p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

BB: Fix Zerologon analyzer

This commit is contained in:
Ilija Lazoroski 2022-07-28 11:52:42 +02:00
parent 7fba5139f7
commit 17e07429a4
2 changed files with 19 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
envs/monkey_zoo/blackbox/analyzers/zerologon_analyzer.py
View File

@ -1,6 +1,7 @@
from pprint import pformat from pprint import pformat
from typing import List from typing import List
from common.credentials import CredentialComponentType, Credentials
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
from envs.monkey_zoo.blackbox.analyzers.analyzer_log import AnalyzerLog from envs.monkey_zoo.blackbox.analyzers.analyzer_log import AnalyzerLog
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
@ -26,19 +27,23 @@ class ZerologonAnalyzer(Analyzer):
return is_creds_gathered and is_creds_restored return is_creds_gathered and is_creds_restored
def _analyze_credential_gathering(self) -> bool: def _analyze_credential_gathering(self) -> bool:
config = self.island_client.get_config() propagation_credentials = self.island_client.get_propagation_credentials()
credentials_on_island = ZerologonAnalyzer._get_relevant_credentials(config) credentials_on_island = ZerologonAnalyzer._get_relevant_credentials(propagation_credentials)
return self._is_all_credentials_in_list(credentials_on_island) return self._is_all_credentials_in_list(credentials_on_island)
@staticmethod @staticmethod
def _get_relevant_credentials(config: dict): def _get_relevant_credentials(propagation_credentials: Credentials) -> List[str]:
credentials_on_island = [] credentials_on_island = set()
# TODO: Pull configured credentials and put usernames, nt and lm hashes into
# credentials_island for credentials in propagation_credentials:
# credentials_on_island.extend(dpath.util.get(config["configuration"], USER_LIST_PATH)) if credentials.identity.credential_type is CredentialComponentType.USERNAME:
# credentials_on_island.extend(dpath.util.get(config["configuration"], NTLM_HASH_LIST_PATH)) credentials_on_island.update([credentials.identity.username])
# credentials_on_island.extend(dpath.util.get(config["configuration"], LM_HASH_LIST_PATH)) if credentials.secret.credential_type is CredentialComponentType.NT_HASH:
return credentials_on_island credentials_on_island.update([credentials.secret.nt_hash])
if credentials.secret.credential_type is CredentialComponentType.LM_HASH:
credentials_on_island.update([credentials.secret.lm_hash])
return list(credentials_on_island)
def _is_all_credentials_in_list(self, all_creds: List[str]) -> bool: def _is_all_credentials_in_list(self, all_creds: List[str]) -> bool:
credentials_missing = [cred for cred in self.expected_credentials if cred not in all_creds] credentials_missing = [cred for cred in self.expected_credentials if cred not in all_creds]

7
envs/monkey_zoo/blackbox/island_client/monkey_island_client.py
View File

@ -1,7 +1,7 @@
import json import json
import logging import logging
import time import time
from typing import Union from typing import Sequence, Union
from bson import json_util from bson import json_util
@ -29,8 +29,9 @@ class MonkeyIslandClient(object):
def get_api_status(self): def get_api_status(self):
return self.requests.get("api") return self.requests.get("api")
def get_config(self): def get_propagation_credentials(self) -> Sequence[Credentials]:
return json.loads(self.requests.get("api/agent-configuration").content) response = self.requests.get("api/propagation-credentials")
return [Credentials.from_mapping(credentials) for credentials in response.json()]
@avoid_race_condition @avoid_race_condition
def import_config(self, test_configuration: TestConfiguration): def import_config(self, test_configuration: TestConfiguration):