Merge pull request #1570 from guardicore/1556-broken-agent-manual-run-win
1556 broken agent manual run Windows
This commit is contained in:
commit
2c3cbb2ef7
|
@ -12,9 +12,11 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
|
||||
### Removed
|
||||
- The VSFTPD exploiter. #1533
|
||||
- Manual agent run command for CMD. #1570
|
||||
|
||||
### Fixed
|
||||
- A bug in network map page that caused delay of telemetry log loading. #1545
|
||||
- Windows "run as a user" powershell command for manual agent runs. #1570
|
||||
|
||||
### Security
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@ import React, {useEffect, useState} from 'react';
|
|||
import InlineSelection from '../../../ui-components/inline-selection/InlineSelection';
|
||||
import DropdownSelect from '../../../ui-components/DropdownSelect';
|
||||
import {OS_TYPES} from '../utils/OsTypes';
|
||||
import GenerateLocalWindowsCmd from '../commands/local_windows_cmd';
|
||||
import GenerateLocalWindowsPowershell from '../commands/local_windows_powershell';
|
||||
import GenerateLocalLinuxWget from '../commands/local_linux_wget';
|
||||
import GenerateLocalLinuxCurl from '../commands/local_linux_curl';
|
||||
|
@ -50,8 +49,7 @@ const getContents = (props) => {
|
|||
|
||||
function generateCommands() {
|
||||
if (osType === OS_TYPES.WINDOWS_64 || osType === OS_TYPES.WINDOWS_32) {
|
||||
return [{type: 'CMD', command: GenerateLocalWindowsCmd(selectedIp, osType, customUsername)},
|
||||
{type: 'Powershell', command: GenerateLocalWindowsPowershell(selectedIp, osType, customUsername)}]
|
||||
return [{type: 'Powershell', command: GenerateLocalWindowsPowershell(selectedIp, osType, customUsername)}]
|
||||
} else {
|
||||
return [{type: 'CURL', command: GenerateLocalLinuxCurl(selectedIp, osType, customUsername)},
|
||||
{type: 'WGET', command: GenerateLocalLinuxWget(selectedIp, osType, customUsername)}]
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
import {OS_TYPES} from '../utils/OsTypes';
|
||||
|
||||
|
||||
export default function generateLocalWindowsCmd(ip, osType, username) {
|
||||
let bitText = osType === OS_TYPES.WINDOWS_32 ? '32' : '64';
|
||||
let command = `powershell [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}; `
|
||||
+ `(New-Object System.Net.WebClient).DownloadFile('https://${ip}:5000/api/monkey/download/`
|
||||
+ `monkey-windows-${bitText}.exe','.\\monkey.exe'); `
|
||||
+ `;Start-Process -FilePath '.\\monkey.exe' -ArgumentList 'm0nk3y -s ${ip}:5000';`;
|
||||
|
||||
if (username != '') {
|
||||
command = `runas /user:${username} "cmd /K ${command}"`;
|
||||
}
|
||||
|
||||
return command;
|
||||
}
|
|
@ -1,15 +1,20 @@
|
|||
import {OS_TYPES} from '../utils/OsTypes';
|
||||
|
||||
|
||||
export default function generateLocalWindowsPowershell(ip, osType, username) {
|
||||
function getAgentDownloadCommand(ip, osType) {
|
||||
let bitText = osType === OS_TYPES.WINDOWS_32 ? '32' : '64';
|
||||
let command = `[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}; `
|
||||
+ `(New-Object System.Net.WebClient).DownloadFile('https://${ip}:5000/api/monkey/download/`
|
||||
+ `monkey-windows-${bitText}.exe','.\\monkey.exe'); `
|
||||
+ `;Start-Process -FilePath '.\\monkey.exe' -ArgumentList 'm0nk3y -s ${ip}:5000';`;
|
||||
return `$execCmd = @"\r\n`
|
||||
+ `[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {\`$true};`
|
||||
+ `(New-Object System.Net.WebClient).DownloadFile('https://${ip}:5000/api/monkey/download/monkey-windows-${bitText}.exe',`
|
||||
+ `"""$env:TEMP\\monkey.exe""");Start-Process -FilePath '$env:TEMP\\monkey.exe' -ArgumentList 'm0nk3y -s ${ip}:5000';`
|
||||
+ `\r\n"@; \r\n`
|
||||
+ `Start-Process -FilePath powershell.exe -ArgumentList $execCmd`;
|
||||
}
|
||||
|
||||
if (username != '') {
|
||||
command = `Start-Process powershell.exe -ArgumentList "-noexit ${command}" -Credential ${username}`;
|
||||
export default function generateLocalWindowsPowershell(ip, osType, username) {
|
||||
let command = getAgentDownloadCommand(ip, osType)
|
||||
if (username !== '') {
|
||||
command += ` -Credential ${username}`;
|
||||
}
|
||||
|
||||
return command;
|
||||
|
|
Loading…
Reference in New Issue