BB: Update EtE test configurations to work with Log4Shell plugin

Issue #3388 PR #3450
guardicore · Jul 4, 2023 · 51b9617 · 51b9617
1 parent 4cb6b5c
commit 51b9617
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 13 deletions.
diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py
@@ -9,7 +9,6 @@
     add_credentials_collectors,
     add_exploiters,
     add_fingerprinters,
-    add_http_ports,
     add_subnets,
     add_tcp_ports,
     replace_agent_configuration,
@@ -34,7 +33,7 @@ def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfigurati
             "agent_binary_download_timeout": 60,
             "yarn_application_suffix": "M0NK3Y3XPL01T",
         },
-        "Log4ShellExploiter": {},
+        "Log4Shell": {"target_ports": [8080, 8983, 9600]},
         "MSSQL": {
             "target_ports": [1433],
             "try_discovered_mssql_ports": False,
@@ -83,25 +82,17 @@ def _add_credentials_collectors(agent_configuration: AgentConfiguration) -> Agen
     )
 
 
-HTTP_PORTS = [8080, 8983, 9600]
-
-
 def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
-    ports = [22, 445] + HTTP_PORTS
+    ports = [22, 445]
     return add_tcp_ports(agent_configuration, ports)
 
 
-def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
-    return add_http_ports(agent_configuration, HTTP_PORTS)
-
-
 test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
 test_agent_configuration = _add_exploiters(test_agent_configuration)
 test_agent_configuration = _add_fingerprinters(test_agent_configuration)
 test_agent_configuration = _add_subnets(test_agent_configuration)
 test_agent_configuration = _add_tcp_ports(test_agent_configuration)
 test_agent_configuration = _add_credentials_collectors(test_agent_configuration)
-test_agent_configuration = _add_http_ports(test_agent_configuration)
 test_agent_configuration = set_randomize_agent_hash(test_agent_configuration, True)
 
 CREDENTIALS = (

diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py
@@ -16,16 +16,22 @@
     set_maximum_depth,
 )
 
-
 # Tests:
 #     SSH password and key brute-force, key stealing (10.2.2.11, 10.2.2.12)
 #     Powershell credential reuse (logging in without credentials
 #       to an identical user on another machine)(10.2.3.44, 10.2.3.46)
+
+
 def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
     exploiters: Dict[str, Mapping] = {
         # Log4Shell is required to hop into 46, which then uses credential reuse on 44.
         # Look at envs/monkey_zoo/docs/network_diagrams/powershell_credential_reuse.drawio.png
-        "Log4ShellExploiter": {},
+        "Log4Shell": {
+            # no ports are configured but because `try_all_discovered_http_ports` is
+            # set to true, the exploiter should exploit 10.2.3.46 on port 8080 (configured
+            # at `agent_configuration.propagation.exploitation.options.http_ports`)
+            "try_all_discovered_http_ports": True
+        },
         "SSHExploiter": {},
         "PowerShell": {},
     }