diff --git a/monkey/common/configuration/__init__.py b/monkey/common/configuration/__init__.py index 59186d56c..29f8f1e2c 100644 --- a/monkey/common/configuration/__init__.py +++ b/monkey/common/configuration/__init__.py @@ -1,4 +1,5 @@ from .agent_configuration import ( AgentConfiguration, AgentConfigurationSchema, + DEFAULT_AGENT_CONFIGURATION, ) diff --git a/monkey/common/configuration/agent_configuration.py b/monkey/common/configuration/agent_configuration.py index 15b338fe0..a4db46f2c 100644 --- a/monkey/common/configuration/agent_configuration.py +++ b/monkey/common/configuration/agent_configuration.py @@ -14,6 +14,224 @@ from .agent_sub_configurations import ( PropagationConfiguration, ) +DEFAULT_AGENT_CONFIGURATION = """{ + "keep_tunnel_open_time": 30, + "post_breach_actions": [ + { + "name": "CommunicateAsBackdoorUser", + "options": {} + }, + { + "name": "ModifyShellStartupFiles", + "options": {} + }, + { + "name": "HiddenFiles", + "options": {} + }, + { + "name": "TrapCommand", + "options": {} + }, + { + "name": "ChangeSetuidSetgid", + "options": {} + }, + { + "name": "ScheduleJobs", + "options": {} + }, + { + "name": "Timestomping", + "options": {} + }, + { + "name": "AccountDiscovery", + "options": {} + }, + { + "name": "ProcessListCollection", + "options": {} + } + ], + "credential_collectors": [ + { + "name": "MimikatzCollector", + "options": {} + }, + { + "name": "SSHCollector", + "options": {} + } + ], + "payloads": [ + { + "name": "ransomware", + "options": { + "encryption": { + "enabled": true, + "directories": { + "linux_target_dir": "", + "windows_target_dir": "" + } + }, + "other_behaviors": { + "readme": true + } + } + } + ], + "custom_pbas": { + "linux_command": "", + "linux_filename": "", + "windows_command": "", + "windows_filename": "" + }, + "propagation": { + "maximum_depth": 2, + "network_scan": { + "tcp": { + "timeout": 3000, + "ports": [ + 22, + 80, + 135, + 443, + 445, + 2222, + 3306, + 3389, + 5985, + 5986, + 7001, + 8008, + 8080, + 8088, + 8983, + 9200, + 9600 + ] + }, + "icmp": { + "timeout": 1000 + }, + "fingerprinters": [ + { + "name": "elastic", + "options": {} + }, + { + "name": "http", + "options": { + "http_ports": [ + 80, + 443, + 7001, + 8008, + 8080, + 8983, + 9200, + 9600 + ] + } + }, + { + "name": "mssql", + "options": {} + }, + { + "name": "smb", + "options": {} + }, + { + "name": "ssh", + "options": {} + } + ], + "targets": { + "blocked_ips": [], + "inaccessible_subnets": [], + "local_network_scan": true, + "subnets": [] + } + }, + "exploitation": { + "options": { + "http_ports": [ + 80, + 443, + 7001, + 8008, + 8080, + 8983, + 9200, + 9600 + ] + }, + "brute_force": [ + { + "name": "MSSQLExploiter", + "options": {}, + "supported_os": [ + "WINDOWS" + ] + }, + { + "name": "PowerShellExploiter", + "options": {}, + "supported_os": [ + "WINDOWS" + ] + }, + { + "name": "SSHExploiter", + "options": {}, + "supported_os": [ + "LINUX" + ] + }, + { + "name": "SmbExploiter", + "options": { + "smb_download_timeout": 30 + }, + "supported_os": [ + "WINDOWS" + ] + }, + { + "name": "WmiExploiter", + "options": { + "smb_download_timeout": 30 + }, + "supported_os": [ + "WINDOWS" + ] + } + ], + "vulnerability": [ + { + "name": "HadoopExploiter", + "options": {}, + "supported_os": [ + "LINUX", + "WINDOWS" + ] + }, + { + "name": "Log4ShellExploiter", + "options": {}, + "supported_os": [ + "LINUX", + "WINDOWS" + ] + } + ] + } + } + } +""" + @dataclass(frozen=True) class AgentConfiguration: diff --git a/monkey/tests/unit_tests/common/test_agent_configuration.py b/monkey/tests/unit_tests/common/test_agent_configuration.py index 9609a2d3a..733e2e708 100644 --- a/monkey/tests/unit_tests/common/test_agent_configuration.py +++ b/monkey/tests/unit_tests/common/test_agent_configuration.py @@ -24,7 +24,11 @@ from tests.common.example_agent_configuration import ( ) from common import OperatingSystems -from common.configuration import AgentConfiguration, AgentConfigurationSchema +from common.configuration import ( + DEFAULT_AGENT_CONFIGURATION, + AgentConfiguration, + AgentConfigurationSchema, +) from common.configuration.agent_sub_configuration_schemas import ( CustomPBAConfigurationSchema, ExploitationConfigurationSchema, @@ -171,3 +175,11 @@ def test_agent_configuration(): assert isinstance(config.payloads[0], PluginConfiguration) assert isinstance(config.propagation, PropagationConfiguration) assert config_dict == AGENT_CONFIGURATION + + +def test_default_agent_configuration(): + schema = AgentConfigurationSchema() + + config = schema.loads(DEFAULT_AGENT_CONFIGURATION) + + assert isinstance(config, AgentConfiguration)