monkey/infection_monkey/example.conf at develop · NQIS/monkey · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
{
    "command_servers": [
        "41.50.73.31:5000"
    ],
    "internet_services": [
     "monkey.guardicore.com",
     "www.google.com"
     ],
    "keep_tunnel_open_time": 60,
    "subnet_scan_list": [
        ""
    ],
    "blocked_ips": [""],
    "current_server": "41.50.73.31:5000",
    "alive": true,
    "collect_system_info": true,
    "extract_azure_creds": true,
    "depth": 2,

    "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
    "dropper_date_reference_path_linux": "/bin/sh",
    "dropper_log_path_windows": "%temp%\\~df1562.tmp",
    "dropper_log_path_linux": "/tmp/user-1562",
    "dropper_set_date": true,
    "dropper_target_path_win_32": "C:\\Windows\\monkey32.exe",
    "dropper_target_path_win_64": "C:\\Windows\\monkey64.exe",
    "dropper_target_path_linux": "/tmp/monkey",


    "kill_file_path_linux": "/var/run/monkey.not",
    "kill_file_path_windows": "%windir%\\monkey.not",
    "dropper_try_move_first": true,
    "exploiter_classes": [
        "SSHExploiter",
        "SmbExploiter",
        "WmiExploiter",
        "ShellShockExploiter",
        "ElasticGroovyExploiter",
        "SambaCryExploiter",
    ],
    "finger_classes": [
        "SSHFinger",
        "PingScanner",
        "HTTPFinger",
        "SMBFinger",
        "MySQLFinger"
        "ElasticFinger",
    ],
    "max_iterations": 3,
    "monkey_log_path_windows": "%temp%\\~df1563.tmp",
    "monkey_log_path_linux": "/tmp/user-1563",
    "send_log_to_server": true,
    "ms08_067_exploit_attempts": 5,
    "ms08_067_remote_user_add": "Monkey_IUSER_SUPPORT",
    "ms08_067_remote_user_pass": "Password1!",
    "ping_scan_timeout": 10000,
    "rdp_use_vbs_download": true,
    "smb_download_timeout": 300,
    "smb_service_name": "InfectionMonkey",
    "retry_failed_explotation": true,
    "scanner_class": "TcpScanner",
    "self_delete_in_cleanup": true,
    "serialize_config": false,
    "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
    "skip_exploit_if_file_exist": false,
    "exploit_user_list": [],
    "exploit_password_list": [],
    "exploit_lm_hash_list": [],
    "exploit_ntlm_hash_list": [],
    "sambacry_trigger_timeout": 5,
    "sambacry_folder_paths_to_guess": ["", "/mnt", "/tmp", "/storage", "/export", "/share", "/shares", "/home"],
    "sambacry_shares_not_to_check": ["IPC$", "print$"],
    "local_network_scan": false,
    "tcp_scan_get_banner": true,
    "tcp_scan_interval": 200,
    "tcp_scan_timeout": 10000,
    "tcp_target_ports": [
        22,
        445,
        135,
        3389,
        80,
        8080,
        443,
        3306,
        8008,
        9200
    ],
    "timeout_between_iterations": 10,
    "use_file_logging": true,
    "victims_max_exploit": 7,
    "victims_max_find": 30
}