forked from p15670423/monkey
Docs: Improve agent propagation and add running manually page
This commit is contained in:
parent
4e1bc21e95
commit
04aacc2cba
|
@ -9,7 +9,7 @@ tags: ["agent", "propagation", "reference"]
|
||||||
|
|
||||||
## How does the Infection Monkey Agent propagate to a new machine?
|
## How does the Infection Monkey Agent propagate to a new machine?
|
||||||
|
|
||||||
Once an Agent exploits a vulnerable system, it propagates to the machine by copying the appropriate
|
Agent mainly propagates using remote code execution vulnerabilities. Once the agent is able to
|
||||||
Agent binary to it.
|
run commands on the victim it executes commands that are similar to the ones described in [manual run page.](../../usage/running-manually/)
|
||||||
|
|
||||||
On Windows, it is copied to `C:\Windows\temp\monkey64.exe`. On Linux, it is copied to `/tmp/monkey`.
|
On Windows, it is copied to `C:\Windows\temp\monkey64.exe`. On Linux, it is copied to `/tmp/monkey`.
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
title: "Running the monkey on AWS EC2 instances"
|
title: "Running the agent on AWS EC2 instances"
|
||||||
date: 2020-06-28T10:44:05+03:00
|
date: 2020-06-28T10:44:05+03:00
|
||||||
draft: false
|
draft: false
|
||||||
description: "Use AWS SSM to execute Infection Monkey on your AWS instances."
|
description: "Use AWS SSM to execute Infection Monkey on your AWS instances."
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
title: "Running Manually"
|
||||||
|
date: 2022-06-09T14:47:40+03:00
|
||||||
|
draft: false
|
||||||
|
weight: 2
|
||||||
|
pre: "<i class='fas fa-terminal'></i> "
|
||||||
|
tags: ["usage"]
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
## Generating manual run command
|
||||||
|
|
||||||
|
Manual run command can be generated through the Island Server UI, by going to "Run Monkey" -> "Manual" page.
|
||||||
|
|
||||||
|
### Downloading the agent manually
|
||||||
|
|
||||||
|
As evident by the generated commands, agent binaries can be downloaded
|
||||||
|
by sending a get request to `https://[IP]:5000/api/agent/download/[OS]`, where
|
||||||
|
`[IP]` stands for the IP address of the Island server and `[OS]` is either `windows` or `linux`.
|
||||||
|
|
||||||
|
### Running the agent binary
|
||||||
|
|
||||||
|
Agent binary can be started with `m0nk3y` or `dr0pp3r` flags.
|
||||||
|
|
||||||
|
`m0nk3y` flag is the standard way
|
||||||
|
to run the agent.
|
||||||
|
|
||||||
|
`dr0pp3r` will move the agent binary to a location provided with an `-l` flag.
|
||||||
|
Then it will start that binary with a `m0nk3y` flag on a new process. Finally, it will stop
|
||||||
|
the current process and shut down. This flag is useful if you want to start the agent on a separate
|
||||||
|
process. This flag is used by the agent to execute other agents on exploited machines.
|
||||||
|
This way, the parent agent doesn't have to wait until the child finishes to continue the execution.
|
Loading…
Reference in New Issue