From dff71eabc4fedb5b8a3b09c17e691cd43da4dae8 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Mon, 7 Oct 2019 09:53:18 +0300 Subject: [PATCH] Added C++ redistributable required for windows and brought back UPX --- deployment_scripts/config.ps1 | 5 +++++ deployment_scripts/deploy_windows.ps1 | 19 +++++++++++++++++++ monkey/infection_monkey/monkey.spec | 1 + 3 files changed, 25 insertions(+) diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1 index a3dafc66e..095f7b899 100644 --- a/deployment_scripts/config.ps1 +++ b/deployment_scripts/config.ps1 @@ -29,13 +29,18 @@ $MK64_DLL = "mk64.zip" $TEMP_PYTHON_INSTALLER = ".\python.exe" $TEMP_MONGODB_ZIP = ".\mongodb.zip" $TEMP_OPEN_SSL_ZIP = ".\openssl.zip" +$TEMP_CPP_INSTALLER = "cpp.exe" $TEMP_NPM_INSTALLER = "node.msi" $TEMP_PYWIN32_INSTALLER = "pywin32.exe" +$TEMP_UPX_ZIP = "upx.zip" +$UPX_FOLDER = "upx394w" # Other url's $MONGODB_URL = "https://downloads.mongodb.org/win32/mongodb-win32-x86_64-2008plus-ssl-latest.zip" $OPEN_SSL_URL = "https://indy.fulgan.com/SSL/Archive/openssl-1.0.2l-i386-win32.zip" +$CPP_URL = "https://go.microsoft.com/fwlink/?LinkId=746572" $NPM_URL = "https://nodejs.org/dist/v10.13.0/node-v10.13.0-x64.msi" $PYWIN32_URL = "https://github.com/mhammond/pywin32/releases/download/b225/pywin32-225.win-amd64-py3.7.exe" $MK32_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk32.zip" $MK64_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk64.zip" +$UPX_URL = "https://github.com/upx/upx/releases/download/v3.94/upx394w.zip" diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1 index 87d6bc8cf..0403185ff 100644 --- a/deployment_scripts/deploy_windows.ps1 +++ b/deployment_scripts/deploy_windows.ps1 @@ -107,6 +107,12 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, "Removing zip file" Remove-Item $TEMP_OPEN_SSL_ZIP + # Download and install C++ redistributable + "Downloading C++ redistributable ..." + $webClient.DownloadFile($CPP_URL, $TEMP_CPP_INSTALLER) + Start-Process -Wait $TEMP_CPP_INSTALLER -ErrorAction Stop + Remove-Item $TEMP_CPP_INSTALLER + # Generate ssl certificate "Generating ssl certificate" Push-Location -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR) @@ -158,6 +164,19 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName, $binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_DIR | Join-Path -ChildPath "\bin") New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue + # Download upx + if(!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe") )){ + "Downloading upx ..." + $webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP) + "Unzipping upx" + Expand-Archive $TEMP_UPX_ZIP -DestinationPath $binDir -ErrorAction SilentlyContinue + Move-Item -Path (Join-Path -Path $binDir -ChildPath $UPX_FOLDER | Join-Path -ChildPath "upx.exe") -Destination $binDir + # Remove unnecessary files + Remove-Item -Recurse -Force (Join-Path -Path $binDir -ChildPath $UPX_FOLDER) + "Removing zip file" + Remove-Item $TEMP_UPX_ZIP + } + # Download mimikatz binaries $mk32_path = Join-Path -Path $binDir -ChildPath $MK32_DLL if(!(Test-Path -Path $mk32_path )){ diff --git a/monkey/infection_monkey/monkey.spec b/monkey/infection_monkey/monkey.spec index e35fd2630..9c5fa9a18 100644 --- a/monkey/infection_monkey/monkey.spec +++ b/monkey/infection_monkey/monkey.spec @@ -38,6 +38,7 @@ def main(): debug=False, strip=get_exe_strip(), upx=True, + upx_exclude=['vcruntime140.dll'], console=True, icon=get_exe_icon())