From c4f34939ec27ab0609da894a8fef118327896787 Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Thu, 30 Jun 2022 22:45:41 +0200
Subject: [PATCH] UI: Add exploiter classes to the json schema
---
.../services/configuration/config_schema.js | 5 +
.../configuration/definitions/exploitation.js | 59 +++++-----
.../definitions/exploiter_classes.js | 103 ++++++++++++++++++
3 files changed, 142 insertions(+), 25 deletions(-)
create mode 100644 monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
diff --git a/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js b/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
index dc73e9d8b..a2292ab57 100644
--- a/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/config_schema.js
@@ -1,10 +1,15 @@
import {customPBAConfigurationSchema} from './definitions/custom_pbas.js';
import {pluginConfigurationSchema} from './definitions/plugins.js';
import {propagationConfigurationSchema} from './definitions/propagation.js';
+import {bruteForceExploiters, vulnerabilityExploiters} from './definitions/exploiter_classes.js';
export const SCHEMA = {
'title': 'Monkey',
'type': 'object',
+ 'definitions': {
+ 'brute_force_classes': bruteForceExploiters,
+ 'vulnerability_classes': vulnerabilityExploiters
+ },
'properties': {
'propagation': propagationConfigurationSchema,
'post_breach_actions': {
diff --git a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
index 08cc926bc..d499f6280 100644
--- a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploitation.js
@@ -1,37 +1,46 @@
import {exploitationOptionsConfigurationSchema} from './exploitation_options.js';
-import {pluginConfigurationSchema} from './plugins.js';
export const exploitationConfigurationSchema = {
+ 'title': 'Exploiters',
'type': 'object',
+ 'description': 'Choose which exploiters the Monkey will attempt.',
'properties': {
'brute_force': {
- 'title': 'Brute force exploiters',
- 'type': 'string',
- 'anyOf': [
- {
- 'type': 'string',
- 'enum': ['SmbExploiter'],
- 'info': 'bla',
- 'link': 'link'
- },
- {
- 'type': 'string',
- 'enum': ['SmbExploiter'],
- 'info': 'bla',
- 'link': 'link'
+ 'title': 'Brute force exploiter',
+ 'type': 'object',
+ 'properties': {
+ 'brute_force_classes': {
+ 'type': 'array',
+ 'uniqueItems': true,
+ 'items': {
+ '$ref': '#/definitions/brute_force_classes'
+ },
+ 'default' : [
+ 'SmbExploiter',
+ 'WmiExploiter',
+ 'SSHExploiter',
+ 'MSSQLExploiter'
+ ]
}
-
- ]
+ }
},
'vulnerability': {
- 'title': 'Vulnerability exploiters',
- 'type': 'string',
- 'items': pluginConfigurationSchema,
- 'default': [
- {'name': 'Log4ShellExploiter', 'safe': true, 'options': {}},
- {'name': 'HadoopExploiter', 'safe': true, 'options': {}}
- ]
+ 'title': 'Vulnerability Exploiters',
+ 'type': 'object',
+ 'properties': {
+ 'vulnerability_classes': {
+ 'type': 'array',
+ 'uniqueItems': true,
+ 'items': {
+ '$ref': '#/definitions/vulnerability_classes'
+ },
+ 'default' : [
+ 'Log4ShellExploiter',
+ 'HadoopExploiter'
+]
+ }
+ }
},
'options': exploitationOptionsConfigurationSchema
}
-}
+};
diff --git a/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
new file mode 100644
index 000000000..27aa7a4e9
--- /dev/null
+++ b/monkey/monkey_island/cc/ui/src/services/configuration/definitions/exploiter_classes.js
@@ -0,0 +1,103 @@
+export const bruteForceExploiters = {
+ 'title': 'Brute force exploiters',
+ 'description': 'Click on exploiter to get more information about it.'
+ + '\u26A0'
+ + ' Note that using unsafe exploits may cause crashes of the exploited ' +
+ 'machine/service.',
+ 'type': 'string',
+ 'anyOf': [
+ {
+ 'type': 'string',
+ 'enum': ['SmbExploiter'],
+ 'title': 'SMB Exploiter',
+ 'safe': true,
+ 'attack_techniques': ['T1110', 'T1075', 'T1035'],
+ 'info': 'Brute forces using credentials provided by user and' +
+ ' hashes gathered by mimikatz.',
+ 'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+ '/exploiters/smbexec/'
+ },
+ {
+ 'type': 'string',
+ 'enum': ['WmiExploiter'],
+ 'title': 'WMI Exploiter',
+ 'safe': true,
+ 'attack_techniques': ['T1110', 'T1106'],
+ 'info': 'Brute forces WMI (Windows Management Instrumentation) ' +
+ 'using credentials provided by user and hashes gathered by ' +
+ 'mimikatz.',
+ 'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+ '/exploiters/wmiexec/'
+ },
+ {
+ 'type': 'string',
+ 'enum': ['MSSQLExploiter'],
+ 'title': 'MSSQL Exploiter',
+ 'safe': true,
+ 'attack_techniques': ['T1110'],
+ 'info': 'Tries to brute force into MsSQL server and uses insecure ' +
+ 'configuration to execute commands on server.',
+ 'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+ '/exploiters/mssql/'
+ },
+ {
+ 'type': 'string',
+ 'enum': ['SSHExploiter'],
+ 'title': 'SSH Exploiter',
+ 'safe': true,
+ 'attack_techniques': ['T1110', 'T1145', 'T1106'],
+ 'info': 'Brute forces using credentials provided by user and SSH keys ' +
+ 'gathered from systems.',
+ 'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+ '/exploiters/sshexec/'
+ }
+ ]
+}
+
+export const vulnerabilityExploiters = {
+ 'title': 'Vulnerability exploiters',
+ 'description': 'Click on exploiter to get more information about it.' +
+ '\u26A0 Note that using unsafe exploits may cause craches of the exploited ' +
+ 'machine/service.',
+ 'type': 'string',
+ 'anyOf': [
+ {
+ 'type': 'string',
+ 'enum': ['ZerologonExploiter'],
+ 'title': 'Zerologon Exploiter',
+ 'safe': false,
+ 'info': 'Exploits a privilege escalation vulnerability (CVE-2020-1472) in a Windows ' +
+ 'server domain controller (DC) by using the Netlogon Remote Protocol (MS-NRPC). ' +
+ 'This exploiter changes the password of a Windows server DC account, steals ' +
+ 'credentials, and then attempts to restore the original DC password. The victim DC ' +
+ 'will be unable to communicate with other DCs until the original ' +
+ 'password has been restored. If Infection Monkey fails to restore the ' +
+ 'password automatically, you\'ll have to do it manually. For more ' +
+ 'information, see the documentation.',
+ 'link': 'https://www.guardicore.com/infectionmonkey' +
+ '/docs/reference/exploiters/zerologon/'
+ },
+ {
+ 'type': 'string',
+ 'enum': ['PowerShellExploiter'],
+ 'title': 'PowerShell Remoting Exploiter',
+ 'info': 'Exploits PowerShell remote execution setups. PowerShell Remoting uses Windows ' +
+ 'Remote Management (WinRM) to allow users to run PowerShell commands on remote ' +
+ 'computers.',
+ 'safe': true,
+ 'link': 'https://www.guardicore.com/infectionmonkey' +
+ '/docs/reference/exploiters/powershell'
+ },
+ {
+ 'type': 'string',
+ 'enum': ['Log4ShellExploiter'],
+ 'title': 'Log4Shell Exploiter',
+ 'safe': true,
+ 'info': 'Exploits a software vulnerability (CVE-2021-44228) in Apache Log4j, a Java ' +
+ 'logging framework. Exploitation is attempted on the following services — ' +
+ 'Apache Solr, Apache Tomcat, Logstash.',
+ 'link': 'https://www.guardicore.com/infectionmonkey/docs/reference' +
+ '/exploiters/log4shell/'
+ }
+ ]
+}