From b78b7980eddeb8eb6ce7dda4667f607849f2933d Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Fri, 11 Oct 2019 17:08:15 +0300
Subject: [PATCH 1/3] Fixed terraform scripts and configuration files

---
 .../blackbox/island_configs/HADOOP.conf       |   2 +-
 .../blackbox/island_configs/SHELLSHOCK.conf   |   2 +-
 .../blackbox/island_configs/SMB_MIMIKATZ.conf |   2 +-
 .../blackbox/island_configs/SSH.conf          |   4 +-
 .../blackbox/island_configs/STRUTS2.conf      |   4 +-
 .../blackbox/island_configs/TUNNELING.conf    |   9 +-
 .../blackbox/island_configs/WMI_MIMIKATZ.conf |   2 +-
 envs/monkey_zoo/blackbox/test_blackbox.py     |   6 +-
 envs/monkey_zoo/configs/fullTest.conf         | 202 ------------------
 envs/monkey_zoo/terraform/firewalls.tf        |  13 +-
 10 files changed, 25 insertions(+), 221 deletions(-)
 delete mode 100644 envs/monkey_zoo/configs/fullTest.conf

diff --git a/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf b/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf
index 1b55557a9..0b897080b 100644
--- a/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/HADOOP.conf
@@ -24,7 +24,7 @@
       "local_network_scan": false,
       "subnet_scan_list": [
         "10.2.2.3",
-        "10.2.2.10"
+        "10.2.2.2"
       ]
     },
     "network_analysis": {
diff --git a/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf b/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf
index 7fd857e65..83414774b 100644
--- a/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/SHELLSHOCK.conf
@@ -23,7 +23,7 @@
       "depth": 2,
       "local_network_scan": false,
       "subnet_scan_list": [
-        "10.2.2.38"
+        "10.2.2.8"
       ]
     },
     "network_analysis": {
diff --git a/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf b/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf
index b5001025f..e2a8a5596 100644
--- a/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/SMB_MIMIKATZ.conf
@@ -21,7 +21,7 @@
       "depth": 2,
       "local_network_scan": false,
       "subnet_scan_list": [
-        "10.2.2.44",
+        "10.2.2.14",
         "10.2.2.15"
       ]
     },
diff --git a/envs/monkey_zoo/blackbox/island_configs/SSH.conf b/envs/monkey_zoo/blackbox/island_configs/SSH.conf
index e96894111..ebb1def8b 100644
--- a/envs/monkey_zoo/blackbox/island_configs/SSH.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/SSH.conf
@@ -22,8 +22,8 @@
       "depth": 2,
       "local_network_scan": false,
       "subnet_scan_list": [
-        "10.2.2.41",
-        "10.2.2.42"
+        "10.2.2.11",
+        "10.2.2.12"
       ]
     },
     "network_analysis": {
diff --git a/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf b/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf
index 30bb135e4..ea53f3b0b 100644
--- a/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/STRUTS2.conf
@@ -23,8 +23,8 @@
       "depth": 2,
       "local_network_scan": false,
       "subnet_scan_list": [
-        "10.2.2.9",
-        "10.2.2.11"
+        "10.2.2.23",
+        "10.2.2.24"
       ]
     },
     "network_analysis": {
diff --git a/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf b/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf
index a7e84f1b8..306a683eb 100644
--- a/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/TUNNELING.conf
@@ -5,10 +5,15 @@
         "Password1!",
         "3Q=(Ge(+&w]*",
         "`))jU7L(w}",
-        "12345678"
+        "12345678",
+        "another_one",
+        "and_another_one",
+        "one_more"
       ],
       "exploit_user_list": [
         "Administrator",
+        "rand",
+        "rand2",
         "m0nk3y",
         "user"
       ]
@@ -23,7 +28,7 @@
       "depth": 3,
       "local_network_scan": false,
       "subnet_scan_list": [
-        "10.2.2.32",
+        "10.2.2.9",
         "10.2.1.10",
         "10.2.0.11"
       ]
diff --git a/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf b/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf
index 1498530d5..7b5fb3784 100644
--- a/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf
+++ b/envs/monkey_zoo/blackbox/island_configs/WMI_MIMIKATZ.conf
@@ -21,7 +21,7 @@
       "depth": 2,
       "local_network_scan": false,
       "subnet_scan_list": [
-        "10.2.2.44",
+        "10.2.2.14",
         "10.2.2.15"
       ]
     },
diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py
index 2f8be839d..fc20c8b39 100644
--- a/envs/monkey_zoo/blackbox/test_blackbox.py
+++ b/envs/monkey_zoo/blackbox/test_blackbox.py
@@ -13,9 +13,9 @@ from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHand
 
 DEFAULT_TIMEOUT_SECONDS = 5*60
 MACHINE_BOOTUP_WAIT_SECONDS = 30
-GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'haddop-2-v3', 'hadoop-3', 'mssql-16',
-                         'mimikatz-14', 'mimikatz-15', 'final-test-struts2-23', 'final-test-struts2-24',
-                         'tunneling-9', 'tunneling-10', 'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8']
+GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'haddop-2', 'hadoop-3', 'mssql-16',
+                         'mimikatz-14', 'mimikatz-15', 'struts2-23', 'struts2-24', 'tunneling-9', 'tunneling-10',
+                         'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8']
 LOG_DIR_PATH = "./logs"
 LOGGER = logging.getLogger(__name__)
 
diff --git a/envs/monkey_zoo/configs/fullTest.conf b/envs/monkey_zoo/configs/fullTest.conf
deleted file mode 100644
index d90d84ca4..000000000
--- a/envs/monkey_zoo/configs/fullTest.conf
+++ /dev/null
@@ -1,202 +0,0 @@
-{
-  "basic": {
-    "credentials": {
-      "exploit_password_list": [
-        "`))jU7L(w}",
-        "3Q=(Ge(+&w]*",
-        "^NgDvY59~8",
-        "Ivrrw5zEzs",
-        "YbS,<tpS.2av"
-      ],
-      "exploit_user_list": [
-        "m0nk3y"
-      ]
-    }
-  },
-  "basic_network": {
-    "general": {
-      "blocked_ips": [],
-      "depth": 2,
-      "local_network_scan": false,
-      "subnet_scan_list": [
-        "10.2.2.2",
-        "10.2.2.3",
-        "10.2.2.4",
-        "10.2.2.5",
-        "10.2.2.8",
-        "10.2.2.9",
-        "10.2.1.9",
-        "10.2.1.10",
-        "10.2.2.11",
-        "10.2.2.12",
-        "10.2.2.14",
-        "10.2.2.15",
-        "10.2.2.16",
-        "10.2.2.18",
-        "10.2.2.19",
-        "10.2.2.20",
-        "10.2.2.21",
-        "10.2.2.23",
-        "10.2.2.24"
-      ]
-    },
-    "network_analysis": {
-      "inaccessible_subnets": []
-    }
-  },
-  "cnc": {
-    "servers": {
-      "command_servers": [
-        "192.168.56.1:5000",
-        "158.129.18.132:5000"
-      ],
-      "current_server": "192.168.56.1:5000",
-      "internet_services": [
-        "monkey.guardicore.com",
-        "www.google.com"
-      ]
-    }
-  },
-  "exploits": {
-    "general": {
-      "exploiter_classes": [
-        "SmbExploiter",
-        "WmiExploiter",
-        "ShellShockExploiter",
-        "SambaCryExploiter",
-        "ElasticGroovyExploiter",
-        "Struts2Exploiter",
-        "WebLogicExploiter",
-        "HadoopExploiter"
-      ],
-      "skip_exploit_if_file_exist": false
-    },
-    "ms08_067": {
-      "ms08_067_exploit_attempts": 5,
-      "ms08_067_remote_user_add": "Monkey_IUSER_SUPPORT",
-      "ms08_067_remote_user_pass": "Password1!",
-      "remote_user_pass": "Password1!",
-      "user_to_add": "Monkey_IUSER_SUPPORT"
-    },
-    "sambacry": {
-      "sambacry_folder_paths_to_guess": [
-        "/",
-        "/mnt",
-        "/tmp",
-        "/storage",
-        "/export",
-        "/share",
-        "/shares",
-        "/home"
-      ],
-      "sambacry_shares_not_to_check": [
-        "IPC$",
-        "print$"
-      ],
-      "sambacry_trigger_timeout": 5
-    },
-    "smb_service": {
-      "smb_download_timeout": 300,
-      "smb_service_name": "InfectionMonkey"
-    }
-  },
-  "internal": {
-    "classes": {
-      "finger_classes": [
-        "SMBFinger",
-        "SSHFinger",
-        "PingScanner",
-        "HTTPFinger",
-        "MySQLFinger",
-        "MSSQLFinger",
-        "ElasticFinger"
-      ],
-      "scanner_class": "TcpScanner"
-    },
-    "dropper": {
-      "dropper_date_reference_path_linux": "/bin/sh",
-      "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
-      "dropper_set_date": true,
-      "dropper_target_path_linux": "/tmp/monkey",
-      "dropper_target_path_win_32": "C:\\Windows\\monkey32.exe",
-      "dropper_target_path_win_64": "C:\\Windows\\monkey64.exe",
-      "dropper_try_move_first": true
-    },
-    "exploits": {
-      "exploit_lm_hash_list": [],
-      "exploit_ntlm_hash_list": [],
-      "exploit_ssh_keys": []
-    },
-    "general": {
-      "keep_tunnel_open_time": 60,
-      "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}"
-    },
-    "kill_file": {
-      "kill_file_path_linux": "/var/run/monkey.not",
-      "kill_file_path_windows": "%windir%\\monkey.not"
-    },
-    "logging": {
-      "dropper_log_path_linux": "/tmp/user-1562",
-      "dropper_log_path_windows": "%temp%\\~df1562.tmp",
-      "monkey_log_path_linux": "/tmp/user-1563",
-      "monkey_log_path_windows": "%temp%\\~df1563.tmp",
-      "send_log_to_server": true
-    }
-  },
-  "monkey": {
-    "behaviour": {
-      "self_delete_in_cleanup": false,
-      "serialize_config": false,
-      "use_file_logging": true
-    },
-    "general": {
-      "alive": true,
-      "post_breach_actions": [
-        "BackdoorUser"
-      ]
-    },
-    "life_cycle": {
-      "max_iterations": 1,
-      "retry_failed_explotation": true,
-      "timeout_between_iterations": 100,
-      "victims_max_exploit": 30,
-      "victims_max_find": 30
-    },
-    "system_info": {
-      "collect_system_info": true,
-      "extract_azure_creds": true,
-      "should_use_mimikatz": true
-    }
-  },
-  "network": {
-    "ping_scanner": {
-      "ping_scan_timeout": 1000
-    },
-    "tcp_scanner": {
-      "HTTP_PORTS": [
-        80,
-        8080,
-        443,
-        8008,
-        7001
-      ],
-      "tcp_scan_get_banner": true,
-      "tcp_scan_interval": 200,
-      "tcp_scan_timeout": 3000,
-      "tcp_target_ports": [
-        22,
-        2222,
-        445,
-        135,
-        3389,
-        80,
-        8080,
-        443,
-        8008,
-        3306,
-        9200,
-        7001
-      ]
-    }
-  }
-}
\ No newline at end of file
diff --git a/envs/monkey_zoo/terraform/firewalls.tf b/envs/monkey_zoo/terraform/firewalls.tf
index b183a8d32..afd99a347 100644
--- a/envs/monkey_zoo/terraform/firewalls.tf
+++ b/envs/monkey_zoo/terraform/firewalls.tf
@@ -35,7 +35,7 @@ resource "google_compute_firewall" "monkeyzoo-in" {
 
   direction = "INGRESS"
   priority = "65534"
-  source_ranges = ["10.2.2.0/24", "10.2.1.0/27"]
+  source_ranges = ["10.2.2.0/24"]
 }
 
 resource "google_compute_firewall" "monkeyzoo-out" {
@@ -48,7 +48,7 @@ resource "google_compute_firewall" "monkeyzoo-out" {
 
   direction = "EGRESS"
   priority = "65534"
-  destination_ranges = ["10.2.2.0/24", "10.2.1.0/27"]
+  destination_ranges = ["10.2.2.0/24"]
 }
 
 resource "google_compute_firewall" "tunneling-in" {
@@ -60,7 +60,7 @@ resource "google_compute_firewall" "tunneling-in" {
   }
 
   direction = "INGRESS"
-  source_ranges = ["10.2.2.0/24", "10.2.0.0/28"]
+  source_ranges = ["10.2.1.0/24"]
 }
 
 resource "google_compute_firewall" "tunneling-out" {
@@ -72,8 +72,9 @@ resource "google_compute_firewall" "tunneling-out" {
   }
 
   direction = "EGRESS"
-  destination_ranges = ["10.2.2.0/24", "10.2.0.0/28"]
+  destination_ranges = ["10.2.1.0/24"]
 }
+
 resource "google_compute_firewall" "tunneling2-in" {
   name    = "${local.resource_prefix}tunneling2-in"
   network = "${google_compute_network.tunneling2.name}"
@@ -83,7 +84,7 @@ resource "google_compute_firewall" "tunneling2-in" {
   }
 
   direction = "INGRESS"
-  source_ranges = ["10.2.1.0/27"]
+  source_ranges = ["10.2.0.0/24"]
 }
 
 resource "google_compute_firewall" "tunneling2-out" {
@@ -95,5 +96,5 @@ resource "google_compute_firewall" "tunneling2-out" {
   }
 
   direction = "EGRESS"
-  destination_ranges = ["10.2.1.0/27"]
+  destination_ranges = ["10.2.0.0/24"]
 }

From 1ce17a3bc85c2691a90427a8c547779420503b7d Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Fri, 11 Oct 2019 17:21:17 +0300
Subject: [PATCH 2/3] Added MSSQL exploiter to defaults and hadoop port to
 default scan ports

---
 monkey/infection_monkey/example.conf              | 6 ++++--
 monkey/monkey_island/cc/services/config_schema.py | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/monkey/infection_monkey/example.conf b/monkey/infection_monkey/example.conf
index 84d474db3..194e18625 100644
--- a/monkey/infection_monkey/example.conf
+++ b/monkey/infection_monkey/example.conf
@@ -44,7 +44,8 @@
         "Struts2Exploiter",
         "WebLogicExploiter",
         "HadoopExploiter",
-        "VSFTPDExploiter"
+        "VSFTPDExploiter",
+        "MSSQLExploiter"
     ],
     "finger_classes": [
         "SSHFinger",
@@ -93,7 +94,8 @@
         3306,
         8008,
         9200,
-        7001
+        7001,
+        8088
     ],
     "timeout_between_iterations": 10,
     "use_file_logging": true,
diff --git a/monkey/monkey_island/cc/services/config_schema.py b/monkey/monkey_island/cc/services/config_schema.py
index c1b53e9ff..843f4b4ac 100644
--- a/monkey/monkey_island/cc/services/config_schema.py
+++ b/monkey/monkey_island/cc/services/config_schema.py
@@ -753,7 +753,8 @@ SCHEMA = {
                                 "Struts2Exploiter",
                                 "WebLogicExploiter",
                                 "HadoopExploiter",
-                                "VSFTPDExploiter"
+                                "VSFTPDExploiter",
+                                "MSSQLExploiter"
                             ],
                             "description":
                                 "Determines which exploits to use. " + WARNING_SIGN
@@ -899,7 +900,8 @@ SCHEMA = {
                                 8008,
                                 3306,
                                 9200,
-                                7001
+                                7001,
+                                8088
                             ],
                             "description": "List of TCP ports the monkey will check whether they're open"
                         },

From 504436931d463cc1bd528f7d4903ef06f14a7937 Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Mon, 14 Oct 2019 14:27:36 +0300
Subject: [PATCH 3/3] Fixed bug in telemetry feed

---
 monkey/monkey_island/cc/resources/telemetry_feed.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/monkey/monkey_island/cc/resources/telemetry_feed.py b/monkey/monkey_island/cc/resources/telemetry_feed.py
index 5194361af..ea757d0cf 100644
--- a/monkey/monkey_island/cc/resources/telemetry_feed.py
+++ b/monkey/monkey_island/cc/resources/telemetry_feed.py
@@ -29,7 +29,8 @@ class TelemetryFeed(flask_restful.Resource):
         try:
             return \
                 {
-                    'telemetries': [TelemetryFeed.get_displayed_telemetry(telem) for telem in telemetries if TelemetryFeed],
+                    'telemetries': [TelemetryFeed.get_displayed_telemetry(telem) for telem in telemetries
+                                    if TelemetryFeed.should_show_brief(telem)],
                     'timestamp': datetime.now().isoformat()
                 }
         except KeyError as err: