Commit Graph

80 Commits

Author SHA1 Message Date
Itay Mizeretz 04c79d1b3c Fix shellshock bug where service name wasn't available 2017-11-07 10:30:28 +02:00
Itay Mizeretz 17d3795581 Fix get_interface_to_target to always return an IP 2017-10-24 15:42:52 +03:00
Itay Mizeretz 68643ce343 Add dropper target path on SMB exec 2017-10-19 18:48:03 +03:00
Itay Mizeretz b64ff7bffb Fix src_path referenced before assignment on shellshock 2017-10-19 17:59:17 +03:00
Itay Mizeretz 81051009d0 Fix CR 2017-10-16 10:58:11 +03:00
Daniel Goldberg 2d47e9c228 Fix edge case in shellshock where a victim with no attackable URLs returned None 2017-10-15 19:28:41 +03:00
Itay Mizeretz 02b02e43bb Report only url in shellshock 2017-10-15 18:04:39 +03:00
Itay Mizeretz bb53606a1b Fix check os supported bug 2017-10-15 15:11:58 +03:00
Itay Mizeretz 9984b411d4 Refactor exploit classes to be per-host, and not per exploit type
Exploit telemetry has a more consistent format
Minor improvements in exploits
2017-10-11 18:05:03 +03:00
Daniel Goldberg 930050a713 Merge pull request #57 from guardicore/bugfix/fix-various-exploit-bugs
Bugfix/fix various exploit bugs
2017-10-09 10:43:51 +03:00
Daniel Goldberg 2949d4a8c2 Remove DNET library. 2017-10-03 18:20:20 +03:00
Itay Mizeretz 2bbd5d4824 Fix SambaCry .close() bug 2017-10-03 15:47:07 +03:00
Itay Mizeretz 65872d9518 Fix SambaCry not working for non-root user 2017-10-02 17:11:51 +03:00
Itay Mizeretz 22ff980923 Merge remote-tracking branch 'origin/develop' into bugfix/various-fixes 2017-10-01 11:36:12 +03:00
Daniel Goldberg b910baf1d0 Stupid, stupid casting bug. 2017-10-01 11:35:17 +03:00
Itay Mizeretz 9af6590e75 Fix CR 2017-09-28 19:03:31 +03:00
Itay Mizeretz 7365f7d6a7 Fix in sambacry
Sambacry tries to exploit when can't recognize version
2017-09-28 16:13:47 +03:00
Itay Mizeretz 174c74cbcb Temporarily disable shellshock reporting its vulnerable pages 2017-09-28 14:43:08 +03:00
Daniel Goldberg 5586619f19 PEP8 fun 2017-09-28 14:22:35 +03:00
Daniel Goldberg a27c802b11 If already touching this file, modify it for PEP8 + better exception syntax. 2017-09-28 14:17:41 +03:00
Itay Mizeretz 48ce135194 Merge remote-tracking branch 'origin/develop' into feature/pass-the-hash
# Conflicts:
#	monkey_island/cc/services/config.py
2017-09-27 18:42:25 +03:00
Itay Mizeretz d628a27595 Add pass-the-hash for wmi 2017-09-27 18:30:44 +03:00
Itay Mizeretz 7e3f420fe0 Add pass-the-hash for sambacry 2017-09-27 17:23:23 +03:00
itaymmguardicore 9242fe3232 Merge pull request #51 from guardicore/feature/elasticgroovy
Feature/elasticgroovy
2017-09-27 15:41:40 +03:00
Daniel Goldberg 6b7f67933d Finish fixing CR notes. 2017-09-27 14:38:44 +03:00
Itay Mizeretz fe77fc833c fix ntlm_hash telem 2017-09-27 14:28:53 +03:00
Daniel Goldberg 142401e706 change the user/password combo to existing function in another place. 2017-09-27 13:40:50 +03:00
Daniel Goldberg 5e8288e211 Fixed CR notes in
https://github.com/guardicore/monkey/pull/51#pullrequestreview-65212211
2017-09-26 18:16:20 +03:00
Itay Mizeretz 89b442be58 Implement pass the hash for SMB 2017-09-26 18:11:13 +03:00
Daniel Goldberg 6708e623fc Added Elastic attack 2017-09-26 15:43:46 +03:00
Itay Mizeretz b420f74a55 Fix dropper bug on wmiexec and win_ms08_067 2017-09-04 16:51:22 +03:00
Itay Mizeretz 40b03793c9 Fix user_password_pairs indentation bug in 2017-09-04 16:44:40 +03:00
Itay Mizeretz 3014763e99 minor fixes 2017-09-04 15:41:36 +03:00
Itay Mizeretz cc889f9124 Fix CR 2017-09-04 14:52:24 +03:00
Itay Mizeretz c8d7a2c4d3 SambaCry now works for both 32,64bit 2017-09-03 11:50:01 +03:00
Itay Mizeretz c612ea0361 Documented sambacry, moved everything to configuration, minor fixes 2017-08-31 20:03:32 +03:00
Itay Mizeretz 5de433eae0 sambacry works
default monkey binary in linux is now 64bit
2017-08-31 18:40:42 +03:00
Itay Mizeretz 194ed624c2 sambacry almost working e2e 2017-08-31 17:50:55 +03:00
Itay Mizeretz 4ce1653c8f sambacry: Add support for using both architectures 2017-08-30 10:16:54 +03:00
Itay Mizeretz 7d72150e4e Add working POC of sambacry. still needs some modifications to fir monkey, and minor functionality 2017-08-28 19:20:44 +03:00
Itay Mizeretz 57e69fafee minor fix in dropper
Rename constants
2017-08-28 10:41:11 +03:00
Itay Mizeretz 97205e6427 Fix config property bug 2017-08-21 11:51:47 +03:00
Itay Mizeretz 26df64fb87 Fixed CR 2017-08-20 19:32:18 +03:00
Itay Mizeretz 1a55c8362f Add C&C ability to share credentials found from monkeys 2017-08-17 18:04:36 +03:00
Itay Mizeretz a671b55df3 Add mimikatz collector
Combine all users and passwords in config
2017-08-16 15:14:26 +03:00
daniel goldberg ab7f731ed5 Removed reliance on grequests. Complicates other code and no real performance improvement in a LAN enviornment. 2016-09-21 14:55:13 +03:00
itsikkes 155a03efad Small hack to support fast-user switching when RDPing to already loggen-in host
Although it doesn't always happen, because there is no easy wasy to know
- trying  to press YES on the dialog box (if any) can help the login
process
2016-09-19 22:27:17 +03:00
itsikkes b3322b2541 improved local interface selection when exploiting 2016-09-08 12:30:40 +03:00
danielguardicore d2203b2220 Removed legacy ChaosMonkey from SMB execution. 2016-09-07 19:10:30 +03:00
danielguardicore ce3eaa9b2e Fixed grequsts/gevents monkey patching of socket code, which lead to paramiko being unable to function after a shellshock scan. 2016-09-07 10:16:17 +03:00