Commit Graph

250 Commits

Author SHA1 Message Date
Mike Salvatore c34a303628 BB: Limit scanned ports for SMB PTH test 2021-08-04 13:54:17 -04:00
Mike Salvatore 8d992f41d3 BB: Update config_values with smb_pth settings 2021-08-04 13:54:17 -04:00
Mike Salvatore e946b547c7 BB: Limit scanned ports for WMI PTH test 2021-08-04 13:54:13 -04:00
Mike Salvatore 0c23568756 BB: Limit scanned ports for zerologon test 2021-08-04 13:31:39 -04:00
Mike Salvatore 4d9162d168 BB: Limit scanned ports for weblogic test 2021-08-04 13:28:46 -04:00
Mike Salvatore 5143d03915 BB: Fix "Strtuts2" typo 2021-08-04 13:15:49 -04:00
Mike Salvatore 472c54814a BB: Limit scanned ports for struts exploiter 2021-08-04 13:15:24 -04:00
Mike Salvatore efd512cbad BB: Limit scanned ports for wmi and mimikatz 2021-08-04 12:57:08 -04:00
Mike Salvatore 833ebf9fd0 BB: Limit scanned ports for smb and mimikatz 2021-08-04 12:56:42 -04:00
Mike Salvatore 3136921beb BB: Limit scanned ports for hadoop test 2021-08-04 12:36:23 -04:00
Ilija Lazoroski 862a64b303 BB: Improve Drupal performance 2021-08-04 15:45:02 +02:00
Mike Salvatore f58c9354fc BB: Limit scanned ports for mssql test 2021-08-04 09:59:23 -04:00
Mike Salvatore e36cd72a70 BB: Limit scanned ports for elastic test 2021-08-04 09:30:54 -04:00
Ilija Lazoroski 7ccec16d69 BB: Improve shellshock and ssh. 2021-08-04 13:49:22 +02:00
Mike Salvatore 8ae0d5720b BB: Add utility scripts to start and stop all GCP machines 2021-08-02 07:10:50 -04:00
Mike Salvatore 275dbeccdd BB: Move GCP_TEST_MACHINE_LIST to its own file
Allows the GCP_TEST_MACHINE_LIST to be reused by other utility scripts
2021-08-02 07:09:37 -04:00
VakarisZ 568a97e5a5 BB performance tests: update the outdated README.md and other small improvements 2021-07-31 19:40:19 -04:00
Ilija Lazoroski cf0da5dc7d BB: Change internet services default config. 2021-07-30 06:17:46 -04:00
Mike Salvatore abe8fc268b Tests: Fix flakey elastic blackbox test
Fixes #1117
2021-07-21 08:39:24 -04:00
Mike Salvatore 61c3efdf83 Tests: Speed up blackbox tests by 1 minute each
The "keep_tunnel_open_time" option adds an unnecessary 60 second delay
to each test (except the tunneling test, where it is necessary). By
setting the time to 0, each test now runs 60 seconds faster.
2021-07-21 08:23:02 -04:00
VakarisZ 49e63fcf1b Improve exception message, thrown when trying to establish connection to island in BB tests 2021-05-21 08:41:28 +03:00
VakarisZ af049b468b BB tests: removed island connectivity test. Now the connection is tested in fixture and if anything goes wrong tests are not launched 2021-05-20 16:47:00 +03:00
VakarisZ 488143b1d3 BB tests: added the ability for BB tests to "register". If they need registration to run monkeys, BB tests selects passwordless option 2021-05-20 16:47:00 +03:00
VakarisZ b79ef1680c
Update envs/monkey_zoo/blackbox/README.md
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
2021-05-17 14:39:30 +03:00
VakarisZ 2e2fd0a53c Changed blackbox tests to fail and stop if they can't connect to the island. 2021-05-13 09:15:33 +03:00
VakarisZ fbbce0cd99 Small improvements in readme of blackbox tests. 2021-05-13 09:14:50 +03:00
VakarisZ 45f2702403 Reverted back to fetching file directory first when resolving GCP keys. This is to make gcp key file relative to utils directory, not the current file. This will make it less confusing, because people usually navigate directories, not files. 2021-05-12 16:58:46 +03:00
VakarisZ 7a03a9504d Removed the `relative_key_path` parameter from GCPHandler class because it's unused and has a misleading name. 2021-05-12 16:33:52 +03:00
VakarisZ c45de9dae7 Improved readability of gcp_machine_handlers.py 2021-05-12 10:41:52 +03:00
VakarisZ e76d53a2a8 BlackBox test fixes: improved the mechanism of locating gcp keys and improved error handling if tests can't connect to gcp 2021-05-11 10:44:02 +03:00
Mike Salvatore 5b75dc524a zoo: Send password (not hash) to authenticate with Island
This step was missed in merge e609094a.
2021-05-06 21:39:50 -04:00
VakarisZ 5f9672c4c4 Changed --no-performance-tests to --run-performance-tests for convenience (skipping performance tests by default) and documented changes in CHANGELOG.md 2021-04-30 09:41:20 +03:00
VakarisZ 9a169629bf Added an option to skip performance during blackbox tests 2021-04-30 09:41:20 +03:00
Shreya 294e8fe56a Fix DU0116 warnings in blackbox tests
by ignoring them
2021-04-28 10:47:28 -04:00
Shreya c0fdc9561f Fix DUO123 warnings 2021-04-28 10:46:41 -04:00
Mike Salvatore 7a1588152d zoo: remove requirements.txt 2021-04-22 09:50:30 -04:00
VakarisZ 84ed067f28 Fixed gitignores to exclude some irrelevant files 2021-04-09 14:54:02 +03:00
Mike Salvatore 39843527ae zoo: Remove unused import from zerologon_analyzer.py 2021-04-07 13:51:47 -04:00
Mike Salvatore c9d64ea40c zoo: resolve E501 flake8 warnings in monkey zoo 2021-04-07 13:47:50 -04:00
Mike Salvatore 4466ff44cf Run black to resolve E261 warnings 2021-04-07 13:40:01 -04:00
VakarisZ 03bcfc97af All E501 errors fixed, but formatting screwed up 2021-04-07 13:40:01 -04:00
Mike Salvatore f85e6fc7d0 Sort all imports using isort 5.8.0 2021-04-06 18:01:59 -04:00
Mike Salvatore c40f7bf6c9 Reformat all python with black v20.8b1 2021-04-06 09:20:18 -04:00
VakarisZ e8c03f9bc4 Fixed tunneling test configuration template 2021-03-19 16:53:31 +02:00
VakarisZ 6a7d08c93e Improved README.md of config file generation script 2021-03-09 14:51:56 +02:00
VakarisZ 92d9226edf Bugfixed a couple of config templates. 2021-03-09 14:51:35 +02:00
VakarisZ a4aee364b4 Ran black on config generation script 2021-03-09 10:23:35 +02:00
VakarisZ c234891330 Minor fixes in config file generation script: added island IP param in docs and added Drupal to configs 2021-03-08 17:27:57 +02:00
VakarisZ 6a6dd67113 Refactored config templates to inherit from ConfigTemplate class instead of BaseTemplate 2021-03-08 17:21:59 +02:00
VakarisZ 5f41ce54c6 Added config file generation script, which can generate config files from config templates. 2021-03-08 17:20:32 +02:00
VakarisZ b65524a85d Refactored "island_configs" dir to "config_templates" dir in blackbox 2021-03-08 17:20:21 +02:00
Mike Salvatore 551928369a zoo: update command to run blackbox tests
Commit 3f687f6ae introduced a dependency on `common/`. Update the
instructions in blackbox/README.md to reflect this change.
2021-03-08 09:47:16 -05:00
Mike Salvatore 34b0830c77 zoo: add drupal exploiter blackbox test 2021-03-08 09:42:48 -05:00
Mike Salvatore 3164ae77c4 zoo: add drupal-28 to teraform scrips 2021-03-08 08:54:45 -05:00
Mike Salvatore 0fb0c58fd4 zoo: add missing port number in blackbox/README.md 2021-03-08 08:54:15 -05:00
VakarisZ f43d9fe035 ZL BB tests: Renamed "ZeroLogon" to "Zerologon" for cinsistency, extracted relevant credential extortion from island config into a separate method. 2021-03-08 13:58:11 +02:00
VakarisZ 70ec513f51 Added logging to the ZeroLogon analyzer 2021-03-08 13:10:14 +02:00
VakarisZ b43f669081 Bugfix: removed unneeded exploitation test run in ZeroLogon BB test 2021-03-08 12:35:31 +02:00
VakarisZ 44f6ce36b6 Fixed credentials in zerologon exploiter to match. 2021-03-08 12:05:00 +02:00
VakarisZ 263fa53ea5 Added an endpoint on the island for telemetry tests. This allows for tests like blackbox tests to send queries and check whether a certain telemetry is in the database or not 2021-03-08 11:13:31 +02:00
VakarisZ f6b0682297 Added ZeroLogon test to the BlackBox infrastructure. 2021-03-08 11:07:24 +02:00
VakarisZ 3848dbeb32 Fixed a bug in configuration generation for BB tests. Bug was related to incorrect references 2021-03-05 10:50:55 +02:00
VakarisZ 5837240107 Refactored tests to use the new configuration parser 2021-03-02 15:23:27 +02:00
VakarisZ aaab827e32 Refactored configuration parser to pull configs, apply template and submit them instead of loading configs from file. 2021-03-02 15:23:27 +02:00
VakarisZ 8ca72bbf31 Simplified test configuration templates even more and removed old and outdated configuration files 2021-03-02 15:23:23 +02:00
VakarisZ edc8fff0a7 Extracted relevant config parameters for each BB test and made templates from those 2021-03-02 15:20:17 +02:00
VakarisZ ade2917ba3 Merge remote-tracking branch 'upstream/develop' into 519/scoutsuite-integration
# Conflicts:
#	.swm/OwcKMnALpn7tuBaJY1US.swm
#	.swm/tbxb2cGgUiJQ8Btma0fp.swm
#	.travis.yml
#	deployment_scripts/config
#	monkey/common/utils/exceptions.py
#	monkey/infection_monkey/control.py
#	monkey/infection_monkey/exploit/hadoop.py
#	monkey/monkey_island/cc/environment/set_server_config.py
#	monkey/monkey_island/cc/resources/pba_file_upload.py
#	monkey/monkey_island/cc/services/version_update.py
#	monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/RunOptions.js
#	monkey/monkey_island/cc/ui/src/styles/Main.scss
#	monkey/monkey_island/cc/ui/src/styles/components/Buttons.scss
2021-01-28 16:13:26 +02:00
Mike Salvatore 0bae2b922d monkey_zoo: minor fixes to monkey_zoo docs 2021-01-19 15:30:48 -05:00
VakarisZ d8ee740750 Added zero logon to monkeyzoo 2020-11-05 23:40:48 +05:30
VakarisZ abe20c6a3a Once again fixed isort bug in travis and fixed some imports 2020-10-07 10:32:33 +03:00
VakarisZ 6eab147ae1 Merge remote-tracking branch 'upstream/develop' into run_page_ui_improvements
# Conflicts:
#	monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
#	monkey/monkey_island/cc/ui/src/styles/Main.scss
2020-09-18 15:43:23 +03:00
Shay Nehmad 910e8355f9 Fix or noqa some python linter errors
Also, replace os.path with Path
2020-08-31 14:13:56 +03:00
VakarisZ 0471229b13 Small os_compat readme improvement: added default debian login info 2020-08-31 10:36:47 +03:00
VakarisZ 31b875aacc Fixed PTH credentials BB island configs 2020-08-03 15:22:19 +03:00
VakarisZ 31b2800ece Fixed BB test configs - fixed internal/network and internal/exploits 2020-08-03 12:23:17 +03:00
VakarisZ c59be36909 Fixed elastic test config for BB tests 2020-07-31 11:54:12 +03:00
VakarisZ 444ce91f2b Fixed more BB island config problems 2020-07-30 17:24:38 +03:00
VakarisZ f71e6630bc Bugfixed SSH configuration and island_config_parser.py 2020-07-30 15:56:49 +03:00
VakarisZ b996b6e2e8 Updated all configs used in BB tests 2020-07-30 15:48:17 +03:00
VakarisZ d9ed06d765 BB quickfixes: fixed island client authentication bug ("JWT" -> "bearer" in auth header), improved readme a bit. 2020-07-30 12:41:25 +03:00
Shay Nehmad 9846477bea Change to isort from flake8-import-order
fix issues in envs/ as well
2020-07-15 18:46:04 +03:00
VakarisZ 30fde6deb3 Changed testing documentation that relates to password protection 2020-06-23 12:24:02 +03:00
VakarisZ 39231abbab Skip performance tests that actually run monkeys by default 2020-06-15 11:26:43 +03:00
VakarisZ ffda4e858c
Merge pull request #664 from guardicore/feature/smb_vulnerable_port_fix
SMB vulnerable port fix
2020-05-26 14:33:00 +03:00
Shay Nehmad 2cf9c9c0fe Fix minor linter issues 2020-05-24 13:55:11 +03:00
VakarisZ 9864720fb5 Get node label performance improvement and small BB test changes 2020-05-22 21:22:29 +03:00
VakarisZ 87e50d37f1 Small fixes: island reset added to telemetry performance test, fixed a bug on report generation test 2020-05-14 10:55:59 +03:00
VakarisZ 991cbec7ff Added cmd options to disable interaction with GCP and run quick performance tests. 2020-05-13 10:44:04 +03:00
VakarisZ 3d97cb3b61 Merge branch 'zt_performance_fixes' into security_performance_fixes
# Conflicts:
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
2020-05-12 17:44:24 +03:00
VakarisZ 9b350b8bf5 Minor fixes and improvements 2020-05-11 17:58:58 +03:00
VakarisZ 7663615a4f Merge branch 'monkey_telemetry_fabrication' into zt_performance_fixes 2020-05-11 17:01:18 +03:00
VakarisZ 67b7d0b769 Improved telemetry fabrication logging and failing if telemetry folders don't exist 2020-05-11 16:56:05 +03:00
VakarisZ 08f46a8ac9 Merge branch 'monkey_telemetry_fabrication' into zt_performance_fixes
# Conflicts:
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
2020-05-11 16:42:53 +03:00
VakarisZ e189e96259 Improved the dir structure of telem parsing, other minor CR comments fixed 2020-05-11 16:32:18 +03:00
VakarisZ f94098aca6 Merge remote-tracking branch 'upstream/develop' into security_performance_fixes
# Conflicts:
#	envs/monkey_zoo/blackbox/island_client/monkey_island_client.py
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
2020-05-11 10:10:27 +03:00
VakarisZ 73832bd0cb Updated PERFORMANCE.conf to include all machines and a lot of segmentation tests 2020-05-07 17:12:48 +03:00
VakarisZ a98b348d24 Merge remote-tracking branch 'upstream/develop' into monkey_telemetry_fabrication
# Conflicts:
#	envs/monkey_zoo/blackbox/island_client/monkey_island_client.py
#	envs/monkey_zoo/blackbox/test_blackbox.py
2020-05-07 12:15:43 +03:00
VakarisZ 9aff40d974 Fake IP's don't get out of range, fixed typo in requirements and added logging to telem parsing 2020-05-07 11:20:08 +03:00
Ace Pace 4c27ea4f7b Fix a few more. Re set the number of flake warnings to be higher :( 2020-05-05 23:47:41 +03:00
VakarisZ f73beac3a7 Implemented map/report generation tests which are based on telemetries rather than real exploitation 2020-04-30 16:12:58 +03:00