p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent, Island: User friendly log name 

* Configurable log directories
* Random component to the log file
* 'infection-monkey-<monkey-arg>-<random-str>-<timestamp>.log'
This commit is contained in:
Ilija Lazoroski 2022-03-09 12:21:03 +01:00
parent cbaa3256dd
commit 71328ea2b1
6 changed files with 57 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
monkey/infection_monkey/config.py
View File

@ -71,10 +71,10 @@ class Configuration(object):
# logging config # logging config
########################### ###########################
dropper_log_path_windows = "%temp%\\~df1562.tmp" dropper_log_directory_linux = "/tmp/"
dropper_log_path_linux = "/tmp/user-1562" dropper_log_directory_windows = "%temp%\\"
monkey_log_path_windows = "%temp%\\~df1563.tmp" monkey_log_directory_linux = "/tmp/"
monkey_log_path_linux = "/tmp/user-1563" monkey_log_directory_windows = "%temp%\\"
########################### ###########################
# dropper config # dropper config

8
monkey/infection_monkey/example.conf
View File

@ -16,8 +16,8 @@
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
"dropper_date_reference_path_linux": "/bin/sh", "dropper_date_reference_path_linux": "/bin/sh",
"dropper_log_path_windows": "%temp%\\~df1562.tmp", "dropper_log_directory_linux": "/tmp/",
"dropper_log_path_linux": "/tmp/user-1562", "dropper_log_directory_windows": "%temp%\\",
"dropper_set_date": true, "dropper_set_date": true,
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
"dropper_target_path_linux": "/tmp/monkey", "dropper_target_path_linux": "/tmp/monkey",
@ -38,8 +38,8 @@
"MSSQLFingerprint", "MSSQLFingerprint",
"ElasticFinger" "ElasticFinger"
], ],
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_directory_windows": "%temp%\\",
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_directory_linux": "/tmp/",
"ping_scan_timeout": 10000, "ping_scan_timeout": 10000,
"smb_download_timeout": 300, "smb_download_timeout": 300,
"smb_service_name": "InfectionMonkey", "smb_service_name": "InfectionMonkey",

29
monkey/infection_monkey/utils/monkey_log_path.py
View File

@ -1,20 +1,41 @@
import os import os
import string
import sys import sys
import time
from random import SystemRandom
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
def get_monkey_log_path(): def get_monkey_log_path():
return ( return (
os.path.expandvars(WormConfiguration.monkey_log_path_windows) os.path.expandvars(
_generate_random_log_filepath(WormConfiguration.monkey_log_directory_windows, "agent")
)
if sys.platform == "win32" if sys.platform == "win32"
else WormConfiguration.monkey_log_path_linux else _generate_random_log_filepath(WormConfiguration.monkey_log_directory_linux, "agent")
) )
def get_dropper_log_path(): def get_dropper_log_path():
return ( return (
os.path.expandvars(WormConfiguration.dropper_log_path_windows) os.path.expandvars(
_generate_random_log_filepath(
WormConfiguration.dropper_log_directory_windows, "dropper"
)
)
if sys.platform == "win32" if sys.platform == "win32"
else WormConfiguration.dropper_log_path_linux else _generate_random_log_filepath(WormConfiguration.dropper_log_directory_linux, "dropper")
) )
def _generate_random_log_filepath(log_directory: str, monkey_arg: str) -> str:
safe_random = SystemRandom()
random_string = "".join(
[safe_random.choice(string.ascii_lowercase + string.digits) for _ in range(8)]
)
prefix = f"infection-monkey-{monkey_arg}-"
suffix = f"-{time.strftime('%Y-%m-%d-%H-%M-%S', time.gmtime())}.log"
log_file_path = os.path.join(log_directory, prefix + random_string + suffix)
return log_file_path

32
monkey/monkey_island/cc/services/config_schema/internal.py
View File

@ -188,29 +188,29 @@ INTERNAL = {
"title": "Logging", "title": "Logging",
"type": "object", "type": "object",
"properties": { "properties": {
"dropper_log_path_linux": { "dropper_log_directory_linux": {
"title": "Dropper log file path on Linux", "title": "Dropper log directory path on Linux",
"type": "string", "type": "string",
"default": "/tmp/user-1562", "default": "/tmp/",
"description": "The fullpath of the dropper log file on Linux", "description": "The directory path of the dropper log file on Linux",
}, },
"dropper_log_path_windows": { "dropper_log_directory_windows": {
"title": "Dropper log file path on Windows", "title": "Dropper log directory path on Windows",
"type": "string", "type": "string",
"default": "%temp%\\~df1562.tmp", "default": "%temp%\\",
"description": "The fullpath of the dropper log file on Windows", "description": "The directory path of the dropper log file on Windows",
}, },
"monkey_log_path_linux": { "monkey_log_directory_linux": {
"title": "Monkey log file path on Linux", "title": "Monkey log directory path on Linux",
"type": "string", "type": "string",
"default": "/tmp/user-1563", "default": "/tmp/",
"description": "The fullpath of the monkey log file on Linux", "description": "The directory path of the monkey log file on Linux",
}, },
"monkey_log_path_windows": { "monkey_log_directory_windows": {
"title": "Monkey log file path on Windows", "title": "Monkey log directory path on Windows",
"type": "string", "type": "string",
"default": "%temp%\\~df1563.tmp", "default": "%temp%\\",
"description": "The fullpath of the monkey log file on Windows", "description": "The directory path of the monkey log file on Windows",
}, },
}, },
}, },

8
monkey/tests/data_for_tests/monkey_configs/flat_config.json
View File

@ -23,8 +23,8 @@
"depth": 2, "depth": 2,
"dropper_date_reference_path_linux": "/bin/sh", "dropper_date_reference_path_linux": "/bin/sh",
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll", "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
"dropper_log_path_linux": "/tmp/user-1562", "dropper_log_directory_linux": "/tmp/",
"dropper_log_path_windows": "%temp%\\~df1562.tmp", "dropper_log_directory_windows": "%temp%\\",
"dropper_set_date": true, "dropper_set_date": true,
"dropper_target_path_linux": "/tmp/monkey", "dropper_target_path_linux": "/tmp/monkey",
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe", "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
@ -71,8 +71,8 @@
"keep_tunnel_open_time": 60, "keep_tunnel_open_time": 60,
"local_network_scan": true, "local_network_scan": true,
"max_depth": null, "max_depth": null,
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_directory_linux": "/tmp/",
"monkey_log_path_windows": "%temp%\\~df1563.tmp", "monkey_log_directory_windows": "%temp%\\",
"ping_scan_timeout": 1000, "ping_scan_timeout": 1000,
"post_breach_actions": [ "post_breach_actions": [
"CommunicateAsBackdoorUser", "CommunicateAsBackdoorUser",

8
monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
View File

@ -107,10 +107,10 @@
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe" "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe"
}, },
"logging": { "logging": {
"dropper_log_path_linux": "/tmp/user-1562", "dropper_log_directory_linux": "/tmp/",
"dropper_log_path_windows": "%temp%\\~df1562.tmp", "dropper_log_directory_windows": "%temp%\\",
"monkey_log_path_linux": "/tmp/user-1563", "monkey_log_directory_linux": "/tmp/",
"monkey_log_path_windows": "%temp%\\~df1563.tmp" "monkey_log_directory_windows": "%temp%\\"
}, },
"exploits": { "exploits": {
"exploit_lm_hash_list": [], "exploit_lm_hash_list": [],