Itay Mizeretz
|
04c79d1b3c
|
Fix shellshock bug where service name wasn't available
|
2017-11-07 10:30:28 +02:00 |
Itay Mizeretz
|
17d3795581
|
Fix get_interface_to_target to always return an IP
|
2017-10-24 15:42:52 +03:00 |
Itay Mizeretz
|
68643ce343
|
Add dropper target path on SMB exec
|
2017-10-19 18:48:03 +03:00 |
Itay Mizeretz
|
b64ff7bffb
|
Fix src_path referenced before assignment on shellshock
|
2017-10-19 17:59:17 +03:00 |
Itay Mizeretz
|
81051009d0
|
Fix CR
|
2017-10-16 10:58:11 +03:00 |
Daniel Goldberg
|
2d47e9c228
|
Fix edge case in shellshock where a victim with no attackable URLs returned None
|
2017-10-15 19:28:41 +03:00 |
Itay Mizeretz
|
02b02e43bb
|
Report only url in shellshock
|
2017-10-15 18:04:39 +03:00 |
Itay Mizeretz
|
bb53606a1b
|
Fix check os supported bug
|
2017-10-15 15:11:58 +03:00 |
Itay Mizeretz
|
9984b411d4
|
Refactor exploit classes to be per-host, and not per exploit type
Exploit telemetry has a more consistent format
Minor improvements in exploits
|
2017-10-11 18:05:03 +03:00 |
Daniel Goldberg
|
930050a713
|
Merge pull request #57 from guardicore/bugfix/fix-various-exploit-bugs
Bugfix/fix various exploit bugs
|
2017-10-09 10:43:51 +03:00 |
Daniel Goldberg
|
2949d4a8c2
|
Remove DNET library.
|
2017-10-03 18:20:20 +03:00 |
Itay Mizeretz
|
2bbd5d4824
|
Fix SambaCry .close() bug
|
2017-10-03 15:47:07 +03:00 |
Itay Mizeretz
|
65872d9518
|
Fix SambaCry not working for non-root user
|
2017-10-02 17:11:51 +03:00 |
Itay Mizeretz
|
22ff980923
|
Merge remote-tracking branch 'origin/develop' into bugfix/various-fixes
|
2017-10-01 11:36:12 +03:00 |
Daniel Goldberg
|
b910baf1d0
|
Stupid, stupid casting bug.
|
2017-10-01 11:35:17 +03:00 |
Itay Mizeretz
|
9af6590e75
|
Fix CR
|
2017-09-28 19:03:31 +03:00 |
Itay Mizeretz
|
7365f7d6a7
|
Fix in sambacry
Sambacry tries to exploit when can't recognize version
|
2017-09-28 16:13:47 +03:00 |
Itay Mizeretz
|
174c74cbcb
|
Temporarily disable shellshock reporting its vulnerable pages
|
2017-09-28 14:43:08 +03:00 |
Daniel Goldberg
|
5586619f19
|
PEP8 fun
|
2017-09-28 14:22:35 +03:00 |
Daniel Goldberg
|
a27c802b11
|
If already touching this file, modify it for PEP8 + better exception syntax.
|
2017-09-28 14:17:41 +03:00 |
Itay Mizeretz
|
48ce135194
|
Merge remote-tracking branch 'origin/develop' into feature/pass-the-hash
# Conflicts:
# monkey_island/cc/services/config.py
|
2017-09-27 18:42:25 +03:00 |
Itay Mizeretz
|
d628a27595
|
Add pass-the-hash for wmi
|
2017-09-27 18:30:44 +03:00 |
Itay Mizeretz
|
7e3f420fe0
|
Add pass-the-hash for sambacry
|
2017-09-27 17:23:23 +03:00 |
itaymmguardicore
|
9242fe3232
|
Merge pull request #51 from guardicore/feature/elasticgroovy
Feature/elasticgroovy
|
2017-09-27 15:41:40 +03:00 |
Daniel Goldberg
|
6b7f67933d
|
Finish fixing CR notes.
|
2017-09-27 14:38:44 +03:00 |
Itay Mizeretz
|
fe77fc833c
|
fix ntlm_hash telem
|
2017-09-27 14:28:53 +03:00 |
Daniel Goldberg
|
142401e706
|
change the user/password combo to existing function in another place.
|
2017-09-27 13:40:50 +03:00 |
Daniel Goldberg
|
5e8288e211
|
Fixed CR notes in
https://github.com/guardicore/monkey/pull/51#pullrequestreview-65212211
|
2017-09-26 18:16:20 +03:00 |
Itay Mizeretz
|
89b442be58
|
Implement pass the hash for SMB
|
2017-09-26 18:11:13 +03:00 |
Daniel Goldberg
|
6708e623fc
|
Added Elastic attack
|
2017-09-26 15:43:46 +03:00 |
Itay Mizeretz
|
b420f74a55
|
Fix dropper bug on wmiexec and win_ms08_067
|
2017-09-04 16:51:22 +03:00 |
Itay Mizeretz
|
40b03793c9
|
Fix user_password_pairs indentation bug in
|
2017-09-04 16:44:40 +03:00 |
Itay Mizeretz
|
3014763e99
|
minor fixes
|
2017-09-04 15:41:36 +03:00 |
Itay Mizeretz
|
cc889f9124
|
Fix CR
|
2017-09-04 14:52:24 +03:00 |
Itay Mizeretz
|
c8d7a2c4d3
|
SambaCry now works for both 32,64bit
|
2017-09-03 11:50:01 +03:00 |
Itay Mizeretz
|
c612ea0361
|
Documented sambacry, moved everything to configuration, minor fixes
|
2017-08-31 20:03:32 +03:00 |
Itay Mizeretz
|
5de433eae0
|
sambacry works
default monkey binary in linux is now 64bit
|
2017-08-31 18:40:42 +03:00 |
Itay Mizeretz
|
194ed624c2
|
sambacry almost working e2e
|
2017-08-31 17:50:55 +03:00 |
Itay Mizeretz
|
4ce1653c8f
|
sambacry: Add support for using both architectures
|
2017-08-30 10:16:54 +03:00 |
Itay Mizeretz
|
7d72150e4e
|
Add working POC of sambacry. still needs some modifications to fir monkey, and minor functionality
|
2017-08-28 19:20:44 +03:00 |
Itay Mizeretz
|
57e69fafee
|
minor fix in dropper
Rename constants
|
2017-08-28 10:41:11 +03:00 |
Itay Mizeretz
|
97205e6427
|
Fix config property bug
|
2017-08-21 11:51:47 +03:00 |
Itay Mizeretz
|
26df64fb87
|
Fixed CR
|
2017-08-20 19:32:18 +03:00 |
Itay Mizeretz
|
1a55c8362f
|
Add C&C ability to share credentials found from monkeys
|
2017-08-17 18:04:36 +03:00 |
Itay Mizeretz
|
a671b55df3
|
Add mimikatz collector
Combine all users and passwords in config
|
2017-08-16 15:14:26 +03:00 |
daniel goldberg
|
ab7f731ed5
|
Removed reliance on grequests. Complicates other code and no real performance improvement in a LAN enviornment.
|
2016-09-21 14:55:13 +03:00 |
itsikkes
|
155a03efad
|
Small hack to support fast-user switching when RDPing to already loggen-in host
Although it doesn't always happen, because there is no easy wasy to know
- trying to press YES on the dialog box (if any) can help the login
process
|
2016-09-19 22:27:17 +03:00 |
itsikkes
|
b3322b2541
|
improved local interface selection when exploiting
|
2016-09-08 12:30:40 +03:00 |
danielguardicore
|
d2203b2220
|
Removed legacy ChaosMonkey from SMB execution.
|
2016-09-07 19:10:30 +03:00 |
danielguardicore
|
ce3eaa9b2e
|
Fixed grequsts/gevents monkey patching of socket code, which lead to paramiko being unable to function after a shellshock scan.
|
2016-09-07 10:16:17 +03:00 |