diff --git a/chaos_monkey/exploit/__init__.py b/chaos_monkey/exploit/__init__.py index 6186f9101..379d2bd92 100644 --- a/chaos_monkey/exploit/__init__.py +++ b/chaos_monkey/exploit/__init__.py @@ -6,14 +6,16 @@ __author__ = 'itamar' class HostExploiter(object): __metaclass__ = ABCMeta + _TARGET_OS_TYPE = [] + def __init__(self, host): - self._target_os_type = [] + self._exploit_info = {} self._exploit_attempts = [] self.host = host def is_os_supported(self): - return self.host.os.get('type') in self._target_os_type + return self.host.os.get('type') in self._TARGET_OS_TYPE def send_exploit_telemetry(self, result): from control import ControlClient diff --git a/chaos_monkey/exploit/elasticgroovy.py b/chaos_monkey/exploit/elasticgroovy.py index f5a12e3ce..bf904724e 100644 --- a/chaos_monkey/exploit/elasticgroovy.py +++ b/chaos_monkey/exploit/elasticgroovy.py @@ -34,9 +34,10 @@ class ElasticGroovyExploiter(HostExploiter): DOWNLOAD_TIMEOUT = 300 # copied from rdpgrinder + _TARGET_OS_TYPE = ['linux', 'windows'] + def __init__(self, host): super(ElasticGroovyExploiter, self).__init__(host) - self._target_os_type = ['linux', 'windows'] self._config = __import__('config').WormConfiguration self.skip_exist = self._config.skip_exploit_if_file_exist @@ -46,7 +47,7 @@ class ElasticGroovyExploiter(HostExploiter): Either using version string or by trying to attack :return: """ - if self.host.os.get('type') not in self._target_os_type: + if not super(ElasticGroovyExploiter, self).is_os_supported(): return False if ES_SERVICE not in self.host.services: diff --git a/chaos_monkey/exploit/rdpgrinder.py b/chaos_monkey/exploit/rdpgrinder.py index 03fe76ddc..207564778 100644 --- a/chaos_monkey/exploit/rdpgrinder.py +++ b/chaos_monkey/exploit/rdpgrinder.py @@ -233,14 +233,15 @@ class CMDClientFactory(rdp.ClientFactory): class RdpExploiter(HostExploiter): + _TARGET_OS_TYPE = ['windows'] + def __init__(self, host): super(RdpExploiter, self).__init__(host) - self._target_os_type = ['windows'] self._config = __import__('config').WormConfiguration self._guid = __import__('config').GUID def is_os_supported(self): - if self.host.os.get('type') in self._target_os_type: + if super(RdpExploiter, self).is_os_supported(): return True if not self.host.os.get('type'): diff --git a/chaos_monkey/exploit/sambacry.py b/chaos_monkey/exploit/sambacry.py index db5cae191..930cd8854 100644 --- a/chaos_monkey/exploit/sambacry.py +++ b/chaos_monkey/exploit/sambacry.py @@ -32,6 +32,7 @@ class SambaCryExploiter(HostExploiter): https://github.com/CoreSecurity/impacket/blob/master/examples/sambaPipe.py """ + _TARGET_OS_TYPE = ['linux'] # Name of file which contains the monkey's commandline SAMBACRY_COMMANDLINE_FILENAME = "monkey_commandline.txt" # Name of file which contains the runner's result @@ -51,7 +52,6 @@ class SambaCryExploiter(HostExploiter): def __init__(self, host): super(SambaCryExploiter, self).__init__(host) - self._target_os_type = ['linux'] self._config = __import__('config').WormConfiguration def exploit_host(self): diff --git a/chaos_monkey/exploit/shellshock.py b/chaos_monkey/exploit/shellshock.py index a5dc36ddf..acae085f0 100644 --- a/chaos_monkey/exploit/shellshock.py +++ b/chaos_monkey/exploit/shellshock.py @@ -25,9 +25,10 @@ class ShellShockExploiter(HostExploiter): "Content-type": "() { :;}; echo; " } + _TARGET_OS_TYPE = ['linux'] + def __init__(self, host): super(ShellShockExploiter, self).__init__(host) - self._target_os_type = ['linux'] self._config = __import__('config').WormConfiguration self.HTTP = [str(port) for port in self._config.HTTP_PORTS] self.success_flag = ''.join( diff --git a/chaos_monkey/exploit/smbexec.py b/chaos_monkey/exploit/smbexec.py index 8e3a74c59..0fc1f27fe 100644 --- a/chaos_monkey/exploit/smbexec.py +++ b/chaos_monkey/exploit/smbexec.py @@ -14,6 +14,7 @@ LOG = getLogger(__name__) class SmbExploiter(HostExploiter): + _TARGET_OS_TYPE = ['windows'] KNOWN_PROTOCOLS = { '139/SMB': (r'ncacn_np:%s[\pipe\svcctl]', 139), '445/SMB': (r'ncacn_np:%s[\pipe\svcctl]', 445), @@ -22,12 +23,11 @@ class SmbExploiter(HostExploiter): def __init__(self, host): super(SmbExploiter, self).__init__(host) - self._target_os_type = ['windows'] self._config = __import__('config').WormConfiguration self._guid = __import__('config').GUID def is_os_supported(self): - if self.host.os.get('type') in self._target_os_type: + if super(SmbExploiter, self).is_os_supported(): return True if not self.host.os.get('type'): @@ -39,7 +39,7 @@ class SmbExploiter(HostExploiter): is_nb_open, _ = check_port_tcp(self.host.ip_addr, 139) if is_nb_open: self.host.os['type'] = 'windows' - return self.host.os.get('type') in self._target_os_type + return self.host.os.get('type') in self._TARGET_OS_TYPE return False def exploit_host(self): diff --git a/chaos_monkey/exploit/sshexec.py b/chaos_monkey/exploit/sshexec.py index 479c1b26b..f58e5677b 100644 --- a/chaos_monkey/exploit/sshexec.py +++ b/chaos_monkey/exploit/sshexec.py @@ -18,10 +18,10 @@ TRANSFER_UPDATE_RATE = 15 class SSHExploiter(HostExploiter): + _TARGET_OS_TYPE = ['linux', None] def __init__(self, host): super(SSHExploiter, self).__init__(host) - self._target_os_type = ['linux', None] self._config = __import__('config').WormConfiguration self._update_timestamp = 0 self.skip_exist = self._config.skip_exploit_if_file_exist diff --git a/chaos_monkey/exploit/win_ms08_067.py b/chaos_monkey/exploit/win_ms08_067.py index 604f4e8cb..3ed553931 100644 --- a/chaos_monkey/exploit/win_ms08_067.py +++ b/chaos_monkey/exploit/win_ms08_067.py @@ -152,27 +152,27 @@ class SRVSVC_Exploit(object): class Ms08_067_Exploiter(HostExploiter): + _TARGET_OS_TYPE = ['windows'] _windows_versions = {'Windows Server 2003 3790 Service Pack 2': WindowsVersion.Windows2003_SP2, 'Windows Server 2003 R2 3790 Service Pack 2': WindowsVersion.Windows2003_SP2} def __init__(self, host): super(Ms08_067_Exploiter, self).__init__(host) - self._target_os_type = ['windows'] self._config = __import__('config').WormConfiguration self._guid = __import__('config').GUID def is_os_supported(self): - if self.host.os.get('type') in self._target_os_type and \ + if self.host.os.get('type') in self._TARGET_OS_TYPE and \ self.host.os.get('version') in self._windows_versions.keys(): return True if not self.host.os.get('type') or ( - self.host.os.get('type') in self._target_os_type and not self.host.os.get('version')): + self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')): is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445) if is_smb_open: smb_finger = SMBFinger() if smb_finger.get_host_fingerprint(self.host): - return self.host.os.get('type') in self._target_os_type and \ + return self.host.os.get('type') in self._TARGET_OS_TYPE and \ self.host.os.get('version') in self._windows_versions.keys() return False diff --git a/chaos_monkey/exploit/wmiexec.py b/chaos_monkey/exploit/wmiexec.py index f2f3f3432..1a77a7347 100644 --- a/chaos_monkey/exploit/wmiexec.py +++ b/chaos_monkey/exploit/wmiexec.py @@ -14,9 +14,10 @@ LOG = logging.getLogger(__name__) class WmiExploiter(HostExploiter): + _TARGET_OS_TYPE = ['windows'] + def __init__(self, host): super(WmiExploiter, self).__init__(host) - self._target_os_type = ['windows'] self._config = __import__('config').WormConfiguration self._guid = __import__('config').GUID