Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reduce Agent/Island network chatter #1538

Closed
9 tasks done
mssalvatore opened this issue Oct 19, 2021 · 0 comments
Closed
9 tasks done

Reduce Agent/Island network chatter #1538

mssalvatore opened this issue Oct 19, 2021 · 0 comments
Labels
Complexity: Medium Impact: Medium Refactor sp/5

Comments

@mssalvatore
Copy link
Collaborator

mssalvatore commented Oct 19, 2021
edited
Loading

Description

Monkey agents repeatedly query the Monkey Island for the current configuration. This behavior

  1. Inflates the amount of traffic between agents and the Island.
  2. Inflates the amount of traffic between agents (if tunneling is used).
  3. Clutters agent logs

The agents need to query the Island for the config repeatedly because the config contains a field named alive. Setting this field to true or false is how the Island signals to the agents that they should stop. Additionally, querying for the config has the added benefit of updating the agent with any credentials that have been stolen by other agents. To preserve functionality but reduce traffic and clutter, dynamic fields should be removed from the configuration and separate API endpoints should be added so that agents can get exactly the data they need when they need it.

Tasks

  • Extract alive from the agent and island config. Find a new way to store that all monkeys should die. (0d) - @VakarisZ
  • Reimplement the body of the mocked endpoint that allows monkey agents to check whether or not they should shutdown. (0d)
  • Change config endpoint to strip credentials out of config before returning config to monkey agent (0d) - @mssalvatore
  • Review and modify the endpoint that allows monkey agents to query for updated credentials. (0d) @mssalvatore
    • exploit_lm_hash_list
    • exploit_ntlm_hash_list
    • exploit_password_list
    • exploit_ssh_keys
    • exploit_user_list
mssalvatore added a commit that referenced this issue Dec 3, 2021
@mssalvatore
Island: Strip credentials out of config before sending to agent
4c43b35 
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538).
mssalvatore added a commit that referenced this issue Dec 3, 2021
@mssalvatore
Island: Strip credentials out of config before sending to agent
97bc0c7 
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538).
mssalvatore added a commit that referenced this issue Dec 3, 2021
@mssalvatore
Island: Strip credentials out of config before sending to agent
8f30cb9 
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538).
mssalvatore added a commit that referenced this issue Dec 3, 2021
@mssalvatore
Island: Strip credentials out of config before sending to agent
f1f4458 
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538).
@mssalvatore mssalvatore mentioned this issue Dec 3, 2021
Merged
7 tasks
mssalvatore added a commit that referenced this issue Dec 3, 2021
@mssalvatore
Island: Strip credentials out of config before sending to agent
30afe3c 
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538).
@mssalvatore mssalvatore mentioned this issue Dec 7, 2021
Merged
7 tasks
@VakarisZ VakarisZ mentioned this issue Dec 8, 2021
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Complexity: Medium Impact: Medium Refactor sp/5
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mssalvatore