From 51b96171f10c24f92567e313baeccc42c14fa538 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 3 Jul 2023 12:27:55 +0530 Subject: [PATCH] BB: Update EtE test configurations to work with Log4Shell plugin Issue #3388 PR #3450 --- .../blackbox/test_configurations/depth_1_a.py | 13 ++----------- .../blackbox/test_configurations/depth_2_a.py | 10 ++++++++-- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py index e21aa477cc4..f7bd8106760 100644 --- a/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_1_a.py @@ -9,7 +9,6 @@ add_credentials_collectors, add_exploiters, add_fingerprinters, - add_http_ports, add_subnets, add_tcp_ports, replace_agent_configuration, @@ -34,7 +33,7 @@ def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfigurati "agent_binary_download_timeout": 60, "yarn_application_suffix": "M0NK3Y3XPL01T", }, - "Log4ShellExploiter": {}, + "Log4Shell": {"target_ports": [8080, 8983, 9600]}, "MSSQL": { "target_ports": [1433], "try_discovered_mssql_ports": False, @@ -83,25 +82,17 @@ def _add_credentials_collectors(agent_configuration: AgentConfiguration) -> Agen ) -HTTP_PORTS = [8080, 8983, 9600] - - def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: - ports = [22, 445] + HTTP_PORTS + ports = [22, 445] return add_tcp_ports(agent_configuration, ports) -def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration: - return add_http_ports(agent_configuration, HTTP_PORTS) - - test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1) test_agent_configuration = _add_exploiters(test_agent_configuration) test_agent_configuration = _add_fingerprinters(test_agent_configuration) test_agent_configuration = _add_subnets(test_agent_configuration) test_agent_configuration = _add_tcp_ports(test_agent_configuration) test_agent_configuration = _add_credentials_collectors(test_agent_configuration) -test_agent_configuration = _add_http_ports(test_agent_configuration) test_agent_configuration = set_randomize_agent_hash(test_agent_configuration, True) CREDENTIALS = ( diff --git a/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py b/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py index 59f6cda04ec..4a5c892c487 100644 --- a/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py +++ b/envs/monkey_zoo/blackbox/test_configurations/depth_2_a.py @@ -16,16 +16,22 @@ set_maximum_depth, ) - # Tests: # SSH password and key brute-force, key stealing (10.2.2.11, 10.2.2.12) # Powershell credential reuse (logging in without credentials # to an identical user on another machine)(10.2.3.44, 10.2.3.46) + + def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration: exploiters: Dict[str, Mapping] = { # Log4Shell is required to hop into 46, which then uses credential reuse on 44. # Look at envs/monkey_zoo/docs/network_diagrams/powershell_credential_reuse.drawio.png - "Log4ShellExploiter": {}, + "Log4Shell": { + # no ports are configured but because `try_all_discovered_http_ports` is + # set to true, the exploiter should exploit 10.2.3.46 on port 8080 (configured + # at `agent_configuration.propagation.exploitation.options.http_ports`) + "try_all_discovered_http_ports": True + }, "SSHExploiter": {}, "PowerShell": {}, }