forked from p15670423/monkey
ZL BB tests: Renamed "ZeroLogon" to "Zerologon" for cinsistency, extracted relevant credential extortion from island config into a separate method.
This commit is contained in:
parent
70ec513f51
commit
f43d9fe035
|
@ -14,7 +14,7 @@ TELEM_QUERY = {'telem_category': 'exploit',
|
|||
'data.info.password_restored': True}
|
||||
|
||||
|
||||
class ZeroLogonAnalyzer(Analyzer):
|
||||
class ZerologonAnalyzer(Analyzer):
|
||||
|
||||
def __init__(self, island_client: MonkeyIslandClient, expected_credentials: List[str]):
|
||||
self.island_client = island_client
|
||||
|
@ -28,12 +28,17 @@ class ZeroLogonAnalyzer(Analyzer):
|
|||
return is_creds_gathered and is_creds_restored
|
||||
|
||||
def _analyze_credential_gathering(self) -> bool:
|
||||
credentials_on_island = []
|
||||
config = self.island_client.get_config()
|
||||
credentials_on_island = ZerologonAnalyzer._get_relevant_credentials(config)
|
||||
return self._is_all_credentials_in_list(credentials_on_island)
|
||||
|
||||
@staticmethod
|
||||
def _get_relevant_credentials(config: dict):
|
||||
credentials_on_island = []
|
||||
credentials_on_island.extend(dpath.util.get(config['configuration'], USER_LIST_PATH))
|
||||
credentials_on_island.extend(dpath.util.get(config['configuration'], NTLM_HASH_LIST_PATH))
|
||||
credentials_on_island.extend(dpath.util.get(config['configuration'], LM_HASH_LIST_PATH))
|
||||
return self._is_all_credentials_in_list(credentials_on_island)
|
||||
return credentials_on_island
|
||||
|
||||
def _is_all_credentials_in_list(self,
|
||||
all_creds: List[str]) -> bool:
|
||||
|
@ -43,10 +48,10 @@ class ZeroLogonAnalyzer(Analyzer):
|
|||
|
||||
def _log_creds_not_gathered(self, missing_creds: List[str]):
|
||||
if not missing_creds:
|
||||
self.log.add_entry("ZeroLogon exploiter gathered all credentials expected.")
|
||||
self.log.add_entry("Zerologon exploiter gathered all credentials expected.")
|
||||
else:
|
||||
for cred in missing_creds:
|
||||
self.log.add_entry(f"Credential ZeroLogon exploiter failed to gathered:{cred}.")
|
||||
self.log.add_entry(f"Credential Zerologon exploiter failed to gathered:{cred}.")
|
||||
|
||||
def _analyze_credential_restore(self) -> bool:
|
||||
cred_restore_telems = self.island_client.find_telems_in_db(TELEM_QUERY)
|
||||
|
@ -55,7 +60,7 @@ class ZeroLogonAnalyzer(Analyzer):
|
|||
|
||||
def _log_credential_restore(self, telem_list: List[dict]):
|
||||
if telem_list:
|
||||
self.log.add_entry("ZeroLogon exploiter telemetry contains indicators that credentials "
|
||||
self.log.add_entry("Zerologon exploiter telemetry contains indicators that credentials "
|
||||
"were successfully restored.")
|
||||
else:
|
||||
self.log.add_entry("Credential restore failed or credential restore "
|
||||
|
|
|
@ -3,7 +3,7 @@ from copy import copy
|
|||
from envs.monkey_zoo.blackbox.island_configs.base_template import BaseTemplate
|
||||
|
||||
|
||||
class ZeroLogon(BaseTemplate):
|
||||
class Zerologon(BaseTemplate):
|
||||
|
||||
config_values = copy(BaseTemplate.config_values)
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ from typing_extensions import Type
|
|||
|
||||
from envs.monkey_zoo.blackbox.analyzers.communication_analyzer import \
|
||||
CommunicationAnalyzer
|
||||
from envs.monkey_zoo.blackbox.analyzers.zerologon_analyzer import ZeroLogonAnalyzer
|
||||
from envs.monkey_zoo.blackbox.analyzers.zerologon_analyzer import ZerologonAnalyzer
|
||||
from envs.monkey_zoo.blackbox.island_client.island_config_parser import \
|
||||
IslandConfigParser
|
||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import \
|
||||
|
@ -26,7 +26,7 @@ from envs.monkey_zoo.blackbox.island_configs.tunneling import Tunneling
|
|||
from envs.monkey_zoo.blackbox.island_configs.weblogic import Weblogic
|
||||
from envs.monkey_zoo.blackbox.island_configs.wmi_mimikatz import WmiMimikatz
|
||||
from envs.monkey_zoo.blackbox.island_configs.wmi_pth import WmiPth
|
||||
from envs.monkey_zoo.blackbox.island_configs.zerologon import ZeroLogon
|
||||
from envs.monkey_zoo.blackbox.island_configs.zerologon import Zerologon
|
||||
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import \
|
||||
TestLogsHandler
|
||||
from envs.monkey_zoo.blackbox.tests.exploitation import ExploitationTest
|
||||
|
@ -163,12 +163,12 @@ class TestMonkeyBlackbox:
|
|||
TestMonkeyBlackbox.run_exploitation_test(island_client, WmiPth, "WMI_PTH")
|
||||
|
||||
def test_zerologon_exploiter(self, island_client):
|
||||
test_name = "ZeroLogon_exploiter"
|
||||
test_name = "Zerologon_exploiter"
|
||||
expected_creds = ["Administrator",
|
||||
"aad3b435b51404eeaad3b435b51404ee",
|
||||
"2864b62ea4496934a5d6e86f50b834a5"]
|
||||
raw_config = IslandConfigParser.get_raw_config(ZeroLogon, island_client)
|
||||
analyzer = ZeroLogonAnalyzer(island_client, expected_creds)
|
||||
raw_config = IslandConfigParser.get_raw_config(Zerologon, island_client)
|
||||
analyzer = ZerologonAnalyzer(island_client, expected_creds)
|
||||
log_handler = TestLogsHandler(test_name, island_client, TestMonkeyBlackbox.get_log_dir_path())
|
||||
ExploitationTest(
|
||||
name=test_name,
|
||||
|
|
Loading…
Reference in New Issue