4ee8b650c8
Removed redundant code in VictimHostTelem
2019-04-02 14:54:20 +03:00
27952f8b5a
Changed all required imports
2019-04-02 14:50:37 +03:00
77b14177c5
Moved attack scan status enum to common
2019-04-02 11:09:55 +03:00
2e2b77226d
Added reverted telemetry files
2019-04-02 09:58:46 +03:00
80266f537d
Documented set_results method
2019-04-02 09:47:13 +03:00
4b3bcd114b
Revert "Telemetry implementation started"
...
This reverts commit 98814b4963
2019-04-01 20:09:54 +03:00
7e5aff1d21
Revert "Telemetry implemented"
...
This reverts commit f36ff73c9e
2019-04-01 19:51:20 +03:00
ee0b6a042d
Revert "Files renamed to be more precise, typo in comment fixed."
...
This reverts commit 11576c0942
2019-04-01 19:50:35 +03:00
250fcb97bb
Revert "Changed base class not to send redundant info about current machine"
...
This reverts commit 4496b0efa4
2019-04-01 19:50:28 +03:00
4496b0efa4
Changed base class not to send redundant info about current machine
2019-04-01 19:33:32 +03:00
ae6e83d4c6
Test schema's change to production, minor comment improvements
2019-04-01 17:10:20 +03:00
11576c0942
Files renamed to be more precise, typo in comment fixed.
2019-04-01 14:58:20 +03:00
f36ff73c9e
Telemetry implemented
2019-04-01 14:58:04 +03:00
98814b4963
Telemetry implementation started
2019-04-01 14:57:52 +03:00
287f0ee6e3
Merge pull request #274 from VakarisZ/post_exploitation
...
Post exploitation
2019-04-01 10:25:54 +03:00
00c19aa3b9
Added correct checkbox file
2019-04-01 10:01:53 +03:00
ac1d084a5c
Removed UI checkbox component again
2019-04-01 09:58:32 +03:00
689e034524
Removed UI checkbox component
2019-04-01 09:56:29 +03:00
266933abb4
Added custom post breach values to example.conf
2019-04-01 09:37:53 +03:00
300f821b4c
Refactored matrix parsing, added comments
2019-03-29 17:37:16 +02:00
5e73306b9c
Implemented enabling/disabling array and boolean configuration fields according to ATT&CK matrix.
2019-03-29 15:44:30 +02:00
b3f7b29640
ATT&CK fields can be mapped together, ATT&CK configuration gets translated to monkey's configuration
2019-03-29 15:44:17 +02:00
cce76f37df
Configuration "reset to defaults" added
2019-03-29 15:44:04 +02:00
f5da1bf3b6
Matrix submit bugfix
2019-03-29 15:43:46 +02:00
88229e74c9
Configuration submission
2019-03-29 15:43:33 +02:00
b319bc8e5f
Toolbar with technique description added to checkboxes
2019-03-29 15:40:31 +02:00
7b8a758541
Adding toolbar and checkBox style fixes
2019-03-29 15:39:58 +02:00
17a51cd92e
ATT&CK matrix formed in front-end
2019-03-29 15:39:47 +02:00
d2670be767
Sketches of config implementation
2019-03-29 15:39:37 +02:00
1c847ccc06
Att&ck implementation started
2019-03-29 15:39:12 +02:00
86a0053c9a
Added monkey directories to example.conf
2019-03-26 20:28:05 +02:00
11e6d3807a
Added custom post breach values to example.conf
2019-03-26 20:09:09 +02:00
1c3e69cbb9
PR notes fixed, command + file bugs fixed
2019-03-26 20:02:50 +02:00
50f2db4b22
Removed unused import
2019-03-25 21:44:39 +02:00
be598d0953
Added jwt requirements to PBA endpoints, fixed bugs, added different
...
display if PBA succeeded than if failed.
2019-03-25 21:44:39 +02:00
92615b848d
PBA config depth reduced to 3, unused methods removed, pba file size
...
property removed, small refactors and comments.
2019-03-25 21:44:39 +02:00
dbf56b5531
Improved display of post breach actions
2019-03-25 21:44:39 +02:00
308a1e3547
Added simple telemetry feed
2019-03-25 21:44:39 +02:00
f35340e7ae
Cosmetic changes and small refactors
2019-03-25 21:44:39 +02:00
45be010470
Refactoring and improvements
2019-03-25 21:44:39 +02:00
33e78ba4e8
Implemented file restoration endpoint, file upload front end
2019-03-25 21:44:39 +02:00
7281f2284b
Added deletion of files
2019-03-25 21:44:39 +02:00
a51d7da1f9
Refactoring file upload UI -> server to be via filepond
2019-03-25 21:44:39 +02:00
4292fc845b
File deletion
2019-03-25 21:44:38 +02:00
d539f2301c
Separating my post breach from previous post breach
2019-03-25 21:44:38 +02:00
2ce27dc885
Added primitive display of post breach actions
2019-03-25 21:44:38 +02:00
eb05dd46e7
PBA's stored on the database
2019-03-25 21:44:38 +02:00
20d774b7df
Core functionality added, not tested yet
2019-03-25 21:44:38 +02:00
8e78150db4
Front end input changed to text area
2019-03-25 21:44:38 +02:00
e5f908754a
Started implementing custom post-breach actions
2019-03-25 21:44:38 +02:00
fecfd138a0
Directory removal moved to happen before self_delete call
2019-03-25 10:48:56 +02:00
d61c080848
Small refactor, values to island's config added.
2019-03-20 14:02:53 +02:00
eb1cb91704
Removed monkey dir paths from island's configuration
2019-03-20 09:33:10 +02:00
0268fa833f
New directory for monkey and it's files
2019-03-19 18:41:14 +02:00
525e541156
Update vsftpd.py
...
Replaced sleep with recv, waits for the server to respond instead of sleeping
2019-03-15 15:24:17 +01:00
1587aa2d4c
Update vsftpd.py
2019-03-15 12:47:59 +01:00
7eaeef6919
Update ReportPage.js
...
Fix for issue #213
2019-03-13 13:07:59 +01:00
0ed66f2cd8
Merge remote-tracking branch 'upstream/develop' into develop
2019-03-13 12:54:57 +01:00
01cc702906
Update vsftpd.py
...
Removed (+,! ) used for debugging.
Changed the recv size from 1024 to 128
2019-03-13 11:31:26 +01:00
53f12f4b67
Update ReportPage.js
...
Fix for issue #213
2019-03-12 20:53:16 +01:00
9b0c0d4233
Update vsftpd.py
...
using `ftp_socket.recv(1024).decode('utf-8')` to prevent chances of race conditions
2019-03-12 19:51:12 +01:00
47baea039a
Update vsftpd.py
...
Better exception log
2019-03-12 19:44:45 +01:00
bb8a1c5c01
Updated the exploit.
...
The `.` was removed from reportpage.js and the exploit was modified.
2019-03-12 19:38:48 +01:00
dade4daad2
Update vsftpd.py
...
Removed unused imports, removed hardcoded username and password.
Removed EXPLOIT_TYPE
Removed NONE in tatget_os_type
Reduced time to sleep from 2 to 1
2019-03-12 12:37:09 +01:00
0b3e6274d9
Update vsftpd.py
...
Changed the payload from /tmp/monkey to generating payload using build_monkey_commandline
2019-03-12 12:16:20 +01:00
6313ce7933
Update vsftpd.py
2019-03-12 12:06:17 +01:00
0706bddda5
Added discription and details for repot.
...
Added discription and details about the exploit vsftpd
2019-03-11 16:09:09 +01:00
2b47749385
Added a new exploit
...
A new exploit was added to the infection_monkey for the following vulnerability
https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor
2019-03-11 01:50:27 +01:00
c205636b10
MSSQL now is able to upload a payload
2019-03-08 15:34:17 +00:00
3372ea7820
Updated Create_certificate to key of length 2048
...
deb package creates a key of length 1024 by default and and since the release of openssl 1.1.1 the default openssl.conf file at /etc/ssl/openssl.conf has CipherString = DEFAULT@SECLEVEL=2 , resulting in the key length to be small. In order to adhere to SECLEVEL=2 the key length was increased from 1024 to 2048.
2019-03-07 12:09:03 +01:00
16f0b475af
Merge pull request #255 from VakarisZ/avoid_sshguard
...
Exploitation order + tiny monkey.py refactor
2019-03-05 11:42:35 +02:00
3f91f273cb
Fix typo in README
2019-02-27 17:18:56 +02:00
cc327633ec
Added enum34 to requirements
2019-02-26 19:55:47 +02:00
ebe79d74d4
Disable MSSQL exploiter
2019-02-26 10:51:38 +02:00
04358d556a
Exploit ordering implemented using enum
2019-02-22 11:08:21 +02:00
b5523a9c54
fix expanding of env variables
2019-02-21 16:50:02 +02:00
df8de92ea9
Sambacry now catches NetBIOSError on attempting credentials
2019-02-21 12:10:59 +02:00
0e24f45fc9
Merge remote-tracking branch 'upstream/develop' into weblogic_quickfix
2019-02-19 10:58:10 +02:00
bdb8b56fcc
Weblogic timeout increased
2019-02-19 10:57:47 +02:00
122ce5f406
Fixed bug where config reset followed by update failed
2019-02-18 14:45:03 +02:00
759cbcd6ae
Hotfix telemetry feed accessing non-existent monkey_guid
2019-02-18 12:23:13 +02:00
f5b9c6fe46
Show AWS info regardless of failed auth
2019-02-18 11:53:52 +02:00
af5e791e1b
postbreach actions disabled by default
2019-02-18 11:40:15 +02:00
e7940992e0
Update infection monkey readme
2019-02-17 14:50:50 +02:00
ee7c9d9ea8
Merge pull request #266 from guardicore/hotfix/remove-unecessary-set-state
...
Some unecessary set states removed to prevent refreshing of config page
2019-02-17 14:08:54 +02:00
1fa31340ca
Merge pull request #265 from guardicore/hotfix/various-fixes
...
Hotfix/various fixes
2019-02-17 14:06:26 +02:00
371a4d0678
Remove copy-pasted text
2019-02-17 13:22:41 +02:00
47401957a5
update logo
2019-02-17 13:22:14 +02:00
d67cb18cae
Some unecessary set states removed to prevent refreshing of config page
2019-02-14 19:07:12 +02:00
03a0c45b5c
Use monkey's python
2019-02-14 16:50:00 +02:00
1189d42bbb
Debian package now requires mongo as dependency instead of having a monkey-mongo service
2019-02-14 13:57:56 +02:00
0513966c76
Merge pull request #259 from guardicore/feature/run-aws-monkey
...
Feature/run aws monkey
2019-02-13 14:58:54 +02:00
08aede237e
Merge pull request #263 from guardicore/bugfix/set-auth-by-server
...
Checking with server if auth enabled
2019-02-12 17:03:19 +02:00
78507062b8
Merge branch 'develop' into feature/run-aws-monkey
2019-02-12 16:37:56 +02:00
dfb51cc962
Add AWS troubleshooting message
2019-02-12 16:26:29 +02:00
30e96dc7d3
Checking with server if auth enabled
2019-02-12 15:39:29 +02:00
64ed770d2d
Merge pull request #262 from guardicore/bugfix/require-tr-only-linux
...
Bugfix/require tr only linux
2019-02-11 19:18:23 +02:00
e7d9bb59db
Merge remote-tracking branch 'origin/develop' into develop
2019-02-11 19:17:32 +02:00
1528966f6b
Fix traceroute phrasing
2019-02-11 19:17:25 +02:00
712e680ff1
Fix phrasing by suggestion from a user.
2019-02-11 19:15:30 +02:00
8fed52a5d9
Hotfix re add user post breach
2019-02-11 14:33:03 +02:00
99043fb8cf
Hotfix from crypto
2019-02-11 14:07:49 +02:00
8c76e244ad
Update readme for relevant instruction to build/download required binaries
2019-02-11 14:00:23 +02:00
d7b228897f
Require traceroute for build only on linux
2019-02-11 11:10:00 +02:00
85e4646c42
Update readme
2019-02-11 11:01:31 +02:00
2f45280f71
Change path of python to be where python is actually in
2019-02-10 18:21:59 +02:00
49cf693197
Add option for password authentication with island
...
Replace PyCrypto with Cryptodome
2019-02-06 18:40:16 +02:00
48ae805458
Add AWS credentials configuration on run monkey page
2019-02-06 14:29:02 +02:00
10d513a6d5
Before performing AWS functions, verify credentials
2019-02-06 14:28:27 +02:00
acc1c5207d
Documentation & order
2019-02-05 20:05:54 +02:00
885a7b5398
Running on machines asyncly
2019-02-05 18:04:49 +02:00
4920625e65
Added pymssql and pyftpdlib into linux requiremets (linux requirements didn't get updated during rebase)
2019-02-05 17:09:45 +02:00
ed921fceed
Refactored for island to have only one requirements file.
2019-02-04 18:42:58 +02:00
cf3bf89df5
Improved linux commands in deployment scripts and separated linux and windows dependency files
2019-02-04 18:42:58 +02:00
0f4bb7f5f1
Most feature is ready
2019-02-04 18:07:36 +02:00
4e8fe0ec3f
Merge remote-tracking branch 'origin/develop' into feature/run-aws-monkey
2019-02-03 14:18:27 +02:00
378baa7139
Add most infrastrucure for running AWS commands
2019-02-03 14:18:08 +02:00
f5ba65d654
BUGFIX
...
Make sure we don't crash with bad telemetry
2019-01-30 18:31:17 +02:00
f89b1c52a9
Fixed bug (from node['domain_name'] to monkey['domain_name']
2019-01-30 16:54:08 +02:00
5702ee4b2e
Add dummy import for pyinstaller purposes
2019-01-30 14:56:34 +02:00
4374760f16
New line at end of file
2019-01-30 14:46:10 +02:00
2557b76d5f
Pyinstaller on Linux 32 bit also seems to miss mssql
2019-01-30 13:35:34 +02:00
2faa89068c
Add mssql as a hidden import for windows. Seems to require
2019-01-30 12:50:06 +02:00
a3cd142d8c
Merge remote-tracking branch 'origin/develop' into develop
2019-01-30 10:33:24 +02:00
a65c1d3792
BUGFIX
...
Remove scanner class lookup since it doesn't exist anymore
2019-01-30 10:31:29 +02:00
d2185d6783
Update readme.txt
2019-01-29 17:56:37 +02:00
06ff1e2a50
Merge pull request #249 from VakarisZ/weblogic_performance_boost
...
Improved the speed of weblogic exploiter
2019-01-29 15:31:32 +02:00
7ab22bb3e9
Syntactic, small changes to weblogic and web_rce
2019-01-29 13:09:38 +02:00
11c0d7773e
Fixed telemetry expecting a 'scanner' field
2019-01-29 11:51:42 +02:00
e0a98664f6
Fixes the config import on MSSQL exploiter
2019-01-29 10:17:25 +02:00
bb30e37ef1
Merge pull request #251 from VakarisZ/wmi_handler_fix
...
wmi info handler does not crash if no wmi info is collected
2019-01-28 18:23:16 +02:00
072677ac10
wmi info handler does not crash if no wmi info is collected
2019-01-28 18:21:04 +02:00
38276f4abb
Fix to properly divide as float
2019-01-28 17:50:29 +02:00
e90f11cab3
Merge pull request #247 from VakarisZ/TCP_scanner_sleep_bugfix
...
TCP scanner sleep bugfix
2019-01-28 17:49:39 +02:00
d028c70738
Fixed bug related to '-' and displaying scanned servers
2019-01-28 14:44:16 +02:00
bf26ed8881
Fixed some errors poined out in PR
2019-01-28 14:43:05 +02:00
4f0606d6fb
Fixed PR comments (ip casting, typos)
2019-01-28 14:42:54 +02:00
d35634b729
Small fixes
2019-01-28 14:42:39 +02:00
7d34c290cc
Added support for invalid domain AND added front end files not commited in previous commits
2019-01-28 14:42:30 +02:00
847286dec7
Modified front end to inform user that he can enter URL's , not only IP's
2019-01-28 14:41:52 +02:00
96cc4edba9
Domain name translation fully implemented and displayed in map and report
2019-01-28 14:40:37 +02:00
ef0ccc9cc9
Add thread ID logging to the configuration log.
2019-01-27 10:06:39 +02:00
53228e8cea
Merge branch 'develop' into feature/scan_with_ping
2019-01-26 20:13:30 +02:00
151ec3dbc9
Fix TTL split logic
2019-01-26 20:11:38 +02:00
33143080a5
Merge branch 'develop' into feature/report_exporters
2019-01-26 20:07:37 +02:00
0feb19ede5
PEP8 stuff
2019-01-26 19:42:35 +02:00
d8d4d4970f
Merge pull request #147 from guardicore/feature/mssql_exploiter
...
Feature/mssql exploiter
2019-01-26 16:56:37 +02:00
6073e9f677
Improved the speed of weblogic exploiter
2019-01-24 17:28:44 +02:00
074aa1af50
TCP scanner now sleeps in miliseconds instead of seconds.
2019-01-24 13:58:58 +02:00
9e0fbdaac3
- Updated dynamic payload file creation
2019-01-20 16:09:40 +02:00
dfe6cf073e
- Added dynamic file creation on runtime instead of a static payload file
2019-01-20 15:13:48 +02:00
c47047c815
Added CMD prefix to windows commands that check for exploitability and upload monkey.
2019-01-16 16:15:18 +02:00
0bfde8d047
- adjusted config to mssql exploiter.
2019-01-07 18:11:31 +02:00
2ac98ca5fc
Merge branch 'develop' into feature/mssql_exploiter
...
# Conflicts:
# monkey/infection_monkey/requirements.txt
# monkey/monkey_island/cc/services/config.py
# monkey/monkey_island/cc/services/report.py
# monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js
2019-01-07 17:42:00 +02:00
68093d084f
Rename ms08_067_remote_user_add and ms08_067_remote_user_pass to something more generic
2019-01-07 10:58:20 +02:00
70545d28f8
Merge pull request #242 from guardicore/feature/post_breach_actions
...
Post breach actions
2019-01-07 10:26:07 +02:00
c572e515a1
Let us properly fingerprint using ping
2019-01-06 17:40:14 +02:00
372ffeaa04
Remove scanner class from schema
2019-01-06 17:17:47 +02:00
3dfc7242aa
Remove all usage of scanner_class
2019-01-06 17:17:47 +02:00
d0998fc4f6
Remove scanner class from configuration
2019-01-06 17:17:47 +02:00
f4669bf3f5
Make monkey always try to ping the remote machine.
...
This catches more events for the cross segment analyser
2019-01-06 17:17:42 +02:00
7b5604a0de
Make post breach actions happen in the monkey
2019-01-02 19:32:44 +02:00
95a2a0e428
Add backdoor user functionality to Monkey itself.
...
The backdoor user is purposefully disabled
2019-01-02 19:32:44 +02:00
382b95c75d
Add option for post breach actions to configuration
2019-01-02 19:32:44 +02:00
077d536526
Add missing dependency
2019-01-02 19:32:44 +02:00
078470e257
- added char conversion for mongo insertion, mongodb doesn't allow for '.' in keys names and sometimes machine names might include '.' char in them. We encode with ',,,' and decode back to '.'.
2019-01-02 16:25:26 +02:00
985f45d8de
- Added exporters list population
...
- some pep8
- Added a report json cleanup for mongo insertion, sometimes machine names are used as keys and these names might contain '.' which mongodb doesn't allow.
- Fixed a typo and aws sec hub protocol requirements
2019-01-02 14:26:36 +02:00
d3a42792fb
Remove dead line of code in config.py
2018-12-31 18:43:00 +02:00
4b06c1e3f4
- added 'author' to each file.
2018-12-31 14:58:14 +02:00
6b35f22280
Merge branch 'develop' into feature/report_exporters
...
# Conflicts:
# monkey/common/cloud/aws.py
# monkey/monkey_island/cc/services/config.py
2018-12-31 14:54:11 +02:00
7f3ee69527
- Created the exporter_init file, in there the exporter manager singleton is created and
...
populated with the relevant exporters (the aws exporter in this case)
- changed the report file to use the new exporter manager singleton
- changed the finding structure in the aws_exporter.py, divided it to creation functions
and cleaned the code.
2018-12-31 14:51:07 +02:00
43896ed718
Set default scan interval to 0
2018-12-31 12:30:44 +02:00
3ca5119e03
Remove debug print on what users/passwords to try
2018-12-31 12:30:08 +02:00
2ada581672
Merge pull request #239 from guardicore/bugfix/config_in_seperate_file
...
Move config schema to separate file for easier editing
2018-12-31 12:08:36 +02:00
b536083573
Remove debug print on what users/passwords to try
2018-12-31 12:08:09 +02:00
5d3524cff5
Move config schema to separate file for easier editing
2018-12-30 18:11:14 +02:00
d32c7932b7
Merge remote-tracking branch 'origin/develop' into develop
2018-12-27 17:14:27 +02:00
796ac48c72
Add timeout for URL queries
2018-12-27 17:14:13 +02:00
d567a8da46
Merge pull request #233 from guardicore/bugfix/fix_map_colors
...
Bugfix - report map colored again
2018-12-24 11:47:08 +02:00
09c6324f4a
Merge pull request #229 from guardicore/feature/tracert-with-bin
...
Feature/tracert with bin
2018-12-24 11:17:11 +02:00
4e5ede0a72
Add note on exception throwing
2018-12-24 10:58:29 +02:00
e82fb7f061
Add default ttl
2018-12-23 19:35:36 +02:00
606f3525f7
Fix CR + add 32/64bit binary choice
2018-12-23 16:51:27 +02:00
6ff2e7f541
Fix CR comment
2018-12-23 12:21:11 +02:00
079038783b
Update monkey/infection_monkey/network/tools.py
...
Co-Authored-By: itaymmguardicore <30774653+itaymmguardicore@users.noreply.github.com>
2018-12-23 11:26:53 +02:00
c184bd54f0
- Changed curl to wget, its available out of the box on more OSs.
2018-12-19 18:19:48 +02:00
be17288a4e
Merge pull request #236 from VakarisZ/hadoop_quickfix
...
Hadoop windows quicfix
2018-12-19 11:43:52 +02:00
67fc46cb18
Upload only 64 bit monkey to windows
2018-12-19 11:42:40 +02:00
9ccd1db309
Make report map colored again
2018-12-18 16:08:19 +02:00
b2deb4b6c9
Add doc for parse_traceroute
2018-12-16 19:09:08 +02:00
0658431358
Use carried traceroute on linux
2018-12-16 18:15:04 +02:00
8d50b5d02c
merge spec files
2018-12-16 13:38:44 +02:00
c918a498c9
Merge pull request #224 from VakarisZ/shellshock_timeout_handling
...
Shellshock timeout exception handling
2018-12-11 19:18:13 +02:00
3ca761f492
RCR:
...
- started the report exporter manager singleton.
- added region parsing using regex
-
2018-12-11 12:14:38 +02:00
03ad75b043
Now break the loop as soon as we encounter timeout
2018-12-11 09:44:21 +02:00
09538de4b1
Merge pull request #225 from VakarisZ/deployment_scripts
...
Deployment scripts
2018-12-10 13:22:05 +02:00
24619aa38f
Deployment scripts added to the repository
2018-12-10 13:08:59 +02:00
24eed6d069
Merge pull request #223 from guardicore/feature/add_config_to_pth
...
Actually use mimikatz configuration variable
2018-12-06 16:11:50 +02:00
efde6d1643
Shellshock exception handling
2018-12-06 15:41:29 +02:00
61f040ef6f
Moved the check to a top level function.
2018-12-05 13:59:33 +02:00
f8f948439c
Also add to example conf file
2018-12-04 10:09:55 +02:00
cc27b5dd20
Actually use mimikatz configuration variable
2018-12-04 10:06:48 +02:00
af14daaebc
Merge pull request #220 from guardicore/feature/netstat
...
Add netstat
2018-12-03 16:00:09 +02:00
df23be9c75
Merge pull request #212 from VakarisZ/hadoop_win32_fix
...
Hadoop windows fixed to be more reliable
2018-12-03 10:35:38 +02:00
841ad28973
Add netstat
2018-12-02 16:12:10 +02:00
078f03d9ed
Merge pull request #219 from acepace/bugfix/fix_warnings_in_sambacry_util
...
Bugfix/fix warnings in sambacry util
2018-12-02 11:10:13 +02:00
6d0805beb1
newline at end of file
2018-12-01 21:32:53 +02:00
d92db8effd
Replace strncat with single snprintf call
2018-12-01 21:32:47 +02:00
1cedfb5c2d
small fixes
2018-11-29 17:43:53 +02:00
db5e5eb453
Commands moved to model
2018-11-29 17:43:09 +02:00
498ddcacf5
* mistaken _ with -...
2018-11-29 16:51:12 +02:00
1339ab723f
* mistaken _ with -...
2018-11-29 15:48:41 +02:00
e24e9b90f7
* Added fallback case for urllib failure to get the region
...
* Added some safe checks for formatting and happy flows
* Removed productARN from server_config.json - it will now be inserted in deb build.
* Added the awscli lib to be installed via pip
2018-11-28 18:54:50 +02:00
1c99636414
* Changed the resource id to be instance arn and not only instance id
2018-11-28 17:40:32 +02:00
25340e9998
* Deleted print statement
...
* Added further inspection in telemtry
2018-11-28 17:05:10 +02:00
9d36cf3990
* add the right key in telemetry
...
* added error handling in report.py
2018-11-28 15:30:46 +02:00
0fe7a9c6e1
* Match it back to aws env
2018-11-28 15:02:17 +02:00
8397af4c6b
* Added region to finding sending configuration for boto3
2018-11-28 14:56:46 +02:00
bdecc7ade6
* added dynamic region lookup
...
* building the product ARN dynamically
* Resource type is now Other in case we dont have instance_id
2018-11-28 13:27:35 +02:00
7d94185a10
* fixed a wrong IF statement that prevented issues from appending
2018-11-28 12:53:58 +02:00
83ea8af9e0
* Added error handling in case the aws cli wasn't properly installed.
2018-11-27 22:28:06 +02:00
2f1240cc0e
* Added the boto3 pckg to the right req'.txt file
...
* Added a safe dict key access for aws_instance_id in report.py
* Added a skip in the aws_export if there is no instance_id in the issue.
2018-11-27 20:21:39 +02:00
8efed2de22
Fix path that run.sh executes
2018-11-27 18:33:08 +02:00
e8c604d7c5
* Changed the exporter to work in aws and not standard (was used for debugging)
2018-11-27 17:48:40 +02:00
af97fb6ffc
* Added a check to no issues list
...
* Changed the productARN to the monkey's ARN
2018-11-27 17:45:31 +02:00
0a6b3a12fa
* Separated the configuration functions to support both island's and monkey's needs
...
* Removed space char from the default value of the aws keys
* Changed the submit function in the JS to point to the right endpoint
2018-11-27 17:32:46 +02:00
9e6b2b2d26
* Added missing findings
...
* switched to using the aws account id from the island's configuration page
2018-11-27 16:57:53 +02:00
fb5ae63f04
* Fixed the aws env class to not be static anymore after itay's change.
...
* Added aws region getter
2018-11-27 14:45:44 +02:00
7f8a00ddc1
Merge remote-tracking branch 'origin/feature/report_exporters' into feature/report_exporters
2018-11-27 14:45:12 +02:00
bf29cddf4d
* Fixed the aws env class to not be static anymore after itay's change.
...
* Added aws region getter
2018-11-27 14:44:39 +02:00
8e6ab5b9f5
* Added aws region getter
...
* Moved productARN to server_config.json file
2018-11-27 14:16:06 +02:00
a42d621340
* Added another configuration endpoint for the island specific fields
2018-11-27 14:16:06 +02:00
90554f63cb
* Exceptions handling for sending findings
2018-11-27 14:16:06 +02:00
f506eb3dd1
* a small fixup
2018-11-27 14:16:06 +02:00
a00bfc17e3
* add instance id to domain issues too
2018-11-27 14:16:06 +02:00
1912a27422
* added instance ID to each issue in an aws machine
...
* changed findings resource to ec2 instance id instead of IP
2018-11-27 14:16:06 +02:00
f8f7421c47
* Added aws creds keys to configuration
...
* Added boto session creation using credentials
* Added a flag in the get_config function to separate island configuration values from monkey ones.
2018-11-27 14:16:00 +02:00
dd5bbdec35
* encrypted config
2018-11-27 14:14:41 +02:00
148ee3f0f0
* Added env' config
...
* Added exporters and aws exporter
* changed report generation to be automatic on monkey death with support of on-demand report generation and mongo storage
2018-11-27 14:14:41 +02:00
c888ab7bc9
adding the exporter father class and aws implement
2018-11-27 14:14:41 +02:00
673605b721
* Added aws region getter
...
* Moved productARN to server_config.json file
2018-11-27 14:13:50 +02:00
fdeeed40f4
Merge pull request #214 from guardicore/feature/collect-aws-instanceid
...
Add AWS instance id collector
2018-11-27 04:12:45 -08:00
1c75fbecf0
Modern classes and not old school classes
2018-11-27 14:12:23 +02:00
b3afeee3c0
Rename Aws to proper AWS
2018-11-27 14:10:46 +02:00
b7bfdd7afd
Quick move from unicode to text_type
2018-11-27 11:26:09 +02:00
f82069e9bf
Merge pull request #215 from guardicore/feature/add-support-encrypted-values
...
Add support for strings to be encrypted
2018-11-27 01:20:12 -08:00
c47572cd53
* Added another configuration endpoint for the island specific fields
2018-11-27 11:08:43 +02:00
4365ed2a14
Merge branch 'feature/add-support-encrypted-values' into feature/report_exporters
2018-11-27 10:30:00 +02:00
8eca2ca1e9
* Exceptions handling for sending findings
2018-11-27 10:28:41 +02:00
984a64561e
* a small fixup
2018-11-26 15:04:25 +02:00
4cc85448d7
* add instance id to domain issues too
2018-11-26 14:01:46 +02:00
85d832938d
Small bugfix in web_rce get_open_service_ports
2018-11-26 13:43:15 +02:00
a79c60e9bc
* added instance ID to each issue in an aws machine
...
* changed findings resource to ec2 instance id instead of IP
2018-11-26 12:59:06 +02:00
30a6d7542f
* deleted a line
2018-11-26 12:12:24 +02:00
2dfbc16450
* Added aws creds keys to configuration
...
* Added boto session creation using credentials
* Added a flag in the get_config function to separate island configuration values from monkey ones.
*
2018-11-26 11:48:43 +02:00
f6a0937b22
rename var + comment
2018-11-25 18:45:55 +02:00
fac6f970bb
Add support for strings to be encrypted
2018-11-25 18:38:44 +02:00
eddc4ca36a
Add AWS instance id collector
2018-11-25 16:29:44 +02:00
d21558e81a
* encrypted config
2018-11-25 14:17:20 +02:00
271c024574
* Added env' config
...
* Added exporters and aws exporter
* changed report generation to be automatic on monkey death with support of on-demand report generation and mongo storage
2018-11-25 12:39:47 +02:00
b48cb16088
Comment changed
2018-11-22 19:45:13 +02:00
3124f1eb5e
Merge pull request #211 from VakarisZ/island_config_navigation_ui_fix
...
Makes all tabs of equal height
2018-11-21 06:29:56 -08:00
5ffd22433a
Hadoop windows fixed to be more reliable
2018-11-21 13:32:45 +02:00
8496944409
Fix typo where Oracle WebLogic showed up
2018-11-20 17:46:35 +02:00
22a7a5401c
Hotfix english phrasing in WebLogic recommendation
2018-11-19 19:15:02 +02:00
3503bf9ccb
Makes all tabs of equal height
2018-11-19 15:55:18 +02:00
7179d840a7
adding the exporter father class and aws implement
2018-11-19 15:40:16 +02:00
472518bacf
Merge pull request #207 from VakarisZ/RDP_grinder_utf_fix
...
Fixes the problem of rdp grinder not being able to handle utf encoded credentials.
2018-11-19 01:36:27 -08:00
05103c21a2
Merge pull request #198 from guardicore/bugfix/uuid_to_string
...
Bugfix JWT expects input of string
2018-11-18 08:49:04 -08:00
8b81d32bab
Hotfix of issues enum
2018-11-18 15:20:01 +02:00
83da1cc23e
updated readme.txt and _MONGO_UURL to support connecting to external MongoDB instance by setting MONKEY_MONGO_URL env variable
2018-11-12 10:18:43 -08:00
fa8975706e
Cosmetic changes
2018-11-12 16:23:01 +02:00
b42ff98f9f
Converts utf to ascii and fixes the problem of rdp grinder not being able to handle utf encoded credentials
2018-11-12 16:17:12 +02:00
8994b0671f
fixed CR
2018-11-11 20:03:17 +02:00
f79629819e
Fix traceroute
2018-11-11 17:13:30 +02:00
9812dcd77d
A typo in the report page
2018-11-11 15:18:52 +02:00
3bb8531b4d
HOTFIX: Better label constructing for dup passwords issue
2018-11-11 14:01:03 +02:00
b14384fcb5
HOTFIX: Ignored cases where a user doesn't have hostname in shared_passwords issue
2018-11-11 12:16:54 +02:00
0361219488
HOTFIX: missing pckg in requirements.txt -fixed
2018-11-07 16:05:36 +02:00
b616e27cf8
Merge pull request #203 from VakarisZ/development_fixes
...
Added a few missing steps to monkey_island setup instructions
2018-11-07 01:31:12 -08:00
527c06b35c
Changed rule no. 0. to be more general and without typos.
2018-11-06 18:34:36 +02:00
ac3955e32e
Merge remote-tracking branch 'origin/develop' into develop
2018-11-06 18:20:11 +02:00
73856a8be9
HOTFIX: fixing location to be str and not unicode, BytesIO cant work with unicode.
2018-11-06 18:19:52 +02:00
8ca74f7d09
Merge pull request #202 from guardicore/bugfix/find_server_timeout
...
Bugfix/fix server timeout
2018-11-06 16:00:11 +02:00
9e68bf0bed
Added a few missing steps to monkey_island setup instructions (readme.txt in monkey_island)
2018-11-06 13:41:43 +02:00
fa1e1ce33c
Merge pull request #170 from guardicore/nadler/pth
...
Nadler/pth
2018-11-06 12:16:18 +02:00
cf9656068b
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:32 +02:00
5b8b0258c0
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:28 +02:00
c28f2d6c63
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:23 +02:00
f12ee32e21
Update monkey/monkey_island/cc/services/pth_report.py
...
Co-Authored-By: MaorCore <39161867+MaorCore@users.noreply.github.com>
2018-11-05 16:48:18 +02:00
53ed6004b5
Second Fix: info log wasn't being created on some envs
...
Changed the path to the json config file to be a relative generic path
2018-11-05 16:10:27 +02:00
bdda578920
First fix: No indication for bad configuration file loaded via the "Import" button in configuration page.
...
Added specific error handling for that part.
2018-11-05 15:15:02 +02:00
0bd252d832
RE-CR: more docs
2018-10-31 14:51:23 +02:00
3bf917af80
RE-CR: tiny corrections
2018-10-31 14:28:52 +02:00
707c88434c
RE-CR: changed names, added doc, created consts.
2018-10-31 14:20:56 +02:00
3a2d9a9cc2
Excluded the name Administrator from the shared admin issue, it spams
...
the report
2018-10-29 15:25:30 +02:00
f60c12b391
Added hostname to all issues generated
2018-10-29 15:01:23 +02:00
242c2c8700
Added hostname to shared creds users
2018-10-29 14:24:52 +02:00
b85fb8c94a
Some bug fixes and CR after shocks
2018-10-29 13:06:09 +02:00
17b344f62f
99% done with RCR, not yet been tested.
2018-10-25 14:17:31 +03:00
f547b23ef8
imports fix
2018-10-23 11:50:24 +03:00
d02b9c2538
small bug fix
2018-10-22 17:16:58 +03:00
3e90b6d495
fixed imports
2018-10-22 17:09:57 +03:00
5c9e8dc6d0
cleared old files
2018-10-22 16:34:23 +03:00
bacaf97b77
Merge branch 'develop' into feature/mssql_exploiter
...
# Conflicts:
# monkey/infection_monkey/config.py
# monkey/infection_monkey/example.conf
# monkey/infection_monkey/exploit/__init__.py
# monkey/monkey_island/cc/services/report.py
# monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js
2018-10-22 12:08:16 +03:00
029c278a82
added png assets for the report
2018-10-18 18:34:34 +03:00
25ab7f6ffe
back-merge with develop
2018-10-18 18:26:09 +03:00
c208d0ebe8
re-arranged the code and cleaned up a bit
2018-10-18 17:10:14 +03:00
372a08791d
Change timeout
2018-10-18 15:47:12 +03:00
a44e9a901f
Limit monkey lookup in find_server.
...
Prevents a situation where the Monkey attempts to connect to a server,
but it's not accessible over the regular port but requires a tunnel.
However the Monkey on the other side will quit before getting the tunnel
request because the isolated monkey is waiting forever
2018-10-17 16:45:48 +03:00
b443652b0e
Cleaned up the code and removed not needed files
2018-10-16 18:53:56 +03:00
4ce30de302
Changed the way the username is displayed in the shared admin bulletin
2018-10-16 13:59:32 +03:00
ab8ee08b47
Added strong users table in the report and removed old files
2018-10-16 12:05:09 +03:00
64c072950c
Dropper expects to know where is it going to
2018-10-14 20:05:49 +03:00
c8e547ee8a
cleaned up imports
2018-10-14 17:58:51 +03:00
822e54f373
This commit isn't final. I want to reorganise the code structure a bit,
...
to make it prettier and readable, also to add docs.
Still need to update the report's text.
2018-10-14 17:57:15 +03:00
f39ee62668
Fix base path for monkey download after refactor
2018-10-14 16:35:42 +03:00
010183811c
Bugfix JWT expects input of string
2018-10-11 17:48:29 +03:00
9f70a7491c
Fixed logger configuration file path
2018-10-11 16:26:57 +03:00
9a05d0e87d
WIP pth feature
2018-10-11 16:20:12 +03:00
93da8609ae
Merge pull request #194 from VakarisZ/web_rce_config_fix
...
Web rce config quickfix
2018-10-10 11:10:47 -07:00
ca7abbf3cd
WebRCE _config bugfix
2018-10-10 20:50:28 +03:00
3341060102
Revert "WebRCE config bug quickfix"
...
This reverts commit 1830a4a709
2018-10-10 20:48:03 +03:00
1830a4a709
WebRCE config bug quickfix
2018-10-10 20:46:03 +03:00
7614170f8d
Increased all intervals in UI code to 5 seconds
2018-10-10 20:19:46 +03:00
5240b4c0f0
Merge branch 'develop' of https://github.com/guardicore/monkey into develop
2018-10-10 17:19:24 +03:00
1f65799828
Merge branch 'develop' of https://github.com/guardicore/monkey into develop
2018-10-01 09:03:02 +03:00
70f5496475
Implement traceroute for Linux and Windows over existing tools.
2018-09-20 18:00:59 +03:00
fb4381d412
Merge pull request #187 from guardicore/bugfix/tcp_timeout
...
Fix typo in tcp_scan_ports
2018-09-18 16:52:02 +03:00
81694862b6
Merge branch 'develop' into nadler/pth
2018-09-16 14:21:28 +03:00
aaba30b6b7
Fix typo
2018-09-16 13:46:06 +03:00
1df40008d8
Merge branch 'develop' of https://github.com/guardicore/monkey into develop
2018-09-13 18:39:19 +03:00
6eb48c4445
See
...
https://stackoverflow.com/questions/27287391/why-not-generate-the-secret-key-every-time-flask-starts
2018-09-13 16:05:30 +03:00
080e3ab23d
Merge remote-tracking branch 'origin/develop' into feature/support-common-folder
...
# Conflicts:
# infection_monkey/transport/__init__.py
# monkey/infection_monkey/config.py
# monkey/infection_monkey/exploit/__init__.py
# monkey/infection_monkey/exploit/elasticgroovy.py
# monkey/infection_monkey/exploit/sambacry.py
# monkey/infection_monkey/exploit/struts2.py
# monkey/infection_monkey/exploit/tools.py
# monkey/infection_monkey/network/tcp_scanner.py
# monkey/infection_monkey/system_info/mimikatz_collector.py
# monkey/monkey_island/cc/ui/cfg/base.js
# monkey/monkey_island/cc/ui/cfg/defaults.js
# monkey/monkey_island/cc/ui/cfg/dev.js
# monkey/monkey_island/cc/ui/cfg/dist.js
# monkey/monkey_island/cc/ui/cfg/test.js
2018-09-09 14:43:03 +03:00
66876fb970
Merge pull request #177 from acepace/feature/common-folder-import-rewrite
...
Rewrote config parsing
2018-08-30 15:00:55 +03:00
f6cb7ab655
Fix possible empty initialization of scanner class.
...
Scanner now defaults to none, and we need to handle that case in the scanner.
2018-08-29 11:37:00 -04:00
83b1933296
Remove subcasing for classes
2018-08-29 10:20:30 -04:00
3ce81ee78a
Rewrote config parsing. Avoid the horrible cast by example function and avoid possible circular import issues.
2018-08-27 11:16:40 -04:00
cad9aca5dd
Fix one more old style import
2018-08-27 11:06:58 -04:00
b23418782c
Move configuration to be a exploit object field rather than every exploit importing it.
2018-08-27 11:04:09 -04:00
be08027221
Fix relative imports
2018-08-27 10:58:43 -04:00
83d41df875
Fix another merge fail
2018-08-06 14:30:38 +03:00
063ecd9313
Add files dropped in merge
2018-08-06 14:18:03 +03:00
26337e3a7a
Merge remote-tracking branch 'origin/develop' into feature/support-common-folder
...
# Conflicts:
# infection_monkey/network/__init__.py
# infection_monkey/transport/__init__.py
# monkey/infection_monkey/config.py
# monkey/infection_monkey/dropper.py
# monkey/infection_monkey/exploit/__init__.py
# monkey/infection_monkey/transport/ftp.py
2018-08-06 12:17:25 +03:00
25f0c08528
Fix python dep installation issues
2018-08-05 14:58:19 +03:00
4017e189ab
Another stupid path fix
2018-08-05 14:21:37 +03:00
4e84c87050
Add missing files
2018-08-05 13:35:48 +03:00
ddaeb7dbf8
more fixes to deb
2018-06-13 20:48:04 +03:00
79d8012bb2
Merge branch 'develop' into feature/support-common-folder
...
# Conflicts:
# monkey/infection_monkey/exploit/shellshock.py
# monkey/infection_monkey/test/config__test.py
2018-06-13 18:03:43 +03:00
36230fa25c
monkey island can now be run from both monkey_island.py and run_cc.bat
2018-06-13 15:40:13 +03:00
4e207256dd
infection monkey works via infection_monkey.py or monkey.exe
2018-06-13 14:38:58 +03:00
8a56144a09
Various required fixes
2018-05-23 20:29:32 +03:00
d30f2cf8dc
Update scripts
2018-05-23 20:26:33 +03:00
a594bd11c2
Update gitignore, another relative file fix
2018-05-23 16:09:35 +03:00
0c6f9cb7c2
Move everything under monkey
2018-05-23 16:05:41 +03:00
VakarisZ
itay
Daniel Goldberg
Dhayalan
itaymmguardicore
VakarisZ
maor.rayzin
MaorCore
Ace Pace
Patrick Neise