From 9ca061e23c6ec197b10db5c7cf9b6fd79fa0f100 Mon Sep 17 00:00:00 2001 From: vakarisz Date: Tue, 12 Apr 2022 13:53:55 +0300 Subject: [PATCH] BB: Add config templates for grouped tests --- .../config_templates/grouped/depth_1_a.py | 46 ++++++++++++++++++ .../config_templates/grouped/depth_1_b.py | 22 +++++++++ .../config_templates/grouped/depth_4_a.py | 48 +++++++++++++++++++ .../config_templates/single_tests/__init__.py | 0 .../utils/config_generation_script.py | 34 ++----------- 5 files changed, 120 insertions(+), 30 deletions(-) create mode 100644 envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py create mode 100644 envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py create mode 100644 envs/monkey_zoo/blackbox/config_templates/grouped/depth_4_a.py create mode 100644 envs/monkey_zoo/blackbox/config_templates/single_tests/__init__.py diff --git a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py new file mode 100644 index 000000000..92a522dc6 --- /dev/null +++ b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_a.py @@ -0,0 +1,46 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate + + +class Depth1A(ConfigTemplate): + config_values = copy(BaseTemplate.config_values) + # TODO ADD SMB PTH machine + # Tests: + # Hadoop + # Log4shell + # MSSQL + # SMB password stealing and brute force + # SSH password and key brute-force, key stealing + config_values.update( + { + "basic.exploiters.exploiter_classes": [ + "HadoopExploiter", + "Log4ShellExploiter", + "MSSQLExploiter", + "SmbExploiter", + "SSHExploiter", + ], + "basic_network.scope.subnet_scan_list": [ + "10.2.2.2", + "10.2.2.3", + "10.2.3.55", + "10.2.3.56", + "10.2.3.49", + "10.2.3.50", + "10.2.3.51", + "10.2.3.52", + "10.2.2.16", + "10.2.2.14", + "10.2.2.15", + "10.2.2.11", + "10.2.2.12", + ], + "basic.credentials.exploit_password_list": ["Ivrrw5zEzs", "Xk8VDTsC", "^NgDvY59~8"], + "basic.credentials.exploit_user_list": ["m0nk3y"], + "monkey.system_info.system_info_collector_classes": [ + "MimikatzCollector", + ], + } + ) diff --git a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py new file mode 100644 index 000000000..548f52349 --- /dev/null +++ b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_1_b.py @@ -0,0 +1,22 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate + + +class Depth1B(ConfigTemplate): + config_values = copy(BaseTemplate.config_values) + # Tests: + # WMI + credential stealing + # Zerologon + config_values.update( + { + "basic.exploiters.exploiter_classes": ["WmiExploiter", "ZerologonExploiter"], + "basic_network.scope.subnet_scan_list": ["10.2.2.25", "10.2.2.14", "10.2.2.15"], + "basic.credentials.exploit_password_list": ["Ivrrw5zEzs"], + "basic.credentials.exploit_user_list": ["m0nk3y"], + "monkey.system_info.system_info_collector_classes": [ + "MimikatzCollector", + ], + } + ) diff --git a/envs/monkey_zoo/blackbox/config_templates/grouped/depth_4_a.py b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_4_a.py new file mode 100644 index 000000000..36e06853c --- /dev/null +++ b/envs/monkey_zoo/blackbox/config_templates/grouped/depth_4_a.py @@ -0,0 +1,48 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate + + +class Depth4A(ConfigTemplate): + config_values = copy(BaseTemplate.config_values) + + # Tests: + # Powershell + # Tunneling (SSH brute force) + # WMI mimikatz password stealing + config_values.update( + { + "basic.exploiters.exploiter_classes": [ + "PowerShellExploiter", + "SSHExploiter", + "WmiExploiter", + ], + "basic_network.scope.subnet_scan_list": [ + "10.2.3.45", + "10.2.3.46", + "10.2.3.47", + "10.2.3.48", + "10.2.2.9", + "10.2.1.10", + "10.2.0.12", + "10.2.0.11", + "10.2.2.15", + ], + "basic.credentials.exploit_password_list": [ + "Passw0rd!", + "3Q=(Ge(+&w]*", + "`))jU7L(w}", + "t67TC5ZDmz" "Ivrrw5zEzs", + ], + "basic_network.scope.depth": 3, + "internal.general.keep_tunnel_open_time": 20, + "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user"], + "internal.network.tcp_scanner.HTTP_PORTS": [], + "internal.exploits.exploit_ntlm_hash_list": [ + "5da0889ea2081aa79f6852294cba4a5e", + "50c9987a6bf1ac59398df9f911122c9b", + ], + "internal.network.tcp_scanner.tcp_target_ports": [5985, 5986, 22, 135], + } + ) diff --git a/envs/monkey_zoo/blackbox/config_templates/single_tests/__init__.py b/envs/monkey_zoo/blackbox/config_templates/single_tests/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/envs/monkey_zoo/blackbox/utils/config_generation_script.py b/envs/monkey_zoo/blackbox/utils/config_generation_script.py index 76abff669..178f92a95 100644 --- a/envs/monkey_zoo/blackbox/utils/config_generation_script.py +++ b/envs/monkey_zoo/blackbox/utils/config_generation_script.py @@ -3,20 +3,9 @@ import pathlib from typing import Type from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate -from envs.monkey_zoo.blackbox.config_templates.hadoop import Hadoop -from envs.monkey_zoo.blackbox.config_templates.log4j_logstash import Log4jLogstash -from envs.monkey_zoo.blackbox.config_templates.log4j_solr import Log4jSolr -from envs.monkey_zoo.blackbox.config_templates.log4j_tomcat import Log4jTomcat -from envs.monkey_zoo.blackbox.config_templates.mssql import Mssql -from envs.monkey_zoo.blackbox.config_templates.performance import Performance -from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell -from envs.monkey_zoo.blackbox.config_templates.smb_mimikatz import SmbMimikatz -from envs.monkey_zoo.blackbox.config_templates.smb_pth import SmbPth -from envs.monkey_zoo.blackbox.config_templates.ssh import Ssh -from envs.monkey_zoo.blackbox.config_templates.tunneling import Tunneling -from envs.monkey_zoo.blackbox.config_templates.wmi_mimikatz import WmiMimikatz -from envs.monkey_zoo.blackbox.config_templates.wmi_pth import WmiPth -from envs.monkey_zoo.blackbox.config_templates.zerologon import Zerologon +from envs.monkey_zoo.blackbox.config_templates.grouped.depth_1_a import Depth1A +from envs.monkey_zoo.blackbox.config_templates.grouped.depth_1_b import Depth1B +from envs.monkey_zoo.blackbox.config_templates.grouped.depth_4_a import Depth4A from envs.monkey_zoo.blackbox.island_client.island_config_parser import IslandConfigParser from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient @@ -34,22 +23,7 @@ args = parser.parse_args() island_client = MonkeyIslandClient(args.island_ip) -CONFIG_TEMPLATES = [ - Hadoop, - Mssql, - Performance, - PowerShell, - SmbMimikatz, - SmbPth, - Ssh, - Tunneling, - WmiMimikatz, - WmiPth, - Zerologon, - Log4jLogstash, - Log4jTomcat, - Log4jSolr, -] +CONFIG_TEMPLATES = [Depth1A, Depth1B, Depth4A] def generate_templates():