From a807e3f8b66a4fdb37dbd75fa1d19272ef02eacf Mon Sep 17 00:00:00 2001 From: Itay Mizeretz Date: Sun, 8 Oct 2017 15:36:12 +0300 Subject: [PATCH] Organize and improve documentation of config --- monkey_island/cc/services/config.py | 122 +++++++++++------- .../ui/src/components/pages/ConfigurePage.js | 10 +- 2 files changed, 84 insertions(+), 48 deletions(-) diff --git a/monkey_island/cc/services/config.py b/monkey_island/cc/services/config.py index 97dae84cd..69ac22c97 100644 --- a/monkey_island/cc/services/config.py +++ b/monkey_island/cc/services/config.py @@ -21,56 +21,56 @@ SCHEMA = { "enum": [ "SmbExploiter" ], - "title": "SmbExploiter" + "title": "SMB Exploiter" }, { "type": "string", "enum": [ "WmiExploiter" ], - "title": "WmiExploiter" + "title": "WMI Exploiter" }, { "type": "string", "enum": [ "RdpExploiter" ], - "title": "RdpExploiter (UNSAFE)" + "title": "RDP Exploiter (UNSAFE)" }, { "type": "string", "enum": [ "Ms08_067_Exploiter" ], - "title": "Ms08-067 Exploiter (UNSAFE)" + "title": "MS08-067 Exploiter (UNSAFE)" }, { "type": "string", "enum": [ "SSHExploiter" ], - "title": "SSHExploiter" + "title": "SSH Exploiter" }, { "type": "string", "enum": [ "ShellShockExploiter" ], - "title": "ShellShockExploiter" + "title": "ShellShock Exploiter" }, { "type": "string", "enum": [ "SambaCryExploiter" ], - "title": "SambaCryExploiter" + "title": "SambaCry Exploiter" }, { "type": "string", "enum": [ "ElasticGroovyExploiter" ], - "title": "ElasticGroovyExploiter" + "title": "ElasticGroovy Exploiter" }, ] }, @@ -125,7 +125,7 @@ SCHEMA = { }, "properties": { "basic": { - "title": "Basic", + "title": "Basic - Credentials", "type": "object", "properties": { "credentials": { @@ -188,7 +188,7 @@ SCHEMA = { "title": "Local network scan", "type": "boolean", "default": True, - "description": "Determines whether monkey should scan its subnets additionally" + "description": "Determines whether the monkey should scan its subnets additionally" }, "depth": { "title": "Depth" + WARNING_SIGN, @@ -212,17 +212,23 @@ SCHEMA = { "ClassCRange" ], "enumNames": [ - "FixedRange", - "RelativeRange", - "ClassCRange" + "Fixed Range", + "Relative Range", + "Class C Range" ], - "description": "Determines which class to use to determine scan range" + "description": + "Determines which class to use to determine scan range." + " Fixed Range will scan only specific IPs listed under Fixed range IP list." + " Relative Range will scan the closest ips to the machine's IP." + " Class C Range will scan machines in the Class C network the monkey's on." }, "range_size": { "title": "Relative range size", "type": "integer", "default": 1, - "description": "Determines the size of the RelativeRange - amount of IPs to include" + "description": + "Determines the size of the RelativeRange - amount of IPs to scan" + " (Only relevant for Relative Range)" }, "range_fixed": { "title": "Fixed range IP list", @@ -233,7 +239,9 @@ SCHEMA = { }, "default": [ ], - "description": "List of IPs to include when using FixedRange" + "description": + "List of IPs to include when using FixedRange" + " (Only relevant for Fixed Range)" } } } @@ -293,25 +301,30 @@ SCHEMA = { "title": "Max victims to find", "type": "integer", "default": 30, - "description": "Determines after how many discovered machines should the monkey stop scanning" + "description": "Determines the maximum number of machines the monkey is allowed to scan" }, "victims_max_exploit": { "title": "Max victims to exploit" + WARNING_SIGN, "type": "integer", "default": 7, - "description": "Determines after how many infected machines should the monkey stop infecting" + "description": + "Determines the maximum number of machines the monkey" + " is allowed to successfully exploit" }, "timeout_between_iterations": { "title": "Wait time between iterations", "type": "integer", "default": 100, - "description": "Determines for how long (in seconds) should the monkey wait between iterations" + "description": + "Determines for how long (in seconds) should the monkey wait between iterations" }, "retry_failed_explotation": { "title": "Retry failed exploitation", "type": "boolean", "default": True, - "description": "Determines whether the monkey should retry exploiting machines it didn't successfuly exploit on previous iterations" + "description": + "Determines whether the monkey should retry exploiting machines" + " it didn't successfuly exploit on previous iterations" } } } @@ -329,7 +342,8 @@ SCHEMA = { "title": "Singleton mutex name", "type": "string", "default": "{2384ec59-0df8-4ab9-918c-843740924a28}", - "description": "The name of the mutex used to determine whether the monkey is already running" + "description": + "The name of the mutex used to determine whether the monkey is already running" }, "collect_system_info": { "title": "Collect system info", @@ -371,23 +385,6 @@ SCHEMA = { "ElasticFinger" ], "description": "Determines which classes to use for fingerprinting" - }, - "exploiter_classes": { - "title": "Exploiter classes" + WARNING_SIGN, - "type": "array", - "uniqueItems": True, - "items": { - "$ref": "#/definitions/exploiter_classes" - }, - "default": [ - "SmbExploiter", - "WmiExploiter", - "SSHExploiter", - "ShellShockExploiter", - "SambaCryExploiter", - "ElasticGroovyExploiter" - ], - "description": "Determines which classes to use for exploiting" } } }, @@ -417,19 +414,25 @@ SCHEMA = { "title": "Dropper sets date", "type": "boolean", "default": True, - "description": "Determines whether the dropper should set the monkey's file date to be the same as another file" + "description": + "Determines whether the dropper should set the monkey's file date to be the same as" + " another file" }, "dropper_date_reference_path_windows": { "title": "Dropper date reference path (Windows)", "type": "string", "default": "%windir%\\system32\\kernel32.dll", - "description": "Determines which file the dropper should copy the date from if it's configured to do so on Windows (use fullpath)" + "description": + "Determines which file the dropper should copy the date from if it's configured to do" + " so on Windows (use fullpath)" }, "dropper_date_reference_path_linux": { "title": "Dropper date reference path (Linux)", "type": "string", "default": "/bin/sh", - "description": "Determines which file the dropper should copy the date from if it's configured to do so on Linux (use fullpath)" + "description": + "Determines which file the dropper should copy the date from if it's configured to do" + " so on Linux (use fullpath)" }, "dropper_target_path_linux": { "title": "Dropper target path on Linux", @@ -447,7 +450,9 @@ SCHEMA = { "title": "Try to move first", "type": "boolean", "default": True, - "description": "Determines whether the dropper should try to move itself instead of copying itself to target path" + "description": + "Determines whether the dropper should try to move itsel instead of copying itself" + " to target path" } } }, @@ -515,7 +520,8 @@ SCHEMA = { "title": "Mimikatz DLL name", "type": "string", "default": "mk.dll", - "description": "Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)" + "description": + "Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)" } } } @@ -552,7 +558,9 @@ SCHEMA = { "monkey.guardicore.com", "www.google.com" ], - "description": "List of internet services to try and communicate with to determine internet connectivity (use either ip or domain)" + "description": + "List of internet services to try and communicate with to determine internet" + " connectivity (use either ip or domain)" }, "current_server": { "title": "Current server", @@ -572,11 +580,29 @@ SCHEMA = { "title": "General", "type": "object", "properties": { + "exploiter_classes": { + "title": "Exploits" + WARNING_SIGN, + "type": "array", + "uniqueItems": True, + "items": { + "$ref": "#/definitions/exploiter_classes" + }, + "default": [ + "SmbExploiter", + "WmiExploiter", + "SSHExploiter", + "ShellShockExploiter", + "SambaCryExploiter", + "ElasticGroovyExploiter" + ], + "description": "Determines which exploits to use" + }, "skip_exploit_if_file_exist": { "title": "Skip exploit if file exists", "type": "boolean", "default": False, - "description": "Determines whether the monkey should skip the exploit if the monkey's file is already on the remote machine" + "description": "Determines whether the monkey should skip the exploit if the monkey's file" + " is already on the remote machine" } } }, @@ -612,7 +638,8 @@ SCHEMA = { "title": "Use VBS download", "type": "boolean", "default": True, - "description": "Determines whether to use VBS or BITS to download monkey to remote machine (true=VBS, false=BITS)" + "description": "Determines whether to use VBS or BITS to download monkey to remote machine" + " (true=VBS, false=BITS)" } } }, @@ -667,7 +694,8 @@ SCHEMA = { "title": "SMB download timeout", "type": "integer", "default": 300, - "description": "Timeout (in seconds) for SMB download operation (used in various exploits using SMB)" + "description": + "Timeout (in seconds) for SMB download operation (used in various exploits using SMB)" }, "smb_service_name": { "title": "SMB service name", diff --git a/monkey_island/cc/ui/src/components/pages/ConfigurePage.js b/monkey_island/cc/ui/src/components/pages/ConfigurePage.js index 4fcff5c72..ad98f5564 100644 --- a/monkey_island/cc/ui/src/components/pages/ConfigurePage.js +++ b/monkey_island/cc/ui/src/components/pages/ConfigurePage.js @@ -116,7 +116,15 @@ class ConfigurePageComponent extends React.Component { {section.title} )} - + { + this.state.selectedSection === 'basic_network' ? +
+ + The Monkey scans its subnet if "Local network scan" is ticked. Additionally the monkey will scan machines + according to its range class. +
+ :
+ } { this.state.selectedSection ?