p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Added advanced selector component to all config definitions, refactored it in a way that allows to define all advanced selector properties on config_schema.py

This commit is contained in:
VakarisZ 2020-07-20 15:10:57 +03:00
parent 6a824efab3
commit fb9428b8a3
5 changed files with 67 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
monkey/monkey_island/cc/services/config_schema.py
View File

@ -9,6 +9,7 @@ SCHEMA = {
"definitions": { "definitions": {
"exploiter_classes": { "exploiter_classes": {
"title": "Exploit class", "title": "Exploit class",
"description": "Click on exploiter to get more information about it.",
"type": "string", "type": "string",
"anyOf": [ "anyOf": [
{ {
@ -70,7 +71,8 @@ SCHEMA = {
"ShellShockExploiter" "ShellShockExploiter"
], ],
"title": "ShellShock Exploiter", "title": "ShellShock Exploiter",
"info": "CVE-2014-6271, based on logic in NCC group's github.", "info": "CVE-2014-6271, based on logic from "
"https://github.com/nccgroup/shocker/blob/master/shocker.py .",
"link": "https://github.com/guardicore/monkey/wiki/Exploiters" "link": "https://github.com/guardicore/monkey/wiki/Exploiters"
}, },
{ {
@ -97,7 +99,8 @@ SCHEMA = {
"Struts2Exploiter" "Struts2Exploiter"
], ],
"title": "Struts2 Exploiter", "title": "Struts2 Exploiter",
"info": "Exploits struts2 java web framework. CVE-2017-5638. Logic based on this PoC.", "info": "Exploits struts2 java web framework. CVE-2017-5638. Logic based on "
"https://www.exploit-db.com/exploits/41570 .",
"link": "https://github.com/guardicore/monkey/wiki/Exploiters" "link": "https://github.com/guardicore/monkey/wiki/Exploiters"
}, },
{ {
@ -133,6 +136,7 @@ SCHEMA = {
}, },
"system_info_collectors_classes": { "system_info_collectors_classes": {
"title": "System Information Collectors", "title": "System Information Collectors",
"description": "Click on a system info collector to find out what it collects.",
"type": "string", "type": "string",
"anyOf": [ "anyOf": [
{ {
@ -140,7 +144,8 @@ SCHEMA = {
"enum": [ "enum": [
ENVIRONMENT_COLLECTOR ENVIRONMENT_COLLECTOR
], ],
"title": "Collect which environment this machine is on (on prem/cloud)", "title": "Environment collector",
"info": "Collects information about machine's environment (on premise/GCP/AWS).",
"attack_techniques": [] "attack_techniques": []
}, },
{ {
@ -148,7 +153,8 @@ SCHEMA = {
"enum": [ "enum": [
AWS_COLLECTOR AWS_COLLECTOR
], ],
"title": "If on AWS, collect more information about the instance", "title": "AWS collector",
"info": "If on AWS, collects more information about the AWS instance currently running on.",
"attack_techniques": [] "attack_techniques": []
}, },
{ {
@ -156,7 +162,8 @@ SCHEMA = {
"enum": [ "enum": [
HOSTNAME_COLLECTOR HOSTNAME_COLLECTOR
], ],
"title": "Collect the machine's hostname", "title": "Hostname collector",
"info": "Collects machine's hostname.",
"attack_techniques": [] "attack_techniques": []
}, },
{ {
@ -164,13 +171,16 @@ SCHEMA = {
"enum": [ "enum": [
PROCESS_LIST_COLLECTOR PROCESS_LIST_COLLECTOR
], ],
"title": "Collect running processes on the machine", "title": "Process list collector",
"info": "Collects a list of running processes on the machine.",
"attack_techniques": [] "attack_techniques": []
}, },
], ],
}, },
"post_breach_actions": { "post_breach_actions": {
"title": "Post breach actions", "title": "Post breach actions",
"description": "Runs scripts/commands on infected machines. These actions safely simulate what an adversary"
"might do after breaching a new machine. Used in ATT&CK and Zero trust reports.",
"type": "string", "type": "string",
"anyOf": [ "anyOf": [
{ {
@ -179,6 +189,7 @@ SCHEMA = {
"BackdoorUser" "BackdoorUser"
], ],
"title": "Back door user", "title": "Back door user",
"info": "Attempts to create a new user on the system and delete it afterwards.",
"attack_techniques": ["T1136"] "attack_techniques": ["T1136"]
}, },
{ {
@ -187,6 +198,8 @@ SCHEMA = {
"CommunicateAsNewUser" "CommunicateAsNewUser"
], ],
"title": "Communicate as new user", "title": "Communicate as new user",
"info": "Attempts to create a new user, create HTTPS requests as that user and delete the user "
"afterwards.",
"attack_techniques": ["T1136"] "attack_techniques": ["T1136"]
}, },
{ {
@ -195,6 +208,8 @@ SCHEMA = {
"ModifyShellStartupFiles" "ModifyShellStartupFiles"
], ],
"title": "Modify shell startup files", "title": "Modify shell startup files",
"info": "Attempts to modify shell startup files, like ~/.profile, ~/.bashrc, ~/.bash_profile "
"in linux, and profile.ps1 in windows. Reverts modifications done afterwards.",
"attack_techniques": ["T1156", "T1504"] "attack_techniques": ["T1156", "T1504"]
}, },
{ {
@ -203,12 +218,15 @@ SCHEMA = {
"HiddenFiles" "HiddenFiles"
], ],
"title": "Hidden files and directories", "title": "Hidden files and directories",
"info": "Attempts to create a hidden file and remove it afterward.",
"attack_techniques": ["T1158"] "attack_techniques": ["T1158"]
} }
], ],
}, },
"finger_classes": { "finger_classes": {
"title": "Fingerprint class", "title": "Fingerprint class",
"description": "Fingerprint modules collect info about external services "
"Infection Monkey scans.",
"type": "string", "type": "string",
"anyOf": [ "anyOf": [
{ {
@ -217,6 +235,7 @@ SCHEMA = {
"SMBFinger" "SMBFinger"
], ],
"title": "SMBFinger", "title": "SMBFinger",
"info": "Figures out if SMB is running and what's the version of it.",
"attack_techniques": ["T1210"] "attack_techniques": ["T1210"]
}, },
{ {
@ -225,6 +244,7 @@ SCHEMA = {
"SSHFinger" "SSHFinger"
], ],
"title": "SSHFinger", "title": "SSHFinger",
"info": "Figures out if SSH is running.",
"attack_techniques": ["T1210"] "attack_techniques": ["T1210"]
}, },
{ {
@ -232,14 +252,16 @@ SCHEMA = {
"enum": [ "enum": [
"PingScanner" "PingScanner"
], ],
"title": "PingScanner" "title": "PingScanner",
"info": "Tries to identify if host is alive and which OS it's running by ping scan."
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"HTTPFinger" "HTTPFinger"
], ],
"title": "HTTPFinger" "title": "HTTPFinger",
"info": "Checks if host has HTTP/HTTPS ports open."
}, },
{ {
"type": "string", "type": "string",
@ -247,6 +269,7 @@ SCHEMA = {
"MySQLFinger" "MySQLFinger"
], ],
"title": "MySQLFinger", "title": "MySQLFinger",
"info": "Checks if MySQL server is running and tries to get it's version.",
"attack_techniques": ["T1210"] "attack_techniques": ["T1210"]
}, },
{ {
@ -255,6 +278,7 @@ SCHEMA = {
"MSSQLFinger" "MSSQLFinger"
], ],
"title": "MSSQLFinger", "title": "MSSQLFinger",
"info": "Checks if Microsoft SQL service is running and tries to gather information about it.",
"attack_techniques": ["T1210"] "attack_techniques": ["T1210"]
}, },
@ -264,6 +288,7 @@ SCHEMA = {
"ElasticFinger" "ElasticFinger"
], ],
"title": "ElasticFinger", "title": "ElasticFinger",
"info": "Checks if ElasticSearch is running and attempts to find it's version.",
"attack_techniques": ["T1210"] "attack_techniques": ["T1210"]
} }
] ]

23
monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
View File

@ -9,6 +9,11 @@ export default function UiSchema(props) {
}, },
basic_network: {}, basic_network: {},
monkey: { monkey: {
general: {
post_breach_actions: {
'ui:widget': AdvancedMultiSelect
}
},
behaviour: { behaviour: {
custom_PBA_linux_cmd: { custom_PBA_linux_cmd: {
'ui:widget': 'textarea', 'ui:widget': 'textarea',
@ -42,6 +47,11 @@ export default function UiSchema(props) {
classNames: 'windows-pba-file-info', classNames: 'windows-pba-file-info',
'ui:emptyValue': '' 'ui:emptyValue': ''
} }
},
system_info: {
system_info_collectors_classes: {
'ui:widget': AdvancedMultiSelect
}
} }
}, },
cnc: {}, cnc: {},
@ -49,19 +59,18 @@ export default function UiSchema(props) {
exploits: { exploits: {
general: { general: {
exploiter_classes: { exploiter_classes: {
'ui:widget': AdvancedMultiSelect, 'ui:widget': AdvancedMultiSelect
'ui:options': {
defaultPaneParams: {
title: 'Exploiters',
content: 'Click on exploiter to get more information about it.'
}
}
} }
} }
}, },
internal: { internal: {
general: { general: {
started_on_island: {'ui:widget': 'hidden'} started_on_island: {'ui:widget': 'hidden'}
},
classes: {
finger_classes: {
'ui:widget': AdvancedMultiSelect
}
} }
} }
} }

17
monkey/monkey_island/cc/ui/src/components/ui-components/AdvancedMultiSelect.js
View File

@ -32,9 +32,12 @@ function onMasterCheckboxClick(checkboxValue, defaultArray, onChangeFnc) {
// Definitions passed to components only contains value and label, // Definitions passed to components only contains value and label,
// custom fields like "info" or "links" must be pulled from registry object using this function // custom fields like "info" or "links" must be pulled from registry object using this function
function getFullDefinitionsFromRegistry(refString, registry) { function getFullDefinitionsFromRegistry(refString, registry) {
return getObjectFromRegistryByRef(refString, registry).anyOf;
}
function getObjectFromRegistryByRef(refString, registry) {
let refArray = refString.replace('#', '').split('/'); let refArray = refString.replace('#', '').split('/');
let definitionObject = resolveObjectPath(refArray, registry); return resolveObjectPath(refArray, registry);
return definitionObject.anyOf;
} }
function getFullDefinitionByKey(refString, registry, itemKey) { function getFullDefinitionByKey(refString, registry, itemKey) {
@ -47,6 +50,11 @@ function setPaneInfo(refString, registry, itemKey, setPaneInfoFnc) {
setPaneInfoFnc({title: definitionObj.title, content: definitionObj.info, link: definitionObj.link}); setPaneInfoFnc({title: definitionObj.title, content: definitionObj.info, link: definitionObj.link});
} }
function getDefaultPaneParams(refString, registry){
let configSection = getObjectFromRegistryByRef(refString, registry);
return ({title: configSection.title, content: configSection.description});
}
function AdvancedMultiSelect(props) { function AdvancedMultiSelect(props) {
const [masterCheckbox, setMasterCheckbox] = useState(true); const [masterCheckbox, setMasterCheckbox] = useState(true);
const { const {
@ -62,8 +70,9 @@ function AdvancedMultiSelect(props) {
onChange, onChange,
registry registry
} = props; } = props;
const {enumOptions, defaultPaneParams} = options; const {enumOptions} = options;
const [infoPaneParams, setInfoPaneParams] = useState(defaultPaneParams); const [infoPaneParams, setInfoPaneParams] = useState(getDefaultPaneParams(schema.items.$ref, registry));
getDefaultPaneParams(schema.items.$ref, registry);
const selectValue = cloneDeep(value); const selectValue = cloneDeep(value);
return ( return (
<div className={'advanced-multi-select'}> <div className={'advanced-multi-select'}>

10
monkey/monkey_island/cc/ui/src/components/ui-components/utils/HeightCalculator.js
View File

@ -1,16 +1,14 @@
const defaultMinHeight = 50 const defaultMinHeight = 25
const defaultMaxHeight = 300 const defaultMaxHeight = 250
const defaultSubcomponentHeight = 15 const defaultSubcomponentHeight = 25
export function getComponentHeight(subcomponentCount, export function getComponentHeight(subcomponentCount,
subcomponentHeight = defaultSubcomponentHeight, subcomponentHeight = defaultSubcomponentHeight,
minHeight = defaultMinHeight, minHeight = defaultMinHeight,
maxHeight = defaultMaxHeight) { maxHeight = defaultMaxHeight) {
let height = subcomponentHeight * subcomponentCount; let height = defaultMinHeight + (subcomponentHeight*subcomponentCount);
if (height > maxHeight) if (height > maxHeight)
height = maxHeight height = maxHeight
else if (height < minHeight)
height = minHeight
return height return height
} }

2
monkey/monkey_island/cc/ui/src/styles/components/AdvancedMultiSelect.scss
View File

@ -38,7 +38,7 @@
} }
.advanced-multi-select .choice-block .form-group button { .advanced-multi-select .choice-block .form-group button {
margin: 0 5px 3px 10px; margin: 0 3px 3px 12px;
padding: 0; padding: 0;
} }