Description

Monkey agents repeatedly query the Monkey Island for the current configuration. This behavior

1. Inflates the amount of traffic between agents and the Island.
2. Inflates the amount of traffic between agents (if tunneling is used).
3. Clutters agent logs

The agents need to query the Island for the config repeatedly because the config contains a field named alive. Setting this field to true or false is how the Island signals to the agents that they should stop. Additionally, querying for the config has the added benefit of updating the agent with any credentials that have been stolen by other agents. To preserve functionality but reduce traffic and clutter, dynamic fields should be removed from the configuration and separate API endpoints should be added so that agents can get exactly the data they need when they need it.

Tasks

• Extract alive from the agent and island config. Find a new way to store that all monkeys should die. (0d) - @VakarisZ
• Reimplement the body of the mocked endpoint that allows monkey agents to check whether or not they should shutdown. (0d)
• Change config endpoint to strip credentials out of config before returning config to monkey agent (0d) - @mssalvatore
• Review and modify the endpoint that allows monkey agents to query for updated credentials. (0d) @mssalvatore
  • exploit_lm_hash_list
  • exploit_ntlm_hash_list
  • exploit_password_list
  • exploit_ssh_keys
  • exploit_user_list