p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove HostScanner and HostFinger to their own files

This commit is contained in:
Daniel Goldberg 2019-10-30 14:26:20 +02:00
parent ac63797f45
commit ab591fcf4c
14 changed files with 67 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/exploit/smbexec.py
View File

@ -7,7 +7,7 @@ from infection_monkey.exploit import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS from infection_monkey.model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS
from infection_monkey.network import SMBFinger from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.tools import check_tcp_port from infection_monkey.network.tools import check_tcp_port
from common.utils.exploit_enum import ExploitType from common.utils.exploit_enum import ExploitType
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem from infection_monkey.telemetry.attack.t1035_telem import T1035Telem

9
monkey/infection_monkey/exploit/win_ms08_067.py
View File

@ -17,7 +17,7 @@ from impacket.dcerpc.v5 import transport
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.exploit.tools.smb_tools import SmbTools
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
from infection_monkey.network import SMBFinger from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.tools import check_tcp_port from infection_monkey.network.tools import check_tcp_port
from . import HostExploiter from . import HostExploiter
@ -162,11 +162,11 @@ class Ms08_067_Exploiter(HostExploiter):
def is_os_supported(self): def is_os_supported(self):
if self.host.os.get('type') in self._TARGET_OS_TYPE and \ if self.host.os.get('type') in self._TARGET_OS_TYPE and \
self.host.os.get('version') in list(self._windows_versions.keys()): self.host.os.get('version') in list(self._windows_versions.keys()):
return True return True
if not self.host.os.get('type') or ( if not self.host.os.get('type') or (
self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')): self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')):
is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445) is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445)
if is_smb_open: if is_smb_open:
smb_finger = SMBFinger() smb_finger = SMBFinger()
@ -234,7 +234,8 @@ class Ms08_067_Exploiter(HostExploiter):
# execute the remote dropper in case the path isn't final # execute the remote dropper in case the path isn't final
if remote_full_path.lower() != self._config.dropper_target_path_win_32.lower(): if remote_full_path.lower() != self._config.dropper_target_path_win_32.lower():
cmdline = DROPPER_CMDLINE_WINDOWS % {'dropper_path': remote_full_path} + \ cmdline = DROPPER_CMDLINE_WINDOWS % {'dropper_path': remote_full_path} + \
build_monkey_commandline(self.host, get_monkey_depth() - 1, self._config.dropper_target_path_win_32) build_monkey_commandline(self.host, get_monkey_depth() - 1,
self._config.dropper_target_path_win_32)
else: else:
cmdline = MONKEY_CMDLINE_WINDOWS % {'monkey_path': remote_full_path} + \ cmdline = MONKEY_CMDLINE_WINDOWS % {'monkey_path': remote_full_path} + \
build_monkey_commandline(self.host, get_monkey_depth() - 1) build_monkey_commandline(self.host, get_monkey_depth() - 1)

26
monkey/infection_monkey/network/HostFinger.py Normal file
View File

@ -0,0 +1,26 @@
from abc import ABCMeta, abstractproperty, abstractmethod
from infection_monkey.config import WormConfiguration
class HostFinger(object, metaclass=ABCMeta):
@abstractproperty
def _SCANNED_SERVICE(self):
pass
def init_service(self, services, service_key, port):
services[service_key] = {}
services[service_key]['display_name'] = self._SCANNED_SERVICE
services[service_key]['port'] = port
@abstractmethod
def get_host_fingerprint(self, host):
raise NotImplementedError()
@staticmethod
def should_run(class_name):
"""
Decides if post breach action is enabled in config
:return: True if it needs to be ran, false otherwise
"""
return class_name in WormConfiguration.finger_classes

7
monkey/infection_monkey/network/HostScanner.py Normal file
View File

@ -0,0 +1,7 @@
from abc import ABCMeta, abstractmethod
class HostScanner(object, metaclass=ABCMeta):
@abstractmethod
def is_host_alive(self, host):
raise NotImplementedError()

35
monkey/infection_monkey/network/__init__.py
View File

@ -1,36 +1 @@
from abc import ABCMeta, abstractmethod
__author__ = 'itamar' __author__ = 'itamar'
class HostScanner(object, metaclass=ABCMeta):
@abstractmethod
def is_host_alive(self, host):
raise NotImplementedError()
class HostFinger(object, metaclass=ABCMeta):
@property
@abstractmethod
def _SCANNED_SERVICE(self):
pass
def init_service(self, services, service_key, port):
services[service_key] = {}
services[service_key]['display_name'] = self._SCANNED_SERVICE
services[service_key]['port'] = port
@abstractmethod
def get_host_fingerprint(self, host):
raise NotImplementedError()
from infection_monkey.network.ping_scanner import PingScanner
from infection_monkey.network.tcp_scanner import TcpScanner
from infection_monkey.network.smbfinger import SMBFinger
from infection_monkey.network.sshfinger import SSHFinger
from infection_monkey.network.httpfinger import HTTPFinger
from infection_monkey.network.elasticfinger import ElasticFinger
from infection_monkey.network.mysqlfinger import MySQLFinger
from infection_monkey.network.info import local_ips, get_free_tcp_port
from infection_monkey.network.mssql_fingerprint import MSSQLFinger

5
monkey/infection_monkey/network/elasticfinger.py
View File

@ -6,9 +6,10 @@ import requests
from requests.exceptions import Timeout, ConnectionError from requests.exceptions import Timeout, ConnectionError
import infection_monkey.config import infection_monkey.config
import infection_monkey.network.HostFinger
from common.data.network_consts import ES_SERVICE from common.data.network_consts import ES_SERVICE
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
from infection_monkey.network import HostFinger import infection_monkey.network
ES_PORT = 9200 ES_PORT = 9200
ES_HTTP_TIMEOUT = 5 ES_HTTP_TIMEOUT = 5
@ -16,7 +17,7 @@ LOG = logging.getLogger(__name__)
__author__ = 'danielg' __author__ = 'danielg'
class ElasticFinger(HostFinger): class ElasticFinger(infection_monkey.network.HostFinger.HostFinger):
""" """
Fingerprints elastic search clusters, only on port 9200 Fingerprints elastic search clusters, only on port 9200
""" """

5
monkey/infection_monkey/network/httpfinger.py
View File

@ -1,12 +1,13 @@
import infection_monkey.config import infection_monkey.config
from infection_monkey.network import HostFinger import infection_monkey.network
import infection_monkey.network.HostFinger
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
import logging import logging
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class HTTPFinger(HostFinger): class HTTPFinger(infection_monkey.network.HostFinger.HostFinger):
""" """
Goal is to recognise HTTP servers, where what we currently care about is apache. Goal is to recognise HTTP servers, where what we currently care about is apache.
""" """

5
monkey/infection_monkey/network/mssql_fingerprint.py
View File

@ -2,8 +2,9 @@ import errno
import logging import logging
import socket import socket
import infection_monkey.network.HostFinger
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
from infection_monkey.network import HostFinger import infection_monkey.network
import infection_monkey.config import infection_monkey.config
__author__ = 'Maor Rayzin' __author__ = 'Maor Rayzin'
@ -11,7 +12,7 @@ __author__ = 'Maor Rayzin'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class MSSQLFinger(HostFinger): class MSSQLFinger(infection_monkey.network.HostFinger.HostFinger):
# Class related consts # Class related consts
SQL_BROWSER_DEFAULT_PORT = 1434 SQL_BROWSER_DEFAULT_PORT = 1434

5
monkey/infection_monkey/network/mysqlfinger.py
View File

@ -2,8 +2,9 @@ import logging
import socket import socket
import infection_monkey.config import infection_monkey.config
import infection_monkey.network.HostFinger
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
from infection_monkey.network import HostFinger import infection_monkey.network
from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string from infection_monkey.network.tools import struct_unpack_tracker, struct_unpack_tracker_string
MYSQL_PORT = 3306 MYSQL_PORT = 3306
@ -11,7 +12,7 @@ SQL_SERVICE = 'mysqld-3306'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class MySQLFinger(HostFinger): class MySQLFinger(infection_monkey.network.HostFinger.HostFinger):
""" """
Fingerprints mysql databases, only on port 3306 Fingerprints mysql databases, only on port 3306
""" """

3
monkey/infection_monkey/network/network_scanner.py
View File

@ -6,7 +6,8 @@ from common.network.network_range import NetworkRange
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
from infection_monkey.model.victim_host_generator import VictimHostGenerator from infection_monkey.model.victim_host_generator import VictimHostGenerator
from infection_monkey.network.info import local_ips, get_interfaces_ranges from infection_monkey.network.info import local_ips, get_interfaces_ranges
from infection_monkey.network import TcpScanner, PingScanner from infection_monkey.network.tcp_scanner import TcpScanner
from infection_monkey.network.ping_scanner import PingScanner
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)

6
monkey/infection_monkey/network/ping_scanner.py
View File

@ -5,8 +5,10 @@ import subprocess
import sys import sys
import infection_monkey.config import infection_monkey.config
import infection_monkey.network.HostFinger
import infection_monkey.network.HostScanner
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
from infection_monkey.network import HostScanner, HostFinger import infection_monkey.network
__author__ = 'itamar' __author__ = 'itamar'
@ -19,7 +21,7 @@ WINDOWS_TTL = 128
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
class PingScanner(HostScanner, HostFinger): class PingScanner(infection_monkey.network.HostScanner.HostScanner, infection_monkey.network.HostFinger.HostFinger):
_SCANNED_SERVICE = '' _SCANNED_SERVICE = ''

5
monkey/infection_monkey/network/smbfinger.py
View File

@ -3,7 +3,8 @@ import struct
import logging import logging
from odict import odict from odict import odict
from infection_monkey.network import HostFinger import infection_monkey.network
import infection_monkey.network.HostFinger
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
SMB_PORT = 445 SMB_PORT = 445
@ -100,7 +101,7 @@ class SMBSessionFingerData(Packet):
self.fields["bcc1"] = struct.pack("<i", len(self.fields["Data"]))[:2] self.fields["bcc1"] = struct.pack("<i", len(self.fields["Data"]))[:2]
class SMBFinger(HostFinger): class SMBFinger(infection_monkey.network.HostFinger.HostFinger):
_SCANNED_SERVICE = 'SMB' _SCANNED_SERVICE = 'SMB'
def __init__(self): def __init__(self):

5
monkey/infection_monkey/network/sshfinger.py
View File

@ -1,8 +1,9 @@
import re import re
import infection_monkey.config import infection_monkey.config
import infection_monkey.network.HostFinger
from infection_monkey.model.host import VictimHost from infection_monkey.model.host import VictimHost
from infection_monkey.network import HostFinger import infection_monkey.network
from infection_monkey.network.tools import check_tcp_port from infection_monkey.network.tools import check_tcp_port
SSH_PORT = 22 SSH_PORT = 22
@ -13,7 +14,7 @@ BANNER_READ = 1024
LINUX_DIST_SSH = ['ubuntu', 'debian'] LINUX_DIST_SSH = ['ubuntu', 'debian']
class SSHFinger(HostFinger): class SSHFinger(infection_monkey.network.HostFinger.HostFinger):
_SCANNED_SERVICE = 'SSH' _SCANNED_SERVICE = 'SSH'
def __init__(self): def __init__(self):

7
monkey/infection_monkey/network/tcp_scanner.py
View File

@ -2,7 +2,9 @@ from itertools import zip_longest
from random import shuffle from random import shuffle
import infection_monkey.config import infection_monkey.config
from infection_monkey.network import HostScanner, HostFinger import infection_monkey.network
import infection_monkey.network.HostFinger
import infection_monkey.network.HostScanner
from infection_monkey.network.tools import check_tcp_ports, tcp_port_to_service from infection_monkey.network.tools import check_tcp_ports, tcp_port_to_service
__author__ = 'itamar' __author__ = 'itamar'
@ -10,8 +12,7 @@ __author__ = 'itamar'
BANNER_READ = 1024 BANNER_READ = 1024
class TcpScanner(HostScanner, HostFinger): class TcpScanner(infection_monkey.network.HostScanner.HostScanner, infection_monkey.network.HostFinger.HostFinger):
_SCANNED_SERVICE = 'unknown(TCP)' _SCANNED_SERVICE = 'unknown(TCP)'
def __init__(self): def __init__(self):