Updated config documentation

This commit is contained in:
acepace 2016-07-10 11:20:22 +03:00
parent c7d4789045
commit eaaa5f314b
2 changed files with 23 additions and 19 deletions

View File

@ -97,36 +97,37 @@ Configuration Options
Key | Type | Description | Possible Values Key | Type | Description | Possible Values
--- | ---- | ----------- | --------------- --- | ---- | ----------- | ---------------
singleton_mutex_name | string | string of the mutex name for single instance | example: {2384ec59-0df8-4ab9-918c-843740924a28} singleton_mutex_name | string | string of the mutex name for single instance | example: {2384ec59-0df8-4ab9-918c-843740924a28}
alive | bool | sets whether or not the monkey is alive. if false will stop scanning and exploiting. alive | bool | sets whether or not the monkey is alive. if false will stop scanning and exploiting
self_delete_in_cleanup | bool | sets whether or not to self delete the monkey executable when stopped. self_delete_in_cleanup | bool | sets whether or not to self delete the monkey executable when stopped
use_file_logging | bool | sets whether or not to use a log file. use_file_logging | bool | sets whether or not to use a log file
monkey_log_path_[windows/linux] | string | file path for monkey logger.
timeout_between_iterations | int | how long to wait between scan iterations timeout_between_iterations | int | how long to wait between scan iterations
max_iterations | int | how many scan iterations to perform on each run max_iterations | int | how many scan iterations to perform on each run
victims_max_find | int | how many victims to look for in a single scan iteration victims_max_find | int | how many victims to look for in a single scan iteration
victims_max_exploit | int | how many victims to exploit before stopping victims_max_exploit | int | how many victims to exploit before stopping
command_servers | array | addresses of c&c servers to try to connect | example: ["russian-mail-brides.com:5000"] command_servers | array | addresses of c&c servers to try to connect | example: ["russian-mail-brides.com:5000"]
serialize_config | bool | sets whether or not to save the monkey to disk when finished (will be loaded in next run), saved next to the monkey exe with the name monkey.bin internet_services | array | addresses of internet servers to ping and check if the monkey has internet acccess
retry_failed_explotation | bool | sets whether or not to retry failed hosts on next scan retry_failed_explotation | bool | sets whether or not to retry failed hosts on next scan
range_class | class name | sets which ip ranges class is used to construct the list of ips to scan | `FixedRange` - scan list is a static ips list, `RelativeRange` - scan list will be constructed according to ip address of the machine and size of the scan, `ClassCRange` - will scan the entire class c the machine is in. range_class | class name | sets which ip ranges class is used to construct the list of ips to scan | `FixedRange` - scan list is a static ips list, `RelativeRange` - scan list will be constructed according to ip address of the machine and size of the scan, `ClassCRange` - will scan the entire class c the machine is in.
scanner_class | class name | sets which scan class to use when scanning for hosts to exploit | `TCPScanner` - searches for hosts according to open tcp ports, `PingScanner` - searches for hosts according to ping scan scanner_class | class name | sets which scan class to use when scanning for hosts to exploit | `TCPScanner` - searches for hosts according to open tcp ports, `PingScanner` - searches for hosts according to ping scan
finger_classes | tuple of class names | sets which fingerprinting classes to use. | in the list: `SMBFinger` - get host os info by checking smb info, `SSHFinger` - get host os info by checking ssh banner, `PingScanner` - get host os type by checking ping ttl. For example: `(SMBFinger, SSHFinger, PingScanner)` finger_classes | tuple of class names | sets which fingerprinting classes to use | in the list: `SMBFinger` - get host os info by checking smb info, `SSHFinger` - get host os info by checking ssh banner, `PingScanner` - get host os type by checking ping ttl. For example: `(SMBFinger, SSHFinger, PingScanner)`
exploiter_classes | tuple of class names | | `SmbExploiter` - exploit using smb connection, `WmiExploiter` - exploit using wmi connection, `RdpExploiter` - exploit using rdp connection, `Ms08_067_Exploiter` - exploit using ms08_067 smb exploit, `SSHExploiter` - exploit using ssh connection exploiter_classes | tuple of class names | | `SmbExploiter` - exploit using smb connection, `WmiExploiter` - exploit using wmi connection, `RdpExploiter` - exploit using rdp connection, `Ms08_067_Exploiter` - exploit using ms08_067 smb exploit, `SSHExploiter` - exploit using ssh connection
range_fixed | tuple of strings | list of ips to scan range_fixed | tuple of strings | list of ips to scan
RelativeRange range_size | int | number of hosts to scan in relative range. RelativeRange range_size | int | number of hosts to scan in relative range
TCPScanner tcp_target_ports | list of int | which ports to scan using tcp scan. tcp_target_ports | list of int | which ports to scan using TCPScanner
tcp_scan_timeout | int | timeout for tcp connection in tcp scan (in milliseconds). tcp_scan_timeout | int | timeout for tcp connection in tcp scan (in milliseconds)
tcp_scan_interval | int | time to wait between ports in the tcp scan (in milliseconds). tcp_scan_interval | int | time to wait between ports in the tcp scan (in milliseconds)
tcp_scan_get_banner | bool | sets whether or not to read a banner from the tcp ports when scanning tcp_scan_get_banner | bool | sets whether or not to read a banner from the tcp ports when scanning
PingScanner ping_scan_timeout | int | timeout for the ping command (in milliseconds). ping_scan_timeout | int | timeout for the ping command (in milliseconds) utilised by PingScanner
SmbExploiter/WmiExploiter/RdpExploiter psexec_user | string | user to use for connection psexec_user | string | user to use for connection, utilised by SmbExploiter/WmiExploiter/RdpExploiter
psexec_passwords | list of strings | list of passwords to use when trying to exploit psexec_passwords | list of strings | list of passwords to use when trying to exploit
SmbExploiter skip_exploit_if_file_exist | bool | sets whether or not to abort exploit if the monkey already exists in target. skip_exploit_if_file_exist | bool | sets whether or not to abort exploit if the monkey already exists in target, used by SmbExploiter
RdpExploiter rdp_use_vbs_download | bool | sets whether to use vbs payload for rdp exploitation. If false, bits payload is used (will fail if bitsadmin.exe doesnt exist). rdp_use_vbs_download | bool | sets whether to use vbs payload for rdp exploitation in RdpExploiter. If false, bits payload is used (will fail if bitsadmin.exe doesnt exist)
Ms08_067_Exploiter ms08_067_exploit_attempt | int | number of times to try and exploit using ms08_067 exploit. ms08_067_exploit_attempt | int | number of times to try and exploit using ms08_067 exploit
ms08_067_remote_user_add | string | user to add to target when using ms08_067 exploit ms08_067_remote_user_add | string | user to add to target when using ms08_067 exploit
ms08_067_remote_user_pass | string | password of the user the exploit will add ms08_067_remote_user_pass | string | password of the user the exploit will add
SSHExploiter ssh_user | string | user to use for ssh connection ssh_user | string | user to use for ssh connection, used by SSHExploiter
ssh_passwords | list of strings | list of passwords to use when trying to exploit ssh_passwords | list of strings | list of passwords to use when trying to exploit using SSHExploiter
Building the Monkey from source Building the Monkey from source

View File

@ -106,11 +106,13 @@ class Configuration(object):
########################### ###########################
# monkey config # monkey config
########################### ###########################
#sets whether or not the monkey is alive. if false will stop scanning and exploiting
alive = True alive = True
#sets whether or not to self delete the monkey executable when stopped
self_delete_in_cleanup = False self_delete_in_cleanup = False
#string of the mutex name for single instance
singleton_mutex_name = "{2384ec59-0df8-4ab9-918c-843740924a28}" singleton_mutex_name = "{2384ec59-0df8-4ab9-918c-843740924a28}"
# how long to wait between scan iterations # how long to wait between scan iterations
@ -133,14 +135,15 @@ class Configuration(object):
depth = 2 depth = 2
current_server = "" current_server = ""
#Configuration servers to try to connect to, in this order.
command_servers = [ command_servers = [
"127.0.0.1:5000" "127.0.0.1:5000"
] ]
serialize_config = False #sets whether or not to retry failed hosts on next scan
retry_failed_explotation = True retry_failed_explotation = True
#addresses of internet servers to ping and check if the monkey has internet acccess.
internet_services = ["www.guardicore.com", "www.google.com"] internet_services = ["www.guardicore.com", "www.google.com"]
########################### ###########################