p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity
8,494 Commits 31 Branches 20 Tags 48 MiB
Commit Graph

8494 Commits

Author SHA1 Message Date
Mike Salvatore ad1928db98
Merge pull request #2016 from guardicore/1996-agent-worm-config-decouple 
1996 agent worm config decouple
 2022-06-14 20:06:25 -04:00
Mike Salvatore 83a2a911e9 CHANGELOG: Add entry for malfomed MSSQL agent launch commands 2022-06-14 14:49:35 -04:00
Mike Salvatore 8d9a2c536f Agent: Reorder methods in MSSQLExploiter 2022-06-14 14:22:43 -04:00
Mike Salvatore 819262ef73 Agent: Remove disused "Payload" classes 2022-06-14 14:22:43 -04:00
Mike Salvatore a54eca96ba Agent: Remove disused MSSQLLimitedSizePayload 2022-06-14 14:22:43 -04:00
Mike Salvatore 0e2a63b6ac Agent: Remove disused run_mssql_commands() 2022-06-14 14:22:43 -04:00
Mike Salvatore ff83f41b4a Agent: Remove disused run_mssql_command() 2022-06-14 14:22:43 -04:00
Mike Salvatore 522e62ad14 Agent: Refactor MSSQL create directory commands 
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
 2022-06-14 14:22:43 -04:00
Mike Salvatore 7b356cf893 Agent: Refactor MSSQL run payload file commands 
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
 2022-06-14 14:22:43 -04:00
Mike Salvatore f349e1a334 Agent: Refactor MSSQL run agent commands 
Remove the dependency on the MSSQLLimitedSizePayload and use simple
methods like "_write_command_to_batch_file()".
 2022-06-14 14:22:43 -04:00
Mike Salvatore b2aa8333c3 Agent: Refactor MSSQL cleanup commands 
* Simplify!
    * Remove the dependency on MSSQLLimitedSizePayload.
    * Use f-strings
 2022-06-14 14:22:43 -04:00
Mike Salvatore 257c6b0b05 Agent: Refactor MSSQL agent download command 
The first step in exploitation is to instruct the victim to download the
agent. This commit refactors this code to remove the dependency on the
MSSQLLimitedSizePayload. To do this, it introduces
`_write_command_to_batch_file()` which will be reused by the agent
execution command.
 2022-06-14 14:22:43 -04:00
Mike Salvatore 7846a6cac1 Agent: Remove create_empty_payload_file() in MSSQLExploiter 
Since the commands are no longer split up into 128 character chunks,
it's simpler to just overwrite an existing file using `>` than to create
an empty file and append to it.
 2022-06-14 14:22:43 -04:00
Mike Salvatore ea980c4594 Agent: Use PureWindowsPath in MSSQLExploiter 
When using PurePath, Linux agents use the wrong path separator to build
Windows paths. Windows corrects this, so there's no actual issue, but
it's sloppy. Using PureWindowsPath objects creates the paths with the
correct separators

Before: xp_cmdshell "NUL>%temp%\tmp_monkey_dir/tmp_monkey.bat"
After: xp_cmdshell "NUL>%temp%\tmp_monkey_dir\tmp_monkey.bat"
 2022-06-14 14:22:43 -04:00
Mike Salvatore ef63f2699b Agent: Use single quotes to avoid 128 character limit 
The logic that splits up commands into 128 character chunks in
MSSQLExploiter is flawed, which results in malformed commands being
written to a batch file on the victim. By using single quotes instead of
double quotes, the 128 character limit is circumvented and there's no
longer any need to break up the commands. See #2018 for more details.

Fixes #2018
 2022-06-14 14:22:43 -04:00
Mike Salvatore 6db63d3c69 Agent: Add additional debug logging to MSSQLExploiter 2022-06-14 14:22:43 -04:00
Ilija Lazoroski 5ff617b811 UT: Pass MagicMock instead of instance of ControlClient 2022-06-14 16:53:16 +02:00
vakarisz e6e6587f46 Agent: Fix bugs in control.py 
Bugs happened because of incorrect indentation in the recent refactoring attempting to remove worm config dependency
 2022-06-14 16:50:26 +03:00
Mike Salvatore f1bc5f4707 Agent: Use f-strings in _connect_to_island() 2022-06-14 08:26:38 -04:00
Ilija Lazoroski ec2d736984 Agent: Add github permalink to BaseTelem in ControlClient 2022-06-14 12:55:33 +02:00
vakarisz 444b34d548 UT: Change send telemetry spy syntax in conftest.py 2022-06-14 12:14:27 +03:00
Ilija Lazoroski bbcac32172 Agent: Remove unused control channel from build_master 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 17a0be2fa0 Agent: Fix control_client_object TODOs 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 7fe6c170cd UT: Fix control client location 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 3c8530cf14 Agent: Rename cc_client to control_client 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 02a30e6950 Agent: Remove `current_server` option from custom_pba 2022-06-14 11:58:25 +03:00
Ilija Lazoroski df116e4fb7 Agent: Remove current_server and command_servers from WormConfiguration 2022-06-14 11:58:25 +03:00
Ilija Lazoroski c467dde145 Agent: Add control_client_object to ControlClient 
* Workaround global class attribute
 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 94dbd9a8e2 Agent: Add proxies to the initialization of ControlChannel 2022-06-14 11:58:25 +03:00
Ilija Lazoroski fb1a577823 Agent: Add control client proxies to tunnel telem initialization 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 799ff3d6fd UT: Fix control client and custom pba tests 2022-06-14 11:58:25 +03:00
vakarisz a099f21f61 Agent: Initialize CustomPBA with a ControlClient object 
This is done to refactor ControlClient from a global
 2022-06-14 11:17:31 +03:00
vakarisz 049eb1b174 Agent: Add control client to the agent initialization 2022-06-14 11:17:27 +03:00
Mike Salvatore 133f7f5da1 Island: Add TODO about removing local_ips() 2022-06-13 13:01:57 -04:00
VakarisZ 3598b0d302
Merge pull request #2013 from guardicore/1998-remove-export_monkey_telems 
Remove `export_monkey_telems`
 2022-06-13 10:46:26 +03:00
Shreya Malviya 4947e540f2 Changelog: Add entry for removal of `export_monkey_telems` config option 2022-06-10 12:13:39 -07:00
Shreya Malviya f989fdff06 Project: Remove `export_monkey_telems` from Vulture's allowlist 2022-06-10 12:10:52 -07:00
Shreya Malviya 324413aee9 UT: Remove `export_monkey_telems` from config in data for tests 2022-06-10 12:10:52 -07:00
Shreya Malviya 2ff32545d3 Island: Remove `export_monkey_telems` from config 2022-06-10 12:10:52 -07:00
Shreya Malviya 0647f6202d Agent: Remove `export_monkey_telems` from config 2022-06-10 12:10:52 -07:00
Shreya Malviya 16bb4b1c8a Common: Remove `EXPORT_MONKEY_TELEMS_PATH` constant 2022-06-10 12:10:44 -07:00
Shreya Malviya 7e766d2c4f Island: Remove `TestTelemStore` and related code 2022-06-10 12:10:35 -07:00
Mike Salvatore 825f559370
Merge pull request #2012 from guardicore/1999-remove-send-config-error 
1999 remove send config error
 2022-06-10 13:19:21 -04:00
Ilija Lazoroski 153436371b Agent: Remove send_config_error from ControlClient 2022-06-10 14:44:27 +02:00
Ilija Lazoroski 6314ddd71a Island: Remove PATCH method from api/agent 
* Remove config_error from monkey document
 2022-06-10 13:48:05 +02:00
VakarisZ 3f69b0efd4
Merge pull request #1980 from guardicore/dependabot/npm_and_yarn/monkey/monkey_island/cc/ui/npm-8.11.0 
Bump npm from 7.24.2 to 8.11.0 in /monkey/monkey_island/cc/ui
 2022-06-10 10:38:42 +03:00
VakarisZ eb7e74cd82
Merge pull request #2009 from guardicore/1997-rename-credential_collector_classes 
Rename `credential_collector_classes`
 2022-06-10 10:38:06 +03:00
VakarisZ 1f4f573aaa
Merge pull request #2008 from guardicore/1994-remove-unused-aws-config-options 
Remove unused AWS config fields
 2022-06-10 10:37:43 +03:00
vakarisz 1cef7874d4 Island: Rename credential collector const 2022-06-10 10:24:53 +03:00
VakarisZ 63a772e781
Merge pull request #2010 from guardicore/1995-remove-smb_download_timeout 
Remove smb_download_timeout
 2022-06-10 10:01:20 +03:00