UI: Add exploiter classes to the json schema

This commit is contained in:
Ilija Lazoroski 2022-06-30 22:45:41 +02:00
parent afbd3789e8
commit c4f34939ec
3 changed files with 142 additions and 25 deletions

View File

@ -1,10 +1,15 @@
import {customPBAConfigurationSchema} from './definitions/custom_pbas.js';
import {pluginConfigurationSchema} from './definitions/plugins.js';
import {propagationConfigurationSchema} from './definitions/propagation.js';
import {bruteForceExploiters, vulnerabilityExploiters} from './definitions/exploiter_classes.js';
export const SCHEMA = {
'title': 'Monkey',
'type': 'object',
'definitions': {
'brute_force_classes': bruteForceExploiters,
'vulnerability_classes': vulnerabilityExploiters
},
'properties': {
'propagation': propagationConfigurationSchema,
'post_breach_actions': {

View File

@ -1,37 +1,46 @@
import {exploitationOptionsConfigurationSchema} from './exploitation_options.js';
import {pluginConfigurationSchema} from './plugins.js';
export const exploitationConfigurationSchema = {
'title': 'Exploiters',
'type': 'object',
'description': 'Choose which exploiters the Monkey will attempt.',
'properties': {
'brute_force': {
'title': 'Brute force exploiters',
'type': 'string',
'anyOf': [
{
'type': 'string',
'enum': ['SmbExploiter'],
'info': 'bla',
'link': 'link'
'title': 'Brute force exploiter',
'type': 'object',
'properties': {
'brute_force_classes': {
'type': 'array',
'uniqueItems': true,
'items': {
'$ref': '#/definitions/brute_force_classes'
},
{
'type': 'string',
'enum': ['SmbExploiter'],
'info': 'bla',
'link': 'link'
}
'default' : [
'SmbExploiter',
'WmiExploiter',
'SSHExploiter',
'MSSQLExploiter'
]
}
}
},
'vulnerability': {
'title': 'Vulnerability exploiters',
'type': 'string',
'items': pluginConfigurationSchema,
'title': 'Vulnerability Exploiters',
'type': 'object',
'properties': {
'vulnerability_classes': {
'type': 'array',
'uniqueItems': true,
'items': {
'$ref': '#/definitions/vulnerability_classes'
},
'default' : [
{'name': 'Log4ShellExploiter', 'safe': true, 'options': {}},
{'name': 'HadoopExploiter', 'safe': true, 'options': {}}
'Log4ShellExploiter',
'HadoopExploiter'
]
}
}
},
'options': exploitationOptionsConfigurationSchema
}
}
};

View File

@ -0,0 +1,103 @@
export const bruteForceExploiters = {
'title': 'Brute force exploiters',
'description': 'Click on exploiter to get more information about it.'
+ '\u26A0'
+ ' Note that using unsafe exploits may cause crashes of the exploited ' +
'machine/service.',
'type': 'string',
'anyOf': [
{
'type': 'string',
'enum': ['SmbExploiter'],
'title': 'SMB Exploiter',
'safe': true,
'attack_techniques': ['T1110', 'T1075', 'T1035'],
'info': 'Brute forces using credentials provided by user and' +
' hashes gathered by mimikatz.',
'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
'/exploiters/smbexec/'
},
{
'type': 'string',
'enum': ['WmiExploiter'],
'title': 'WMI Exploiter',
'safe': true,
'attack_techniques': ['T1110', 'T1106'],
'info': 'Brute forces WMI (Windows Management Instrumentation) ' +
'using credentials provided by user and hashes gathered by ' +
'mimikatz.',
'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
'/exploiters/wmiexec/'
},
{
'type': 'string',
'enum': ['MSSQLExploiter'],
'title': 'MSSQL Exploiter',
'safe': true,
'attack_techniques': ['T1110'],
'info': 'Tries to brute force into MsSQL server and uses insecure ' +
'configuration to execute commands on server.',
'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
'/exploiters/mssql/'
},
{
'type': 'string',
'enum': ['SSHExploiter'],
'title': 'SSH Exploiter',
'safe': true,
'attack_techniques': ['T1110', 'T1145', 'T1106'],
'info': 'Brute forces using credentials provided by user and SSH keys ' +
'gathered from systems.',
'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
'/exploiters/sshexec/'
}
]
}
export const vulnerabilityExploiters = {
'title': 'Vulnerability exploiters',
'description': 'Click on exploiter to get more information about it.' +
'\u26A0 Note that using unsafe exploits may cause craches of the exploited ' +
'machine/service.',
'type': 'string',
'anyOf': [
{
'type': 'string',
'enum': ['ZerologonExploiter'],
'title': 'Zerologon Exploiter',
'safe': false,
'info': 'Exploits a privilege escalation vulnerability (CVE-2020-1472) in a Windows ' +
'server domain controller (DC) by using the Netlogon Remote Protocol (MS-NRPC). ' +
'This exploiter changes the password of a Windows server DC account, steals ' +
'credentials, and then attempts to restore the original DC password. The victim DC ' +
'will be unable to communicate with other DCs until the original ' +
'password has been restored. If Infection Monkey fails to restore the ' +
'password automatically, you\'ll have to do it manually. For more ' +
'information, see the documentation.',
'link': 'https://www.guardicore.com/infectionmonkey' +
'/docs/reference/exploiters/zerologon/'
},
{
'type': 'string',
'enum': ['PowerShellExploiter'],
'title': 'PowerShell Remoting Exploiter',
'info': 'Exploits PowerShell remote execution setups. PowerShell Remoting uses Windows ' +
'Remote Management (WinRM) to allow users to run PowerShell commands on remote ' +
'computers.',
'safe': true,
'link': 'https://www.guardicore.com/infectionmonkey' +
'/docs/reference/exploiters/powershell'
},
{
'type': 'string',
'enum': ['Log4ShellExploiter'],
'title': 'Log4Shell Exploiter',
'safe': true,
'info': 'Exploits a software vulnerability (CVE-2021-44228) in Apache Log4j, a Java ' +
'logging framework. Exploitation is attempted on the following services — ' +
'Apache Solr, Apache Tomcat, Logstash.',
'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
'/exploiters/log4shell/'
}
]
}