Running manually

Generating a manual run command

A command to run the Agent manually can be generated by the Island Server UI by
going to the "Run Monkey" -> "Manual" page.

Each Agent, when run, needs to authenticate with the Island using a one-time password (OTP). OTPs can be used exactly once and expire after 2 minutes. The commands on the "Run Monkey" -> "Manual" page are updated with a valid OTP each time a command is copied or the OTP expires.

Downloading the Agent manually

Agent binaries can be downloaded by sending a GET request to
https://[IP]:5000/api/agent-binaries/download/[OS], where [IP] stands for the IP
address of the Island Server and [OS] is either windows or linux.

Running the Agent binary

The Agent binary must begin with either the m0nk3y or dr0pp3r flag.

The m0nk3y flag is the standard way to run the Agent.

The dr0pp3r flag invokes the Agent dropper. The dropper will move the Agent binary to a location provided with the -l flag. Then, it will start the Agent with the m0nk3y flag as a new process. Finally, the dropper will shut itself down. This flag is useful if you want to detach the Agent from an exploited service or parent process. It alleviates the need for the parent process to wait until the Agent finishes.