From b90e9ccf21e8eff8c2518766ae3de7acedf7c671 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 24 Sep 2021 15:29:11 +0200 Subject: [PATCH 1/4] Zoo: Add second hop bb test Added new powershell-3-48 machine for second hop test. Explanation why cached are not working after the first hop. Documentation for the zoo. --- .../blackbox/config_templates/powershell.py | 11 ++++-- .../blackbox/gcp_test_machine_list.py | 1 + envs/monkey_zoo/docs/fullDocs.md | 37 +++++++++++++++++-- envs/monkey_zoo/terraform/images.tf | 4 ++ envs/monkey_zoo/terraform/monkey_zoo.tf | 15 ++++++++ .../exploit/powershell_utils/credentials.py | 6 ++- 6 files changed, 65 insertions(+), 9 deletions(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell.py b/envs/monkey_zoo/blackbox/config_templates/powershell.py index cd238fd27..ff377a14f 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell.py @@ -10,10 +10,15 @@ class PowerShell(ConfigTemplate): config_values.update( { "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], - "basic_network.scope.subnet_scan_list": ["10.2.3.45", "10.2.3.46", "10.2.3.47"], + "basic_network.scope.subnet_scan_list": [ + "10.2.3.45", + "10.2.3.46", + "10.2.3.47", + "10.2.3.48", + ], "basic.credentials.exploit_password_list": ["Passw0rd!"], - "basic_network.scope.depth": 2, - "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user"], + "basic_network.scope.depth": 2, # TODO: Remove .\\ when DC name is added + "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user", ".\\m0nk3y"], "internal.classes.finger_classes": ["PingScanner"], "internal.network.tcp_scanner.HTTP_PORTS": [], "internal.network.tcp_scanner.tcp_target_ports": [], diff --git a/envs/monkey_zoo/blackbox/gcp_test_machine_list.py b/envs/monkey_zoo/blackbox/gcp_test_machine_list.py index 968e2026d..2cd5a045c 100644 --- a/envs/monkey_zoo/blackbox/gcp_test_machine_list.py +++ b/envs/monkey_zoo/blackbox/gcp_test_machine_list.py @@ -25,5 +25,6 @@ GCP_TEST_MACHINE_LIST = { "powershell-3-45", "powershell-3-46", "powershell-3-47", + "powershell-3-48", ], } diff --git a/envs/monkey_zoo/docs/fullDocs.md b/envs/monkey_zoo/docs/fullDocs.md index 4008b464d..679f52d3e 100644 --- a/envs/monkey_zoo/docs/fullDocs.md +++ b/envs/monkey_zoo/docs/fullDocs.md @@ -34,8 +34,9 @@ This document describes Infection Monkey’s test network, how to deploy and use [Nr. 3-45 Powershell](#_Toc536021479)
[Nr. 3-46 Powershell](#_Toc536021480)
[Nr. 3-47 Powershell](#_Toc536021481)
-[Nr. 250 MonkeyIsland](#_Toc536021482)
-[Nr. 251 MonkeyIsland](#_Toc536021483)
+[Nr. 3-48 Powershell](#_Toc536021482)
+[Nr. 250 MonkeyIsland](#_Toc536021483)
+[Nr. 251 MonkeyIsland](#_Toc536021484)
[Network topography](#network-topography)
# Warning\! @@ -1171,7 +1172,35 @@ fullTest.conf is a good config to start, because it covers all machines. - + + + + + + + + + + + + + + + + + + + + + +

Nr. 250 MonkeyIsland

+

Nr. 3-48 Powershell

+

(10.2.3.48)

(Vulnerable)
OS:Windows Server 2019 x64
Software:WinRM service
Default server’s port:-
Notes:User: m0nk3y, Password: Passw0rd!
+ + + + + @@ -1203,7 +1232,7 @@ fullTest.conf is a good config to start, because it covers all machines.

Nr. 250 MonkeyIsland

(10.2.2.250)
- diff --git a/envs/monkey_zoo/terraform/images.tf b/envs/monkey_zoo/terraform/images.tf index 949aa50ac..77432c845 100644 --- a/envs/monkey_zoo/terraform/images.tf +++ b/envs/monkey_zoo/terraform/images.tf @@ -57,6 +57,10 @@ data "google_compute_image" "mssql-16" { name = "mssql-16" project = local.monkeyzoo_project } +data "google_compute_image" "powershell-3-48" { + name = "powershell-3-48" + project = local.monkeyzoo_project +} data "google_compute_image" "powershell-3-47" { name = "powershell-3-47" project = local.monkeyzoo_project diff --git a/envs/monkey_zoo/terraform/monkey_zoo.tf b/envs/monkey_zoo/terraform/monkey_zoo.tf index ffa5efbe1..cd9675732 100644 --- a/envs/monkey_zoo/terraform/monkey_zoo.tf +++ b/envs/monkey_zoo/terraform/monkey_zoo.tf @@ -313,6 +313,21 @@ resource "google_compute_instance_from_template" "mssql-16" { } } +resource "google_compute_instance_from_template" "powershell-3-48" { + name = "${local.resource_prefix}powershell-3-48" + source_instance_template = local.default_windows + boot_disk{ + initialize_params { + image = data.google_compute_image.powershell-3-48.self_link + } + auto_delete = true + } + network_interface { + subnetwork="${local.resource_prefix}monkeyzoo-main-1" + network_ip="10.2.3.48" + } +} + resource "google_compute_instance_from_template" "powershell-3-47" { name = "${local.resource_prefix}powershell-3-47" source_instance_template = local.default_windows diff --git a/monkey/infection_monkey/exploit/powershell_utils/credentials.py b/monkey/infection_monkey/exploit/powershell_utils/credentials.py index 982f9da29..0e7d0ebab 100644 --- a/monkey/infection_monkey/exploit/powershell_utils/credentials.py +++ b/monkey/infection_monkey/exploit/powershell_utils/credentials.py @@ -36,7 +36,9 @@ def get_credentials( # On Windows systems, when username == None and password == None, the current user's credentials -# will be used to attempt to log into the victim. +# will be used to attempt to log into the victim only on the first hop, from island +# to a machine. Propagating after the first hop is not possible at the moment. +# See this: https://security.stackexchange.com/questions/120422/powershell-and-cached-credentials def _get_empty_credentials(is_windows: bool) -> List[Credentials]: if is_windows: return [Credentials(username=None, secret=None, secret_type=SecretType.CACHED)] @@ -44,7 +46,7 @@ def _get_empty_credentials(is_windows: bool) -> List[Credentials]: return [] -# On Windows systems, when password == None, the current user's password will bu used to attempt to +# On Windows systems, when password == None, the current user's password will be used to attempt to # log into the victim. def _get_username_only_credentials(usernames: List[str], is_windows: bool) -> List[Credentials]: credentials = [ From 689e6ac5328c8cef5f6da4ff00161b08a0df00f9 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 27 Sep 2021 13:08:52 +0200 Subject: [PATCH 2/4] Zoo: Add os specific black box test. Add new --os flag to the blackbox tests. If not specified it will skip all os marked tests. --- .../blackbox/config_templates/powershell.py | 17 +++++++++++++++ envs/monkey_zoo/blackbox/conftest.py | 21 +++++++++++++++++++ envs/monkey_zoo/blackbox/test_blackbox.py | 10 ++++++++- vulture_allowlist.py | 2 ++ 4 files changed, 49 insertions(+), 1 deletion(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell.py b/envs/monkey_zoo/blackbox/config_templates/powershell.py index ff377a14f..fddfd32ae 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell.py @@ -27,3 +27,20 @@ class PowerShell(ConfigTemplate): ], } ) + + +class PowerShell_Cached(ConfigTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update( + { + "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], + "basic_network.scope.subnet_scan_list": [ + "10.2.3.46", + ], + "basic_network.scope.depth": 2, + "internal.classes.finger_classes": ["PingScanner"], + "internal.network.tcp_scanner.HTTP_PORTS": [], + "internal.network.tcp_scanner.tcp_target_ports": [], + } + ) diff --git a/envs/monkey_zoo/blackbox/conftest.py b/envs/monkey_zoo/blackbox/conftest.py index cc608fae8..cfaa1f604 100644 --- a/envs/monkey_zoo/blackbox/conftest.py +++ b/envs/monkey_zoo/blackbox/conftest.py @@ -27,6 +27,12 @@ def pytest_addoption(parser): default=False, help="If enabled performance tests will be run.", ) + parser.addoption( + "--os", + action="store", + default=None, + help="Use to run Windows or Linux specific tests.", + ) @pytest.fixture(scope="session") @@ -51,3 +57,18 @@ def pytest_runtest_setup(item): pytest.skip( "Skipping performance test because " "--run-performance-tests flag isn't specified." ) + + if item.config.getoption("--os"): + os = [mark.args[0] for mark in item.iter_markers(name="os")] + if os: + if item.config.getoption("--os") not in os: + pytest.skip( + f"Skipping OS specific test. Run in {os[0]} if " + f"you want this test to be executed." + ) + else: + pytest.skip( + "Skipping OS specific test because" + "--os flag isn't specified." + " Specify --os with windows or linux as options." + ) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index 221d783f6..8616d77b5 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -13,7 +13,7 @@ from envs.monkey_zoo.blackbox.config_templates.elastic import Elastic from envs.monkey_zoo.blackbox.config_templates.hadoop import Hadoop from envs.monkey_zoo.blackbox.config_templates.mssql import Mssql from envs.monkey_zoo.blackbox.config_templates.performance import Performance -from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell +from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell, PowerShell_Cached from envs.monkey_zoo.blackbox.config_templates.shellshock import ShellShock from envs.monkey_zoo.blackbox.config_templates.smb_mimikatz import SmbMimikatz from envs.monkey_zoo.blackbox.config_templates.smb_pth import SmbPth @@ -52,6 +52,8 @@ MACHINE_BOOTUP_WAIT_SECONDS = 30 LOG_DIR_PATH = "./logs" logging.basicConfig(level=logging.INFO) LOGGER = logging.getLogger(__name__) +WINDOWS = "windows" +LINUX = "linux" @pytest.fixture(autouse=True, scope="session") @@ -166,6 +168,12 @@ class TestMonkeyBlackbox: island_client, PowerShell, "PowerShell_Remoting_exploiter" ) + @pytest.mark.os(WINDOWS) + def test_powershell_exploiter_cached_credentials(self, island_client): + TestMonkeyBlackbox.run_exploitation_test( + island_client, PowerShell_Cached, "PowerShell_Remoting_exploiter_cached_credentials" + ) + def test_smb_and_mimikatz_exploiters(self, island_client): TestMonkeyBlackbox.run_exploitation_test( island_client, SmbMimikatz, "SMB_exploiter_mimikatz" diff --git a/vulture_allowlist.py b/vulture_allowlist.py index 905cc74ad..5680cf5b6 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -205,4 +205,6 @@ environment # unused variable (monkey/monkey_island/cc/models/monkey.py:59) _.environment # unused attribute (monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py:10) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:35) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:64) +# TODO: Remove this when adding LINUX specific bb test +LINUX # unused variable (envs/monkey_zoo/blackbox/test_blackbox.py:56) GCPHandler # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:57) From 07c08ac0b6fac9a31626ae0207a87f0a675a9794 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 27 Sep 2021 17:12:28 +0200 Subject: [PATCH 3/4] Zoo: Reformat powershell cached credentials test --- .../blackbox/config_templates/powershell.py | 21 +++---------------- .../powershell_cached_credentials.py | 21 +++++++++++++++++++ envs/monkey_zoo/blackbox/conftest.py | 18 ++++++++-------- envs/monkey_zoo/blackbox/test_blackbox.py | 10 ++++++--- vulture_allowlist.py | 2 -- 5 files changed, 40 insertions(+), 32 deletions(-) create mode 100644 envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell.py b/envs/monkey_zoo/blackbox/config_templates/powershell.py index fddfd32ae..96ba0b908 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell.py @@ -7,6 +7,8 @@ from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemp class PowerShell(ConfigTemplate): config_values = copy(BaseTemplate.config_values) + # TODO: Remove .\\ from exploit user list when DC name is added, + # for more context see https://github.com/guardicore/monkey/issues/1486 config_values.update( { "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], @@ -17,7 +19,7 @@ class PowerShell(ConfigTemplate): "10.2.3.48", ], "basic.credentials.exploit_password_list": ["Passw0rd!"], - "basic_network.scope.depth": 2, # TODO: Remove .\\ when DC name is added + "basic_network.scope.depth": 2, "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user", ".\\m0nk3y"], "internal.classes.finger_classes": ["PingScanner"], "internal.network.tcp_scanner.HTTP_PORTS": [], @@ -27,20 +29,3 @@ class PowerShell(ConfigTemplate): ], } ) - - -class PowerShell_Cached(ConfigTemplate): - config_values = copy(BaseTemplate.config_values) - - config_values.update( - { - "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], - "basic_network.scope.subnet_scan_list": [ - "10.2.3.46", - ], - "basic_network.scope.depth": 2, - "internal.classes.finger_classes": ["PingScanner"], - "internal.network.tcp_scanner.HTTP_PORTS": [], - "internal.network.tcp_scanner.tcp_target_ports": [], - } - ) diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py b/envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py new file mode 100644 index 000000000..c8a40f94b --- /dev/null +++ b/envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py @@ -0,0 +1,21 @@ +from copy import copy + +from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate +from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate + + +class PowerShellCachedCredentials(ConfigTemplate): + config_values = copy(BaseTemplate.config_values) + + config_values.update( + { + "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], + "basic_network.scope.subnet_scan_list": [ + "10.2.3.46", + ], + "basic_network.scope.depth": 2, + "internal.classes.finger_classes": ["PingScanner"], + "internal.network.tcp_scanner.HTTP_PORTS": [], + "internal.network.tcp_scanner.tcp_target_ports": [], + } + ) diff --git a/envs/monkey_zoo/blackbox/conftest.py b/envs/monkey_zoo/blackbox/conftest.py index cfaa1f604..946e9c036 100644 --- a/envs/monkey_zoo/blackbox/conftest.py +++ b/envs/monkey_zoo/blackbox/conftest.py @@ -58,17 +58,17 @@ def pytest_runtest_setup(item): "Skipping performance test because " "--run-performance-tests flag isn't specified." ) - if item.config.getoption("--os"): - os = [mark.args[0] for mark in item.iter_markers(name="os")] - if os: - if item.config.getoption("--os") not in os: - pytest.skip( - f"Skipping OS specific test. Run in {os[0]} if " - f"you want this test to be executed." - ) - else: + if not item.config.getoption("--os"): pytest.skip( "Skipping OS specific test because" "--os flag isn't specified." " Specify --os with windows or linux as options." ) + + os = [mark.args[0] for mark in item.iter_markers(name="os")] + + if os and item.config.getoption("--os") not in os: + pytest.skip( + f'Skipping OS specific test. Run with "--os={os[0]}" if ' + f"you want this test to be executed." + ) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index 8616d77b5..153f995b9 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -13,7 +13,10 @@ from envs.monkey_zoo.blackbox.config_templates.elastic import Elastic from envs.monkey_zoo.blackbox.config_templates.hadoop import Hadoop from envs.monkey_zoo.blackbox.config_templates.mssql import Mssql from envs.monkey_zoo.blackbox.config_templates.performance import Performance -from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell, PowerShell_Cached +from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell +from envs.monkey_zoo.blackbox.config_templates.powershell_cached_credentials import ( + PowerShellCachedCredentials, +) from envs.monkey_zoo.blackbox.config_templates.shellshock import ShellShock from envs.monkey_zoo.blackbox.config_templates.smb_mimikatz import SmbMimikatz from envs.monkey_zoo.blackbox.config_templates.smb_pth import SmbPth @@ -53,7 +56,6 @@ LOG_DIR_PATH = "./logs" logging.basicConfig(level=logging.INFO) LOGGER = logging.getLogger(__name__) WINDOWS = "windows" -LINUX = "linux" @pytest.fixture(autouse=True, scope="session") @@ -171,7 +173,9 @@ class TestMonkeyBlackbox: @pytest.mark.os(WINDOWS) def test_powershell_exploiter_cached_credentials(self, island_client): TestMonkeyBlackbox.run_exploitation_test( - island_client, PowerShell_Cached, "PowerShell_Remoting_exploiter_cached_credentials" + island_client, + PowerShellCachedCredentials, + "PowerShell_Remoting_exploiter_cached_credentials", ) def test_smb_and_mimikatz_exploiters(self, island_client): diff --git a/vulture_allowlist.py b/vulture_allowlist.py index 5680cf5b6..905cc74ad 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -205,6 +205,4 @@ environment # unused variable (monkey/monkey_island/cc/models/monkey.py:59) _.environment # unused attribute (monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py:10) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:35) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:64) -# TODO: Remove this when adding LINUX specific bb test -LINUX # unused variable (envs/monkey_zoo/blackbox/test_blackbox.py:56) GCPHandler # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:57) From a438f3afb02e266576b812c61861cea3261ec12a Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Tue, 28 Sep 2021 16:42:16 +0200 Subject: [PATCH 4/4] Zoo: Replace --os with --skip-powershell-reuse With this logic the powershell cached will run if we don't provide the cli param --skip-powershell-reuse. --- ...als.py => powershell_credentials_reuse.py} | 2 +- envs/monkey_zoo/blackbox/conftest.py | 25 +++++++------------ envs/monkey_zoo/blackbox/test_blackbox.py | 13 +++++----- 3 files changed, 16 insertions(+), 24 deletions(-) rename envs/monkey_zoo/blackbox/config_templates/{powershell_cached_credentials.py => powershell_credentials_reuse.py} (93%) diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py b/envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py similarity index 93% rename from envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py rename to envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py index c8a40f94b..d6113dc15 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell_cached_credentials.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell_credentials_reuse.py @@ -4,7 +4,7 @@ from envs.monkey_zoo.blackbox.config_templates.base_template import BaseTemplate from envs.monkey_zoo.blackbox.config_templates.config_template import ConfigTemplate -class PowerShellCachedCredentials(ConfigTemplate): +class PowerShellCredentialsReuse(ConfigTemplate): config_values = copy(BaseTemplate.config_values) config_values.update( diff --git a/envs/monkey_zoo/blackbox/conftest.py b/envs/monkey_zoo/blackbox/conftest.py index 946e9c036..82c6d3d9a 100644 --- a/envs/monkey_zoo/blackbox/conftest.py +++ b/envs/monkey_zoo/blackbox/conftest.py @@ -28,10 +28,10 @@ def pytest_addoption(parser): help="If enabled performance tests will be run.", ) parser.addoption( - "--os", - action="store", - default=None, - help="Use to run Windows or Linux specific tests.", + "--skip-powershell-reuse", + action="store_true", + default=False, + help="Use to run PowerShell credentials reuse test.", ) @@ -58,17 +58,10 @@ def pytest_runtest_setup(item): "Skipping performance test because " "--run-performance-tests flag isn't specified." ) - if not item.config.getoption("--os"): + if "skip_powershell_reuse" in item.keywords and item.config.getoption( + "--skip-powershell-reuse" + ): pytest.skip( - "Skipping OS specific test because" - "--os flag isn't specified." - " Specify --os with windows or linux as options." - ) - - os = [mark.args[0] for mark in item.iter_markers(name="os")] - - if os and item.config.getoption("--os") not in os: - pytest.skip( - f'Skipping OS specific test. Run with "--os={os[0]}" if ' - f"you want this test to be executed." + "Skipping powershell credentials reuse test because " + "--skip-powershell-cached flag isn't specified." ) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index 153f995b9..cc4d6ba97 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -14,8 +14,8 @@ from envs.monkey_zoo.blackbox.config_templates.hadoop import Hadoop from envs.monkey_zoo.blackbox.config_templates.mssql import Mssql from envs.monkey_zoo.blackbox.config_templates.performance import Performance from envs.monkey_zoo.blackbox.config_templates.powershell import PowerShell -from envs.monkey_zoo.blackbox.config_templates.powershell_cached_credentials import ( - PowerShellCachedCredentials, +from envs.monkey_zoo.blackbox.config_templates.powershell_credentials_reuse import ( + PowerShellCredentialsReuse, ) from envs.monkey_zoo.blackbox.config_templates.shellshock import ShellShock from envs.monkey_zoo.blackbox.config_templates.smb_mimikatz import SmbMimikatz @@ -55,7 +55,6 @@ MACHINE_BOOTUP_WAIT_SECONDS = 30 LOG_DIR_PATH = "./logs" logging.basicConfig(level=logging.INFO) LOGGER = logging.getLogger(__name__) -WINDOWS = "windows" @pytest.fixture(autouse=True, scope="session") @@ -170,12 +169,12 @@ class TestMonkeyBlackbox: island_client, PowerShell, "PowerShell_Remoting_exploiter" ) - @pytest.mark.os(WINDOWS) - def test_powershell_exploiter_cached_credentials(self, island_client): + @pytest.mark.skip_powershell_reuse + def test_powershell_exploiter_credentials_reuse(self, island_client): TestMonkeyBlackbox.run_exploitation_test( island_client, - PowerShellCachedCredentials, - "PowerShell_Remoting_exploiter_cached_credentials", + PowerShellCredentialsReuse, + "PowerShell_Remoting_exploiter_credentials_reuse", ) def test_smb_and_mimikatz_exploiters(self, island_client):

Nr. 251 MonkeyIsland

+

Nr. 251 MonkeyIsland

(10.2.2.251)