From 71328ea2b14148386306648515419829a6ed023c Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Wed, 9 Mar 2022 12:21:03 +0100
Subject: [PATCH] Agent, Island: User friendly log name
* Configurable log directories
* Random component to the log file
* 'infection-monkey-<monkey-arg>-<random-str>-<timestamp>.log'
---
monkey/infection_monkey/config.py | 8 ++---
monkey/infection_monkey/example.conf | 8 ++---
.../infection_monkey/utils/monkey_log_path.py | 29 ++++++++++++++---
.../cc/services/config_schema/internal.py | 32 +++++++++----------
.../monkey_configs/flat_config.json | 8 ++---
.../monkey_config_standard.json | 8 ++---
6 files changed, 57 insertions(+), 36 deletions(-)
diff --git a/monkey/infection_monkey/config.py b/monkey/infection_monkey/config.py
index 63c8c5c3b..60799e938 100644
--- a/monkey/infection_monkey/config.py
+++ b/monkey/infection_monkey/config.py
@@ -71,10 +71,10 @@ class Configuration(object):
# logging config
###########################
- dropper_log_path_windows = "%temp%\\~df1562.tmp"
- dropper_log_path_linux = "/tmp/user-1562"
- monkey_log_path_windows = "%temp%\\~df1563.tmp"
- monkey_log_path_linux = "/tmp/user-1563"
+ dropper_log_directory_linux = "/tmp/"
+ dropper_log_directory_windows = "%temp%\\"
+ monkey_log_directory_linux = "/tmp/"
+ monkey_log_directory_windows = "%temp%\\"
###########################
# dropper config
diff --git a/monkey/infection_monkey/example.conf b/monkey/infection_monkey/example.conf
index f370e5fdd..2aaafa728 100644
--- a/monkey/infection_monkey/example.conf
+++ b/monkey/infection_monkey/example.conf
@@ -16,8 +16,8 @@
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
"dropper_date_reference_path_linux": "/bin/sh",
- "dropper_log_path_windows": "%temp%\\~df1562.tmp",
- "dropper_log_path_linux": "/tmp/user-1562",
+ "dropper_log_directory_linux": "/tmp/",
+ "dropper_log_directory_windows": "%temp%\\",
"dropper_set_date": true,
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
"dropper_target_path_linux": "/tmp/monkey",
@@ -38,8 +38,8 @@
"MSSQLFingerprint",
"ElasticFinger"
],
- "monkey_log_path_windows": "%temp%\\~df1563.tmp",
- "monkey_log_path_linux": "/tmp/user-1563",
+ "monkey_log_directory_windows": "%temp%\\",
+ "monkey_log_directory_linux": "/tmp/",
"ping_scan_timeout": 10000,
"smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey",
diff --git a/monkey/infection_monkey/utils/monkey_log_path.py b/monkey/infection_monkey/utils/monkey_log_path.py
index 0b97f83b9..3c5e7e327 100644
--- a/monkey/infection_monkey/utils/monkey_log_path.py
+++ b/monkey/infection_monkey/utils/monkey_log_path.py
@@ -1,20 +1,41 @@
import os
+import string
import sys
+import time
+from random import SystemRandom
from infection_monkey.config import WormConfiguration
def get_monkey_log_path():
return (
- os.path.expandvars(WormConfiguration.monkey_log_path_windows)
+ os.path.expandvars(
+ _generate_random_log_filepath(WormConfiguration.monkey_log_directory_windows, "agent")
+ )
if sys.platform == "win32"
- else WormConfiguration.monkey_log_path_linux
+ else _generate_random_log_filepath(WormConfiguration.monkey_log_directory_linux, "agent")
)
def get_dropper_log_path():
return (
- os.path.expandvars(WormConfiguration.dropper_log_path_windows)
+ os.path.expandvars(
+ _generate_random_log_filepath(
+ WormConfiguration.dropper_log_directory_windows, "dropper"
+ )
+ )
if sys.platform == "win32"
- else WormConfiguration.dropper_log_path_linux
+ else _generate_random_log_filepath(WormConfiguration.dropper_log_directory_linux, "dropper")
)
+
+
+def _generate_random_log_filepath(log_directory: str, monkey_arg: str) -> str:
+ safe_random = SystemRandom()
+ random_string = "".join(
+ [safe_random.choice(string.ascii_lowercase + string.digits) for _ in range(8)]
+ )
+ prefix = f"infection-monkey-{monkey_arg}-"
+ suffix = f"-{time.strftime('%Y-%m-%d-%H-%M-%S', time.gmtime())}.log"
+ log_file_path = os.path.join(log_directory, prefix + random_string + suffix)
+
+ return log_file_path
diff --git a/monkey/monkey_island/cc/services/config_schema/internal.py b/monkey/monkey_island/cc/services/config_schema/internal.py
index 45b76dd23..c492d7904 100644
--- a/monkey/monkey_island/cc/services/config_schema/internal.py
+++ b/monkey/monkey_island/cc/services/config_schema/internal.py
@@ -188,29 +188,29 @@ INTERNAL = {
"title": "Logging",
"type": "object",
"properties": {
- "dropper_log_path_linux": {
- "title": "Dropper log file path on Linux",
+ "dropper_log_directory_linux": {
+ "title": "Dropper log directory path on Linux",
"type": "string",
- "default": "/tmp/user-1562",
- "description": "The fullpath of the dropper log file on Linux",
+ "default": "/tmp/",
+ "description": "The directory path of the dropper log file on Linux",
},
- "dropper_log_path_windows": {
- "title": "Dropper log file path on Windows",
+ "dropper_log_directory_windows": {
+ "title": "Dropper log directory path on Windows",
"type": "string",
- "default": "%temp%\\~df1562.tmp",
- "description": "The fullpath of the dropper log file on Windows",
+ "default": "%temp%\\",
+ "description": "The directory path of the dropper log file on Windows",
},
- "monkey_log_path_linux": {
- "title": "Monkey log file path on Linux",
+ "monkey_log_directory_linux": {
+ "title": "Monkey log directory path on Linux",
"type": "string",
- "default": "/tmp/user-1563",
- "description": "The fullpath of the monkey log file on Linux",
+ "default": "/tmp/",
+ "description": "The directory path of the monkey log file on Linux",
},
- "monkey_log_path_windows": {
- "title": "Monkey log file path on Windows",
+ "monkey_log_directory_windows": {
+ "title": "Monkey log directory path on Windows",
"type": "string",
- "default": "%temp%\\~df1563.tmp",
- "description": "The fullpath of the monkey log file on Windows",
+ "default": "%temp%\\",
+ "description": "The directory path of the monkey log file on Windows",
},
},
},
diff --git a/monkey/tests/data_for_tests/monkey_configs/flat_config.json b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
index fdac570f5..d7cc0734a 100644
--- a/monkey/tests/data_for_tests/monkey_configs/flat_config.json
+++ b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
@@ -23,8 +23,8 @@
"depth": 2,
"dropper_date_reference_path_linux": "/bin/sh",
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
- "dropper_log_path_linux": "/tmp/user-1562",
- "dropper_log_path_windows": "%temp%\\~df1562.tmp",
+ "dropper_log_directory_linux": "/tmp/",
+ "dropper_log_directory_windows": "%temp%\\",
"dropper_set_date": true,
"dropper_target_path_linux": "/tmp/monkey",
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
@@ -71,8 +71,8 @@
"keep_tunnel_open_time": 60,
"local_network_scan": true,
"max_depth": null,
- "monkey_log_path_linux": "/tmp/user-1563",
- "monkey_log_path_windows": "%temp%\\~df1563.tmp",
+ "monkey_log_directory_linux": "/tmp/",
+ "monkey_log_directory_windows": "%temp%\\",
"ping_scan_timeout": 1000,
"post_breach_actions": [
"CommunicateAsBackdoorUser",
diff --git a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
index 9891fef0c..447a775b6 100644
--- a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
+++ b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
@@ -107,10 +107,10 @@
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe"
},
"logging": {
- "dropper_log_path_linux": "/tmp/user-1562",
- "dropper_log_path_windows": "%temp%\\~df1562.tmp",
- "monkey_log_path_linux": "/tmp/user-1563",
- "monkey_log_path_windows": "%temp%\\~df1563.tmp"
+ "dropper_log_directory_linux": "/tmp/",
+ "dropper_log_directory_windows": "%temp%\\",
+ "monkey_log_directory_linux": "/tmp/",
+ "monkey_log_directory_windows": "%temp%\\"
},
"exploits": {
"exploit_lm_hash_list": [],