Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement an SNMP exploiter #3234

Closed
20 tasks done
mssalvatore opened this issue Apr 20, 2023 · 3 comments · Fixed by #3348 or #3365
Closed
20 tasks done

Implement an SNMP exploiter #3234

mssalvatore opened this issue Apr 20, 2023 · 3 comments · Fixed by #3348 or #3365
Labels
Complexity: Medium Exploit Impact: High Plugins sp/13
Milestone
v2.2.0

Comments

@mssalvatore
Copy link
Collaborator

mssalvatore commented Apr 20, 2023
edited
Loading

Description

Implement an exploiter that uses SNMP to propagate to Linux hosts.

Related: #3198

Tasks

  • Add a vulnerable machine to terraform/GCP (test2 environment) (0d) @cakekoa
  • Figure out how to replicate the PoC commands with pysnmp (0d) @cakekoa @mssalvatore
  • Create plugin manifest (0d) @cakekoa
  • Create a Pipfile for dependencies (0d) @cakekoa
  • plugin.py (0d) @cakekoa
  • Generate community strings by getting all usernames and passwords (0d) @cakekoa
  • command builder (0d) @cakekoa
  • exploiter (0d) @cakekoa
    • Don't forget to add MITRE tags
  • Add a jenkins job to build the plugin (0d) @mssalvatore
    • Update the island build jobs on Jenkins to copy the artifacts from the SNMP plugin build job
  • options (pydantic) (0d) @cakekoa
    • determine what options SNMP should have
    • create a pydantic model for SNMP options
    • create a config schema
  • Update ETE test configurations (0d) @ilija-lazoroski
  • Document the new exploiter (0d) @cakekoa
  • Add Bash Dropper (0.5d) @mssalvatore
  • Test (0d)
  • Fix InconsistentValueError (0d) @cakekoa
@mssalvatore mssalvatore added this to the v2.2.0 milestone Apr 20, 2023
@cakekoa
Copy link
Contributor

cakekoa commented May 4, 2023
edited
Loading

Examples:
http://www.pysnmp.com/pysnmp/examples/#high-level-snmp

Look at the Modifying variables and MIB walking operations sections, which seem to be analogs of snmpset and snmpwalk

@cakekoa
Copy link
Contributor

cakekoa commented May 4, 2023

Proof-of-concept: https://github.com/mxrch/snmp-shell.git

@cakekoa
Copy link
Contributor

cakekoa commented May 4, 2023

Here's some example code showing how to create, execute, and delete a command via SNMP:
snmp.txt

This was referenced May 4, 2023
Merged
Merged
cakekoa added a commit that referenced this issue May 4, 2023
@cakekoa
SNMP: Add pipfile
fb07656 
Issue #3234
PR #3303
cakekoa added a commit that referenced this issue May 4, 2023
@cakekoa
SNMP: Add plugin manifest
9df1609 
Issue #3234
PR #3302
@cakekoa cakekoa mentioned this issue May 4, 2023
Merged
10 tasks
mssalvatore pushed a commit that referenced this issue May 4, 2023
@cakekoa @mssalvatore
SNMP: Add pipfile
25da7e7 
Issue #3234
PR #3303
mssalvatore added a commit that referenced this issue May 5, 2023
@mssalvatore
Merge branch '3234-plugin' into develop
66d37c6 
Issue #3234
PR #3304
mssalvatore pushed a commit that referenced this issue May 5, 2023
@cakekoa @mssalvatore
SNMP: Add plugin manifest
ac646a2 
Issue #3234
PR #3302
mssalvatore added a commit that referenced this issue May 5, 2023
@mssalvatore
Merge branch '3234-snmp-manifest' into develop
46c7d62 
Issue #3234
PR #3302
This was referenced May 5, 2023
Merged
Merged
mssalvatore pushed a commit that referenced this issue May 8, 2023
@cakekoa @mssalvatore
SNMP: Add command builder
d748c76 
Issue #3234
PR #3312
mssalvatore pushed a commit that referenced this issue May 8, 2023
@cakekoa @mssalvatore
SNMP: Add command builder
575196d 
Issue #3234
PR #3312
mssalvatore added a commit that referenced this issue May 8, 2023
@mssalvatore
Merge branch '3234-generate-community-strings' into develop
9b442c5 
Issue #3234
PR #3311
This was referenced May 8, 2023
Merged
Merged
Closed
ilija-lazoroski added a commit that referenced this issue May 10, 2023
@ilija-lazoroski
BB: Add SNMP configuration to depth_1_a grouped tests
aacf612 
Issue: #3234
PR: #3330
mssalvatore added a commit that referenced this issue May 11, 2023
@mssalvatore
Merge branch '3234-exploit-client' into develop
0545cd5 
Issue #3234
PR #3323
mssalvatore added a commit that referenced this issue May 11, 2023
@mssalvatore
Merge branch '3234-options' into develop
a5ec39e 
Issue #3234
PR #3324
@cakekoa cakekoa mentioned this issue May 15, 2023
Merged
10 tasks
ilija-lazoroski added a commit that referenced this issue May 15, 2023
@ilija-lazoroski
BB: Add SNMP configuration to depth_1_a grouped tests
5cf36be 
Issue: #3234
PR: #3330
ilija-lazoroski added a commit that referenced this issue May 15, 2023
@ilija-lazoroski
BB: Add SNMP configuration to depth_1_a grouped tests
ad3f0fb 
Issue: #3234
PR: #3330
ilija-lazoroski added a commit that referenced this issue May 15, 2023
@ilija-lazoroski
BB: Add SNMP configuration to depth_1_a grouped tests
b83fe48 
Issue: #3234
PR: #3330
mssalvatore pushed a commit that referenced this issue May 15, 2023
@ilija-lazoroski @mssalvatore
BB: Add SNMP configuration to depth_1_a grouped tests
8fe1d96 
Issue: #3234
PR: #3330
mssalvatore pushed a commit that referenced this issue May 15, 2023
@ilija-lazoroski @mssalvatore
BB: Add SNMP configuration to depth_1_a grouped tests
f829039 
Issue: #3234
PR: #3330
mssalvatore added a commit that referenced this issue May 15, 2023
@mssalvatore
Merge branch '3234-documentation' into develop
f2401b6 
Issue #3234
PR #3339
mssalvatore added a commit that referenced this issue May 16, 2023
@mssalvatore
Merge branch '3234-pyasn' into develop
fdd2b2c 
Issue #3234
@cakekoa cakekoa mentioned this issue May 16, 2023
Merged
10 tasks
mssalvatore added a commit that referenced this issue May 17, 2023
@mssalvatore
Merge branch '3234-script-dropper' into develop
1cab4af 
Issue #3234
PR #3348
@mssalvatore mssalvatore reopened this May 17, 2023
@cakekoa cakekoa mentioned this issue May 22, 2023
Merged
10 tasks
mssalvatore added a commit that referenced this issue May 22, 2023
@mssalvatore
Merge branch '3234-fix-inconsistent-value-error' into develop
dd26984 
Issue #3234
PR #3365
mssalvatore added a commit that referenced this issue May 24, 2023
@mssalvatore
Merge branch '3234-repeat-create-on-error' into develop
42d48eb 
Issue #3234
mssalvatore added a commit that referenced this issue May 26, 2023
@mssalvatore
Changelog: Add entries for #3234, #3165
1ce30cf
@mssalvatore mssalvatore mentioned this issue Jun 8, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Complexity: Medium Exploit Impact: High Plugins sp/13
Projects
None yet
Milestone
v2.2.0
Development

Successfully merging a pull request may close this issue.

3234 script dropper guardicore/monkey
3234 fix inconsistent value error guardicore/monkey
3 participants
@cakekoa @ilija-lazoroski @mssalvatore