diff --git a/monkey/infection_monkey/exploit/smbexec.py b/monkey/infection_monkey/exploit/smbexec.py index 348b6803d..fef8dad05 100644 --- a/monkey/infection_monkey/exploit/smbexec.py +++ b/monkey/infection_monkey/exploit/smbexec.py @@ -7,7 +7,7 @@ from infection_monkey.exploit import HostExploiter from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS -from infection_monkey.network import SMBFinger +from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.tools import check_tcp_port from common.utils.exploit_enum import ExploitType from infection_monkey.telemetry.attack.t1035_telem import T1035Telem diff --git a/monkey/infection_monkey/exploit/win_ms08_067.py b/monkey/infection_monkey/exploit/win_ms08_067.py index 7148ba965..1f7f8f12b 100644 --- a/monkey/infection_monkey/exploit/win_ms08_067.py +++ b/monkey/infection_monkey/exploit/win_ms08_067.py @@ -17,7 +17,7 @@ from impacket.dcerpc.v5 import transport from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS -from infection_monkey.network import SMBFinger +from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.tools import check_tcp_port from . import HostExploiter @@ -162,11 +162,11 @@ class Ms08_067_Exploiter(HostExploiter): def is_os_supported(self): if self.host.os.get('type') in self._TARGET_OS_TYPE and \ - self.host.os.get('version') in list(self._windows_versions.keys()): + self.host.os.get('version') in list(self._windows_versions.keys()): return True if not self.host.os.get('type') or ( - self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')): + self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')): is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445) if is_smb_open: smb_finger = SMBFinger() @@ -234,7 +234,8 @@ class Ms08_067_Exploiter(HostExploiter): # execute the remote dropper in case the path isn't final if remote_full_path.lower() != self._config.dropper_target_path_win_32.lower(): cmdline = DROPPER_CMDLINE_WINDOWS % {'dropper_path': remote_full_path} + \ - build_monkey_commandline(self.host, get_monkey_depth() - 1, self._config.dropper_target_path_win_32) + build_monkey_commandline(self.host, get_monkey_depth() - 1, + self._config.dropper_target_path_win_32) else: cmdline = MONKEY_CMDLINE_WINDOWS % {'monkey_path': remote_full_path} + \ build_monkey_commandline(self.host, get_monkey_depth() - 1) diff --git a/monkey/infection_monkey/network/HostFinger.py b/monkey/infection_monkey/network/HostFinger.py new file mode 100644 index 000000000..e660c8c6c --- /dev/null +++ b/monkey/infection_monkey/network/HostFinger.py @@ -0,0 +1,26 @@ +from abc import ABCMeta, abstractproperty, abstractmethod + +from infection_monkey.config import WormConfiguration + + +class HostFinger(object, metaclass=ABCMeta): + @abstractproperty + def _SCANNED_SERVICE(self): + pass + + def init_service(self, services, service_key, port): + services[service_key] = {} + services[service_key]['display_name'] = self._SCANNED_SERVICE + services[service_key]['port'] = port + + @abstractmethod + def get_host_fingerprint(self, host): + raise NotImplementedError() + + @staticmethod + def should_run(class_name): + """ + Decides if post breach action is enabled in config + :return: True if it needs to be ran, false otherwise + """ + return class_name in WormConfiguration.finger_classes diff --git a/monkey/infection_monkey/network/HostScanner.py b/monkey/infection_monkey/network/HostScanner.py new file mode 100644 index 000000000..f32af1c5e --- /dev/null +++ b/monkey/infection_monkey/network/HostScanner.py @@ -0,0 +1,7 @@ +from abc import ABCMeta, abstractmethod + + +class HostScanner(object, metaclass=ABCMeta): + @abstractmethod + def is_host_alive(self, host): + raise NotImplementedError() diff --git a/monkey/infection_monkey/network/__init__.py b/monkey/infection_monkey/network/__init__.py index fe3e6cb7a..05a457b0c 100644 --- a/monkey/infection_monkey/network/__init__.py +++ b/monkey/infection_monkey/network/__init__.py @@ -1,36 +1 @@ -from abc import ABCMeta, abstractmethod - __author__ = 'itamar' - - -class HostScanner(object, metaclass=ABCMeta): - @abstractmethod - def is_host_alive(self, host): - raise NotImplementedError() - - -class HostFinger(object, metaclass=ABCMeta): - @property - @abstractmethod - def _SCANNED_SERVICE(self): - pass - - def init_service(self, services, service_key, port): - services[service_key] = {} - services[service_key]['display_name'] = self._SCANNED_SERVICE - services[service_key]['port'] = port - - @abstractmethod - def get_host_fingerprint(self, host): - raise NotImplementedError() - - -from infection_monkey.network.ping_scanner import PingScanner -from infection_monkey.network.tcp_scanner import TcpScanner -from infection_monkey.network.smbfinger import SMBFinger -from infection_monkey.network.sshfinger import SSHFinger -from infection_monkey.network.httpfinger import HTTPFinger -from infection_monkey.network.elasticfinger import ElasticFinger -from infection_monkey.network.mysqlfinger import MySQLFinger -from infection_monkey.network.info import local_ips, get_free_tcp_port -from infection_monkey.network.mssql_fingerprint import MSSQLFinger diff --git a/monkey/infection_monkey/network/elasticfinger.py b/monkey/infection_monkey/network/elasticfinger.py index aaac09be2..228d4cdbe 100644 --- a/monkey/infection_monkey/network/elasticfinger.py +++ b/monkey/infection_monkey/network/elasticfinger.py @@ -6,9 +6,10 @@ import requests from requests.exceptions import Timeout, ConnectionError import infection_monkey.config +import infection_monkey.network.HostFinger from common.data.network_consts import ES_SERVICE from infection_monkey.model.host import VictimHost -from infection_monkey.network import HostFinger +import infection_monkey.network ES_PORT = 9200 ES_HTTP_TIMEOUT = 5 @@ -16,7 +17,7 @@ LOG = logging.getLogger(__name__) __author__ = 'danielg' -class ElasticFinger(HostFinger): +class ElasticFinger(infection_monkey.network.HostFinger.HostFinger): """ Fingerprints elastic search clusters, only on port 9200 """ diff --git a/monkey/infection_monkey/network/httpfinger.py b/monkey/infection_monkey/network/httpfinger.py index 30292d99f..0b1cd273e 100644 --- a/monkey/infection_monkey/network/httpfinger.py +++ b/monkey/infection_monkey/network/httpfinger.py @@ -1,12 +1,13 @@ import infection_monkey.config -from infection_monkey.network import HostFinger +import infection_monkey.network +import infection_monkey.network.HostFinger from infection_monkey.model.host import VictimHost import logging LOG = logging.getLogger(__name__) -class HTTPFinger(HostFinger): +class HTTPFinger(infection_monkey.network.HostFinger.HostFinger): """ Goal is to recognise HTTP servers, where what we currently care about is apache. """ diff --git a/monkey/infection_monkey/network/mssql_fingerprint.py b/monkey/infection_monkey/network/mssql_fingerprint.py index e6130732d..4e7d35f26 100644 --- a/monkey/infection_monkey/network/mssql_fingerprint.py +++ b/monkey/infection_monkey/network/mssql_fingerprint.py @@ -2,8 +2,9 @@ import errno import logging import socket +import infection_monkey.network.HostFinger from infection_monkey.model.host import VictimHost -from infection_monkey.network import HostFinger +import infection_monkey.network import infection_monkey.config __author__ = 'Maor Rayzin' @@ -11,7 +12,7 @@ __author__ = 'Maor Rayzin' LOG = logging.getLogger(__name__) -class MSSQLFinger(HostFinger): +class MSSQLFinger(infection_monkey.network.HostFinger.HostFinger): # Class related consts SQL_BROWSER_DEFAULT_PORT = 1434 diff --git a/monkey/infection_monkey/network/mysqlfinger.py b/monkey/infection_monkey/network/mysqlfinger.py index 123f0ae47..50af642b2 100644 --- a/monkey/infection_monkey/network/mysqlfinger.py +++ b/monkey/infection_monkey/network/mysqlfinger.py @@ -2,8 +2,9 @@ import logging import socket import infection_monkey.config +import infection_monkey.network.HostFinger from infection_monkey.model.host import VictimHost -from infection_monkey.network import HostFinger +import infection_monkey.network from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string MYSQL_PORT = 3306 @@ -11,7 +12,7 @@ SQL_SERVICE = 'mysqld-3306' LOG = logging.getLogger(__name__) -class MySQLFinger(HostFinger): +class MySQLFinger(infection_monkey.network.HostFinger.HostFinger): """ Fingerprints mysql databases, only on port 3306 """ diff --git a/monkey/infection_monkey/network/network_scanner.py b/monkey/infection_monkey/network/network_scanner.py index 50fd21b4d..faa5e9a5f 100644 --- a/monkey/infection_monkey/network/network_scanner.py +++ b/monkey/infection_monkey/network/network_scanner.py @@ -6,7 +6,8 @@ from common.network.network_range import NetworkRange from infection_monkey.config import WormConfiguration from infection_monkey.model.victim_host_generator import VictimHostGenerator from infection_monkey.network.info import local_ips, get_interfaces_ranges -from infection_monkey.network import TcpScanner, PingScanner +from infection_monkey.network.tcp_scanner import TcpScanner +from infection_monkey.network.ping_scanner import PingScanner LOG = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/network/ping_scanner.py b/monkey/infection_monkey/network/ping_scanner.py index bf215168e..8838d17d0 100644 --- a/monkey/infection_monkey/network/ping_scanner.py +++ b/monkey/infection_monkey/network/ping_scanner.py @@ -5,8 +5,10 @@ import subprocess import sys import infection_monkey.config +import infection_monkey.network.HostFinger +import infection_monkey.network.HostScanner from infection_monkey.model.host import VictimHost -from infection_monkey.network import HostScanner, HostFinger +import infection_monkey.network __author__ = 'itamar' @@ -19,7 +21,7 @@ WINDOWS_TTL = 128 LOG = logging.getLogger(__name__) -class PingScanner(HostScanner, HostFinger): +class PingScanner(infection_monkey.network.HostScanner.HostScanner, infection_monkey.network.HostFinger.HostFinger): _SCANNED_SERVICE = '' diff --git a/monkey/infection_monkey/network/smbfinger.py b/monkey/infection_monkey/network/smbfinger.py index 8a267e9d1..2e81db4b1 100644 --- a/monkey/infection_monkey/network/smbfinger.py +++ b/monkey/infection_monkey/network/smbfinger.py @@ -3,7 +3,8 @@ import struct import logging from odict import odict -from infection_monkey.network import HostFinger +import infection_monkey.network +import infection_monkey.network.HostFinger from infection_monkey.model.host import VictimHost SMB_PORT = 445 @@ -100,7 +101,7 @@ class SMBSessionFingerData(Packet): self.fields["bcc1"] = struct.pack("