Added bootloader endpoint, fixed c code to be able to be included into pyinstaller

monkey/infection_monkey/external_tools/archeologist_bootloader/old_machine_bootloader.c

@@ -1,80 +0,0 @@
-#include <stdio.h> /* printf, sprintf */
-#include <stdlib.h> /* exit */
-#include <unistd.h> /* read, write, close */
-#include <string.h> /* memcpy, memset */
-#include <sys/socket.h> /* socket, connect */
-#include <netinet/in.h> /* struct sockaddr_in, struct sockaddr */
-#include <netdb.h> /* struct hostent, gethostbyname */
-
-void error(const char *msg) { perror(msg); exit(0); }
-
-int main(int argc,char *argv[])
-{
-    /* first what are we going to send and where are we going to send it? */
-    int portno =        5000;
-    char *host =        "api.somesite.com";
-    char *message_fmt = "POST /apikey=%s&command=%s HTTP/1.0\r\n\r\n";
-
-    struct hostent *server;
-    struct sockaddr_in serv_addr;
-    int sockfd, bytes, sent, received, total;
-    char message[1024],response[4096];
-
-    /* fill in the parameters */
-    sprintf(message,message_fmt,argv[1],argv[2]);
-    printf("Request:\n%s\n",message);
-
-    /* create the socket */
-    sockfd = socket(AF_INET, SOCK_STREAM, 0);
-    if (sockfd < 0) error("ERROR opening socket");
-
-    /* lookup the ip address */
-    server = gethostbyname(host);
-    if (server == NULL) error("ERROR, no such host");
-
-    /* fill in the structure */
-    memset(&serv_addr,0,sizeof(serv_addr));
-    serv_addr.sin_family = AF_INET;
-    serv_addr.sin_port = htons(portno);
-    memcpy(&serv_addr.sin_addr.s_addr,server->h_addr,server->h_length);
-
-    /* connect the socket */
-    if (connect(sockfd,(struct sockaddr *)&serv_addr,sizeof(serv_addr)) < 0)
-        error("ERROR connecting");
-
-    /* send the request */
-    total = strlen(message);
-    sent = 0;
-    do {
-        bytes = write(sockfd,message+sent,total-sent);
-        if (bytes < 0)
-            error("ERROR writing message to socket");
-        if (bytes == 0)
-            break;
-        sent+=bytes;
-    } while (sent < total);
-
-    /* receive the response */
-    memset(response,0,sizeof(response));
-    total = sizeof(response)-1;
-    received = 0;
-    do {
-        bytes = read(sockfd,response+received,total-received);
-        if (bytes < 0)
-            error("ERROR reading response from socket");
-        if (bytes == 0)
-            break;
-        received+=bytes;
-    } while (received < total);
-
-    if (received == total)
-        error("ERROR storing complete response from socket");
-
-    /* close the socket */
-    close(sockfd);
-
-    /* process response */
-    printf("Response:\n%s\n",response);
-
-    return 0;
-}

monkey/infection_monkey/external_tools/old_machine_bootloader/old_machine_bootloader.c

@@ -0,0 +1,107 @@
+#include <windows.h>
+#include <wininet.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#pragma comment( lib, "wininet" )
+#pragma comment (lib, "Wininet.lib")
+
+int ping_island(int argc, char * argv[])
+{
+    DWORD dwVersion = 0;
+    DWORD dwMajorVersion = 0;
+    DWORD dwMinorVersion = 0;
+    DWORD dwBuild = 0;
+
+    dwVersion = GetVersion();
+
+    // Get the Windows version.
+
+    dwMajorVersion = (DWORD)(LOBYTE(LOWORD(dwVersion)));
+    dwMinorVersion = (DWORD)(HIBYTE(LOWORD(dwVersion)));
+
+    // Get the build number.
+
+    if (dwVersion < 0x80000000)
+        dwBuild = (DWORD)(HIWORD(dwVersion));
+
+    char versionStr[20];
+    snprintf(versionStr,
+             20,
+             "W%d.%d (%d)\n",
+             dwMajorVersion,
+             dwMinorVersion,
+             dwBuild);
+
+
+    wchar_t  _server[] = L"158.129.18.132";
+    wchar_t _page[] = L"/api/bootloader";
+    HINTERNET hInternet, hConnect, hRequest;
+    DWORD bytes_read;
+    int finished = 0;
+    hInternet = InternetOpen("Mozilla/5.0", INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0);
+    if (hInternet == NULL) {
+        printf("InternetOpen error : <%lu>\n", GetLastError());
+        return 1;
+    }
+
+    hConnect = InternetConnect(hInternet, _server, 5000, "", "", INTERNET_SERVICE_HTTP, 0, 0);
+    if (hConnect == NULL) {
+        printf("hConnect error : <%lu>\n", GetLastError());
+        return 1;
+    }
+    hRequest = HttpOpenRequest(hConnect, L"POST", _page, NULL, NULL, NULL, INTERNET_FLAG_SECURE, 0);
+    if (hRequest == NULL) {
+        printf("hRequest error : <%lu>\n", GetLastError());
+        return 1;
+    }
+
+
+    DWORD dwFlags;
+    DWORD dwBuffLen = sizeof(dwFlags);
+
+    if (InternetQueryOption (hRequest, INTERNET_OPTION_SECURITY_FLAGS, &dwFlags, &dwBuffLen))
+    {
+        dwFlags |= SECURITY_FLAG_IGNORE_UNKNOWN_CA;
+        dwFlags |= SECURITY_FLAG_IGNORE_CERT_CN_INVALID;
+        InternetSetOption (hRequest, INTERNET_OPTION_SECURITY_FLAGS, &dwFlags, sizeof (dwFlags));
+    }
+
+    BOOL isSend = HttpSendRequest(hRequest, NULL, 0, versionStr, 20);
+    if (!isSend){
+        printf("HttpSendRequest error : (%lu)\n", GetLastError());
+        return 1;
+    }
+    DWORD dwFileSize;
+	dwFileSize = BUFSIZ;
+
+	char buffer[BUFSIZ+1];
+
+	while (1) {
+		DWORD dwBytesRead;
+		BOOL bRead;
+
+		bRead = InternetReadFile(
+			hRequest,
+			buffer,
+			dwFileSize + 1,
+			&dwBytesRead);
+
+		if (dwBytesRead == 0) break;
+
+		if (!bRead) {
+			printf("InternetReadFile error : <%lu>\n", GetLastError());
+		}
+		else {
+			buffer[dwBytesRead] = 0;
+			printf("Retrieved %lu data bytes: %s\n", dwBytesRead, buffer);
+		}
+	}
+
+    // close request
+    InternetCloseHandle(hRequest);
+    InternetCloseHandle(hInternet);
+    InternetCloseHandle(hConnect);
+
+    return 0;
+}

monkey/infection_monkey/external_tools/old_machine_bootloader/old_machine_bootloader.h

@@ -0,0 +1,9 @@
+#include <windows.h>
+#include <wininet.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#pragma comment( lib, "wininet" )
+#pragma comment (lib, "Wininet.lib")
+
+int ping_island(int argc, char * argv[]);

monkey/monkey_island/cc/app.py

@@ -29,6 +29,7 @@ from monkey_island.cc.resources.version_update import VersionUpdate
 from monkey_island.cc.resources.pba_file_upload import FileUpload
 from monkey_island.cc.resources.attack.attack_config import AttackConfiguration
 from monkey_island.cc.resources.attack.attack_report import AttackReport
+from monkey_island.cc.resources.bootloader import Bootloader
 from monkey_island.cc.services.database import Database
 from monkey_island.cc.services.remote_run_aws import RemoteRunAwsService
 from monkey_island.cc.services.representations import output_json
@@ -86,6 +87,7 @@ def init_app_url_rules(app):
 def init_api_resources(api):
     api.add_resource(Root, '/api')
     api.add_resource(Monkey, '/api/monkey', '/api/monkey/', '/api/monkey/<string:guid>')
+    api.add_resource(Bootloader, '/api/bootloader')
     api.add_resource(LocalRun, '/api/local-monkey', '/api/local-monkey/')
     api.add_resource(ClientRun, '/api/client-monkey', '/api/client-monkey/')
     api.add_resource(Telemetry, '/api/telemetry', '/api/telemetry/', '/api/telemetry/<string:monkey_guid>')

monkey/monkey_island/cc/resources/bootloader.py

@@ -0,0 +1,39 @@
+import json
+from datetime import datetime
+import dateutil.parser
+import flask_restful
+from flask import request
+
+from monkey_island.cc.consts import DEFAULT_MONKEY_TTL_EXPIRY_DURATION_IN_SECONDS
+from monkey_island.cc.database import mongo
+from monkey_island.cc.models.monkey_ttl import create_monkey_ttl_document
+from monkey_island.cc.services.config import ConfigService
+from monkey_island.cc.services.node import NodeService
+
+WINDOWS_VERSIONS = {
+    "5.0" : "Windows 2000",
+    "5.1" : "Windows XP",
+    "5.2" : "Windows XP/server 2003",
+    "6.0" : "Windows Vista/server 2008",
+    "6.1" : "Windows 7/server 2008R2",
+    "6.2" : "Windows 8/server 2012",
+    "6.3" : "Windows 8.1/server 2012R2",
+    "10.0" : "Windows 10/server 2016-2019"
+}
+
+
+class Bootloader(flask_restful.Resource):
+
+    # Used by monkey. can't secure.
+    def post(self, **kw):
+        os_version = request.data.decode().split(" ")
+        if (os_version[0] == "W"):
+            os_type = "windows"
+            os_version = os_version[1:]
+
+
+        return {"id": "Abc"}
+
+    def get(self, guid=None, **kw):
+        NodeService.update_dead_monkeys()
+        return {}