search

guardicore / monkey

Infection Monkey - An open-source adversary emulation platform
https://www.guardicore.com/infectionmonkey/
GNU General Public License v3.0
6.67k stars 785 forks source link

Broken agent manual run as windows user #1556

Closed VakarisZ closed 2 years ago

VakarisZ commented 3 years ago

Describe the bug

If you select windows and input a username, the generated command will not work: image

image

To Reproduce

Steps to reproduce the behavior:

  1. Configure the run command as shown in the screenshot
  2. See error

Solutions:

These changes need to be done to the command:

  1. Absolute path needs to be provided instead of "./monkey" as the output of downloaded file
  2. powershell.exe needs to be under -FilePath flag: -FilePath powershell.exe
  3. The $true needs to be escaped with ` character.

Example of a working command: 

Start-Process -FilePath powershell.exe -ArgumentList "-noexit [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {`$true}; (New-Object System.Net.WebClient).DownloadFile('https://172.19.176.1:5000/api/monkey/download/monkey-windows-64.exe','C:\Users\user3\monkey.exe'); Start-Process -FilePath 'C:\Users\user3\monkey.exe'
 -ArgumentList 'm0nk3y -s 172.19.176.1:5000';" -Credential user3

Tasks

mssalvatore commented 3 years ago

Will a path with an environment variable work, like %temp%\monkey.exe?