Commit Graph

7109 Commits

Author SHA1 Message Date
Mike Salvatore 16bb13fc10 Agent: Remove ScoutSuite system info collector 2022-02-09 14:27:20 +05:30
Ilija Lazoroski ee0c98a435 Agent: Implement scan_tcp_ports in tcp_scanner
Move check_tcp_ports to tcp_scanner

Issue #1601
PR #1702
2022-02-08 15:03:12 -05:00
Mike Salvatore c15290415d
Merge pull request #1701 from guardicore/1603-enable-http-fingerprinting
Enable http fingerprinting
2022-02-08 09:05:32 -05:00
Mike Salvatore 69fa4adf1f Island: Add comment describing _translate_fingerprinter_name() 2022-02-08 09:04:59 -05:00
Mike Salvatore 0a04e846ba Agent: Add missing return type to HTTPFingerprinter 2022-02-08 08:48:17 -05:00
Mike Salvatore 373a25d5f6 Agent: Improve comments in HTTPFingerprinter 2022-02-08 08:41:00 -05:00
Mike Salvatore 8e4eeb2f5e Agent: Fix inaccurate type-hint in IPScanner._run_fingerprinters() 2022-02-08 07:45:24 -05:00
Mike Salvatore 0b33aacb82 Island: Add missing return types to some functions in ConfigService 2022-02-08 07:38:24 -05:00
Mike Salvatore 916222c2d9 UT: Add unit tests for HTTPFingerprinter 2022-02-07 14:24:45 -05:00
Mike Salvatore 479627c71e Agent: Load the HTTPFingerprinter using the new name, "http" 2022-02-07 14:24:45 -05:00
Mike Salvatore 207a65e2a9 Island: Simplify the names of fingerprinters in the config 2022-02-07 14:24:45 -05:00
Mike Salvatore 6d5b55be10 Agent: Implement fingerprinting in Puppet 2022-02-07 14:24:45 -05:00
Mike Salvatore 46487be05d Agent: Handle new fingerprinters config format in IPScanner 2022-02-07 14:24:45 -05:00
Mike Salvatore a989e5543a Island: Format fingerprinter config with options 2022-02-07 14:24:45 -05:00
Mike Salvatore 4b2fb260c3 Agent: Rename HTTPFinger -> HTTPFingerprinter 2022-02-07 14:24:45 -05:00
Mike Salvatore f5ef660bd2 Agent: Refactor HTTPFinger to conform to IFingerprinter interface
* Remove dependency on Plugin, HostFinger, and WormConfiguration
* Improve readability
* Reduce unnecessary HTTP requests by using the PortScanData to only
  query ports we know are open.
2022-02-07 14:24:45 -05:00
Mike Salvatore 4361aa2325 Agent: Add IFingerprinter 2022-02-07 14:24:45 -05:00
Mike Salvatore 5695808adb Agent: Add options parameter to IPuppet.fingerprint() 2022-02-07 14:24:45 -05:00
Ilija Lazoroski 0dae58baaf Agent, UT: Change puppet interface to use scan_tcp_ports
Instead of using scan_tcp_port and scan each port seperately
we can use scan_tcp_ports which will recieve list of ports
for the specific host and return dictionary of port:PortScanData
items. There was no point of scanning each port seperately.
2022-02-07 14:24:20 -05:00
Mike Salvatore f07c876d31 Agent: Add code review comments to check_tcp_ports() 2022-02-07 07:42:07 -05:00
Mike Salvatore d77af7de0b
Merge pull request #1689 from guardicore/1676-remove-agent-bootloader
Remove agent bootloader
2022-02-03 12:13:27 -05:00
Mike Salvatore da58392050 Agent: Reset signal handlers after the Master is cleaned up
After the Master terminates, this resets the signal handlers to the
default handlers provided by Python.
2022-02-03 07:58:24 -05:00
Ilija Lazoroski 3f639d40f3 Agent: Add pkg_resources.py2_warn in the spec file. 2022-02-03 13:49:01 +01:00
Mike Salvatore 019f2c1403 Agent: Implement ping scanning in Puppet
Fixes #1602
PR #1691
2022-02-02 09:14:27 -05:00
Mike Salvatore 9f2fe5e513 Agent: Refactor ping_scanner to remove unnecessary inheritance 2022-02-02 09:14:27 -05:00
Ilija Lazoroski 28d03339bf Island: Small formatting change in config model 2022-02-01 18:27:51 +01:00
Ilija Lazoroski e224470161 Changelog: Add entry for removal of agent's bootloader 2022-02-01 18:27:51 +01:00
vakarisz 25f1195475 Island, UI: remove starting node states
Since bootloader is gone, nothing sets the state of the node to "starting"
2022-02-01 18:27:51 +01:00
vakarisz 79ab06e575 Island, UI: remove starting node states
Since bootloader is gone, nothing sets the state of the node to "starting"
2022-02-01 18:27:51 +01:00
Ilija Lazoroski 28875fd55f Agent: Change pyinstaller version to 4.2
Remove altgraph and importlib-metadata since upstream
pyinstaller includes them.
2022-02-01 18:26:49 +01:00
Shreya Malviya 2c88d6053c Project: Remove deleted constants from Vulture's allowlist 2022-02-01 16:40:06 +01:00
Shreya Malviya a8956a18ff Island: Remove 'old' node states now that the bootloader is removed 2022-02-01 16:40:06 +01:00
Shreya Malviya a7f821d20d Agent: Remove unneeded function `is_local_ips` since bootloader telem was removed 2022-02-01 16:40:06 +01:00
Shreya Malviya db965e14f8 Agent: Remove do_POST in HTTPConnectProxyHandler
As per https://github.com/guardicore/monkey/pull/527, this code was
added for the bootloader. Now that we're removing the bootloader, this
is no longer needed.
2022-02-01 16:39:57 +01:00
Ilija Lazoroski b5c51bedc1 Island, UT: Remove Bootloader endpoint 2022-02-01 15:32:13 +01:00
Ilija Lazoroski add449c5f4 Island, UT: Remove bootloader service 2022-02-01 15:32:13 +01:00
Ilija Lazoroski fbd36e5b41 Island: Remove Bootloader server 2022-02-01 15:32:13 +01:00
Shreya Malviya c3e66debc8 Docs: Remove the bootloader section from the operating systems page 2022-02-01 15:32:13 +01:00
Shreya Malviya 2a4024926b Agent: Update Pipfile to use an original pyinstaller version instead of
our fork

and remove related dependencies as per the comments next to them.
The pyinstaller version is changed to the version that the Island uses.
2022-02-01 15:32:13 +01:00
Mike Salvatore 635496a4be
Merge pull request #1687 from guardicore/1677-remove-ms08-067
Remove MS08-067 Exploiter
2022-01-31 08:17:35 -05:00
Mike Salvatore d257276f30 Changelog: Add entry for removal of MS08-067 exploiter 2022-01-31 08:15:43 -05:00
Ilija Lazoroski ceec121d88 Agent: Remove shellcode obfusctor
Encryptor which was used in MS08-067 exploiter.
2022-01-31 11:11:33 +01:00
Ilija Lazoroski ff87252a24 Agent, Island: Remove MS08_67 exploiter 2022-01-31 11:11:33 +01:00
Ilija Lazoroski 3fc8621e16 Docs: Remove MS08_067 exploiter documentation 2022-01-31 11:11:25 +01:00
Mike Salvatore 678db40e25 Agent: Check for spaces in IP or domain names
socket.gethostbyname() may return different results on different systems
when provided with an IP address that contains a space. This depends on
python version or other environmental factors. For example:

System 1:
>>> socket.gethostbyname('172.60 .9.109')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known
>>> socket.gethostbyname('172.17 .9.109')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known

System 2:
>>> socket.gethostbyname('172.60 .9.109')
'172.0.0.60'

To remedy this, this commit adds a check to verify that the IP/domain
does not contain a space, as a space is an illegal character in either.
2022-01-27 12:56:40 -05:00
Mike Salvatore 8371a268ba Island: Change the order of log messages on startup to improve UX
Some users were confused when the Island started up and thought it had
frozen. I hope to alleviate this confusion by changing the order of the
log messages. If the last message displayed after initialization
gives the user instructions on accessing the island, hopefully users
will no longer be confused.

PR #1684
2022-01-26 12:09:43 -05:00
Mike Salvatore f478444bb7
Merge pull request #1682 from guardicore/small-code-improvements
Small code improvements
2022-01-26 08:31:55 -05:00
Mike Salvatore a888915577 Agent: Add bool return type hint to _can_propagate() 2022-01-26 08:14:04 -05:00
Mike Salvatore 92636da4b2 Agent: Use Iterable instead of List for type hint in run_plugins() 2022-01-26 08:13:35 -05:00
Mike Salvatore 8cf54e7673 Agent: Fix typo plugin -> plugins in _run_plugins() 2022-01-26 08:11:35 -05:00