def monkeyForm(request): if request.method == 'POST': form = addMonkey(request.POST) if form.is_valid(): cd = form.cleaned_data options = {} options['CLI'] = 'false' options['eraseMonkeyData'] = 'false' try: dbInfo = monkeyDBInfo.objects.get() options['dbip'] = dbInfo.IP options['dbname'] = dbInfo.Name db = openMDB(options['dbip'], options['dbname']) if db is not None: smclient.loadMonkeys(options, db, {0: int(cd['iq'])}, {0: int(cd['type'])}, {0: cd['loc']}, {0: cd['ip']}, {0: cd['minbytes']}, {0: cd['maxbytes']}) except monkeyDBInfo.DoesNotExist: #error print 'monkey db info does not exist' return HttpResponseRedirect('/monkeys') else: if (request.GET.get('btnStart')): options = getDBOptions() db = openMDB(options['dbip'], options['dbname']) options['runTime'] = request.GET.get('duration') if db is not None: smclient.startMonkeysParam(options, db) form = addMonkey() return render(request, 'monkeys.html', {'form': form})
def monkeyForm(request): if request.method =='POST': form = addMonkey(request.POST) if form.is_valid(): cd=form.cleaned_data options={} options['CLI']='false' options['eraseMonkeyData']='false' try: dbInfo=monkeyDBInfo.objects.get() options['dbip']=dbInfo.IP options['dbname']=dbInfo.Name db=openMDB(options['dbip'],options['dbname']) if db is not None: smclient.loadMonkeys(options,db,{0:int(cd['iq'])},{0:int(cd['type'])},{0:cd['loc']},{0:cd['ip']},{0:cd['minbytes']},{0:cd['maxbytes']}) except monkeyDBInfo.DoesNotExist: #error print 'monkey db info does not exist' return HttpResponseRedirect('/monkeys') else: if(request.GET.get('btnStart')): options=getDBOptions() db=openMDB(options['dbip'],options['dbname']) options['runTime']=request.GET.get('duration') if db is not None: smclient.startMonkeysParam(options,db) form=addMonkey() return render(request,'monkeys.html',{'form':form})
def fuzzPorts(runTime, dbIp, dbName, monkeyIq, monkeyLoc, minData, maxData, monkeyId): timeout = time.time() + 60 * runTime while True: hostList = {} #reinit each time through time.sleep(1) if time.time() > timeout: break db = openMDB(dbIp, dbName) if db is None: print 'Could not connect to DB' hosts = db.hosts if hosts.find({'location': monkeyLoc}).count() == 0: print 'Fuzzy monkey is waiting for work. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: for work in hosts.find({'location': monkeyLoc}): #Start priority calculation decisionCalc = (int(monkeyIq) * int( db.targets.find_one({'ip': work['ip']})['value'])) / ( db.actions.find({ 'ip': work['ip'] }).count() + 1) + randint(1, 10) hostList.update({work['ip']: decisionCalc}) target = max(hostList, key=hostList.get) openPorts = db.hosts.find_one({'ip': target})['ports'] fuzzTCP = openPorts[randint(0, len(openPorts) - 1)] fuzzData = genFuzzData(randint(int(minData), int(maxData))) print 'Fuzzy monkey got work! Fuzzing ' + target + ' on port ' + str( fuzzTCP) + ' with ' + str(getsizeof(fuzzData) - 37) + ' bytes of data!' start = time.ctime() try: s = socket(AF_INET, SOCK_STREAM) s.settimeout(10) s.connect((target, fuzzTCP)) s.send(fuzzData) result = s.recv(100) #Don't care what we get back. s.close() except: #Handle TCP resets and other aggressive network traffic semi gracefully pass end = time.ctime() saveResults(db, hosts, target, fuzzTCP, str(getsizeof(fuzzData) - 37), start, end, monkeyId) print 'Fuzzy monkey need sleep. Resting for 5 seconds.' time.sleep(5)
def basicInfoForm(request): if request.method == 'POST': if 'submit_Monkey' in request.POST: form = basicInfo(request.POST, request.FILES) else: form = metasploitDBInfo(request.POST) if form.is_valid() and 'submit_Monkey' in request.POST: cd = form.cleaned_data options = {} options['dbip'] = cd['IP'] options['dbname'] = cd['Name'] options['eraseTargetsData'] = str(cd["targetErase"]).lower() options['CLI'] = 'false' db = openMDB(options['dbip'], options['dbname']) if 'file' in request.FILES and db is not None: smclient.loadTargetsParam(options, request.FILES['file'], db) form.save() return HttpResponseRedirect('/client') elif form.is_valid() and 'submit_Metasploit' in request.POST: cd = form.cleaned_data options = {} options['CLI'] = 'false' dbConfig = monkeyDBInfo.objects.get() options['dbip'] = dbConfig.IP options['dbname'] = dbConfig.Name options['eraseSploitData'] = str(cd['metErase']).lower() smclient.dbLoadModules(options, cd['IP'], cd['username'], cd['password'], cd['Name']) form.save() return HttpResponseRedirect('/client') else: print form.errors return HttpResponseRedirect('/client?e=1') #dostuff #insert redirect #return HttpResponseRedirect('/client') else: try: form = basicInfo(instance=monkeyDBInfo.objects.get()) except monkeyDBInfo.DoesNotExist: form = basicInfo() try: metaForm = metasploitDBInfo(instance=metasploitInfo.objects.get()) except metasploitInfo.DoesNotExist: metaForm = metasploitDBInfo() args = {} args.update(csrf(request)) args['form'] = form args['metaForm'] = metaForm if (request.GET.get('e')): args['error'] = request.GET.get('e') return render_to_response('client.html', args)
def findLoginBoxes(runTime, dbIp, dbName, monkeyIq, monkeyLoc, monkeyId): timeout = time.time() + 60 * runTime while True: hostList = {} ports = [] time.sleep(1) if time.time() > timeout: break db = openMDB(dbIp, dbName) if db is None: print "Could not connect to db" hosts = db.hosts if hosts.find({"location": monkeyLoc}).count() == 0: print "Brute monkey is waiting for work. Eating bananas. Will check again in 10 seconds." time.sleep(10) else: for work in hosts.find({"location": monkeyLoc}): if 21 in work["ports"] or 22 in work["ports"] or 23 in work["ports"]: decisionCalc = (int(monkeyIq) * int(db.targets.find_one({"ip": work["ip"]})["value"])) / ( db.actions.find({"ip": work["ip"]}).count() + 1 ) + randint(1, 10) hostList.update({work["ip"]: decisionCalc}) if len(hostList) > 0: target = max(hostList, key=hostList.get) openPorts = db.hosts.find_one({"ip": target})["ports"] if 21 in openPorts: ports.append(21) if 22 in openPorts: ports.append(22) # if 23 in openPorts: # ports.append(23) if len(ports) == 0: print "Brute monkey is waiting for something to brute force. Eating bananas. Will check again in 10 seconds." time.sleep(10) else: print "Brute monkey got work! Starting credential brute forcing!" index = randint(0, len(ports) - 1) if ports[index] == 21: ftpBrute(target, db, hosts, monkeyId) elif ports[index] == 22: sshBrute(target, db, hosts, monkeyId)
def basicInfoForm(request): if request.method == 'POST': if 'submit_Monkey' in request.POST: form = basicInfo(request.POST,request.FILES) else: form = metasploitDBInfo(request.POST) if form.is_valid() and 'submit_Monkey' in request.POST: cd=form.cleaned_data options={} options['dbip'] = cd['IP'] options['dbname'] = cd['Name'] options['eraseTargetsData']=str(cd["targetErase"]).lower() options['CLI']='false' db=openMDB(options['dbip'],options['dbname']) if 'file' in request.FILES and db is not None: smclient.loadTargetsParam(options,request.FILES['file'],db) form.save() return HttpResponseRedirect('/client') elif form.is_valid() and 'submit_Metasploit' in request.POST: cd=form.cleaned_data options={} options['CLI']='false' dbConfig=monkeyDBInfo.objects.get() options['dbip']=dbConfig.IP options['dbname']=dbConfig.Name options['eraseSploitData']=str(cd['metErase']).lower() smclient.dbLoadModules(options,cd['IP'],cd['username'],cd['password'],cd['Name']) form.save() return HttpResponseRedirect('/client') else: print form.errors return HttpResponseRedirect('/client?e=1') #dostuff #insert redirect #return HttpResponseRedirect('/client') else: try: form=basicInfo(instance=monkeyDBInfo.objects.get()) except monkeyDBInfo.DoesNotExist: form=basicInfo() try: metaForm=metasploitDBInfo(instance=metasploitInfo.objects.get()) except metasploitInfo.DoesNotExist: metaForm=metasploitDBInfo() args={} args.update(csrf(request)) args['form']=form args['metaForm']=metaForm if(request.GET.get('e')): args['error']=request.GET.get('e') return render_to_response('client.html',args)
def findLoginBoxes(runTime,dbIp,dbName,monkeyIq,monkeyLoc,monkeyId): timeout = time.time() + 60 * runTime while True: hostList = {} ports = [] time.sleep(1) if time.time() > timeout: break db = openMDB(dbIp,dbName) if db is None: print 'Could not connect to db' hosts = db.hosts if hosts.find({'location':monkeyLoc}).count() == 0: print 'Brute monkey is waiting for work. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: for work in hosts.find({'location':monkeyLoc}): if 21 in work['ports'] or 22 in work['ports'] or 23 in work['ports']: decisionCalc = ( int(monkeyIq) * int(db.targets.find_one({'ip' : work['ip']})['value']))/(db.actions.find({'ip' : work['ip'] }).count() + 1 ) + randint(1,10) hostList.update( {work['ip'] : decisionCalc } ) if len(hostList) > 0: target = max(hostList,key=hostList.get) openPorts = db.hosts.find_one({'ip' : target})['ports'] if 21 in openPorts: ports.append(21) if 22 in openPorts: ports.append(22) #if 23 in openPorts: # ports.append(23) if len(ports) == 0: print 'Brute monkey is waiting for something to brute force. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: print 'Brute monkey got work! Starting credential brute forcing!' index = randint(0,len(ports)-1) if ports[index] == 21: ftpBrute(target,db,hosts,monkeyId) elif ports[index] == 22: sshBrute(target,db,hosts,monkeyId)
def scanHosts(runTime, dbIp, dbName, monkeyIq, monkeyLoc, monkeyId): timeout = time.time() + 60 * runTime while True: time.sleep(1) hostList = {} # reinit each time through loop to get new hosts from other clients possibly. openPorts = [] # reinit each time through loop if time.time() > timeout: break db = openMDB(dbIp, dbName) if db is None: print "could not connect to db" for host in db.targets.find({"location": monkeyLoc}): # Start priority calculation decisionCalc = (int(monkeyIq) * int(host["value"])) / ( db.actions.find({"ip": host["ip"]}).count() + 1 ) + randint(1, 10) hostList.update({host["ip"]: decisionCalc}) # Find highest decision calculation target = max(hostList, key=hostList.get) start = time.ctime() print "Starting port scan of " + target nm = nmap.PortScanner() if int(monkeyIq) == 0: # Almost as smart as Gregory Evans nm.scan(target) elif int(monkeyIq) == 1: # Level 1 monkeys aren't foiled by ICMP being blocked to the host nm.scan(target, arguments="-P0 -A") elif int(monkeyIq) == 2: # Level 2 monkeys run full connect scans to be a bit more stealthy nm.scan(target, arguments="-P0 -sT -A") elif int(monkeyIq) == 3: # Level 3 monkeys include decoy IPs in their scans nm.scan(target, arguments="-P0,-sT,-A,-D4.2.2.2,8.8.8.8,172.1.2.4,3.4.2.1") end = time.ctime() print "Scan monkey finished scan of " + target + " at " + end if len(nm.all_hosts()) != 0: for port in nm[nm.all_hosts()[0]]["tcp"].keys(): if nm[nm.all_hosts()[0]]["tcp"][port]["state"] == "open": openPorts.append(port) if len(openPorts) != 0: saveResults(nm.all_hosts()[0], openPorts, dbName, start, end, db, monkeyId, monkeyLoc) print "Monkey shift is over." return
def monkeyReport(): global options db = openMDB(options['dbip'], options['dbname']) if db is None: print 'Could not connect to db' print 'Monkeys clocking out' print '====================' validTypes = [1, 2] print 'Select format for output:' print '1-CSV' outType = int(raw_input('Input: ')) if outType not in validTypes: raw_input('Invalid output selection. Press enter to return.') else: savePath = raw_input('Enter file name to save: ') fo = open(savePath, 'wb') if outType == 1: #Write CSV header row fo.write( 'action,attacker,target,starttime,endtime,fuzzport,fuzzbytes,\n' ) for event in db.actions.find(): # loop through events if outType == 1: if event['action'] == 'fuzz': fo.write( str(event['action']) + ',' + str(db.monkeys.find_one({'id': event['id']})['ip']) + ',' + str(event['ip']) + ',' + str(event['start']) + ',' + str(event['end']) + ',' + str(event['port']) + ',' + str(event['bytes']) + '\n') elif event['action'] != 'portscan' and event[ 'action'] != 'fuzz': fo.write( str(event['action']) + ',' + str(db.monkeys.find_one({'id': event['id']})['ip']) + ',' + str(event['ip']) + ',' + str(event['start']) + ',' + str(event['end']) + ',' + str(event['port']) + ',NA\n') else: fo.write( str(event['action']) + ',' + str(db.monkeys.find_one({'id': event['id']})['ip']) + ',' + str(event['ip']) + ',' + str(event['start']) + ',' + str(event['end']) + ',' + 'NA,NA\n') raw_input('\nAll done! Press enter to return to the main menu.') return
def scanHosts(runTime,dbIp,dbName,monkeyIq,monkeyLoc,monkeyId): timeout = time.time() + 60 * runTime while True: time.sleep(1) hostList = {} #reinit each time through loop to get new hosts from other clients possibly. openPorts = [] #reinit each time through loop if time.time() > timeout: break db = openMDB(dbIp,dbName) if db is None: print 'could not connect to db' for host in db.targets.find({'location':monkeyLoc}): #Start priority calculation decisionCalc = ( int(monkeyIq) * int(host['value']) )/(db.actions.find({'ip' : host['ip'] }).count() + 1 ) + randint(1,10) hostList.update( {host['ip'] : decisionCalc } ) #Find highest decision calculation target = max(hostList,key=hostList.get) start = time.ctime() print 'Starting port scan of ' + target nm = nmap.PortScanner() if int(monkeyIq) == 0: #Almost as smart as Gregory Evans nm.scan(target) elif int(monkeyIq) == 1: #Level 1 monkeys aren't foiled by ICMP being blocked to the host nm.scan(target,arguments='-P0 -A') elif int(monkeyIq) == 2: #Level 2 monkeys run full connect scans to be a bit more stealthy nm.scan(target,arguments='-P0 -sT -A') elif int(monkeyIq) == 3: #Level 3 monkeys include decoy IPs in their scans nm.scan(target,arguments='-P0,-sT,-A,-D4.2.2.2,8.8.8.8,172.1.2.4,3.4.2.1') end = time.ctime() print 'Scan monkey finished scan of ' + target + ' at ' + end if len( nm.all_hosts() ) != 0: for port in nm[nm.all_hosts()[0]]['tcp'].keys(): if nm[nm.all_hosts()[0]]['tcp'][port]['state'] == 'open': openPorts.append(port) if len(openPorts) != 0: saveResults(nm.all_hosts()[0],openPorts,dbName,start,end,db,monkeyId,monkeyLoc) print 'Monkey shift is over.' return
def fuzzPorts(runTime,dbIp,dbName,monkeyIq,monkeyLoc,minData,maxData,monkeyId): timeout = time.time() + 60 * runTime while True: hostList = {} #reinit each time through time.sleep(1) if time.time() > timeout: break db = openMDB(dbIp,dbName) if db is None: print 'Could not connect to DB' hosts = db.hosts if hosts.find({'location':monkeyLoc}).count() == 0: print 'Fuzzy monkey is waiting for work. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: for work in hosts.find({'location':monkeyLoc}): #Start priority calculation decisionCalc = ( int(monkeyIq) * int(db.targets.find_one({'ip' : work['ip']})['value']))/(db.actions.find({'ip' : work['ip'] }).count() + 1 ) + randint(1,10) hostList.update( {work['ip'] : decisionCalc } ) target = max(hostList,key=hostList.get) openPorts = db.hosts.find_one({'ip' : target})['ports'] fuzzTCP = openPorts[randint(0,len(openPorts)-1)] fuzzData = genFuzzData(randint(int(minData),int(maxData))) print 'Fuzzy monkey got work! Fuzzing ' + target + ' on port ' + str(fuzzTCP) + ' with ' + str(getsizeof(fuzzData)-37) + ' bytes of data!' start = time.ctime() try: s = socket(AF_INET, SOCK_STREAM) s.settimeout(10) s.connect((target, fuzzTCP)) s.send(fuzzData) result = s.recv(100) #Don't care what we get back. s.close() except: #Handle TCP resets and other aggressive network traffic semi gracefully pass end = time.ctime() saveResults(db,hosts,target,fuzzTCP,str(getsizeof(fuzzData)-37),start,end,monkeyId) print 'Fuzzy monkey need sleep. Resting for 5 seconds.' time.sleep(5)
def findWebBoxes(runTime, dbIp, dbName, monkeyIq, monkeyLoc, monkeyId): timeout = time.time() + 60 * runTime while True: hostList = { } #reinit variables each time through to account for new scanner data ports = [] time.sleep(1) if time.time() > timeout: break db = openMDB(dbIp, dbName) if db is None: print 'could not connect to db' hosts = db.hosts if hosts.find({'location': monkeyLoc}).count() == 0: print 'Web monkey is waiting for work. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: for work in hosts.find({'location': monkeyLoc}): if 80 in work['ports'] or 443 in work['ports']: decisionCalc = (int(monkeyIq) * int( db.targets.find_one({'ip': work['ip']})['value'])) / ( db.actions.find({ 'ip': work['ip'] }).count() + 1) + randint(1, 10) hostList.update({work['ip']: decisionCalc}) if len(hostList) > 0: target = max(hostList, key=hostList.get) openPorts = db.hosts.find_one({'ip': target})['ports'] if 80 in openPorts: ports.append(80) if 443 in openPorts: ports.append(443) if len(ports) == 0: print 'Web monkey is waiting for a web server. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: print 'Web monkey got work! Starting directory brute forcing!' index = randint(0, len(ports) - 1) port = ports[index] webBrute(target, port, db, hosts, monkeyId)
def resultsForm(request): if request.method == 'POST': return HttpResponseRedirect('/results') else: options = getDBOptions() db = openMDB(options['dbip'], options['dbname']) if db is not None: actions = {} columnOrder = [ 'action', 'monkeyIP', 'targetIP', 'port', 'start', 'end', 'bytes' ] columns = { 'action': 'Action Taken', 'targetIP': 'Target IP', 'port': 'Port', 'monkeyIP': 'Monkey IP', 'start': 'Start Time', 'end': 'End Time', 'bytes': 'Bytes Sent' } count = 0 for event in db.actions.find(): monkey = db.monkeys.find_one({'id': event['id']}) action = {} action['action'] = event['action'] action['monkeyIP'] = str(monkey['ip']) action['targetIP'] = event['ip'] action['start'] = event['start'] action['end'] = event['end'] if event['action'] == 'fuzz': action['port'] = event['port'] action['bytes'] = event['bytes'] elif event['action'] == 'portscan': action['port'] = 'N/A' action['bytes'] = 'N/A' else: action['port'] = event['port'] action['bytes'] = 'N/A' actions[count] = action count = count + 1 return render_to_response('results.html', { 'actions': actions, 'columns': columns, 'order': columnOrder }) else: return render_to_response('results.html')
def dbLoadModules(options, msfDbIp, msfDbUser, msfDbPass, msfDbName): try: pgConn = psycopg2.connect(database=msfDbName, host=msfDbIp, user=msfDbUser, password=msfDbPass) cur = pgConn.cursor() cur.execute('SELECT file,fullname FROM module_details;') mongoDb = openMDB(options['dbip'],options['dbname']) if mongoDb is None: print 'I am error' if 'logins' in mongoDb.collection_names() or 'sploits' in mongoDb.collection_names(): if (options['CLI'] == 'true' and raw_input('Previous exploit data found. Erase? ').lower() == 'y') or ( options['CLI'] == 'false' and options['eraseSploitData'] == 'true'): if 'logins' in mongoDb.collection_names(): mongoDb['logins'].drop() if 'sploits' in mongoDb.collection_names(): mongoDb['sploits'].drop() print 'Opening exploits and getting default port numbers...' for sploit in cur: f = open(sploit[0], "r") portSearch = f.readlines() f.close() for line in portSearch: if "Opt::RPORT" in line: try: regex = '.*\((.*?)\).*' matches = re.search(regex, line) if matches.group(1).isdigit(): if 'auxiliary' in sploit[1] and 'scanner' in sploit[1] and '_login' in sploit[1]: #If the logic evaluates to True, this is a login module mongoDb.logins.insert({'modName': sploit[1], 'port': matches.group(1)}) elif 'exploit' in sploit[1]: #This is an exploit module mongoDb.sploits.insert({'modName': sploit[1], 'port': matches.group(1)}) else: continue except: pass except Exception, e: if options['CLI'] == 'true': raw_input('Data not imported. Check your MongoDB and Postgres settings. ') return
def findWebBoxes (runTime,dbIp,dbName,monkeyIq,monkeyLoc,monkeyId): timeout = time.time() + 60 * runTime while True: hostList = {} #reinit variables each time through to account for new scanner data ports = [] time.sleep(1) if time.time() > timeout: break db = openMDB(dbIp, dbName) if db is None: print 'could not connect to db' hosts = db.hosts if hosts.find({'location':monkeyLoc}).count() == 0: print 'Web monkey is waiting for work. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: for work in hosts.find({'location':monkeyLoc}): if 80 in work['ports'] or 443 in work['ports']: decisionCalc = ( int(monkeyIq) * int(db.targets.find_one({'ip' : work['ip']})['value']))/(db.actions.find({'ip' : work['ip'] }).count() + 1 ) + randint(1,10) hostList.update( {work['ip'] : decisionCalc } ) if len(hostList) > 0: target = max(hostList,key=hostList.get) openPorts = db.hosts.find_one({'ip' : target})['ports'] if 80 in openPorts: ports.append(80) if 443 in openPorts: ports.append(443) if len(ports) == 0: print 'Web monkey is waiting for a web server. Eating bananas. Will check again in 10 seconds.' time.sleep(10) else: print 'Web monkey got work! Starting directory brute forcing!' index = randint(0,len(ports)-1) port = ports[index] webBrute (target,port,db,hosts,monkeyId)
def loadTargets(): global options db = openMDB(options['dbip'], options['dbname']) if db is None: print 'Could not connect to DB' if 'targets' in db.collection_names(): if raw_input('Remove current list of targets? ').lower() == 'y': db['targets'].drop() else: print 'No targets found in database.' fileName = raw_input('Enter path to targets file: ') loadTargetsParam(options, fileName, db) raw_input('targets loaded! press enter to return to main menu.') return
def loadTargets(): global options db = openMDB(options['dbip'],options['dbname']) if db is None: print 'Could not connect to DB' if 'targets' in db.collection_names(): if raw_input('Remove current list of targets? ').lower() == 'y': db['targets'].drop() else: print 'No targets found in database.' fileName = raw_input('Enter path to targets file: ') loadTargetsParam(options, fileName, db) raw_input('targets loaded! press enter to return to main menu.') return
def startMonkeys(): global options db = openMDB(options['dbip'], options['dbname']) if db is None: print 'Could not connect to db' if 'actions' in db.collection_names() or 'hosts' in db.collection_names(): if raw_input('Previous monkey attacks found. Erase? ').lower() == 'y': db['actions'].drop() db['hosts'].drop() options['runTime'] = raw_input('How many minutes should the monkeys be loose? ') startMonkeysParam(options, db) print 'Fly my pretties, fly!' timeout = time.time() + 60 * int(options['runTime']) while True: if time.time() > timeout: raw_input('End of the day! Punching out. Check servers to make sure all work is done.\nPress enter to return to the main menu.') break
def monkeyReport(): global options db = openMDB(options['dbip'], options['dbname']) if db is None: print 'Could not connect to db' print 'Monkeys clocking out' print '====================' validTypes = [1, 2] print 'Select format for output:' print '1-CSV' outType = int(raw_input('Input: ')) if outType not in validTypes: raw_input('Invalid output selection. Press enter to return.') else: savePath = raw_input('Enter file name to save: ') fo = open(savePath, 'wb') if outType == 1: #Write CSV header row fo.write('action,attacker,target,starttime,endtime,fuzzport,fuzzbytes,\n') for event in db.actions.find(): # loop through events if outType == 1: if event['action'] == 'fuzz': fo.write(str(event['action'])+','+ str(db.monkeys.find_one({'id' : event['id']})['ip']) +','+str(event['ip'])+','+str(event['start'])+','+str(event['end'])+ ',' + str(event['port']) + ',' + str(event['bytes']) +'\n') elif event['action'] != 'portscan' and event['action'] != 'fuzz': fo.write(str(event['action'])+','+ str(db.monkeys.find_one({'id' : event['id']})['ip']) +','+str(event['ip'])+','+str(event['start'])+','+str(event['end'])+ ',' + str(event['port']) + ',NA\n') else: fo.write(str(event['action'])+','+ str(db.monkeys.find_one({'id' : event['id']})['ip']) +','+str(event['ip'])+','+str(event['start'])+','+str(event['end'])+ ',' + 'NA,NA\n') raw_input('\nAll done! Press enter to return to the main menu.') return
def startMonkeys(): global options db = openMDB(options['dbip'], options['dbname']) if db is None: print 'Could not connect to db' if 'actions' in db.collection_names() or 'hosts' in db.collection_names(): if raw_input('Previous monkey attacks found. Erase? ').lower() == 'y': db['actions'].drop() db['hosts'].drop() options['runTime'] = raw_input( 'How many minutes should the monkeys be loose? ') startMonkeysParam(options, db) print 'Fly my pretties, fly!' timeout = time.time() + 60 * int(options['runTime']) while True: if time.time() > timeout: raw_input( 'End of the day! Punching out. Check servers to make sure all work is done.\nPress enter to return to the main menu.' ) break
def resultsForm(request): if request.method =='POST': return HttpResponseRedirect('/results') else: options=getDBOptions() db=openMDB(options['dbip'],options['dbname']) if db is not None: actions={} columnOrder=['action','monkeyIP','targetIP','port','start','end','bytes'] columns={'action':'Action Taken','targetIP':'Target IP','port':'Port','monkeyIP':'Monkey IP','start':'Start Time','end':'End Time','bytes':'Bytes Sent'} count=0 for event in db.actions.find(): monkey=db.monkeys.find_one({'id' : event['id']}) action={} action['action']=event['action'] action['monkeyIP']=str(monkey['ip']) action['targetIP']=event['ip'] action['start']=event['start'] action['end']=event['end'] if event['action']=='fuzz': action['port']=event['port'] action['bytes']=event['bytes'] elif event['action']=='portscan': action['port']='N/A' action['bytes']='N/A' else: action['port']=event['port'] action['bytes']='N/A' actions[count]=action count=count+1 return render_to_response('results.html', {'actions': actions,'columns':columns,'order':columnOrder}) else: return render_to_response('results.html')
def makeMonkeys(): global options global monkeyIds monkeyTypes = [ None, 'Scan Monkey', None, 'Fuzzy Monkey', None, 'Web Monkey' ] dropSel = True existing = [] print 'Monkey setup' print '------------' db = openMDB(options['dbip'], options['dbname']) if db is None: print 'Could not connect to database' if 'monkeys' in db.collection_names(): if raw_input('Existing monkeys found. Remove? ').lower() == 'y': count = 1 for monkey in db.monkeys.find(): print str(count) + '-' + str( monkey['ip']) + '-' + monkeyTypes[int(monkey['type'])] existing.append(monkey['id']) count += 1 while dropSel == True: dropSel = raw_input( 'Enter monkey to remove,e to remove all monkeys, or q to make monkeys: ' ) if dropSel.lower() == 'e': db['monkeys'].drop() print 'Monkeys removed!' elif dropSel.lower() == 'q': dropSel = False else: db.monkeys.remove({'id': existing[int(dropSel) - 1]}) dropSel = True else: #Get the IDs of the existing monkeys to avoid dupes for monkey in db.monkeys.find(): monkeyIds.append(monkey['id']) else: print 'No monkeys found in database.' numMonkeys = int(raw_input('Enter total number of monkeys to create: ')) validIQs = [0, 1, 2, 3] validTypes = [1, 2, 3, 4, 5] validLocs = ['i', 'e'] monkeyIQ = {} monkeyType = {} monkeyLoc = {} monkeyIp = {} minFuzzSize = {} maxFuzzSize = {} for i in range(1, numMonkeys + 1): monkeyIQ[i] = None monkeyType[i] = None monkeyLoc[i] = None print 'Setting up monkey #' + str(i) while monkeyIQ[i] not in validIQs: print '---------------------' print 'Enter Monkey IQ:' print '0-World\'s #1 Hacker' print '1-CISSP' print '2-CEH' print '3-Security Weekly Listener' monkeyIQ[i] = int(raw_input('Input: ')) print "\n" while monkeyType[i] not in validTypes: print 'Define Monkey Type:' print '1-Scanner Monkey' print '2-Exploit Monkey' print '3-Fuzzy Monkey' print '4-Brute Monkey' print '5-Web Monkey' monkeyType[i] = int(raw_input('Input: ')) print "\n" while monkeyLoc[i] not in validLocs: print 'Define Monkey Location:' print 'i-Internal' print 'e-External' monkeyLoc[i] = raw_input('Input: ').lower() monkeyIp[i] = raw_input('Enter IP address of monkey server: ') #Deal with fuzzy monkeys who need an extra option if monkeyType[i] == 3: minFuzzSize[i] = int( raw_input( 'Enter the minimum number of bytes of fuzz data to send: ') ) maxFuzzSize[i] = int( raw_input( 'Enter the maximum number of bytes of fuzz data to send: ') ) loadMonkeys(options, db, monkeyIQ, monkeyType, monkeyLoc, monkeyIp, minFuzzSize, maxFuzzSize) raw_input( 'Finished making monkeys. Press enter to return to the main menu.') return
def dbLoadModules(options, msfDbIp, msfDbUser, msfDbPass, msfDbName): try: pgConn = psycopg2.connect(database=msfDbName, host=msfDbIp, user=msfDbUser, password=msfDbPass) cur = pgConn.cursor() cur.execute('SELECT file,fullname FROM module_details;') mongoDb = openMDB(options['dbip'], options['dbname']) if mongoDb is None: print 'I am error' if 'logins' in mongoDb.collection_names( ) or 'sploits' in mongoDb.collection_names(): if (options['CLI'] == 'true' and raw_input('Previous exploit data found. Erase? ').lower() == 'y') or (options['CLI'] == 'false' and options['eraseSploitData'] == 'true'): if 'logins' in mongoDb.collection_names(): mongoDb['logins'].drop() if 'sploits' in mongoDb.collection_names(): mongoDb['sploits'].drop() print 'Opening exploits and getting default port numbers...' for sploit in cur: f = open(sploit[0], "r") portSearch = f.readlines() f.close() for line in portSearch: if "Opt::RPORT" in line: try: regex = '.*\((.*?)\).*' matches = re.search(regex, line) if matches.group(1).isdigit(): if 'auxiliary' in sploit[1] and 'scanner' in sploit[ 1] and '_login' in sploit[1]: #If the logic evaluates to True, this is a login module mongoDb.logins.insert({ 'modName': sploit[1], 'port': matches.group(1) }) elif 'exploit' in sploit[1]: #This is an exploit module mongoDb.sploits.insert({ 'modName': sploit[1], 'port': matches.group(1) }) else: continue except: pass except Exception, e: if options['CLI'] == 'true': raw_input( 'Data not imported. Check your MongoDB and Postgres settings. ' ) return
def makeMonkeys(): global options global monkeyIds monkeyTypes = [None,'Scan Monkey',None,'Fuzzy Monkey',None,'Web Monkey'] dropSel = True existing = [] print 'Monkey setup' print '------------' db = openMDB(options['dbip'],options['dbname']) if db is None: print 'Could not connect to database' if 'monkeys' in db.collection_names(): if raw_input('Existing monkeys found. Remove? ').lower() == 'y': count = 1 for monkey in db.monkeys.find(): print str(count) + '-' + str(monkey['ip']) + '-' + monkeyTypes[ int(monkey['type']) ] existing.append(monkey['id']) count += 1 while dropSel == True: dropSel = raw_input('Enter monkey to remove,e to remove all monkeys, or q to make monkeys: ') if dropSel.lower() == 'e': db['monkeys'].drop() print 'Monkeys removed!' elif dropSel.lower() == 'q': dropSel = False else: db.monkeys.remove({'id' : existing[int(dropSel)-1]}) dropSel = True else: #Get the IDs of the existing monkeys to avoid dupes for monkey in db.monkeys.find(): monkeyIds.append(monkey['id']) else: print 'No monkeys found in database.' numMonkeys = int(raw_input('Enter total number of monkeys to create: ')) validIQs = [0, 1, 2, 3] validTypes = [1, 2, 3, 4, 5] validLocs = ['i', 'e'] monkeyIQ = {} monkeyType = {} monkeyLoc = {} monkeyIp = {} minFuzzSize = {} maxFuzzSize = {} for i in range(1, numMonkeys + 1): monkeyIQ[i] = None monkeyType[i] = None monkeyLoc[i] = None print 'Setting up monkey #' + str(i) while monkeyIQ[i] not in validIQs: print '---------------------' print 'Enter Monkey IQ:' print '0-World\'s #1 Hacker' print '1-CISSP' print '2-CEH' print '3-Security Weekly Listener' monkeyIQ[i] = int(raw_input('Input: ')) print "\n" while monkeyType[i] not in validTypes: print 'Define Monkey Type:' print '1-Scanner Monkey' print '2-Exploit Monkey' print '3-Fuzzy Monkey' print '4-Brute Monkey' print '5-Web Monkey' monkeyType[i] = int(raw_input('Input: ')) print "\n" while monkeyLoc[i] not in validLocs: print 'Define Monkey Location:' print 'i-Internal' print 'e-External' monkeyLoc[i] = raw_input('Input: ').lower() monkeyIp[i] = raw_input('Enter IP address of monkey server: ') #Deal with fuzzy monkeys who need an extra option if monkeyType[i] == 3: minFuzzSize[i] = int(raw_input('Enter the minimum number of bytes of fuzz data to send: ')) maxFuzzSize[i] = int(raw_input('Enter the maximum number of bytes of fuzz data to send: ')) loadMonkeys(options, db, monkeyIQ, monkeyType, monkeyLoc, monkeyIp, minFuzzSize, maxFuzzSize) raw_input('Finished making monkeys. Press enter to return to the main menu.') return