Docs: Improve agent propagation and add running manually page

This commit is contained in:
vakarisz 2022-06-09 15:20:04 +03:00
parent 4e1bc21e95
commit 04aacc2cba
3 changed files with 35 additions and 3 deletions

View File

@ -9,7 +9,7 @@ tags: ["agent", "propagation", "reference"]
## How does the Infection Monkey Agent propagate to a new machine? ## How does the Infection Monkey Agent propagate to a new machine?
Once an Agent exploits a vulnerable system, it propagates to the machine by copying the appropriate Agent mainly propagates using remote code execution vulnerabilities. Once the agent is able to
Agent binary to it. run commands on the victim it executes commands that are similar to the ones described in [manual run page.](../../usage/running-manually/)
On Windows, it is copied to `C:\Windows\temp\monkey64.exe`. On Linux, it is copied to `/tmp/monkey`. On Windows, it is copied to `C:\Windows\temp\monkey64.exe`. On Linux, it is copied to `/tmp/monkey`.

View File

@ -1,5 +1,5 @@
--- ---
title: "Running the monkey on AWS EC2 instances" title: "Running the agent on AWS EC2 instances"
date: 2020-06-28T10:44:05+03:00 date: 2020-06-28T10:44:05+03:00
draft: false draft: false
description: "Use AWS SSM to execute Infection Monkey on your AWS instances." description: "Use AWS SSM to execute Infection Monkey on your AWS instances."

View File

@ -0,0 +1,32 @@
---
title: "Running Manually"
date: 2022-06-09T14:47:40+03:00
draft: false
weight: 2
pre: "<i class='fas fa-terminal'></i> "
tags: ["usage"]
---
## Generating manual run command
Manual run command can be generated through the Island Server UI, by going to "Run Monkey" -> "Manual" page.
### Downloading the agent manually
As evident by the generated commands, agent binaries can be downloaded
by sending a get request to `https://[IP]:5000/api/agent/download/[OS]`, where
`[IP]` stands for the IP address of the Island server and `[OS]` is either `windows` or `linux`.
### Running the agent binary
Agent binary can be started with `m0nk3y` or `dr0pp3r` flags.
`m0nk3y` flag is the standard way
to run the agent.
`dr0pp3r` will move the agent binary to a location provided with an `-l` flag.
Then it will start that binary with a `m0nk3y` flag on a new process. Finally, it will stop
the current process and shut down. This flag is useful if you want to start the agent on a separate
process. This flag is used by the agent to execute other agents on exploited machines.
This way, the parent agent doesn't have to wait until the child finishes to continue the execution.