p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Extend linux PBA for all users on system 

TODO: ATT&CK report stuff (mongo search + show only bash file modification info)
TODO: Windows
This commit is contained in:
Shreya 2020-06-21 00:43:15 +05:30
parent 8d2aaac65f
commit 7459105bbc
2 changed files with 32 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
monkey/infection_monkey/post_breach/actions/modify_shell_startup_files.py
View File

@ -21,12 +21,14 @@ class ModifyShellStartupFiles(PBA):
class ShellStartupPBAGenerator(): class ShellStartupPBAGenerator():
def get_modify_shell_startup_pbas(): def get_modify_shell_startup_pbas():
(cmds_for_linux, shell_startup_files_for_linux), windows_cmds = get_commands_to_modify_shell_startup_files() (cmds_for_linux, shell_startup_files_for_linux, usernames_for_linux), windows_cmds =\
get_commands_to_modify_shell_startup_files()
pbas = [ModifyShellStartupFile(linux_cmds='', windows_cmds=windows_cmds)] pbas = [ModifyShellStartupFile(linux_cmds='', windows_cmds=windows_cmds)]
for username in usernames_for_linux:
for shell_startup_file in shell_startup_files_for_linux: for shell_startup_file in shell_startup_files_for_linux:
linux_cmds = ' '.join(cmds_for_linux).format(shell_startup_file) linux_cmds = ' '.join(cmds_for_linux).format(shell_startup_file).format(username)
pbas.append(ModifyShellStartupFile(linux_cmds=linux_cmds, windows_cmds='')) pbas.append(ModifyShellStartupFile(linux_cmds=linux_cmds, windows_cmds=''))
return pbas return pbas

34
monkey/infection_monkey/post_breach/shell_startup_files/linux/shell_startup_files_modification.py
View File

@ -1,12 +1,30 @@
import subprocess
HOME_DIR = "/home/"
# get list of usernames
USERS = subprocess.check_output(
"cut -d: -f1,3 /etc/passwd | egrep ':[0-9]{4}$' | cut -d: -f1",
shell=True
).decode().split('\n')[:-1]
# get list of paths of different shell startup files with place for username
STARTUP_FILES = [ STARTUP_FILES = [
"~/.profile", # bash, dash, ksh, sh file_path.format(HOME_DIR) for file_path in
"~/.bashrc", "~/.bash_profile", # bash [
"~/.config/fish/config.fish", # fish "{0}{{0}}/.profile", # bash, dash, ksh, sh
"~/.zshrc", "~/.zshenv", "~/.zprofile", # zsh "{0}{{0}}/.bashrc", # bash
"~/.kshrc", # ksh "{0}{{0}}/.bash_profile",
"~/.tcshrc", # tcsh "{0}{{0}}/.config/fish/config.fish", # fish
"~/.cshrc", # csh "{0}{{0}}/.zshrc", # zsh
"{0}{{0}}/.zshenv",
"{0}{{0}}/.zprofile",
"{0}{{0}}/.kshrc", # ksh
"{0}{{0}}/.tcshrc", # tcsh
"{0}{{0}}/.cshrc", # csh
] ]
]
def get_linux_commands_to_modify_shell_startup_files(): def get_linux_commands_to_modify_shell_startup_files():
@ -16,4 +34,4 @@ def get_linux_commands_to_modify_shell_startup_files():
'tee -a {0} &&', # append to file 'tee -a {0} &&', # append to file
'sed -i \'$d\' {0}', # remove last line of file (undo changes) 'sed -i \'$d\' {0}', # remove last line of file (undo changes)
],\ ],\
STARTUP_FILES STARTUP_FILES, USERS