Agent, Island: User friendly log name

* Configurable log directories * Random component to the log file * 'infection-monkey-<monkey-arg>-<random-str>-<timestamp>.log'
2022-03-09 12:21:03 +01:00 · 2022-03-09 12:21:03 +01:00 · 71328ea2b1
parent cbaa3256dd
commit 71328ea2b1
6 changed files with 57 additions and 36 deletions
--- a/monkey/infection_monkey/config.py
+++ b/monkey/infection_monkey/config.py
@ -71,10 +71,10 @@ class Configuration(object):
    # logging config
    ###########################

-    dropper_log_path_windows = "%temp%\\~df1562.tmp"
-    dropper_log_path_linux = "/tmp/user-1562"
-    monkey_log_path_windows = "%temp%\\~df1563.tmp"
-    monkey_log_path_linux = "/tmp/user-1563"
+    dropper_log_directory_linux = "/tmp/"
+    dropper_log_directory_windows = "%temp%\\"
+    monkey_log_directory_linux = "/tmp/"
+    monkey_log_directory_windows = "%temp%\\"

    ###########################
    # dropper config
--- a/monkey/infection_monkey/example.conf
+++ b/monkey/infection_monkey/example.conf
@ -16,8 +16,8 @@

  "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
  "dropper_date_reference_path_linux": "/bin/sh",
-  "dropper_log_path_windows": "%temp%\\~df1562.tmp",
-  "dropper_log_path_linux": "/tmp/user-1562",
+  "dropper_log_directory_linux": "/tmp/",
+  "dropper_log_directory_windows": "%temp%\\",
  "dropper_set_date": true,
  "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
  "dropper_target_path_linux": "/tmp/monkey",
@ -38,8 +38,8 @@
    "MSSQLFingerprint",
    "ElasticFinger"
  ],
-  "monkey_log_path_windows": "%temp%\\~df1563.tmp",
-  "monkey_log_path_linux": "/tmp/user-1563",
+  "monkey_log_directory_windows": "%temp%\\",
+  "monkey_log_directory_linux": "/tmp/",
  "ping_scan_timeout": 10000,
  "smb_download_timeout": 300,
  "smb_service_name": "InfectionMonkey",
--- a/monkey/infection_monkey/utils/monkey_log_path.py
+++ b/monkey/infection_monkey/utils/monkey_log_path.py
@ -1,20 +1,41 @@
 import os
+import string
 import sys
+import time
+from random import SystemRandom

 from infection_monkey.config import WormConfiguration


 def get_monkey_log_path():
    return (
-        os.path.expandvars(WormConfiguration.monkey_log_path_windows)
+        os.path.expandvars(
+            _generate_random_log_filepath(WormConfiguration.monkey_log_directory_windows, "agent")
+        )
        if sys.platform == "win32"
-        else WormConfiguration.monkey_log_path_linux
+        else _generate_random_log_filepath(WormConfiguration.monkey_log_directory_linux, "agent")
    )


 def get_dropper_log_path():
    return (
-        os.path.expandvars(WormConfiguration.dropper_log_path_windows)
+        os.path.expandvars(
+            _generate_random_log_filepath(
+                WormConfiguration.dropper_log_directory_windows, "dropper"
+            )
+        )
        if sys.platform == "win32"
-        else WormConfiguration.dropper_log_path_linux
+        else _generate_random_log_filepath(WormConfiguration.dropper_log_directory_linux, "dropper")
    )
+
+
+def _generate_random_log_filepath(log_directory: str, monkey_arg: str) -> str:
+    safe_random = SystemRandom()
+    random_string = "".join(
+        [safe_random.choice(string.ascii_lowercase + string.digits) for _ in range(8)]
+    )
+    prefix = f"infection-monkey-{monkey_arg}-"
+    suffix = f"-{time.strftime('%Y-%m-%d-%H-%M-%S', time.gmtime())}.log"
+    log_file_path = os.path.join(log_directory, prefix + random_string + suffix)
+
+    return log_file_path
--- a/monkey/monkey_island/cc/services/config_schema/internal.py
+++ b/monkey/monkey_island/cc/services/config_schema/internal.py
@ -188,29 +188,29 @@ INTERNAL = {
            "title": "Logging",
            "type": "object",
            "properties": {
-                "dropper_log_path_linux": {
-                    "title": "Dropper log file path on Linux",
+                "dropper_log_directory_linux": {
+                    "title": "Dropper log directory path on Linux",
                    "type": "string",
-                    "default": "/tmp/user-1562",
-                    "description": "The fullpath of the dropper log file on Linux",
+                    "default": "/tmp/",
+                    "description": "The directory path of the dropper log file on Linux",
                },
-                "dropper_log_path_windows": {
-                    "title": "Dropper log file path on Windows",
+                "dropper_log_directory_windows": {
+                    "title": "Dropper log directory path on Windows",
                    "type": "string",
-                    "default": "%temp%\\~df1562.tmp",
-                    "description": "The fullpath of the dropper log file on Windows",
+                    "default": "%temp%\\",
+                    "description": "The directory path of the dropper log file on Windows",
                },
-                "monkey_log_path_linux": {
-                    "title": "Monkey log file path on Linux",
+                "monkey_log_directory_linux": {
+                    "title": "Monkey log directory path on Linux",
                    "type": "string",
-                    "default": "/tmp/user-1563",
-                    "description": "The fullpath of the monkey log file on Linux",
+                    "default": "/tmp/",
+                    "description": "The directory path of the monkey log file on Linux",
                },
-                "monkey_log_path_windows": {
-                    "title": "Monkey log file path on Windows",
+                "monkey_log_directory_windows": {
+                    "title": "Monkey log directory path on Windows",
                    "type": "string",
-                    "default": "%temp%\\~df1563.tmp",
-                    "description": "The fullpath of the monkey log file on Windows",
+                    "default": "%temp%\\",
+                    "description": "The directory path of the monkey log file on Windows",
                },
            },
        },
--- a/monkey/tests/data_for_tests/monkey_configs/flat_config.json
+++ b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
@ -23,8 +23,8 @@
    "depth": 2,
    "dropper_date_reference_path_linux": "/bin/sh",
    "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
-    "dropper_log_path_linux": "/tmp/user-1562",
-    "dropper_log_path_windows": "%temp%\\~df1562.tmp",
+    "dropper_log_directory_linux": "/tmp/",
+    "dropper_log_directory_windows": "%temp%\\",
    "dropper_set_date": true,
    "dropper_target_path_linux": "/tmp/monkey",
    "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
@ -71,8 +71,8 @@
    "keep_tunnel_open_time": 60,
    "local_network_scan": true,
    "max_depth": null,
-    "monkey_log_path_linux": "/tmp/user-1563",
-    "monkey_log_path_windows": "%temp%\\~df1563.tmp",
+    "monkey_log_directory_linux": "/tmp/",
+    "monkey_log_directory_windows": "%temp%\\",
    "ping_scan_timeout": 1000,
    "post_breach_actions": [
        "CommunicateAsBackdoorUser",
--- a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
+++ b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
@ -107,10 +107,10 @@
        "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe"
      },
      "logging": {
-        "dropper_log_path_linux": "/tmp/user-1562",
-        "dropper_log_path_windows": "%temp%\\~df1562.tmp",
-        "monkey_log_path_linux": "/tmp/user-1563",
-        "monkey_log_path_windows": "%temp%\\~df1563.tmp"
+        "dropper_log_directory_linux": "/tmp/",
+        "dropper_log_directory_windows": "%temp%\\",
+        "monkey_log_directory_linux": "/tmp/",
+        "monkey_log_directory_windows": "%temp%\\"
      },
      "exploits": {
        "exploit_lm_hash_list": [],