Shreya Malviya
bc3283c4a5
Merge pull request #911 from shreyamalviya/zerologon-exploiter
...
Zerologon Exploiter
2021-02-24 17:58:45 +05:30
Shreya Malviya
43cac3568b
Reword exploiter description
...
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2021-02-24 16:18:58 +05:30
Shreya
28edf7d2b7
Encrypt credentials before logging
2021-02-24 16:08:36 +05:30
VakarisZ
fdeb54d541
Added jwt_required decorator to the "local_run" endpoint, in order to avoid malicious actors running the monkey
2021-02-23 10:47:37 -05:00
Shreya
db52f0966f
Modify `PaginatedTable`: let `ReactTable` handle the case where no data is available
2021-02-23 10:00:56 -05:00
Mike Salvatore
4aa9a14f13
ci: remove `swimm verify` for now
...
There is a bug in swimm that is causing `swimm verify` to fail in the CI
pipeline, eventhough it succeeds locally. Disabling for now while the
swimm team works to rectify the issue.
2021-02-23 07:51:56 -05:00
Shreya
353e9844dc
Modify unit tests
2021-02-23 12:57:50 +05:30
dependabot[bot]
8b60625d81
build(deps): bump marked in /monkey/monkey_island/cc/ui
...
Bumps [marked](https://github.com/markedjs/marked ) from 1.1.1 to 2.0.0.
- [Release notes](https://github.com/markedjs/marked/releases )
- [Changelog](https://github.com/markedjs/marked/blob/master/release.config.js )
- [Commits](https://github.com/markedjs/marked/compare/v1.1.1...v2.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-22 12:50:28 -05:00
Shreya
a2c11759a4
Add unit tests
2021-02-22 22:35:46 +05:30
Shreya
defc94dd59
Add zerologon_utils/vuln_assessment.py
2021-02-22 18:44:06 +05:30
Shreya
4e281d9826
CR changes: type hints and comment
2021-02-22 17:47:27 +05:30
Shreya
cc6e3f687b
Add SecureAuth Corporation acknowledgement to LICENSE.md
2021-02-22 17:44:15 +05:30
Mike Salvatore
95eb96acc8
Merge branch 'copyediting' into develop
2021-02-22 07:08:21 -05:00
MarketingYeti
8a1fec3f0b
Copyedits for usage sections ( #965 )
...
Copy edits - round 2
2021-02-22 07:06:56 -05:00
Shreya
b82635d292
Add noqa comment to ignore complexity of DumpSecrets.dump()
2021-02-22 17:30:11 +05:30
Mike Salvatore
776d3421aa
agent: add TODO to rework telemetry classes
2021-02-19 19:34:43 -05:00
Shreya
6883e4a5f1
Format all zerologon files with black
2021-02-20 01:12:04 +05:30
Shreya
2ef892e33f
Try starting remote shell on victim with all user creds until successful
2021-02-20 01:12:04 +05:30
Shreya
c227ccd3a1
Remove Zerologon fingerprinter (and move required functionality to Zerologon exploiter)
2021-02-20 01:12:04 +05:30
Shreya
869d608e09
Modify how `store_extracted_creds_for_exploitation()` is called
...
+ other little CR changes
2021-02-20 01:12:04 +05:30
Shreya
6c9ce028e0
Use __enter__() and __exit__() for StdoutCapture
2021-02-20 01:12:04 +05:30
Shreya
e0ae8381ba
restoring pwd: uses next available user account in case Administrator isn't found
...
and save all other credentials
2021-02-20 01:12:04 +05:30
Shreya
c20e677940
Add impacket copyright notice
2021-02-20 01:12:01 +05:30
VakarisZ
4158ed802b
Refactored telemetry unit tests to json encode data the same way telemetries do.
2021-02-19 17:19:21 +02:00
VakarisZ
c698e0ab66
Merge pull request #848 from guardicore/519/scoutsuite-integration
...
519/scoutsuite integration
2021-02-19 08:08:40 +02:00
Shreya
0992e276b4
More CR changes
...
TODO:
- impacket license
- get pwd for some other users if 'Administrator' doesn't exist (and save all users' creds?)
- unit tests
2021-02-19 01:06:06 +05:30
Shreya
0866aee2cf
Testing changes
2021-02-19 01:06:06 +05:30
Shreya
2c2a9eaaae
Restructure `_exploit_host()` and `restore_password()`
2021-02-19 01:06:06 +05:30
Shreya
2bdcdcc18b
CR changes
2021-02-19 01:06:06 +05:30
Shreya
a3bc9188dd
Increase flake8 warnings' limit from 80 to 81
2021-02-19 01:06:06 +05:30
Shreya
d7086f04aa
CR + testing changes
2021-02-19 01:06:06 +05:30
Shreya
e357b3fbe6
Changes after rebasing
2021-02-19 01:06:06 +05:30
Shreya
435f10fb20
CR changes
2021-02-19 01:06:06 +05:30
Shreya
961d5f81f8
Make DC details object attributes
2021-02-19 01:06:06 +05:30
Shreya
a908d31fc5
Remove unused imports and variable
2021-02-19 01:06:06 +05:30
Shreya
81c6de75b7
Add Zerologon to documentation
2021-02-19 01:06:06 +05:30
Shreya
290385a8a0
Zerologon's success on a machine shouldn't prevent other exploit attempts on the machine
...
(ZL gathers credentials for other exploits)
2021-02-19 01:06:06 +05:30
Shreya
9c0fc7e435
Changes after manual testing
2021-02-19 01:06:06 +05:30
Shreya
c05a48d34d
Final exploit touches and report stuff
2021-02-19 01:06:05 +05:30
Shreya
b57605b58d
Changes from manual testing
2021-02-19 01:06:05 +05:30
Shreya
1cf07eff89
Improve log messages and comments
2021-02-19 01:06:05 +05:30
Shreya
13ef69c3ed
Clean up code and comments
2021-02-19 01:06:05 +05:30
Shreya
53ef6feadf
Restore password
...
(wmiexec to get HKLM keys --> secretsdump to get orig pwd nthash --> restore)
2021-02-19 01:06:05 +05:30
Shreya
e7485bd02f
Mention CVE
2021-02-19 01:06:05 +05:30
Shreya
8549ba14cf
Bringing stuff together
2021-02-19 01:06:05 +05:30
Shreya
5cd8b39f0f
Get original passwords' hashes
2021-02-19 01:06:05 +05:30
Shreya
a4207494ec
Change classes order in file
2021-02-19 01:06:05 +05:30
Shreya
44e15bd2a0
Add restore_password()
2021-02-19 01:06:05 +05:30
Shreya
9468de471d
Partially add Zerologon exploiter
2021-02-19 01:06:05 +05:30
Shreya
2cc0a159e0
Rename "WindowsServer" fingerprinter: "Zerologon" makes more sense
2021-02-19 01:06:05 +05:30