c129f809b0
UI: Rename function to make more sense
2022-02-09 14:28:04 +05:30
c458f933c4
Agent: Remove print statement for policyuniverse in monkey spec
2022-02-09 14:28:04 +05:30
fcbdb5a65f
Common: Remove disused get_host_from_network_location() function
2022-02-09 14:27:20 +05:30
c1c04d804f
Agent: Remove disused is_running_on_island() function
2022-02-09 14:27:20 +05:30
c0d1df6252
UI: Remove Scoutsuite reporting
2022-02-09 14:27:20 +05:30
cb6bafa64a
Common: Remove Scoutsuite constants
2022-02-09 14:27:20 +05:30
7243406b06
Island: Remove endpoints/resources/services related to Scoutsuite
2022-02-09 14:27:20 +05:30
88f156ea40
UI: Rename function in RunOptions.js more appropriately
2022-02-09 14:27:20 +05:30
c357ee410e
UI: Remove Scoutsuite option from Run Monkey page
2022-02-09 14:27:20 +05:30
c2c609aa3a
UT: Remove Scoutsuite's unit tests
2022-02-09 14:27:20 +05:30
894250f965
UT: Modify comments in test_pillar_service.py to be accurate
2022-02-09 14:27:20 +05:30
788641b7d6
UT: Fix test_principle_service tests
...
And modify data in test_pillar_service.py accordingly
2022-02-09 14:27:20 +05:30
b23360db37
Island: Remove ScoutSuiteFinding
2022-02-09 14:27:20 +05:30
039a62a224
Island: Remove ScoutSuiteRawDataService
2022-02-09 14:27:20 +05:30
a35f141cbe
Island: Remove scoutsuite findings and rules
2022-02-09 14:27:20 +05:30
75f23b6032
Island: Remove ScoutSuite rule path creators
2022-02-09 14:27:20 +05:30
2728404a15
Island: Remove ScoutSuiteZTFindingService
2022-02-09 14:27:20 +05:30
7498cbbe56
Common: Remove RulePathCreatorNotFound Exception
2022-02-09 14:27:20 +05:30
d2947796ff
Island: Remove ScoutSuiteRuleService
2022-02-09 14:27:20 +05:30
5423bbbb35
Common: Remove ScoutSuite telemetry category
2022-02-09 14:27:20 +05:30
fe459ddd3f
Island: Remove ScoutSuite telemetry processing
2022-02-09 14:27:20 +05:30
9e9e8be87c
Agent: Remove ScoutSuiteTelem
2022-02-09 14:27:20 +05:30
2f397ad37e
Common: Remove ScoutSuiteScanError
2022-02-09 14:27:20 +05:30
16bb13fc10
Agent: Remove ScoutSuite system info collector
2022-02-09 14:27:20 +05:30
ee0c98a435
Agent: Implement scan_tcp_ports in tcp_scanner
...
Move check_tcp_ports to tcp_scanner
Issue #1601
PR #1702
2022-02-08 15:03:12 -05:00
3451724641
Agent: Rename elasticfinger.py -> elasticsearch_fingerprinter.py
2022-02-08 13:00:35 -05:00
a02b13cdc2
Island: Fix logic error in ConfigService
...
The ConfigService would only translate the old fingerprinter names to the
new names if HTTPFinger was enabled. This change rectifies the issue.
2022-02-08 13:00:35 -05:00
69fa4adf1f
Island: Add comment describing _translate_fingerprinter_name()
2022-02-08 09:04:59 -05:00
0a04e846ba
Agent: Add missing return type to HTTPFingerprinter
2022-02-08 08:48:17 -05:00
373a25d5f6
Agent: Improve comments in HTTPFingerprinter
2022-02-08 08:41:00 -05:00
8e4eeb2f5e
Agent: Fix inaccurate type-hint in IPScanner._run_fingerprinters()
2022-02-08 07:45:24 -05:00
0b33aacb82
Island: Add missing return types to some functions in ConfigService
2022-02-08 07:38:24 -05:00
916222c2d9
UT: Add unit tests for HTTPFingerprinter
2022-02-07 14:24:45 -05:00
479627c71e
Agent: Load the HTTPFingerprinter using the new name, "http"
2022-02-07 14:24:45 -05:00
207a65e2a9
Island: Simplify the names of fingerprinters in the config
2022-02-07 14:24:45 -05:00
6d5b55be10
Agent: Implement fingerprinting in Puppet
2022-02-07 14:24:45 -05:00
46487be05d
Agent: Handle new fingerprinters config format in IPScanner
2022-02-07 14:24:45 -05:00
a989e5543a
Island: Format fingerprinter config with options
2022-02-07 14:24:45 -05:00
4b2fb260c3
Agent: Rename HTTPFinger -> HTTPFingerprinter
2022-02-07 14:24:45 -05:00
f5ef660bd2
Agent: Refactor HTTPFinger to conform to IFingerprinter interface
...
* Remove dependency on Plugin, HostFinger, and WormConfiguration
* Improve readability
* Reduce unnecessary HTTP requests by using the PortScanData to only
query ports we know are open.
2022-02-07 14:24:45 -05:00
4361aa2325
Agent: Add IFingerprinter
2022-02-07 14:24:45 -05:00
5695808adb
Agent: Add options parameter to IPuppet.fingerprint()
2022-02-07 14:24:45 -05:00
0dae58baaf
Agent, UT: Change puppet interface to use scan_tcp_ports
...
Instead of using scan_tcp_port and scan each port seperately
we can use scan_tcp_ports which will recieve list of ports
for the specific host and return dictionary of port:PortScanData
items. There was no point of scanning each port seperately.
2022-02-07 14:24:20 -05:00
f07c876d31
Agent: Add code review comments to check_tcp_ports()
2022-02-07 07:42:07 -05:00
d77af7de0b
Merge pull request #1689 from guardicore/1676-remove-agent-bootloader
...
Remove agent bootloader
2022-02-03 12:13:27 -05:00
da58392050
Agent: Reset signal handlers after the Master is cleaned up
...
After the Master terminates, this resets the signal handlers to the
default handlers provided by Python.
2022-02-03 07:58:24 -05:00
3f639d40f3
Agent: Add pkg_resources.py2_warn in the spec file.
2022-02-03 13:49:01 +01:00
019f2c1403
Agent: Implement ping scanning in Puppet
...
Fixes #1602
PR #1691
2022-02-02 09:14:27 -05:00
9f2fe5e513
Agent: Refactor ping_scanner to remove unnecessary inheritance
2022-02-02 09:14:27 -05:00
28d03339bf
Island: Small formatting change in config model
2022-02-01 18:27:51 +01:00
25f1195475
Island, UI: remove starting node states
...
Since bootloader is gone, nothing sets the state of the node to "starting"
2022-02-01 18:27:51 +01:00
79ab06e575
Island, UI: remove starting node states
...
Since bootloader is gone, nothing sets the state of the node to "starting"
2022-02-01 18:27:51 +01:00
28875fd55f
Agent: Change pyinstaller version to 4.2
...
Remove altgraph and importlib-metadata since upstream
pyinstaller includes them.
2022-02-01 18:26:49 +01:00
a8956a18ff
Island: Remove 'old' node states now that the bootloader is removed
2022-02-01 16:40:06 +01:00
a7f821d20d
Agent: Remove unneeded function `is_local_ips` since bootloader telem was removed
2022-02-01 16:40:06 +01:00
db965e14f8
Agent: Remove do_POST in HTTPConnectProxyHandler
...
As per https://github.com/guardicore/monkey/pull/527 , this code was
added for the bootloader. Now that we're removing the bootloader, this
is no longer needed.
2022-02-01 16:39:57 +01:00
b5c51bedc1
Island, UT: Remove Bootloader endpoint
2022-02-01 15:32:13 +01:00
add449c5f4
Island, UT: Remove bootloader service
2022-02-01 15:32:13 +01:00
fbd36e5b41
Island: Remove Bootloader server
2022-02-01 15:32:13 +01:00
2a4024926b
Agent: Update Pipfile to use an original pyinstaller version instead of
...
our fork
and remove related dependencies as per the comments next to them.
The pyinstaller version is changed to the version that the Island uses.
2022-02-01 15:32:13 +01:00
ceec121d88
Agent: Remove shellcode obfusctor
...
Encryptor which was used in MS08-067 exploiter.
2022-01-31 11:11:33 +01:00
ff87252a24
Agent, Island: Remove MS08_67 exploiter
2022-01-31 11:11:33 +01:00
678db40e25
Agent: Check for spaces in IP or domain names
...
socket.gethostbyname() may return different results on different systems
when provided with an IP address that contains a space. This depends on
python version or other environmental factors. For example:
System 1:
>>> socket.gethostbyname('172.60 .9.109')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known
>>> socket.gethostbyname('172.17 .9.109')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known
System 2:
>>> socket.gethostbyname('172.60 .9.109')
'172.0.0.60'
To remedy this, this commit adds a check to verify that the IP/domain
does not contain a space, as a space is an illegal character in either.
2022-01-27 12:56:40 -05:00
8371a268ba
Island: Change the order of log messages on startup to improve UX
...
Some users were confused when the Island started up and thought it had
frozen. I hope to alleviate this confusion by changing the order of the
log messages. If the last message displayed after initialization
gives the user instructions on accessing the island, hopefully users
will no longer be confused.
PR #1684
2022-01-26 12:09:43 -05:00
a888915577
Agent: Add bool return type hint to _can_propagate()
2022-01-26 08:14:04 -05:00
92636da4b2
Agent: Use Iterable instead of List for type hint in run_plugins()
2022-01-26 08:13:35 -05:00
8cf54e7673
Agent: Fix typo plugin -> plugins in _run_plugins()
2022-01-26 08:11:35 -05:00
1ca8c98b86
Island: Use MappingProxyType for default argument in IslandConfigOptions
2022-01-25 19:57:07 -05:00
3450ac93a3
Agent: Extract code from try/except in _leave_readme_in_target_directory
2022-01-25 19:57:07 -05:00
fae0c8ded2
Agent: Replace if checks with interruptable_iter() in for loops
2022-01-25 19:57:07 -05:00
0c877833c5
Agent: Move master/threading_utils.py -> utils/threading.py
...
Both create_daemon_thread() and interruptable_iter() will need to be
used outside of the master.
2022-01-25 19:57:07 -05:00
df42d0752a
Agent: Add interruptable_iter() generator
2022-01-25 19:57:07 -05:00
f8ea2e06ac
UT: Add test for create_daemon_thread()
2022-01-25 19:57:07 -05:00
ce4c0188c2
Agent: Add missing type hints to dir_utils.py
2022-01-25 19:57:07 -05:00
62efeffe90
Agent: Use iter() to improve InPlaceFileEncryptor._encrypt_file()
2022-01-25 19:57:07 -05:00
fa59f45d31
Agent: Use filter() to improve loop in _process_tcp_scan_results()
2022-01-25 19:57:07 -05:00
ea0ab309d2
Agent: Improve loop code in IPScanner._scan_address()
2022-01-25 19:57:07 -05:00
e1cf4fa9c2
Merge branch 'release/1.13.0' into agent-refactor
2022-01-25 13:35:49 -05:00
189505a97d
Agent: add vulnerable log4shell url's
...
Url's are used in mitre report
2022-01-21 15:35:07 +02:00
39a48c2b64
Merge pull request #1670 from guardicore/1663-log4shell-exploit
...
Log4Shell exploiter
2022-01-21 11:52:14 +02:00
5bf82659bd
UI: Switch CVE-2021-44228 from href to react-bootstrap Button
...
This resolves an eslint error regarding `target="blank"` without
`rel="noopener"` and makes this code more consistent with other code.
2022-01-20 12:14:52 -05:00
d21dd6da13
Agent: Wait for victim to download agent before killing servers
...
The Log4Shell exploiter requires the victim to contact a number of
different servers. Wait a reasonable amount of time for the victim to
call home and download the agent before issuing the shutdown command to
the server.
2022-01-20 10:42:51 -05:00
e576136a63
Agent: Skip Log4Shell exploiter if there are no open ports
2022-01-20 08:52:09 -05:00
6d87289bd0
Agent: Minor change to log statement in ExploitClassHTTPServer
2022-01-20 08:17:57 -05:00
83d2a0aac0
Common, UI: Bump version numbers to 1.13.0
2022-01-20 17:49:02 +05:30
d0e26f770f
Agent: Add lock to HTTPHandler.do_GET() to avoid potential race
2022-01-19 19:37:23 -05:00
76d6071f7c
Island: add cve link to log4shell report
2022-01-19 15:09:03 +02:00
1840dd54ca
Agent: Add class documentation to ExploitClassHTTPServer
2022-01-18 12:33:06 -05:00
63085273a9
Agent: Encapsulate parallelism in ExploitClassHTTPServer
2022-01-18 08:57:05 -05:00
a5a4957c29
Agent: small readability and style improvements
2022-01-18 15:01:47 +02:00
03919c3caf
Agent: fix struts2 url building
2022-01-18 14:29:57 +02:00
76a32d241c
Agent: log4shell readability and style fixes
2022-01-18 12:48:56 +02:00
52ac7dd295
Agent: fix a bug in web_rce url building
...
build_potential_urls was made static and takes IP as first parameter, but the users of this method wasn't changed and only passed ports
2022-01-18 12:22:38 +02:00
f667d9203b
Agent: update Pipfile.lock to contain pyinstaller changes
...
Pyinstaller got changed to not crash ldap server that's running on a spawned process, by continuing if no m0nk3y or dr0pp3r flags are specified
2022-01-18 11:41:18 +02:00
51bf553fb5
Agent, Island: Minor changes to Log4Shell
...
Return types, removing logging from solr service
and change Log4j to Log4Shell in Island reporting
2022-01-17 16:37:03 +01:00
363d0e14bf
UT: Add unit test for Log4Shell LDAPExploitServer
2022-01-14 11:53:50 -05:00
c9e59bd266
Agent: Refactor Log4Shell LDAP server to avoid race condition
...
A race condition existed between the time when the LDAP server was
instructed to start and the first exploit was sent to the victim.
Sometimes, the first exploit would be sent before the LDAP server
finished starting, resulting in failed exploitation.
To remedy this, the LDAPExploitServer.run() function now blocks until
the server has successfully started. Once the server has started,
LDAPExploitServer.run() returns. This allows the caller to have
confidence that the LDAP server is running after LDAPExploitServer.run()
returns and alleviates the need to sleep in order to avoid the race
condition.
2022-01-14 09:43:14 -05:00
d5e05d7885
Agent: Change log level of Log4Shell HTTP startup message to INFO
2022-01-14 09:31:25 -05:00
9f5034a8e5
Agent: fix race condition between ldap server and malicious requests
2022-01-14 12:24:58 +02:00
b94c8e54e2
Agent: Remove POC Docker Service
2022-01-13 16:59:22 +01:00
c2db37df1e
Agent: Use dropper for Log4Shell
2022-01-13 16:55:45 +01:00
a9d735593c
Agent: Wrap log4shell exploiters in a try/except
2022-01-13 08:58:25 -05:00
6b934d6de5
Agent: Wrap log4shell LDAP server in a process
...
A Twisted reactor can only be started and stopped once. It cannot be
restarted after it has been stopped. To work around this, the reactor
is configured and run in a separate process. This allows us to run
multiple LDAP servers sequentially or simultaneously and stop each one
when we're done with it.
2022-01-13 08:58:25 -05:00
24e891d8a8
Agent: Fix formatting of web_rce.py
2022-01-12 19:44:46 -05:00
6fa1d20e6a
Agent: Add _initialize_http_handler() to ExploitClassHTTPServer
2022-01-12 19:27:51 -05:00
176177b8cb
Agent: Use threading.Event() in ExploitClassHTTPServer instead of bool
2022-01-12 19:21:12 -05:00
a3cc641101
UT: Add unit tests for ExploitClassHTTPServer
2022-01-12 19:21:10 -05:00
c2f3042442
Agent: Move definition of exploit template constants for log4shell
...
The LINUX_EXPLOIT_TEMPLATE_PATH and WINDOWS_EXPLOIT_TEMPLATE_PATH are
not used in exploit_builder.py, and therefore have no reason to be
defined in this file. They are now defined in the __init__.py
2022-01-12 16:46:31 -05:00
7733ec29ca
Agent: Add source code for log4shell Java class templates
2022-01-12 16:41:57 -05:00
aa60313787
Agent: Remove commented out code in ExploitClassHTTPServer
2022-01-12 12:33:54 -05:00
3bbf4f9ac6
Agent: Prefix private methods/variables with _ in Log4ShellExploiter
2022-01-12 12:23:44 -05:00
8f53a5ccd0
Agent: Fix min_range in get_free_tcp_port()
...
get_free_tcp_port() effectively ignored the min_range parameter by using
min(1, min_range). This meant that min_range was always 1 (unless a
negative value was passed). As ports lower than 1024 are privileged on
Linux, this lead to the agent trying to bind to ports that it did not
have permission to. By using max(1, min_range), We insure that min_range
is always at least 1, but will still use the provided parameter (1024 by
default).
2022-01-12 12:20:32 -05:00
16219b714b
Agent: Extract Java exploit HTTP server into its own module
2022-01-12 12:11:20 -05:00
b72ad39aa6
Agent: Invoke reactor.stop() with reactor.callFromThread()
2022-01-12 10:53:10 -05:00
f8ac13c164
Island: Add info about Log4Shell to config schema
2022-01-12 14:05:17 +05:30
c51be159b6
Agent: Use classmethods to improve readability of HTTPHandler
2022-01-11 13:08:32 -05:00
b79bf96359
Agent: Don't install signal handlers in LDAPExploitServer
...
This avoids exceptions that are raised when the LDAPExploitServer is not
started on the main thread.
2022-01-11 12:54:53 -05:00
ab7a47384c
Agent, Island: Add Logstash service to Log4Shell exploit
2022-01-11 18:23:15 +01:00
30c41592fb
Agent: Remove dependency on threading from LDAPExploitServer
2022-01-10 08:50:09 -05:00
67ade141a0
Agent: Start log4shell java class server on daemon thread
2022-01-10 08:40:51 -05:00
64827ac589
Agent: Rename IServiceExploiter -> IExploitableService
2022-01-10 08:30:55 -05:00
eb10bdaa4e
Agent: Add unit tests for log4shell ldap server tree
2022-01-10 08:22:01 -05:00
d467f30d16
Island: Fix updating logic for IslandConfigOptions
2022-01-10 08:17:17 -05:00
7ba2051bf6
Agent: fix a bug in log4shell
...
Fix a bug that prevents single agent from exploiting multiple machines, by resetting the state of global HTTPHandler params
2022-01-06 16:58:40 +02:00
a38536b59b
Agent: refactor log4shell
...
Refactor extracts server setup and shutdown functionality into separate methods
2022-01-06 16:35:38 +02:00
79d92afcd4
Agent: Add Apache Tomcat support for Log4Shell exploit
2022-01-06 13:56:17 +01:00
0006112e79
Agent: fix log4shell to be able to exploit more than 1 service
2022-01-06 13:01:50 +02:00
0cd6b1e616
Agent: remove unused upload_monkey() and rename _trigger_exploit
2022-01-06 13:00:37 +02:00
7bace927f8
Agent: fix log4shell to always close ldap and http servers, even on errors
2022-01-06 12:56:04 +02:00
9d5ea0f41f
Island: add log4shell issue processing and reporting
2022-01-06 12:26:00 +02:00
0b76b9f949
Agent: fix log4shell to override the correct _exploit_host method
2022-01-06 12:18:58 +02:00
09988b0f80
Agent: report vulnerable port and service in log4shell
...
Refactor log4shell.py and related service exploiters to adhere to IExploitableService interface and save which service on which port was vulnerable to log4shell
2022-01-05 17:43:28 +02:00
5ac6d12fe9
Agent: fix log4shell exploitation indication
2022-01-05 15:47:45 +02:00
dd3c5aac6f
Agent: small logging improvements in log4shel
2022-01-05 14:21:26 +02:00
d2181f6577
Agent, UT: fix ldap builder UT's and some imports in log4shell
2022-01-05 14:16:24 +02:00
563438c7f8
Agent, Island: Add Apache Solr support for Log4Shell exploit
2022-01-05 12:37:08 +01:00
8a120110f5
Agent: change ldap and http ports to be chosen dynamically in log4shell
2022-01-05 12:46:40 +02:00
0659fddac6
Agent: add the docker POC exploit to log4shell
...
Implements the infrastructure needed to add different log4shell exploits and adds the
2022-01-04 17:48:45 +02:00
206abfa5e8
Agent: refactor a couple web_rce methods to static
2022-01-04 17:41:19 +02:00
e69639b426
Agent: use separate java classes for windows and linux in log4shell
...
Linux and windows targets should use different java classes, because one is compiled to be launched in /bin/bash, another in cmd.exe. We can't just inject the whole command, because Runtime.getRuntime().exec() interprets the string in strange ways
2022-01-04 16:09:19 +02:00
1884c6d767
TEMP: base implementation of the log4shell
2021-12-23 16:45:25 +02:00
41b97cb54a
TEMP: base implementation of the log4shell
2021-12-22 17:17:02 +02:00
fddaa16931
Agent: Improve InvalidExploitTemplateError messages
2021-12-21 15:19:45 -05:00
4d5a2511c6
Agent: Add LDAP server for log4shell exploit
2021-12-21 15:19:44 -05:00
2a795723ab
Agent: Add ldaptor to dependencies
2021-12-21 15:12:50 -05:00
68978907e2
Agent: Add build_exploit_bytecode for log4shell exploiter
2021-12-20 15:12:11 -05:00
a48c1afefd
Agent: Construct concrete puppet in monkey.py
2021-12-20 06:56:47 -05:00
e392915b26
Merge branch '1597-integrate-automated-master' into agent-refactor
2021-12-20 06:55:53 -05:00
50930017fb
Agent: Use address_to_ip_port() in _running_on_island()
2021-12-17 10:55:58 -05:00
b19ce79df6
Agent: Use relative imports within puppet package
2021-12-17 10:25:16 -05:00
7b8b485b57
Agent: Mock out unimplemented functions in Puppet
2021-12-17 10:22:42 -05:00
973c88678e
Agent: Move PluginType to the i_plugin package
2021-12-17 10:13:28 -05:00
afbc313a7c
Agent: Handle interrupts in ransomware
2021-12-17 16:10:42 +01:00
05c5764487
Agent: Add i_puppet package
2021-12-17 09:40:46 -05:00
61a7647f9b
Agent: Add interrupt handling to ransomware
2021-12-17 15:31:20 +01:00
958cf3a252
Agent, UT: Rename 'config' to 'options' in ransomware files
2021-12-17 19:55:26 +05:30
0328d2860e
Agent: Add a RansomwarePayload that implements to the IPayload interface
2021-12-17 09:19:47 -05:00
2299c029d7
Agent: Rename RansomwarePayload to Ransomware
...
A payload adheres to a specific IPayload interface. The class that is
now called RansomwarePayload is just a concrete ransomware. A new
RansomwarePayload will be introduced to wrap the build and execute of
the Ransomware.
2021-12-17 09:16:27 -05:00
0a4ff25843
Agent: Implement Puppet.run_payload()
2021-12-17 09:02:12 -05:00
b798255249
Agent: Add plugin_name attribute to puppet's load_plugin
2021-12-17 09:02:12 -05:00
8e6abcb795
Agent: Add PluginRegistry
2021-12-17 09:02:12 -05:00
ee1fa01dda
UT: Move ransomware unit tests to payload/ransomware/
2021-12-17 09:02:12 -05:00
33e3a31030
Agent: Move ransomware/ to payload/ransomware/
2021-12-17 09:02:04 -05:00
09a1297f47
Agent: User relative imports within ransomware package
2021-12-17 09:00:56 -05:00
c18af3c3fb
Agent: Change return type of IPuppet.run_payload() to None
...
At the moment, we don't expect payloads to return any values. This may
be reevaluated as development proceeds or when telemetry is refactored.
2021-12-17 09:00:54 -05:00
89368f729f
Agent, Common, UT: Separate IP and Port in monkey
...
Instead of splitting IP/port on demand, separate the IP and port from monkey commandline parameter and pass them to VictimHostFactory
2021-12-17 15:30:10 +02:00
3adb1d5b07
Agent: Add IPayload interface
2021-12-17 08:12:37 -05:00
19bcaad7f2
Agent: Fix broken logic in get_local_network_interfaces()
2021-12-17 07:08:48 -05:00
9e127b49ae
Agent: Get local network interfaces inside _build_master()
2021-12-16 19:17:05 -05:00
637053e6cd
Agent: Integrate VictimHostFactory with monkey.py
2021-12-16 15:20:38 -05:00
18fb4e7533
Agent: Add self._default_server to monkey.py
2021-12-16 15:08:43 -05:00
b3bc9b2ffa
Agent: Refactor build_victim_host() to improve readability
2021-12-16 14:39:54 -05:00
b6f2bab15b
Agent: Pass str (not None) to VictimHost constructor
2021-12-16 14:39:54 -05:00
7cb1f761d8
Agent: Add type hints to VictimHost constructor
2021-12-16 14:39:54 -05:00
29d3cc2aaf
Agent, UT: Implement VictimHostFactory
...
Implements and unit tests the VictimHostFactory. The factory allows creation of victims based on current network situation of the agent
2021-12-16 14:39:54 -05:00
ddd8a0e53a
Agent: Build an AutomatedMaster in monkey.py
2021-12-16 14:39:54 -05:00
da3c6a4245
Agent: Add get_local_network_interfaces()
2021-12-16 14:39:54 -05:00
332649d5d1
Agent: Integrate scan_target_generator with AutomatedMaster
2021-12-16 14:39:54 -05:00
8e0efb1993
Island: Replace deprecated logging.warn() with logging.warning()
2021-12-16 14:38:54 -05:00
dc3adc9d8b
UT: Fix annoying pytest warning regarting TestAuthenticationError
2021-12-16 14:37:39 -05:00
e60297dff1
UT: Fix broken mock in test_stop_if_cant_get_stop_signal_from_island
2021-12-16 14:36:33 -05:00
fd29393ce4
Merge pull request #1659 from guardicore/1597-implement-scan-target-generator
...
1597 implement scan target generator
2021-12-16 09:11:23 -05:00
ed16826b87
Agent: Sort scan targets by IP
2021-12-16 09:08:39 -05:00
c8469f5521
Agent: Move _filter_invalid_ranges to NetworkRanges
2021-12-16 08:56:35 -05:00
bfed27301a
Agent: Change `not ==` to `!=` in _remove_blocklisted_ips()
2021-12-16 08:47:29 -05:00
db246d6740
UT: Fix imports in test_scan_target_generator
2021-12-16 08:33:38 -05:00
7c786b0883
Agent: Improve performance of _remove_ips_from_scan_targets()
2021-12-16 08:33:09 -05:00
ec9aaf6b38
Agent: Clarify some names in scan_target_generator
2021-12-16 08:32:50 -05:00
549eb5d389
Agent, UT: Implement domain names in scan_target_generator.py
...
Change the ip strings to NetworkAddress named tuple that has ip and domain name. This tuple better describes the target and is necessary because VictimHost uses domain names
2021-12-16 12:03:40 +02:00
fdaa454c59
Agent: Add unit tests for AutomatedMaster island comms retry
2021-12-15 13:12:20 -05:00
94a42a1469
UT: Make monkey configs available to Island and Agent
2021-12-15 12:59:04 -05:00
baeee8b90a
Agent: Rename _should_retry_task() -> _try_communicate_with_island()
2021-12-15 11:19:29 -05:00
b262be8d1d
Agent: Change log level of "stop signal" message to info
2021-12-15 11:16:14 -05:00
8ec580e19c
Agent: Implement should retry task in automated master
...
Add handling of known requests exceptions in ControlClient.
Moved IslandCommunicationError to IControlChannel
2021-12-15 16:57:39 +01:00
b53fae038d
Agent: Implement should retry task in automated master
...
Add handling of known requests exceptions in ControlClient.
2021-12-15 16:57:39 +01:00
72a5e94111
Agent: Raise custom control client exception
...
Move stop agent timeout to a constant, make custom control
client exception and raise it, reset failed stop after successfull
connection.
2021-12-15 16:55:42 +01:00
f299e61b20
Agent: Handle ControlClient exceptions in AutomatedMaster
2021-12-15 16:53:50 +01:00
f26ff86e2a
Agent: Remove disused PlannedShutdownError
2021-12-15 10:30:22 -05:00
3f9bd24228
Agent: Wait for master to terminate on windows CTRL_CLOSE_EVENT
2021-12-15 10:12:10 -05:00
f46bb60da5
Agent: Add block parameter to IMaster.terminate()
...
This allows the caller to decide whether or not they're willing to wait
for the master to finish shutting down.
2021-12-15 10:12:10 -05:00
a051759764
Agent: Get only the config from the get_config() response
2021-12-15 10:11:32 -05:00
0f149f7eee
Agent: Handle error messages from exploit_host() in MockMaster
2021-12-15 09:44:22 -05:00
ba5d755dfa
Merge pull request #1657 from guardicore/1597-implement-exploitation
...
1597 implement exploitation
2021-12-15 09:11:17 -05:00
a6bb81e473
Agent: Fix order of Exploiter Callback type hint arguments
2021-12-15 08:34:21 -05:00
f1b55b70c2
Agent: Remove redundant check for stop in Exploiter
2021-12-15 08:10:00 -05:00
20890e51ec
Agent: Remove ransomware cleanup function
2021-12-15 07:11:14 -05:00
fc767e2074
Agent: Add missing "f" to f-string
...
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
2021-12-15 06:48:30 -05:00
cabadeb7d1
Agent, UT: Implement scan target validation
...
This changes validate scan target inputs and skip invalid ones. If an invalid blocked IP is specified, then an unhandled exception is raised.
2021-12-15 13:17:30 +02:00
4b3984dbd7
Agent: Add default return value in MockPuppet.exploit_host()
2021-12-14 15:38:15 -05:00
6c1caa1af4
Agent: Improve log message for failed propagation
2021-12-14 15:38:15 -05:00
da61451947
Agent: Fix order of arguments to Exploiter.exploit_hosts()
2021-12-14 15:38:15 -05:00
b466a17f76
Agent: Remove scan_thread from Propagator._exploit_hosts() arguments
2021-12-14 15:38:15 -05:00
bda192eba9
Agent: Extract run_worker_threads() from IPScanner and Exploiter
2021-12-14 15:38:15 -05:00
3394629cb2
Agent: Run exploiters from AutomatedMaster
2021-12-14 15:38:15 -05:00
1e02286b2a
Agent: Add "error_message" to ExploiterResultData
2021-12-14 15:38:08 -05:00
eb7612d80d
Agent: Rename result -> success in ExploiterResultData
2021-12-14 15:37:18 -05:00
09305bca4c
Island: Reformat "exploiter" config options before sending to Agent
2021-12-14 15:36:52 -05:00
93d0bb6cd2
Agent: Add a placeholder VictimHostFactory
...
The AutomatedMaster will need access to the monkey's tunnel, IP
addresses, and default server in order to properly configure the victim
host. The VictimHostFactory can abstract these dependencies away and
handle these details on behalf of the AutomatedMaster.
2021-12-14 15:36:52 -05:00
ffb2da02a3
Agent: Create a concrete puppet class
2021-12-14 10:54:24 -05:00
59ff3d39ce
UT: small readability improvement in test_scan
2021-12-14 17:52:43 +02:00
58da5b85a0
Island, UT: fix target generator bug when big ip is specified first
...
192.168.56.2-192.168.56.1 is now a valid range, will return both of these addresses
2021-12-14 17:52:43 +02:00
2329f80382
Island, UT: Implement segmentation scan targets in scan target generation
2021-12-14 17:52:43 +02:00
0e368fbfe9
Agent: Add load_plugin function to MockPuppet
2021-12-14 10:48:13 -05:00
fa2d2fdec2
Agent: Add load_plugin function to IPuppet
2021-12-14 10:48:13 -05:00
cd8a4d4b1f
Agent: Add PluginType enum
2021-12-14 10:48:13 -05:00
0bf7067cea
UI: Remove monkey section from UI schema
2021-12-14 16:01:25 +01:00
252bb4fcf8
Island: Remove monkey tab from configuration internal
2021-12-14 16:00:45 +01:00
746d46c326
UT: Remove tcp_scan_get_banner option from config
2021-12-14 16:00:45 +01:00
79362dd066
Island: Remove tcp scan get banner checkbox
2021-12-14 16:00:45 +01:00
c78b89d43d
Agent: Remove tcp scan get banner option
2021-12-14 16:00:45 +01:00
210e981f7e
UT: Remove tcp scan interval option from configs
2021-12-14 16:00:45 +01:00
c2e76b6462
Island: Remove tcp scan interval option
2021-12-14 16:00:45 +01:00
b9219e3783
Agent: Remove tcp scan interval option
2021-12-14 16:00:45 +01:00
ea08e2c420
UT: Remove max victims to exploit from configs
2021-12-14 16:00:45 +01:00
9fa489b046
Island: Remove max victims to find options
2021-12-14 16:00:45 +01:00
b02d277e55
Agent: Remove max victims to exploit option
2021-12-14 16:00:45 +01:00
f0e06274c6
UT: Remove max victims to find option from configs
2021-12-14 16:00:45 +01:00
ba34f775ae
Island: Remove max victims to find option
2021-12-14 16:00:45 +01:00
4eca5b5a97
Agent: Remove max victims to find option
2021-12-14 16:00:45 +01:00
0a44b1f12e
UT: Remove MySQL fingerprinter from monkey test config
2021-12-14 14:50:32 +01:00
2c4420ccff
Island: Remove MySQL fingerprinter from config schema
2021-12-14 14:49:45 +01:00
cb2ca5be46
Agent: Remove MySQL fingerprinter
2021-12-14 14:48:44 +01:00
7b2756bab0
UT: Mark some slow tests as "slow"
2021-12-14 07:26:27 -05:00
0b6199e7eb
UT: Fix misspelled stopable -> stoppable
2021-12-14 07:16:20 -05:00
b28f330e8f
Agent: Remove duplicate functionality that checked for open port
2021-12-14 07:15:50 -05:00
7e3945dd02
Agent: Add TODO to Propagator
2021-12-13 14:21:04 -05:00
2dc6e0600d
Agent: Pass ping_scan_data and port_scan_data to IPuppet.fingerprint()
...
Fingerprinters can reuse the port scan data to avoid unnecessarily
rescanning the hosts' ports.
2021-12-13 14:13:10 -05:00
e524718960
Island: Reformat "finger_classes" config options before sending to Agent
2021-12-13 13:58:30 -05:00
d51af8a583
Agent: Add IPScanResults dataclass
2021-12-13 13:28:40 -05:00
8067dc9ff8
Agent: Process fingerprinter results in Propagator
2021-12-13 13:06:44 -05:00
Shreya Malviya
Ilija Lazoroski
Mike Salvatore
vakarisz
VakarisZ