Commit Graph

4393 Commits

Author SHA1 Message Date
Shreya Malviya bc3283c4a5
Merge pull request #911 from shreyamalviya/zerologon-exploiter
Zerologon Exploiter
2021-02-24 17:58:45 +05:30
Shreya Malviya 43cac3568b
Reword exploiter description
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2021-02-24 16:18:58 +05:30
Shreya 28edf7d2b7 Encrypt credentials before logging 2021-02-24 16:08:36 +05:30
VakarisZ fdeb54d541 Added jwt_required decorator to the "local_run" endpoint, in order to avoid malicious actors running the monkey 2021-02-23 10:47:37 -05:00
Shreya db52f0966f Modify `PaginatedTable`: let `ReactTable` handle the case where no data is available 2021-02-23 10:00:56 -05:00
Mike Salvatore 4aa9a14f13 ci: remove `swimm verify` for now
There is a bug in swimm that is causing `swimm verify` to fail in the CI
pipeline, eventhough it succeeds locally. Disabling for now while the
swimm team works to rectify the issue.
2021-02-23 07:51:56 -05:00
Shreya 353e9844dc Modify unit tests 2021-02-23 12:57:50 +05:30
dependabot[bot] 8b60625d81 build(deps): bump marked in /monkey/monkey_island/cc/ui
Bumps [marked](https://github.com/markedjs/marked) from 1.1.1 to 2.0.0.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Changelog](https://github.com/markedjs/marked/blob/master/release.config.js)
- [Commits](https://github.com/markedjs/marked/compare/v1.1.1...v2.0.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-22 12:50:28 -05:00
Shreya a2c11759a4 Add unit tests 2021-02-22 22:35:46 +05:30
Shreya defc94dd59 Add zerologon_utils/vuln_assessment.py 2021-02-22 18:44:06 +05:30
Shreya 4e281d9826 CR changes: type hints and comment 2021-02-22 17:47:27 +05:30
Shreya cc6e3f687b Add SecureAuth Corporation acknowledgement to LICENSE.md 2021-02-22 17:44:15 +05:30
Mike Salvatore 95eb96acc8 Merge branch 'copyediting' into develop 2021-02-22 07:08:21 -05:00
MarketingYeti 8a1fec3f0b
Copyedits for usage sections (#965)
Copy edits - round 2
2021-02-22 07:06:56 -05:00
Shreya b82635d292 Add noqa comment to ignore complexity of DumpSecrets.dump() 2021-02-22 17:30:11 +05:30
Mike Salvatore 776d3421aa agent: add TODO to rework telemetry classes 2021-02-19 19:34:43 -05:00
Shreya 6883e4a5f1 Format all zerologon files with black 2021-02-20 01:12:04 +05:30
Shreya 2ef892e33f Try starting remote shell on victim with all user creds until successful 2021-02-20 01:12:04 +05:30
Shreya c227ccd3a1 Remove Zerologon fingerprinter (and move required functionality to Zerologon exploiter) 2021-02-20 01:12:04 +05:30
Shreya 869d608e09 Modify how `store_extracted_creds_for_exploitation()` is called
+ other little CR changes
2021-02-20 01:12:04 +05:30
Shreya 6c9ce028e0 Use __enter__() and __exit__() for StdoutCapture 2021-02-20 01:12:04 +05:30
Shreya e0ae8381ba restoring pwd: uses next available user account in case Administrator isn't found
and save all other credentials
2021-02-20 01:12:04 +05:30
Shreya c20e677940 Add impacket copyright notice 2021-02-20 01:12:01 +05:30
VakarisZ 4158ed802b Refactored telemetry unit tests to json encode data the same way telemetries do. 2021-02-19 17:19:21 +02:00
VakarisZ c698e0ab66
Merge pull request #848 from guardicore/519/scoutsuite-integration
519/scoutsuite integration
2021-02-19 08:08:40 +02:00
Shreya 0992e276b4 More CR changes
TODO:
- impacket license
- get pwd for some other users if 'Administrator' doesn't exist (and save all users' creds?)
- unit tests
2021-02-19 01:06:06 +05:30
Shreya 0866aee2cf Testing changes 2021-02-19 01:06:06 +05:30
Shreya 2c2a9eaaae Restructure `_exploit_host()` and `restore_password()` 2021-02-19 01:06:06 +05:30
Shreya 2bdcdcc18b CR changes 2021-02-19 01:06:06 +05:30
Shreya a3bc9188dd Increase flake8 warnings' limit from 80 to 81 2021-02-19 01:06:06 +05:30
Shreya d7086f04aa CR + testing changes 2021-02-19 01:06:06 +05:30
Shreya e357b3fbe6 Changes after rebasing 2021-02-19 01:06:06 +05:30
Shreya 435f10fb20 CR changes 2021-02-19 01:06:06 +05:30
Shreya 961d5f81f8 Make DC details object attributes 2021-02-19 01:06:06 +05:30
Shreya a908d31fc5 Remove unused imports and variable 2021-02-19 01:06:06 +05:30
Shreya 81c6de75b7 Add Zerologon to documentation 2021-02-19 01:06:06 +05:30
Shreya 290385a8a0 Zerologon's success on a machine shouldn't prevent other exploit attempts on the machine
(ZL gathers credentials for other exploits)
2021-02-19 01:06:06 +05:30
Shreya 9c0fc7e435 Changes after manual testing 2021-02-19 01:06:06 +05:30
Shreya c05a48d34d Final exploit touches and report stuff 2021-02-19 01:06:05 +05:30
Shreya b57605b58d Changes from manual testing 2021-02-19 01:06:05 +05:30
Shreya 1cf07eff89 Improve log messages and comments 2021-02-19 01:06:05 +05:30
Shreya 13ef69c3ed Clean up code and comments 2021-02-19 01:06:05 +05:30
Shreya 53ef6feadf Restore password
(wmiexec to get HKLM keys --> secretsdump to get orig pwd nthash --> restore)
2021-02-19 01:06:05 +05:30
Shreya e7485bd02f Mention CVE 2021-02-19 01:06:05 +05:30
Shreya 8549ba14cf Bringing stuff together 2021-02-19 01:06:05 +05:30
Shreya 5cd8b39f0f Get original passwords' hashes 2021-02-19 01:06:05 +05:30
Shreya a4207494ec Change classes order in file 2021-02-19 01:06:05 +05:30
Shreya 44e15bd2a0 Add restore_password() 2021-02-19 01:06:05 +05:30
Shreya 9468de471d Partially add Zerologon exploiter 2021-02-19 01:06:05 +05:30
Shreya 2cc0a159e0 Rename "WindowsServer" fingerprinter: "Zerologon" makes more sense 2021-02-19 01:06:05 +05:30