p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1978 from guardicore/1974-change-AgentBinaries-url 

Change AgentBinaries URL
This commit is contained in:
Shreya Malviya 2022-06-03 13:50:53 +05:30 committed by GitHub
parent 594d215598 c43bc3a0c1
commit cdbe929a87
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 21 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -34,6 +34,8 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- All "/api/monkey_control" endpoints to "/api/monkey-control". #1888 - All "/api/monkey_control" endpoints to "/api/monkey-control". #1888
- All "/api/monkey" endpoints to "/api/agent". #1888 - All "/api/monkey" endpoints to "/api/agent". #1888
- Update MongoDB version to 4.4.x. #1924 - Update MongoDB version to 4.4.x. #1924
- Endpoint to get agent binaries from "/api/agent/download/<string:os>" to
"/api/agent-binaries/<string:os>". #1978
### Removed ### Removed
- VSFTPD exploiter. #1533 - VSFTPD exploiter. #1533

2
docs/content/FAQ/_index.md
View File

@ -185,7 +185,7 @@ The Monkey Island's log file is located in the
The log enables you to see which requests were requested from the server and extra logs from the backend logic. The log will contain entries like these: The log enables you to see which requests were requested from the server and extra logs from the backend logic. The log will contain entries like these:
```log ```log
2022-04-18 13:48:43,914 - pywsgi.py:1226 - write() - INFO - 192.168.56.1 - - [2022-04-18 13:48:43] "GET /api/agent/download/windows HTTP/1.1" 200 21470665 0.293586 2022-04-18 13:48:43,914 - pywsgi.py:1226 - write() - INFO - 192.168.56.1 - - [2022-04-18 13:48:43] "GET /api/agent-binaries/windows HTTP/1.1" 200 21470665 0.293586
2022-04-18 13:48:49,970 - pywsgi.py:1226 - write() - INFO - 192.168.56.1 - - [2022-04-18 13:48:49] "GET /api/island-mode HTTP/1.1" 200 128 0.003426 2022-04-18 13:48:49,970 - pywsgi.py:1226 - write() - INFO - 192.168.56.1 - - [2022-04-18 13:48:49] "GET /api/island-mode HTTP/1.1" 200 128 0.003426
2022-04-18 13:48:49,988 - report.py:355 - get_domain_issues() - INFO - Domain issues generated for reporting 2022-04-18 13:48:49,988 - report.py:355 - get_domain_issues() - INFO - Domain issues generated for reporting
``` ```

4
envs/os_compatibility/README.md
View File

@ -68,13 +68,13 @@ Example commands:
```cmd ```cmd
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue
Invoke-WebRequest -Uri 'https://10.0.0.251:5000/api/agent/download/windows' -OutFile 'C:\windows\temp\monkey-windows-64.exe' -UseBasicParsing Invoke-WebRequest -Uri 'https://10.0.0.251:5000/api/agent-binaries/windows' -OutFile 'C:\windows\temp\monkey-windows-64.exe' -UseBasicParsing
C:\windows\temp\monkey-windows-64.exe m0nk3y -s 10.0.0.251:5000 C:\windows\temp\monkey-windows-64.exe m0nk3y -s 10.0.0.251:5000
``` ```
- Bash: - Bash:
```shell script ```shell script
wget --no-check-certificate -q https://10.0.0.251:5000/api/agent/download/linux -O ./monkey-linux-64 || curl https://10.0.0.251:5000/api/agent/download/linux -k -o monkey-linux-64 wget --no-check-certificate -q https://10.0.0.251:5000/api/agent-binaries/linux -O ./monkey-linux-64 || curl https://10.0.0.251:5000/api/agent-binaries/linux -k -o monkey-linux-64
chmod +x ./monkey-linux-64 chmod +x ./monkey-linux-64
./monkey-linux-64 m0nk3y -s 10.0.0.251:5000 ./monkey-linux-64 m0nk3y -s 10.0.0.251:5000
``` ```

4
envs/os_compatibility/terraform/instances.tf
View File

@ -47,7 +47,7 @@ Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="userdata.txt" Content-Disposition: attachment; filename="userdata.txt"
#!/bin/bash #!/bin/bash
rm ./monkey-linux-64 rm ./monkey-linux-64
wget --no-check-certificate -q https://10.0.0.251:5000/api/agent/download/linux -O ./monkey-linux-64 || curl https://10.0.0.251:5000/api/agent/download/linux -k -o monkey-linux-64 wget --no-check-certificate -q https://10.0.0.251:5000/api/agent-binaries/linux -O ./monkey-linux-64 || curl https://10.0.0.251:5000/api/agent-binaries/linux -k -o monkey-linux-64
chmod +x ./monkey-linux-64 chmod +x ./monkey-linux-64
./monkey-linux-64 m0nk3y -s 10.0.0.251:5000 ./monkey-linux-64 m0nk3y -s 10.0.0.251:5000
--// --//
@ -68,7 +68,7 @@ add-type @"
"@ "@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction SilentlyContinue
Invoke-WebRequest -Uri 'https://10.0.0.251:5000/api/agent/download/windows' -OutFile 'C:\windows\temp\monkey-windows-64.exe' -UseBasicParsing Invoke-WebRequest -Uri 'https://10.0.0.251:5000/api/agent-binaries/windows' -OutFile 'C:\windows\temp\monkey-windows-64.exe' -UseBasicParsing
C:\windows\temp\monkey-windows-64.exe m0nk3y -s 10.0.0.251:5000 C:\windows\temp\monkey-windows-64.exe m0nk3y -s 10.0.0.251:5000
</powershell> </powershell>
<persist>true</persist> <persist>true</persist>

2
monkey/infection_monkey/exploit/caching_agent_repository.py
View File

@ -33,7 +33,7 @@ class CachingAgentRepository(IAgentRepository):
@lru_cache(maxsize=None) @lru_cache(maxsize=None)
def _download_binary_from_island(self, os: str) -> bytes: def _download_binary_from_island(self, os: str) -> bytes:
response = requests.get( # noqa: DUO123 response = requests.get( # noqa: DUO123
f"{self._island_url}/api/agent/download/{os}", f"{self._island_url}/api/agent-binaries/{os}",
verify=False, verify=False,
proxies=self._proxies, proxies=self._proxies,
timeout=MEDIUM_REQUEST_TIMEOUT, timeout=MEDIUM_REQUEST_TIMEOUT,

20
monkey/monkey_island/cc/resources/agent_binaries.py
View File

@ -20,14 +20,12 @@ class UnsupportedOSError(Exception):
class AgentBinaries(AbstractResource): class AgentBinaries(AbstractResource):
# API Spec: Rename to /api/agent-binaries, because information about agent runs urls = ["/api/agent-binaries/<string:os>"]
# and binary files are different resources
urls = ["/api/agent/download/<string:host_os>"]
# Used by monkey. can't secure. # Used by monkey. can't secure.
def get(self, host_os): def get(self, os):
try: try:
path = get_agent_executable_path(host_os) path = get_agent_executable_path(os)
return send_from_directory(path.parent, path.name) return send_from_directory(path.parent, path.name)
except UnsupportedOSError as ex: except UnsupportedOSError as ex:
logger.error(ex) logger.error(ex)
@ -51,19 +49,17 @@ class AgentBinaries(AbstractResource):
logger.debug(f"No monkey executable for {filepath}") logger.debug(f"No monkey executable for {filepath}")
def get_agent_executable_path(host_os: str) -> Path: def get_agent_executable_path(os: str) -> Path:
try: try:
agent_path = get_executable_full_path(AGENTS[host_os]) agent_path = get_executable_full_path(AGENTS[os])
logger.debug(f'Local path for {host_os} executable is "{agent_path}"') logger.debug(f'Local path for {os} executable is "{agent_path}"')
if not agent_path.is_file(): if not agent_path.is_file():
logger.error(f"File {agent_path} not found") logger.error(f"File {agent_path} not found")
return agent_path return agent_path
except KeyError: except KeyError:
logger.warning(f"No monkey executables could be found for the host os: {host_os}") logger.warning(f"No monkey executables could be found for the host os: {os}")
raise UnsupportedOSError( raise UnsupportedOSError(f'No Agents are available for unsupported operating system "{os}"')
f'No Agents are available for unsupported operating system "{host_os}"'
)
def get_executable_full_path(executable_filename: str) -> Path: def get_executable_full_path(executable_filename: str) -> Path:

4
monkey/monkey_island/cc/services/aws/aws_command_runner.py
View File

@ -60,7 +60,7 @@ def _get_run_agent_command(target_os: str, island_ip: str):
def _get_run_monkey_cmd_linux_line(island_ip): def _get_run_monkey_cmd_linux_line(island_ip):
binary_name = "monkey-linux-64" binary_name = "monkey-linux-64"
download_url = f"https://{island_ip}:5000/api/agent/download/linux" download_url = f"https://{island_ip}:5000/api/agent-binaries/linux"
download_cmd = f"wget --no-check-certificate {download_url} -O {binary_name}" download_cmd = f"wget --no-check-certificate {download_url} -O {binary_name}"
chmod_cmd = f"chmod +x {binary_name}" chmod_cmd = f"chmod +x {binary_name}"
@ -76,7 +76,7 @@ def _get_run_monkey_cmd_windows_line(island_ip):
"[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}" "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}"
) )
download_url = f"https://{island_ip}:5000/api/agent/download/windows" download_url = f"https://{island_ip}:5000/api/agent-binaries/windows"
download_cmd = ( download_cmd = (
f"(New-Object System.Net.WebClient).DownloadFile('{download_url}', '{agent_exe_path}')" f"(New-Object System.Net.WebClient).DownloadFile('{download_url}', '{agent_exe_path}')"
) )

2
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/commands/local_linux_curl.js
View File

@ -1,5 +1,5 @@
export default function generateLocalLinuxCurl(ip, username) { export default function generateLocalLinuxCurl(ip, username) {
let command = `curl https://${ip}:5000/api/agent/download/linux -k ` let command = `curl https://${ip}:5000/api/agent-binaries/linux -k `
+ `-o monkey-linux-64; ` + `-o monkey-linux-64; `
+ `chmod +x monkey-linux-64; ` + `chmod +x monkey-linux-64; `
+ `./monkey-linux-64 m0nk3y -s ${ip}:5000;`; + `./monkey-linux-64 m0nk3y -s ${ip}:5000;`;

2
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/commands/local_linux_wget.js
View File

@ -1,5 +1,5 @@
export default function generateLocalLinuxWget(ip, username) { export default function generateLocalLinuxWget(ip, username) {
let command = `wget --no-check-certificate https://${ip}:5000/api/agent/download/` let command = `wget --no-check-certificate https://${ip}:5000/api/agent-binaries/`
+ `linux -O ./monkey-linux-64; ` + `linux -O ./monkey-linux-64; `
+ `chmod +x monkey-linux-64; ` + `chmod +x monkey-linux-64; `
+ `./monkey-linux-64 m0nk3y -s ${ip}:5000`; + `./monkey-linux-64 m0nk3y -s ${ip}:5000`;

2
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/commands/local_windows_powershell.js
View File

@ -1,7 +1,7 @@
function getAgentDownloadCommand(ip) { function getAgentDownloadCommand(ip) {
return `$execCmd = @"\r\n` return `$execCmd = @"\r\n`
+ `[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {\`$true};` + `[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {\`$true};`
+ `(New-Object System.Net.WebClient).DownloadFile('https://${ip}:5000/api/agent/download/windows',` + `(New-Object System.Net.WebClient).DownloadFile('https://${ip}:5000/api/agent-binaries/windows',`
+ `"""$env:TEMP\\monkey.exe""");Start-Process -FilePath '$env:TEMP\\monkey.exe' -ArgumentList 'm0nk3y -s ${ip}:5000';` + `"""$env:TEMP\\monkey.exe""");Start-Process -FilePath '$env:TEMP\\monkey.exe' -ArgumentList 'm0nk3y -s ${ip}:5000';`
+ `\r\n"@; \r\n` + `\r\n"@; \r\n`
+ `Start-Process -FilePath powershell.exe -ArgumentList $execCmd`; + `Start-Process -FilePath powershell.exe -ArgumentList $execCmd`;