Comments (3)
This is simplified multiissue.tar.zip. Unzip, untar and run python main.py
. You should not have monkey-plugintoolbox
installed anywhere.
from monkey.
Solution
We decided on a different solution than the one described below. See #4126 (comment)
I was able to make the following changes to the main.py
in mutliissue.tar
and get it to work:
4a5
> from multiprocessing.context import BaseContext
47a49,56
> class CallableWrapper:
> def __init__(self, func):
> self._func = func
>
> def __call__(self):
> return self._func()
>
>
49c58,59
< def __init__(self, server: StubServer):
---
> def __init__(self, context: BaseContext, server: StubServer):
> self._context = context
53c63,65
< self._server.register(transform)
---
> SyncManager.register("CallableWrapper", CallableWrapper, exposed=["__call__"])
> manager = self._context.Manager()
> self._server.register(manager.CallableWrapper(transform))
66c78
< stub_registrar = StubRegistrar(stub_server)
---
> stub_registrar = StubRegistrar(stub_server, context)
Pros of this approach
- It works! At least, it does in this minimal example.
- The plugin remains ignorant of the underlying dependencies of multiprocessing.
Cons of this approach
- Every registration request results in a new
SyncManager
(process) being created
Analysis
While it's not ideal that new SyncManager
processes are created per registration, it may be unavoidable. The manager process needs to be able to import the function, which means it needs to be started with the same import path as the plugin process. In order to keep plugins isolated, each plugin must therefore have its own manager process.
The new manager process appears to be automatically cleaned up when it is no longer needed.
In order to reduce the number of processes that get opened, we should modify the interface for IHTTPAgentBinaryServerRegistrar
slightly. Currently, its reserve_download()
method accepts an AgentBinaryTransform
, which is a callable. By default, use_agent_binary()
is passed. This function is essentially a NOP. Instead, the interface for reserve_download()
should accept (and default to) None
for the agent_binary_transform
parameter. If agent_binary_transform is None
, then no manager process needs to be started.
Tasks
- Implement the fix as shown above in the #Solution section of this comment. Validate that it solves the original problem.
- Validate that the sync manager processes get properly cleaned up when the plugin exits.
- Modify the
IHTTPAgentBinaryServerRegistrar
and any implementations in accordance with the ##Analysis section of this comment.
from monkey.
The proposed solution didn't solve all of the issues. Rather than invest more time into this, we decided to solve this a different way. A callable that manipulates the binary is probably more heavy-handed than necessary. The majority of use cases can be covered by using a template instead of a callback.
from monkey.
Related Issues (20)
- Setting `MONKEY_MONGO_URL` env variable to non-default value results in island exiting with error
- Fix logoff on token expiration
- Handle limited payload size
- Insecure OTP usage in unreleased Agent
- Add OpenSMTPD exploiter
- Detect which system/server have outgoing internet is enabled or reachable to 0.0.0.0 HOT 1
- Rewrite "running the agent on AWS EC2 instances"
- Add credentials collectors reference
- Add exploiters reference
- Add credentials collectors explanation
- Add exploiters explanation
- Rewrite the "ransomware simulation" explanation
- Improve "Agent propagation" explanation
- Add server_config.json reference documentation HOT 2
- Rewrite the "Data directory" reference page
- Improve configuration documentation
- Transform the "getting started" page into a proper **How To**
- Improve "Running Manually" documentation
- Use cases documentation.
- Update/improve Malware Masquerade documentation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from monkey.