Commit Graph

1460 Commits

Author SHA1 Message Date
itaymmguardicore bed482d70b
Merge pull request #169 from guardicore/feature/wrap-mimikatz-zip
Make mimikatz inside zip and extract only if config says so
2018-08-29 17:28:27 +03:00
Vakaris a2bebca4bc spaces removed 2018-08-29 17:20:43 +03:00
Daniel Goldberg 83b1933296 Remove subcasing for classes 2018-08-29 10:20:30 -04:00
Vakaris 477836e1c9 Blank newline added to match source file 2018-08-29 17:19:51 +03:00
Vakaris 304f5bd643 Removed unused commands 2018-08-29 17:14:55 +03:00
itaymmguardicore 91c37cc68f
Merge pull request #180 from VakarisZ/WebLogic_with_framework
Web logic with framework
2018-08-29 17:02:14 +03:00
Itay Mizeretz cd020668ef Add note regarding 7zip 2018-08-29 16:58:33 +03:00
Itay Mizeretz 5b6a9595f4 mimikatz zip is now in datas 2018-08-29 16:56:55 +03:00
Vakaris 4d6472cce1 Ports are now taken from elastic_fingerprint module 2018-08-29 16:55:35 +03:00
Vakaris d4262ef0bd Removed unused constants 2018-08-29 16:55:35 +03:00
Vakaris 56b3190cb5 Refactored elastic according to latest web_rce framework changes. Tested on windows and linux 2018-08-29 16:55:35 +03:00
Vakaris 76523e7379 Refactored elastic for latest framework changes 2018-08-29 16:55:35 +03:00
Vakaris a54eedec11 Commands tested and working on windows. 2018-08-29 16:55:35 +03:00
Vakaris 7e2cc86ab9 Code cleaned and tested on ubuntu 2018-08-29 16:55:35 +03:00
Vakaris 8ddfb03f27 Uploaded and modified standard web_rce code usage.Not working, not tested 2018-08-29 16:55:35 +03:00
Vakaris 3f809403d1 Custom http server class moved to the end of file 2018-08-29 16:55:03 +03:00
itaymmguardicore 9317d0a805
Merge pull request #179 from VakarisZ/Struts2_with_framework
Struts2 with framework
2018-08-29 15:05:09 +03:00
itaymmguardicore aab8f9295e
Merge pull request #178 from VakarisZ/WebRCE_Framework
Added functions get_monkey_paths and run_backup_commands
2018-08-29 15:01:12 +03:00
itaymmguardicore 7a5e53ee69
Merge pull request #176 from acepace/feature/support-common-folder-exploit-import
Feature/support common folder exploit import
2018-08-29 14:52:34 +03:00
Vakaris 57e795573e Documented what's required and other minor changes 2018-08-29 14:43:40 +03:00
Vakaris 307a7c396c Notes fixed and tested 2018-08-29 14:43:39 +03:00
Vakaris 39bb41ed25 Removed unused imports and tested 2018-08-29 14:43:39 +03:00
Vakaris f001403a92 Fixed lock bug and made uploaded monkey names standard 2018-08-29 14:43:39 +03:00
Vakaris 8e8422b3b7 Lock changed from singleton into local variable 2018-08-29 14:43:39 +03:00
Vakaris 8fd42abd5d Refactored according to final web_rce framework changes 2018-08-29 14:43:39 +03:00
Vakaris 10528c313d Webblogic refactored to web RCE framework changes(from static methods into class methods) 2018-08-29 14:43:39 +03:00
Vakaris 66bc852742 Bugfix: http servers thread is stopped if remote target is not vulnerable 2018-08-29 14:43:39 +03:00
Vakaris ab64e78f00 Core functions of Oracle weblogic rce 2018-08-29 14:43:39 +03:00
Vakaris 8af2ab70e7 Removed unused import statement 2018-08-29 14:42:40 +03:00
Vakaris 2295f2c0ab More pythonic and clean way to apply function to url_list 2018-08-29 14:42:40 +03:00
Vakaris 84fb96d0de struts built_potential_url's now use map function to save code 2018-08-29 14:42:40 +03:00
Vakaris b07e70855c Refactored struts2 to overload get_exploit_config 2018-08-29 14:42:40 +03:00
Vakaris 071535fd01 Struts2 refactored to use default_exploit_host function 2018-08-29 14:42:40 +03:00
Vakaris beb8dfed92 Struts2 refactored for framework fixes 2018-08-29 14:42:40 +03:00
Vakaris 8d7221eada Struts2 core functions 2018-08-29 14:42:40 +03:00
Vakaris 87b0afae88 Minor changes in run_backup_commands 2018-08-29 14:41:02 +03:00
itaymmguardicore f594a5681f
Merge pull request #175 from acepace/bugfix/imports
Fix relative imports
2018-08-29 14:06:09 +03:00
Vakaris 592dd27d91 Added functions get_monkey_paths and run_backup_commands 2018-08-28 20:51:25 +03:00
Daniel Goldberg 3ce81ee78a Rewrote config parsing. Avoid the horrible cast by example function and avoid possible circular import issues. 2018-08-27 11:16:40 -04:00
Daniel Goldberg cad9aca5dd Fix one more old style import 2018-08-27 11:06:58 -04:00
Daniel Goldberg b23418782c Move configuration to be a exploit object field rather than every exploit importing it. 2018-08-27 11:04:09 -04:00
Daniel Goldberg be08027221 Fix relative imports 2018-08-27 10:58:43 -04:00
itaymmguardicore dbbb3f143e
Merge pull request #172 from VakarisZ/WebRCE_Framework
Changed constructor to have default paths set to None for convienience
2018-08-26 11:11:30 +03:00
Vakaris bd8423216b Changed constructor to have default paths set to None for convienience 2018-08-23 18:35:30 +03:00
maor.rayzin c373bfbcfb * integrated parts of the pth report to the main report module.
* Changed the ui a bit, removed some tables and add information to the current tables.
2018-08-23 15:17:08 +03:00
itaymmguardicore 685371a062
Merge pull request #168 from VakarisZ/Struts2_with_framework
Struts2 vulnerability with framework
2018-08-23 15:08:36 +03:00
Vakaris 3ff823ab04 Removed unused import statement 2018-08-23 15:06:58 +03:00
Vakaris 1c5c010028 More pythonic and clean way to apply function to url_list 2018-08-23 14:37:31 +03:00
Itay Mizeretz 5489a68049 Remove unecessary consts 2018-08-23 14:10:50 +03:00
Vakaris ef4eadf64a struts built_potential_url's now use map function to save code 2018-08-23 13:51:11 +03:00