create_or_add_to_existing(test, status, events)
self.assertEquals(len(Finding.objects(test=test, status=status)), 1)
self.assertEquals(len(Finding.objects(test=test, status=status)[0].events), 2)
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 2)
def test_create_or_add_to_existing_2_tests_already_exist(self):
self.fail_if_not_testing_env()
@ -33,21 +33,21 @@ class TestAggregateFinding(IslandTestCase):
status = STATUS_VERIFY
event = Event.create_event("t", "t", EVENT_TYPE_MONKEY_NETWORK)
events = [event]
self.assertEquals(len(Finding.objects(test=test, status=status)), 0)
self.assertEqual(len(Finding.objects(test=test, status=status)), 0)
Finding.save_finding(test, status, events)
self.assertEquals(len(Finding.objects(test=test, status=status)), 1)
self.assertEquals(len(Finding.objects(test=test, status=status)[0].events), 1)
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 1)
AggregateFinding.create_or_add_to_existing(test, status, events)
self.assertEquals(len(Finding.objects(test=test, status=status)), 1)
self.assertEquals(len(Finding.objects(test=test, status=status)[0].events), 2)
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
self.assertEqual(len(Finding.objects(test=test, status=status)[0].events), 2)
Finding.save_finding(test, status, events)
self.assertEquals(len(Finding.objects(test=test, status=status)), 2)
self.assertEqual(len(Finding.objects(test=test, status=status)), 2)
with self.assertRaises(AssertionError):
AggregateFinding.create_or_add_to_existing(test, status, events)

6
monkey/monkey_island/cc/models/zero_trust/test_finding.py
View File

@ -28,11 +28,11 @@ class TestFinding(IslandTestCase):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION)), 0)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION)), 0)
event_example = Event.create_event(
title="Event Title", message="event message", event_type=EVENT_TYPE_MONKEY_NETWORK)
Finding.save_finding(test=TEST_SEGMENTATION, status=STATUS_FAILED, events=[event_example])
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION)), 1)
self.assertEquals(len(Finding.objects(status=STATUS_FAILED)), 1)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION)), 1)
self.assertEqual(len(Finding.objects(status=STATUS_FAILED)), 1)

12
monkey/monkey_island/cc/models/zero_trust/test_segmentation_finding.py
View File

@ -20,8 +20,8 @@ class TestSegmentationFinding(IslandTestCase):
segmentation_event=event
)
self.assertEquals(len(SegmentationFinding.objects()), 1)
self.assertEquals(len(SegmentationFinding.objects()[0].events), 1)
self.assertEqual(len(SegmentationFinding.objects()), 1)
self.assertEqual(len(SegmentationFinding.objects()[0].events), 1)
SegmentationFinding.create_or_add_to_existing_finding(
# !!! REVERSE ORDER
@ -30,8 +30,8 @@ class TestSegmentationFinding(IslandTestCase):
segmentation_event=event
)
self.assertEquals(len(SegmentationFinding.objects()), 1)
self.assertEquals(len(SegmentationFinding.objects()[0].events), 2)
self.assertEqual(len(SegmentationFinding.objects()), 1)
self.assertEqual(len(SegmentationFinding.objects()[0].events), 2)
SegmentationFinding.create_or_add_to_existing_finding(
# !!! REVERSE ORDER
@ -40,7 +40,7 @@ class TestSegmentationFinding(IslandTestCase):
segmentation_event=event
)
self.assertEquals(len(SegmentationFinding.objects()), 2)
self.assertEqual(len(SegmentationFinding.objects()), 2)
SegmentationFinding.create_or_add_to_existing_finding(
# !!! REVERSE ORDER
@ -49,4 +49,4 @@ class TestSegmentationFinding(IslandTestCase):
segmentation_event=event
)
self.assertEquals(len(SegmentationFinding.objects()), 3)
self.assertEqual(len(SegmentationFinding.objects()), 3)

4
monkey/monkey_island/cc/resources/reporting/report.py
View File

@ -1,4 +1,4 @@
import httplib
import http.client
import flask_restful
@ -38,4 +38,4 @@ class Report(flask_restful.Resource):
elif report_data == REPORT_DATA_FINDINGS:
return jsonify(ZeroTrustService.get_all_findings())
flask_restful.abort(httplib.NOT_FOUND)
flask_restful.abort(http.client.NOT_FOUND)

2
monkey/monkey_island/cc/services/attack/technique_reports/technique_report_tools.py
View File

@ -12,7 +12,7 @@ def parse_creds(attempt):
'ntlm_hash': {'type': 'NTLM hash', 'output': censor_hash(attempt['ntlm_hash'], 20)},
'ssh_key': {'type': 'SSH key', 'output': attempt['ssh_key']},
'password': {'type': 'Plaintext password', 'output': censor_password(attempt['password'])}}
for key, cred in creds.items():
for key, cred in list(creds.items()):
if attempt[key]:
return '%s ; %s : %s' % (username,
cred['type'],

4
monkey/monkey_island/cc/services/attack/technique_reports/usage_technique.py
View File

@ -5,9 +5,7 @@ from monkey_island.cc.services.attack.technique_reports import AttackTechnique,
from common.utils.attack_utils import UsageEnum
class UsageTechnique(AttackTechnique):
__metaclass__ = abc.ABCMeta
class UsageTechnique(AttackTechnique, metaclass=abc.ABCMeta):
@staticmethod
def parse_usages(usage):
"""

6
monkey/monkey_island/cc/services/config.py
View File

@ -203,11 +203,11 @@ class ConfigService:
# Do it only for root.
if instance != {}:
return
for property, subschema in properties.items():
for property, subschema in list(properties.items()):
main_dict = {}
for property2, subschema2 in subschema["properties"].items():
for property2, subschema2 in list(subschema["properties"].items()):
sub_dict = {}
for property3, subschema3 in subschema2["properties"].items():
for property3, subschema3 in list(subschema2["properties"].items()):
if "default" in subschema3:
sub_dict[property3] = subschema3["default"]
main_dict[property2] = sub_dict

2
monkey/monkey_island/cc/services/config_schema.py
View File

@ -1,4 +1,4 @@
WARNING_SIGN = " \u26A0"
WARNING_SIGN = " \\u26A0"
SCHEMA = {
"title": "Monkey",

2
monkey/monkey_island/cc/services/edge.py
View File

@ -151,7 +151,7 @@ class EdgeService:
else:
to_label = NodeService.get_monkey_label(to_id)
RIGHT_ARROW = "\u2192"
RIGHT_ARROW = "\\u2192"
return "%s %s %s" % (from_label, RIGHT_ARROW, to_label)

8
monkey/monkey_island/cc/services/reporting/test_zero_trust_service.py
View File

@ -96,7 +96,7 @@ class TestZeroTrustService(IslandTestCase):
result = ZeroTrustService.get_pillars_grades()
self.assertEquals(result, expected)
self.assertEqual(result, expected)
def test_get_principles_status(self):
self.fail_if_not_testing_env()
@ -250,7 +250,7 @@ class TestZeroTrustService(IslandTestCase):
}
result = ZeroTrustService.get_principles_status()
self.assertEquals(result, expected)
self.assertEqual(result, expected)
def test_get_pillars_to_statuses(self):
self.fail_if_not_testing_env()
@ -268,7 +268,7 @@ class TestZeroTrustService(IslandTestCase):
DATA: STATUS_UNEXECUTED
}
self.assertEquals(ZeroTrustService.get_pillars_to_statuses(), expected)
self.assertEqual(ZeroTrustService.get_pillars_to_statuses(), expected)
save_example_findings()
@ -282,4 +282,4 @@ class TestZeroTrustService(IslandTestCase):
DATA: STATUS_FAILED
}
self.assertEquals(ZeroTrustService.get_pillars_to_statuses(), expected)
self.assertEqual(ZeroTrustService.get_pillars_to_statuses(), expected)

4
monkey/monkey_island/cc/services/reporting/zero_trust_service.py
View File

@ -34,7 +34,7 @@ class ZeroTrustService(object):
if pillar in test_info[PILLARS_KEY]:
pillar_grade[finding.status] += 1
pillar_grade[STATUS_UNEXECUTED] = sum(1 for condition in test_unexecuted.values() if condition)
pillar_grade[STATUS_UNEXECUTED] = sum(1 for condition in list(test_unexecuted.values()) if condition)
return pillar_grade
@ -46,7 +46,7 @@ class ZeroTrustService(object):
for pillar in PILLARS:
all_principles_statuses[pillar] = []
for principle, principle_tests in PRINCIPLES_TO_TESTS.items():
for principle, principle_tests in list(PRINCIPLES_TO_TESTS.items()):
for pillar in PRINCIPLES_TO_PILLARS[principle]:
all_principles_statuses[pillar].append(
{

12
monkey/monkey_island/cc/services/telemetry/processing/__init__.py
View File

@ -1,7 +1,7 @@
# import all implemented hooks, for brevity of hooks.py file
from tunnel import process_tunnel_telemetry
from state import process_state_telemetry
from exploit import process_exploit_telemetry
from scan import process_scan_telemetry
from system_info import process_system_info_telemetry
from post_breach import process_post_breach_telemetry
from .tunnel import process_tunnel_telemetry
from .state import process_state_telemetry
from .exploit import process_exploit_telemetry
from .scan import process_scan_telemetry
from .system_info import process_system_info_telemetry
from .post_breach import process_post_breach_telemetry

2
monkey/monkey_island/cc/services/telemetry/zero_trust_tests/antivirus_existence.py
View File

@ -37,7 +37,7 @@ def test_antivirus_existence(telemetry_json):
def filter_av_processes(telemetry_json):
all_processes = telemetry_json['data']['process_list'].items()
all_processes = list(telemetry_json['data']['process_list'].items())
av_processes = []
for process in all_processes:
process_name = process[1]['name']

2
monkey/monkey_island/cc/services/telemetry/zero_trust_tests/data_endpoints.py
View File

@ -26,7 +26,7 @@ def test_open_data_endpoints(telemetry_json):
)
]
for service_name, service_data in services.items():
for service_name, service_data in list(services.items()):
events.append(Event.create_event(
title="Scan telemetry analysis",
message="Scanned service: {}.".format(service_name),

164
monkey/monkey_island/cc/services/telemetry/zero_trust_tests/known_anti_viruses.py
View File

@ -1,87 +1,87 @@
ANTI_VIRUS_KNOWN_PROCESS_NAMES = [
u"AvastSvc.exe",
u"AvastUI.exe",
u"avcenter.exe",
u"avconfig.exe",
u"avgcsrvx.exe",
u"avgidsagent.exe",
u"avgnt.exe",
u"avgrsx.exe",
u"avguard.exe",
u"avgui.exe",
u"avgwdsvc.exe",
u"avp.exe",
u"avscan.exe",
u"bdagent.exe",
u"ccuac.exe",
u"egui.exe",
u"hijackthis.exe",
u"instup.exe",
u"keyscrambler.exe",
u"mbam.exe",
u"mbamgui.exe",
u"mbampt.exe",
u"mbamscheduler.exe",
u"mbamservice.exe",
u"MpCmdRun.exe",
u"MSASCui.exe",
u"MsMpEng.exe",
u"rstrui.exe",
u"spybotsd.exe",
u"zlclient.exe",
u"SymCorpUI.exe",
u"ccSvcHst.exe",
u"ccApp.exe",
u"LUALL.exe",
u"SMC.exe",
u"SMCgui.exe",
u"Rtvscan.exe",
u"LuComServer.exe",
u"ProtectionUtilSurrogate.exe",
u"ClientRemote.exe",
u"SemSvc.exe",
u"SemLaunchSvc.exe",
u"sesmcontinst.exe",
u"LuCatalog.exe",
u"LUALL.exe",
u"LuCallbackProxy.exe",
u"LuComServer_3_3.exe",
u"httpd.exe",
u"dbisqlc.exe",
u"dbsrv16.exe",
u"semapisrv.exe",
u"snac64.exe",
u"AutoExcl.exe",
u"DoScan.exe",
u"nlnhook.exe",
u"SavUI.exe",
u"SepLiveUpdate.exe",
u"Smc.exe",
u"SmcGui.exe",
u"SymCorpUI.exe",
u"symerr.exe",
u"ccSvcHst.exe",
u"DevViewer.exe",
u"DWHWizrd.exe",
u"RtvStart.exe",
u"roru.exe",
u"WSCSAvNotifier",
"AvastSvc.exe",
"AvastUI.exe",
"avcenter.exe",
"avconfig.exe",
"avgcsrvx.exe",
"avgidsagent.exe",
"avgnt.exe",
"avgrsx.exe",
"avguard.exe",
"avgui.exe",
"avgwdsvc.exe",
"avp.exe",
"avscan.exe",
"bdagent.exe",
"ccuac.exe",
"egui.exe",
"hijackthis.exe",
"instup.exe",
"keyscrambler.exe",
"mbam.exe",
"mbamgui.exe",
"mbampt.exe",
"mbamscheduler.exe",
"mbamservice.exe",
"MpCmdRun.exe",
"MSASCui.exe",
"MsMpEng.exe",
"rstrui.exe",
"spybotsd.exe",
"zlclient.exe",
"SymCorpUI.exe",
"ccSvcHst.exe",
"ccApp.exe",
"LUALL.exe",
"SMC.exe",
"SMCgui.exe",
"Rtvscan.exe",
"LuComServer.exe",
"ProtectionUtilSurrogate.exe",
"ClientRemote.exe",
"SemSvc.exe",
"SemLaunchSvc.exe",
"sesmcontinst.exe",
"LuCatalog.exe",
"LUALL.exe",
"LuCallbackProxy.exe",
"LuComServer_3_3.exe",
"httpd.exe",
"dbisqlc.exe",
"dbsrv16.exe",
"semapisrv.exe",
"snac64.exe",
"AutoExcl.exe",
"DoScan.exe",
"nlnhook.exe",
"SavUI.exe",
"SepLiveUpdate.exe",
"Smc.exe",
"SmcGui.exe",
"SymCorpUI.exe",
"symerr.exe",
"ccSvcHst.exe",
"DevViewer.exe",
"DWHWizrd.exe",
"RtvStart.exe",
"roru.exe",
"WSCSAvNotifier",
# Guardicore Centra
# Linux
u"gc-agents-service",
u"gc-guest-agent",
u"gc-guardig",
u"gc-digger",
u"gc-fastpath",
u"gc-enforcement-agent",
u"gc-enforcement-channel",
u"gc-detection-agent",
"gc-agents-service",
"gc-guest-agent",
"gc-guardig",
"gc-digger",
"gc-fastpath",
"gc-enforcement-agent",
"gc-enforcement-channel",
"gc-detection-agent",
# Windows
u"gc-guest-agent.exe",
u"gc-windig.exe",
u"gc-digger.exe",
u"gc-fastpath.exe",
u"gc-enforcement-channel.exe",
u"gc-enforcement-agent.exe",
u"gc-agent-ui.exe"
"gc-guest-agent.exe",
"gc-windig.exe",
"gc-digger.exe",
"gc-fastpath.exe",
"gc-enforcement-channel.exe",
"gc-enforcement-agent.exe",
"gc-agent-ui.exe"
]

10
monkey/monkey_island/cc/services/telemetry/zero_trust_tests/test_segmentation_zt_tests.py
View File

@ -26,13 +26,13 @@ class TestSegmentationTests(IslandTestCase):
ip_addresses=[FIRST_SUBNET])
# no findings
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION)), 0)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION)), 0)
# This is like the monkey is done and sent done telem
create_or_add_findings_for_all_pairs(all_subnets, monkey)
# There are 2 subnets in which the monkey is NOT
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION, status=STATUS_PASSED)), 2)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION, status=STATUS_PASSED)), 2)
# This is a monkey from 2nd subnet communicated with 1st subnet.
SegmentationFinding.create_or_add_to_existing_finding(
@ -41,6 +41,6 @@ class TestSegmentationTests(IslandTestCase):
Event.create_event(title="sdf", message="asd", event_type=EVENT_TYPE_MONKEY_NETWORK)
)
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION, status=STATUS_PASSED)), 1)
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION, status=STATUS_FAILED)), 1)
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION)), 2)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION, status=STATUS_PASSED)), 1)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION, status=STATUS_FAILED)), 1)
self.assertEqual(len(Finding.objects(test=TEST_SEGMENTATION)), 2)

2
monkey/monkey_island/scripts/island_password_hasher.py
View File

@ -16,7 +16,7 @@ def main():
h = SHA3_512.new()
h.update(args.string_to_sha)
print(h.hexdigest())
print((h.hexdigest()))
if __name__ == '__main__':