def main():
"""
Test Script for hystck with HelloBot.
:return: no return value
"""
try:
# create logger
logger = create_logger('hystckManager', logging.DEBUG)
# program code
logger.info(
"This is a sample script for using the ZeusBot simulation!" + '\n')
# create GuestListener
macs_in_use = []
guests = []
guest_listener = GuestListener(guests, logger)
# create all control instances
virtual_machine_monitor1 = Vmm(macs_in_use, guests, logger)
# instanciate each vm
initiator = virtual_machine_monitor1.create_guest(
guest_name="windows-guest01", platform="windows")
target = virtual_machine_monitor1.create_guest(
guest_name="windows-guest02", platform="windows")
# wait for dhcp
initiator.wait_for_dhcp()
target.wait_for_dhcp()
# run nmap portscan
r1 = Nmap.guest_nmap_tcp_syn_scan(initiator, target)
r1.wait()
# run ncrack on ssh port
r2 = Ncrack.crack_guests(
initiator,
target,
service="ssh",
user_list=["root", "admin", "user", "vm"],
password_list=["root", "password", "vm", "admin", "user"])
r2.wait()
# cleanup
virtual_machine_monitor1.clear()
print "simulation has ended!"
sys.exit(0)
######## CLEANUP ############# ERROR HANDLING
except KeyboardInterrupt as k:
logger.debug(k)
logger.debug("KeyboardInterrupt")
logger.debug(k)
logger.debug(virtual_machine_monitor1)
raw_input("Press Enter to continue...")
virtual_machine_monitor1.clear()
logger.debug("cleanup here")
try:
virtual_machine_monitor1.clear()
except NameError:
logger.debug("well, host1 was not defined!")
exit(0)
except Exception as e:
logger.debug("main gets the error: " + str(e))
logger.debug("cleanup here")
raw_input("Press Enter to continue...")
try:
virtual_machine_monitor1.clear()
subprocess.call(["/etc/init.d/libvirt-bin", "restart"])
except NameError:
logger.debug("well, host1 was not defined!")
sys.exit(1)
def main():
"""
Test Script for hystck with HelloBot.
:return: no return value
"""
try:
# create logger
logger = create_logger('hystckManager', logging.DEBUG)
# program code
logger.info("This is a sample script for using the ZeusBot simulation!" + '\n')
# create GuestListener
macs_in_use = []
guests = []
guest_listener = GuestListener(guests, logger)
# create all control instances
virtual_machine_monitor1 = Vmm(macs_in_use, guests, logger)
bmon = BotMonitorBase()
sm = SimulationManager(bmon)
# setup groups
bmon.group_manager.setup_group('zeus_bot', 'zeus-bot.py')
bmon.group_manager.setup_group('zeus_cnc', 'zeus-cnc.py')
# instanciate each vm
cnc = virtual_machine_monitor1.create_guest(guest_name="windows-guest01", platform="windows")
bot1 = virtual_machine_monitor1.create_guest(guest_name="windows-guest02", platform="windows")
bot2 = virtual_machine_monitor1.create_guest(guest_name="windows-guest03", platform="windows")
bot3 = virtual_machine_monitor1.create_guest(guest_name="windows-guest04", platform="windows")
# wait for dhcp
cnc.wait_for_dhcp()
bot1.wait_for_dhcp()
bot2.wait_for_dhcp()
bot3.wait_for_dhcp()
# if you want to enable the rc4 cypher, disable for plaintext messages (intended for debugging)
enable_crypto = True
encryption_key = "secret key"
# setup the cnc ip for clients and a botnet name, simulate the bot's embedded config
bmon.globals["cnc_host"] = str(cnc.ip_internet) # always needed
bmon.globals["botnet_name"] = "samplebotnet" # if not set, 'default' will be used
# bmon.globals["url_config"] = "/config.bin"
# bmon.globals["url_compip"] = "/ip.php"
# bmon.globals["url_server"] = "/gate.php"
# bmon.globals["url_loader"] = "/bot.exe"
if enable_crypto:
bmon.globals["encryption_key"] = encryption_key
else:
encryption_key = None
# allocate vms to groups
bmon.group_manager.add_bot_to_group('zeus_cnc', cnc)
bmon.group_manager.add_bot_to_group('zeus_bot', bot1)
bmon.group_manager.add_bot_to_group('zeus_bot', bot2)
bmon.group_manager.add_bot_to_group('zeus_bot', bot3)
# begin listening for incoming connections
bmon.start()
# upload zeus server files after verifying that cnc is running
sm.wait_for_bot(cnc) # wait till bot is ready
cnc_bot = bmon.group_manager.get_single_bot(cnc)
# load plaintext config.bin and send it to cnc bot
with open('config.bin', 'rb') as f:
c = f.read()
ZeusCnC.push_file_to_server(cnc_bot, 'config.bin', c, encryption_key)
# generate a command to send to all clients
z = ZeusPacketGenerator()
z.add_command_info("sethomepage http://example.com")
cmd = str(z.generate_message(encryption_key)) # if encryption is enabled, cmd will already be encrypted
ZeusCnC.push_file_to_server(cnc_bot, 'gate.php', cmd) # no need for an additional cypher round
# wait till the simulation is ready
sm.wait_for_bots(4)
# let the bots create control traffic till key press
raw_input("press enter to exit")
# close all connections
bmon.stop()
virtual_machine_monitor1.clear()
print "simulation has ended!"
sys.exit(0)
######## CLEANUP ############# ERROR HANDLING
except KeyboardInterrupt as k:
logger.debug(k)
logger.debug("KeyboardInterrupt")
logger.debug(k)
logger.debug(virtual_machine_monitor1)
raw_input("Press Enter to continue...")
bmon.stop()
virtual_machine_monitor1.clear()
logger.debug("cleanup here")
try:
virtual_machine_monitor1.clear()
except NameError:
logger.debug("well, host1 was not defined!")
exit(0)
except Exception as e:
logger.debug("main gets the error: " + str(e))
logger.debug("cleanup here")
raw_input("Press Enter to continue...")
try:
bmon.stop()
virtual_machine_monitor1.clear()
subprocess.call(["/etc/init.d/libvirt-bin", "restart"])
except NameError:
logger.debug("well, host1 was not defined!")
sys.exit(1)
def main():
"""
Test Script for hystck.
:return: no return value
"""
try:
# create logger
logger = create_logger('hystckManager', logging.DEBUG)
# program code
logger.info(
"This is a sample script for using the MariposaBot simulation!" +
'\n')
# create GuestListener
macs_in_use = []
guests = []
guest_listener = GuestListener(guests, logger)
# create all control instances
virtual_machine_monitor1 = Vmm(macs_in_use, guests, logger)
bmon = BotMonitorBase()
sm = SimulationManager(bmon)
# setup groups
bmon.group_manager.setup_group('mariposa_bot', 'mariposa-bot.py')
bmon.group_manager.setup_group('mariposa_cnc', 'mariposa-cnc.py')
bmon.group_manager.setup_group('mariposa_bm', 'mariposa-bm.py')
# instanciate each vm
cnc = virtual_machine_monitor1.create_guest(
guest_name="windows-guest01", platform="windows")
bmast = virtual_machine_monitor1.create_guest(
guest_name="windows-guest02", platform="windows")
bot1 = virtual_machine_monitor1.create_guest(
guest_name="windows-guest03", platform="windows")
bot2 = virtual_machine_monitor1.create_guest(
guest_name="windows-guest04", platform="windows")
# wait for dhcp
cnc.wait_for_dhcp()
bmast.wait_for_dhcp()
bot1.wait_for_dhcp()
bot2.wait_for_dhcp()
# setup variables, etc.
cnc_host = str(cnc.ip_internet)
cnc_port = MariposaProtocol.MARIPOSA_PORT1
bmon.globals["cnc"] = cnc_host # optional, default: MARIPOSA_HOST1
bmon.globals["port"] = cnc_port # optional, default: MARIPOSA_PORT1
bmon.globals["bm_ip"] = str(bmast.ip_internet) # needed
# allocate vms to groups
bmon.group_manager.add_bot_to_group('mariposa_cnc', cnc)
bmon.group_manager.add_bot_to_group('mariposa_bm', bmast)
bmon.group_manager.add_bot_to_group('mariposa_bot', bot1)
bmon.group_manager.add_bot_to_group('mariposa_bot', bot2)
# begin listening for incomming connections
bmon.start()
# wait till the simulation is ready
sm.wait_for_bots(4)
# wait till bots have completed the initialization phase
time.sleep(2 * 60)
time.sleep(30) # wait some more
bl = bmon.group_manager.get_bots_by_group_name('mariposa_bm')
for b in bl:
print "sending order to: " + b.ip_address
order = {
'cnc_target_host': cnc_host,
'cnc_target_port': cnc_port,
'command': 'enable_google',
'args': ''
}
b.place_order(order)
time.sleep(5 * 60)
bl = bmon.group_manager.get_bots_by_group_name('mariposa_bm')
for b in bl:
print "sending order to: " + b.ip_address
order = {
'cnc_target_host': cnc_host,
'cnc_target_port': cnc_port,
'command': 'download2',
'args': ''
}
b.place_order(order)
raw_input("press enter to exit")
# close all connections
bmon.stop()
virtual_machine_monitor1.clear()
print "simulation has ended!"
sys.exit(0)
######## CLEANUP ############# ERROR HANDLING
except KeyboardInterrupt as k:
logger.debug(k)
logger.debug("KeyboardInterrupt")
logger.debug(k)
logger.debug(virtual_machine_monitor1)
raw_input("Press Enter to continue...")
virtual_machine_monitor1.clear()
logger.debug("cleanup here")
try:
virtual_machine_monitor1.clear()
except NameError:
logger.debug("well, host1 was not defined!")
exit(0)
except Exception as e:
logger.debug("main gets the error: " + str(e))
logger.debug("cleanup here")
raw_input("Press Enter to continue...")
try:
virtual_machine_monitor1.clear()
subprocess.call(["/etc/init.d/libvirt-bin", "restart"])
except NameError:
logger.debug("well, host1 was not defined!")
sys.exit(1)
def main():
"""
Test Script for hystck with HelloBot.
:return: no return value
"""
try:
# create logger
logger = create_logger('hystckManager', logging.DEBUG)
# program code
logger.info("This is a sample script for testing the HelloBot Sample" + '\n')
# create GuestListener
macs_in_use = []
guests = []
guest_listener = GuestListener(guests, logger)
# create all control instances
virtual_machine_monitor1 = Vmm(macs_in_use, guests, logger)
bmon = BotMonitorBase()
sm = SimulationManager(bmon)
# setup groups
bmon.group_manager.setup_group('hello_bot', 'hello-bot.py')
bmon.group_manager.setup_group('hello_cnc', 'hello-cnc.py')
bmon.group_manager.setup_group('hello_bm', 'hello-bm.py')
# instantiate each vm
cnc = virtual_machine_monitor1.create_guest(guest_name="windows-guest01", platform="windows")
bmast = virtual_machine_monitor1.create_guest(guest_name="windows-guest02", platform="windows")
bot1 = virtual_machine_monitor1.create_guest(guest_name="windows-guest03", platform="windows")
bot2 = virtual_machine_monitor1.create_guest(guest_name="windows-guest04", platform="windows")
bot3 = virtual_machine_monitor1.create_guest(guest_name="windows-guest04", platform="windows")
# wait for dhcp
cnc.wait_for_dhcp()
bmast.wait_for_dhcp()
bot1.wait_for_dhcp()
bot2.wait_for_dhcp()
bot3.wait_for_dhcp()
# setup some variables, for demonstration purposes
bmon.globals["cnc"] = str(cnc.ip_internet)
bmon.globals["bmast"] = str(bmast.ip_internet)
# allocate vms to groups
bmon.group_manager.add_bot_to_group('hello_cnc', cnc)
bmon.group_manager.add_bot_to_group('hello_bm', bmast)
bmon.group_manager.add_bot_to_group('hello_bot', bot1)
bmon.group_manager.add_bot_to_group('hello_bot', bot2)
bmon.group_manager.add_bot_to_group('hello_bot', bot3)
# begin listening for incomming connections
bmon.start()
# wait till the simulation is ready
sm.wait_for_bots(5)
# actions
for i in range(0, 10):
print "round " + str(i)
bl = bmon.group_manager.get_bots_by_group_name("hello_bm")
for b in bl:
print b.ip_address + " is placing an order"
msg = "hello: " + str(i)
order = {
'cnc_target': str(cnc.ip_internet),
'cnc_target_port:': HELLO_PORT,
'command': 'send',
'bot_target': "192.168.110.1", # this is the hypervisor
'msg': msg
}
b.place_order(order)
sleep(5)
bl = bmon.group_manager.get_bots_by_group_name("hello_bot")
for b in bl:
print b.ip_address + " is pulling orders"
b.pull_orders(str(cnc.ip_internet), HELLO_PORT)
sleep(5)
for b in bl:
print b.ip_address + " is executing orders"
b.execute_orders()
sleep(5)
raw_input("press enter to exit")
# close all connections
bmon.stop()
virtual_machine_monitor1.clear()
print "simulation has ended!"
sys.exit(0)
######## CLEANUP ############# ERROR HANDLING
except KeyboardInterrupt as k:
logger.debug(k)
logger.debug("KeyboardInterrupt")
logger.debug(k)
logger.debug(virtual_machine_monitor1)
raw_input("Press Enter to continue...")
bmon.stop()
virtual_machine_monitor1.clear()
logger.debug("cleanup here")
try:
virtual_machine_monitor1.clear()
except NameError:
logger.debug("well, host1 was not defined!")
exit(0)
except Exception as e:
logger.debug("main gets the error: " + str(e))
logger.debug("cleanup here")
raw_input("Press Enter to continue...")
try:
bmon.stop()
virtual_machine_monitor1.clear()
subprocess.call(["/etc/init.d/libvirt-bin", "restart"])
except NameError:
logger.debug("well, host1 was not defined!")
sys.exit(1)
def main():
"""
Test Script for hystck with DevControlClient.
:return: no return value
"""
try:
# create logger
logger = create_logger('hystckManager', logging.DEBUG)
# program code
logger.info(
"This is a sample script for using the ZeusBot simulation!" + '\n')
# create GuestListener
macs_in_use = []
guests = []
guest_listener = GuestListener(guests, logger)
# create all control instances
virtual_machine_monitor1 = Vmm(macs_in_use, guests, logger)
bot = virtual_machine_monitor1.create_guest(
guest_name="windows-guest01", platform="windows")
bot.wait_for_dhcp()
# at this point userspace tools and drivers should have been started
# generate the client object for the drivers
bot_drv = DevControlClient()
bot_drv.connect(bot)
# this will call winver as a demonstration
bot_drv.kb_send_special_key("ESC", lctrl=True)
time.sleep(2)
bot_drv.kb_send_text(
"winver\n"
) # the function also supports other escape codes to like '\b' for backspace
time.sleep(2)
bot_drv.kb_send_special_key("ENTER")
time.sleep(2)
# shutdown
bot_drv.close()
virtual_machine_monitor1.clear()
sys.exit(0)
######## CLEANUP ############# ERROR HANDLING
except KeyboardInterrupt as k:
logger.debug(k)
logger.debug("KeyboardInterrupt")
logger.debug(k)
logger.debug(virtual_machine_monitor1)
raw_input("Press Enter to continue...")
virtual_machine_monitor1.clear()
logger.debug("cleanup here")
try:
virtual_machine_monitor1.clear()
except NameError:
logger.debug("well, host1 was not defined!")
exit(0)
except Exception as e:
logger.debug("main gets the error: " + str(e))
logger.debug("cleanup here")
raw_input("Press Enter to continue...")
try:
virtual_machine_monitor1.clear()
subprocess.call(["/etc/init.d/libvirt-bin", "restart"])
except NameError:
logger.debug("well, host1 was not defined!")
sys.exit(1)
