33143080a5
Merge branch 'develop' into feature/report_exporters
2019-01-26 20:07:37 +02:00
0feb19ede5
PEP8 stuff
2019-01-26 19:42:35 +02:00
d8d4d4970f
Merge pull request #147 from guardicore/feature/mssql_exploiter
...
Feature/mssql exploiter
2019-01-26 16:56:37 +02:00
6073e9f677
Improved the speed of weblogic exploiter
2019-01-24 17:28:44 +02:00
074aa1af50
TCP scanner now sleeps in miliseconds instead of seconds.
2019-01-24 13:58:58 +02:00
9e0fbdaac3
- Updated dynamic payload file creation
2019-01-20 16:09:40 +02:00
dfe6cf073e
- Added dynamic file creation on runtime instead of a static payload file
2019-01-20 15:13:48 +02:00
c47047c815
Added CMD prefix to windows commands that check for exploitability and upload monkey.
2019-01-16 16:15:18 +02:00
0bfde8d047
- adjusted config to mssql exploiter.
2019-01-07 18:11:31 +02:00
2ac98ca5fc
Merge branch 'develop' into feature/mssql_exploiter
...
# Conflicts:
# monkey/infection_monkey/requirements.txt
# monkey/monkey_island/cc/services/config.py
# monkey/monkey_island/cc/services/report.py
# monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js
2019-01-07 17:42:00 +02:00
68093d084f
Rename ms08_067_remote_user_add and ms08_067_remote_user_pass to something more generic
2019-01-07 10:58:20 +02:00
70545d28f8
Merge pull request #242 from guardicore/feature/post_breach_actions
...
Post breach actions
2019-01-07 10:26:07 +02:00
c572e515a1
Let us properly fingerprint using ping
2019-01-06 17:40:14 +02:00
372ffeaa04
Remove scanner class from schema
2019-01-06 17:17:47 +02:00
3dfc7242aa
Remove all usage of scanner_class
2019-01-06 17:17:47 +02:00
d0998fc4f6
Remove scanner class from configuration
2019-01-06 17:17:47 +02:00
f4669bf3f5
Make monkey always try to ping the remote machine.
...
This catches more events for the cross segment analyser
2019-01-06 17:17:42 +02:00
7b5604a0de
Make post breach actions happen in the monkey
2019-01-02 19:32:44 +02:00
95a2a0e428
Add backdoor user functionality to Monkey itself.
...
The backdoor user is purposefully disabled
2019-01-02 19:32:44 +02:00
382b95c75d
Add option for post breach actions to configuration
2019-01-02 19:32:44 +02:00
077d536526
Add missing dependency
2019-01-02 19:32:44 +02:00
078470e257
- added char conversion for mongo insertion, mongodb doesn't allow for '.' in keys names and sometimes machine names might include '.' char in them. We encode with ',,,' and decode back to '.'.
2019-01-02 16:25:26 +02:00
985f45d8de
- Added exporters list population
...
- some pep8
- Added a report json cleanup for mongo insertion, sometimes machine names are used as keys and these names might contain '.' which mongodb doesn't allow.
- Fixed a typo and aws sec hub protocol requirements
2019-01-02 14:26:36 +02:00
d3a42792fb
Remove dead line of code in config.py
2018-12-31 18:43:00 +02:00
4b06c1e3f4
- added 'author' to each file.
2018-12-31 14:58:14 +02:00
6b35f22280
Merge branch 'develop' into feature/report_exporters
...
# Conflicts:
# monkey/common/cloud/aws.py
# monkey/monkey_island/cc/services/config.py
2018-12-31 14:54:11 +02:00
7f3ee69527
- Created the exporter_init file, in there the exporter manager singleton is created and
...
populated with the relevant exporters (the aws exporter in this case)
- changed the report file to use the new exporter manager singleton
- changed the finding structure in the aws_exporter.py, divided it to creation functions
and cleaned the code.
2018-12-31 14:51:07 +02:00
43896ed718
Set default scan interval to 0
2018-12-31 12:30:44 +02:00
3ca5119e03
Remove debug print on what users/passwords to try
2018-12-31 12:30:08 +02:00
2ada581672
Merge pull request #239 from guardicore/bugfix/config_in_seperate_file
...
Move config schema to separate file for easier editing
2018-12-31 12:08:36 +02:00
b536083573
Remove debug print on what users/passwords to try
2018-12-31 12:08:09 +02:00
5d3524cff5
Move config schema to separate file for easier editing
2018-12-30 18:11:14 +02:00
d32c7932b7
Merge remote-tracking branch 'origin/develop' into develop
2018-12-27 17:14:27 +02:00
796ac48c72
Add timeout for URL queries
2018-12-27 17:14:13 +02:00
d567a8da46
Merge pull request #233 from guardicore/bugfix/fix_map_colors
...
Bugfix - report map colored again
2018-12-24 11:47:08 +02:00
09c6324f4a
Merge pull request #229 from guardicore/feature/tracert-with-bin
...
Feature/tracert with bin
2018-12-24 11:17:11 +02:00
4e5ede0a72
Add note on exception throwing
2018-12-24 10:58:29 +02:00
e82fb7f061
Add default ttl
2018-12-23 19:35:36 +02:00
606f3525f7
Fix CR + add 32/64bit binary choice
2018-12-23 16:51:27 +02:00
6ff2e7f541
Fix CR comment
2018-12-23 12:21:11 +02:00
079038783b
Update monkey/infection_monkey/network/tools.py
...
Co-Authored-By: itaymmguardicore <30774653+itaymmguardicore@users.noreply.github.com>
2018-12-23 11:26:53 +02:00
c184bd54f0
- Changed curl to wget, its available out of the box on more OSs.
2018-12-19 18:19:48 +02:00
be17288a4e
Merge pull request #236 from VakarisZ/hadoop_quickfix
...
Hadoop windows quicfix
2018-12-19 11:43:52 +02:00
67fc46cb18
Upload only 64 bit monkey to windows
2018-12-19 11:42:40 +02:00
9ccd1db309
Make report map colored again
2018-12-18 16:08:19 +02:00
b2deb4b6c9
Add doc for parse_traceroute
2018-12-16 19:09:08 +02:00
0658431358
Use carried traceroute on linux
2018-12-16 18:15:04 +02:00
8d50b5d02c
merge spec files
2018-12-16 13:38:44 +02:00
c918a498c9
Merge pull request #224 from VakarisZ/shellshock_timeout_handling
...
Shellshock timeout exception handling
2018-12-11 19:18:13 +02:00
3ca761f492
RCR:
...
- started the report exporter manager singleton.
- added region parsing using regex
-
2018-12-11 12:14:38 +02:00
03ad75b043
Now break the loop as soon as we encounter timeout
2018-12-11 09:44:21 +02:00
09538de4b1
Merge pull request #225 from VakarisZ/deployment_scripts
...
Deployment scripts
2018-12-10 13:22:05 +02:00
24619aa38f
Deployment scripts added to the repository
2018-12-10 13:08:59 +02:00
24eed6d069
Merge pull request #223 from guardicore/feature/add_config_to_pth
...
Actually use mimikatz configuration variable
2018-12-06 16:11:50 +02:00
efde6d1643
Shellshock exception handling
2018-12-06 15:41:29 +02:00
61f040ef6f
Moved the check to a top level function.
2018-12-05 13:59:33 +02:00
f8f948439c
Also add to example conf file
2018-12-04 10:09:55 +02:00
cc27b5dd20
Actually use mimikatz configuration variable
2018-12-04 10:06:48 +02:00
af14daaebc
Merge pull request #220 from guardicore/feature/netstat
...
Add netstat
2018-12-03 16:00:09 +02:00
df23be9c75
Merge pull request #212 from VakarisZ/hadoop_win32_fix
...
Hadoop windows fixed to be more reliable
2018-12-03 10:35:38 +02:00
841ad28973
Add netstat
2018-12-02 16:12:10 +02:00
078f03d9ed
Merge pull request #219 from acepace/bugfix/fix_warnings_in_sambacry_util
...
Bugfix/fix warnings in sambacry util
2018-12-02 11:10:13 +02:00
6d0805beb1
newline at end of file
2018-12-01 21:32:53 +02:00
d92db8effd
Replace strncat with single snprintf call
2018-12-01 21:32:47 +02:00
1cedfb5c2d
small fixes
2018-11-29 17:43:53 +02:00
db5e5eb453
Commands moved to model
2018-11-29 17:43:09 +02:00
498ddcacf5
* mistaken _ with -...
2018-11-29 16:51:12 +02:00
1339ab723f
* mistaken _ with -...
2018-11-29 15:48:41 +02:00
e24e9b90f7
* Added fallback case for urllib failure to get the region
...
* Added some safe checks for formatting and happy flows
* Removed productARN from server_config.json - it will now be inserted in deb build.
* Added the awscli lib to be installed via pip
2018-11-28 18:54:50 +02:00
1c99636414
* Changed the resource id to be instance arn and not only instance id
2018-11-28 17:40:32 +02:00
25340e9998
* Deleted print statement
...
* Added further inspection in telemtry
2018-11-28 17:05:10 +02:00
9d36cf3990
* add the right key in telemetry
...
* added error handling in report.py
2018-11-28 15:30:46 +02:00
0fe7a9c6e1
* Match it back to aws env
2018-11-28 15:02:17 +02:00
8397af4c6b
* Added region to finding sending configuration for boto3
2018-11-28 14:56:46 +02:00
bdecc7ade6
* added dynamic region lookup
...
* building the product ARN dynamically
* Resource type is now Other in case we dont have instance_id
2018-11-28 13:27:35 +02:00
7d94185a10
* fixed a wrong IF statement that prevented issues from appending
2018-11-28 12:53:58 +02:00
83ea8af9e0
* Added error handling in case the aws cli wasn't properly installed.
2018-11-27 22:28:06 +02:00
2f1240cc0e
* Added the boto3 pckg to the right req'.txt file
...
* Added a safe dict key access for aws_instance_id in report.py
* Added a skip in the aws_export if there is no instance_id in the issue.
2018-11-27 20:21:39 +02:00
8efed2de22
Fix path that run.sh executes
2018-11-27 18:33:08 +02:00
e8c604d7c5
* Changed the exporter to work in aws and not standard (was used for debugging)
2018-11-27 17:48:40 +02:00
af97fb6ffc
* Added a check to no issues list
...
* Changed the productARN to the monkey's ARN
2018-11-27 17:45:31 +02:00
0a6b3a12fa
* Separated the configuration functions to support both island's and monkey's needs
...
* Removed space char from the default value of the aws keys
* Changed the submit function in the JS to point to the right endpoint
2018-11-27 17:32:46 +02:00
9e6b2b2d26
* Added missing findings
...
* switched to using the aws account id from the island's configuration page
2018-11-27 16:57:53 +02:00
fb5ae63f04
* Fixed the aws env class to not be static anymore after itay's change.
...
* Added aws region getter
2018-11-27 14:45:44 +02:00
7f8a00ddc1
Merge remote-tracking branch 'origin/feature/report_exporters' into feature/report_exporters
2018-11-27 14:45:12 +02:00
bf29cddf4d
* Fixed the aws env class to not be static anymore after itay's change.
...
* Added aws region getter
2018-11-27 14:44:39 +02:00
8e6ab5b9f5
* Added aws region getter
...
* Moved productARN to server_config.json file
2018-11-27 14:16:06 +02:00
a42d621340
* Added another configuration endpoint for the island specific fields
2018-11-27 14:16:06 +02:00
90554f63cb
* Exceptions handling for sending findings
2018-11-27 14:16:06 +02:00
f506eb3dd1
* a small fixup
2018-11-27 14:16:06 +02:00
a00bfc17e3
* add instance id to domain issues too
2018-11-27 14:16:06 +02:00
1912a27422
* added instance ID to each issue in an aws machine
...
* changed findings resource to ec2 instance id instead of IP
2018-11-27 14:16:06 +02:00
f8f7421c47
* Added aws creds keys to configuration
...
* Added boto session creation using credentials
* Added a flag in the get_config function to separate island configuration values from monkey ones.
2018-11-27 14:16:00 +02:00
dd5bbdec35
* encrypted config
2018-11-27 14:14:41 +02:00
148ee3f0f0
* Added env' config
...
* Added exporters and aws exporter
* changed report generation to be automatic on monkey death with support of on-demand report generation and mongo storage
2018-11-27 14:14:41 +02:00
c888ab7bc9
adding the exporter father class and aws implement
2018-11-27 14:14:41 +02:00
673605b721
* Added aws region getter
...
* Moved productARN to server_config.json file
2018-11-27 14:13:50 +02:00
fdeeed40f4
Merge pull request #214 from guardicore/feature/collect-aws-instanceid
...
Add AWS instance id collector
2018-11-27 04:12:45 -08:00
1c75fbecf0
Modern classes and not old school classes
2018-11-27 14:12:23 +02:00
b3afeee3c0
Rename Aws to proper AWS
2018-11-27 14:10:46 +02:00
b7bfdd7afd
Quick move from unicode to text_type
2018-11-27 11:26:09 +02:00
f82069e9bf
Merge pull request #215 from guardicore/feature/add-support-encrypted-values
...
Add support for strings to be encrypted
2018-11-27 01:20:12 -08:00
c47572cd53
* Added another configuration endpoint for the island specific fields
2018-11-27 11:08:43 +02:00
4365ed2a14
Merge branch 'feature/add-support-encrypted-values' into feature/report_exporters
2018-11-27 10:30:00 +02:00
8eca2ca1e9
* Exceptions handling for sending findings
2018-11-27 10:28:41 +02:00
984a64561e
* a small fixup
2018-11-26 15:04:25 +02:00
4cc85448d7
* add instance id to domain issues too
2018-11-26 14:01:46 +02:00
85d832938d
Small bugfix in web_rce get_open_service_ports
2018-11-26 13:43:15 +02:00
a79c60e9bc
* added instance ID to each issue in an aws machine
...
* changed findings resource to ec2 instance id instead of IP
2018-11-26 12:59:06 +02:00
30a6d7542f
* deleted a line
2018-11-26 12:12:24 +02:00
2dfbc16450
* Added aws creds keys to configuration
...
* Added boto session creation using credentials
* Added a flag in the get_config function to separate island configuration values from monkey ones.
*
2018-11-26 11:48:43 +02:00
f6a0937b22
rename var + comment
2018-11-25 18:45:55 +02:00
fac6f970bb
Add support for strings to be encrypted
2018-11-25 18:38:44 +02:00
eddc4ca36a
Add AWS instance id collector
2018-11-25 16:29:44 +02:00
d21558e81a
* encrypted config
2018-11-25 14:17:20 +02:00
271c024574
* Added env' config
...
* Added exporters and aws exporter
* changed report generation to be automatic on monkey death with support of on-demand report generation and mongo storage
2018-11-25 12:39:47 +02:00
b48cb16088
Comment changed
2018-11-22 19:45:13 +02:00
3124f1eb5e
Merge pull request #211 from VakarisZ/island_config_navigation_ui_fix
...
Makes all tabs of equal height
2018-11-21 06:29:56 -08:00
5ffd22433a
Hadoop windows fixed to be more reliable
2018-11-21 13:32:45 +02:00
8496944409
Fix typo where Oracle WebLogic showed up
2018-11-20 17:46:35 +02:00
22a7a5401c
Hotfix english phrasing in WebLogic recommendation
2018-11-19 19:15:02 +02:00
3503bf9ccb
Makes all tabs of equal height
2018-11-19 15:55:18 +02:00
7179d840a7
adding the exporter father class and aws implement
2018-11-19 15:40:16 +02:00
472518bacf
Merge pull request #207 from VakarisZ/RDP_grinder_utf_fix
...
Fixes the problem of rdp grinder not being able to handle utf encoded credentials.
2018-11-19 01:36:27 -08:00
05103c21a2
Merge pull request #198 from guardicore/bugfix/uuid_to_string
...
Bugfix JWT expects input of string
2018-11-18 08:49:04 -08:00
8b81d32bab
Hotfix of issues enum
2018-11-18 15:20:01 +02:00
83da1cc23e
updated readme.txt and _MONGO_UURL to support connecting to external MongoDB instance by setting MONKEY_MONGO_URL env variable
2018-11-12 10:18:43 -08:00
fa8975706e
Cosmetic changes
2018-11-12 16:23:01 +02:00
b42ff98f9f
Converts utf to ascii and fixes the problem of rdp grinder not being able to handle utf encoded credentials
2018-11-12 16:17:12 +02:00
8994b0671f
fixed CR
2018-11-11 20:03:17 +02:00
f79629819e
Fix traceroute
2018-11-11 17:13:30 +02:00
9812dcd77d
A typo in the report page
2018-11-11 15:18:52 +02:00
3bb8531b4d
HOTFIX: Better label constructing for dup passwords issue
2018-11-11 14:01:03 +02:00
b14384fcb5
HOTFIX: Ignored cases where a user doesn't have hostname in shared_passwords issue
2018-11-11 12:16:54 +02:00
0361219488
HOTFIX: missing pckg in requirements.txt -fixed
2018-11-07 16:05:36 +02:00
b616e27cf8
Merge pull request #203 from VakarisZ/development_fixes
...
Added a few missing steps to monkey_island setup instructions
2018-11-07 01:31:12 -08:00
527c06b35c
Changed rule no. 0. to be more general and without typos.
2018-11-06 18:34:36 +02:00
ac3955e32e
Merge remote-tracking branch 'origin/develop' into develop
2018-11-06 18:20:11 +02:00
73856a8be9
HOTFIX: fixing location to be str and not unicode, BytesIO cant work with unicode.
2018-11-06 18:19:52 +02:00
8ca74f7d09
Merge pull request #202 from guardicore/bugfix/find_server_timeout
...
Bugfix/fix server timeout
2018-11-06 16:00:11 +02:00
9e68bf0bed
Added a few missing steps to monkey_island setup instructions (readme.txt in monkey_island)
2018-11-06 13:41:43 +02:00
fa1e1ce33c
Merge pull request #170 from guardicore/nadler/pth
...
Nadler/pth
2018-11-06 12:16:18 +02:00
cf9656068b
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:32 +02:00
5b8b0258c0
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:28 +02:00
c28f2d6c63
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:23 +02:00
f12ee32e21
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:18 +02:00
53ed6004b5
Second Fix: info log wasn't being created on some envs
...
Changed the path to the json config file to be a relative generic path
2018-11-05 16:10:27 +02:00
bdda578920
First fix: No indication for bad configuration file loaded via the "Import" button in configuration page.
...
Added specific error handling for that part.
2018-11-05 15:15:02 +02:00
0bd252d832
RE-CR: more docs
2018-10-31 14:51:23 +02:00
3bf917af80
RE-CR: tiny corrections
2018-10-31 14:28:52 +02:00
Daniel Goldberg
VakarisZ
maor.rayzin
MaorCore
Itay Mizeretz
VakarisZ
Ace Pace
Patrick Neise
itaymmguardicore