Ilija Lazoroski
871b02d514
Agent: Stop Hadoop http_thread regardless the exploit result
2022-02-24 12:21:54 +01:00
Shreya Malviya
4d6869fbf6
Agent: Use `ExploiterWrapper` for loading the Hadoop exploiter
2022-02-24 13:29:53 +05:30
Shreya Malviya
eb9adc08c2
Agent: Override `HostExploiter`'s `pre_exploit()` in `WebRCE`
2022-02-24 13:21:15 +05:30
Ilija Lazoroski
87547c4da1
Agent: Use http_ports from exploiter options in WebRCE
2022-02-24 13:21:15 +05:30
Ilija Lazoroski
b859b8820f
Island: Add HTTP_PORTS to exploiter common options
2022-02-24 13:21:15 +05:30
Ilija Lazoroski
34953f1c88
Agent: Enable Hadoop exploiter to run
2022-02-24 13:21:12 +05:30
Ilija Lazoroski
1223e2acf3
Agent: Use exploiter options in WebRCE
2022-02-24 13:20:20 +05:30
Ilija Lazoroski
67083fe336
Agent: Use ITelemetryMessenger to send telemetries in WebRCE
2022-02-24 13:20:20 +05:30
Shreya Malviya
57eca553a7
Agent: Send ExploiterResultData from Hadoop exploiter
2022-02-24 13:20:20 +05:30
Shreya Malviya
90646a6ff9
Agent: Remove code that set host architecture in Hadoop exploiter
2022-02-24 13:20:20 +05:30
Shreya Malviya
79ccabceb1
Agent: Make some functions private in the Hadoop exploiter
2022-02-24 13:20:20 +05:30
Shreya Malviya
ad5ce8e7d2
Agent: Remove `blind_exploit` logic from web_rce.py and weblogic.py
2022-02-24 13:20:20 +05:30
Shreya Malviya
0501bb7037
Agent: Remove architecture setting from web_rce.py
2022-02-24 13:20:20 +05:30
Mike Salvatore
5cbcb88dd6
Agent: Add ExploiterWrapper
...
Issue #1605
PR #1739
2022-02-23 16:37:23 -05:00
Mike Salvatore
2431e2f20b
Agent: Fix typo in "exploitation_result" key
2022-02-23 12:00:42 -05:00
VakarisZ
48e8420b4d
Merge pull request #1734 from guardicore/1695-parsing-ssh-keys
...
1695 ssh keys processing
2022-02-23 17:39:56 +02:00
vakarisz
e17d95bf18
Island: small improvements code style in credential parsing code
2022-02-23 17:38:15 +02:00
Mike Salvatore
57e6d0208d
Merge pull request #1735 from guardicore/1733-remove-shellshock-exploit
...
Remove shellshock exploit
2022-02-23 10:27:22 -05:00
Mike Salvatore
55c3236d8e
Changelog: Remove ShellShock exploiter
2022-02-23 10:24:23 -05:00
Mike Salvatore
cdd28dda7b
Merge branch '1605-resolve-circular-dependency' into agent-refactor
...
Issue #1605
2022-02-23 09:45:41 -05:00
Mike Salvatore
32d618ac92
Agent: Modify IPuppet interface to take VictimHost instead of object
2022-02-23 09:26:04 -05:00
Mike Salvatore
b17c85cd01
Agent: Extract network_scanning package from network package
...
This resolves some circular dependencies between Tunnel, IPuppet, and
VictimHost.
2022-02-23 09:23:42 -05:00
Mike Salvatore
62f1861193
Agent: Remove disused NetworkScanner
2022-02-23 09:23:36 -05:00
Mike Salvatore
7d0e177e7a
Merge pull request #1727 from guardicore/1605-modify-ssh-exploit
...
Modify SSH exploit
2022-02-23 09:16:11 -05:00
Mike Salvatore
0f0edc3439
Agent: Log error messages at error level in SSHExploiter
2022-02-23 09:08:28 -05:00
vakarisz
9d23c3dd62
UT: fix test data to contain credential type in capitals
2022-02-23 16:00:31 +02:00
vakarisz
04b217cde5
Island: remove code duplication in credentials_parser.py
2022-02-23 15:52:04 +02:00
vakarisz
9396ac7512
Island, UT: fix ssh key processing, add unit tests
2022-02-23 15:49:56 +02:00
vakarisz
ddb227b181
Island: sort telem processing functions alphabetically
2022-02-23 15:49:56 +02:00
vakarisz
a1073bdb34
Island: add monkey guid to credentials object
2022-02-23 15:49:56 +02:00
vakarisz
1fe1293405
UT: export credential testing infrastructure to conftest
2022-02-23 15:49:56 +02:00
vakarisz
8dd033c212
Island: refactor credential parser to use Credentials object
2022-02-23 15:49:54 +02:00
vakarisz
3ff9bbe327
UT: add a test for parsing username with special characters
2022-02-23 15:47:14 +02:00
vakarisz
8dedb7eac5
Island: Revert "Island: remove unfinished ssh key processor"
...
This reverts commit 0cbfc79a92
.
2022-02-23 15:47:14 +02:00
Mike Salvatore
8e953359f8
Common: Use Enum.auto() for CredentialComponentType values
2022-02-23 08:44:41 -05:00
Mike Salvatore
7c9c4cf9fb
Island: Compare Enums instead of strings in parse_credentials()
2022-02-23 08:44:02 -05:00
Mike Salvatore
dc4273f970
Agent: Use Enum for credential_type instead of string (Enum.value)
2022-02-23 08:15:27 -05:00
Shreya Malviya
e993998432
Agent: Make ExploiterResultData a dataclass instead of a named tuple
...
and modify HostExploiter and the SSH exploiter accordingly
2022-02-23 18:28:32 +05:30
Ilija Lazoroski
d8e203dd50
Project: Change readme and remove shellshock from vulture
2022-02-23 13:50:12 +01:00
Ilija Lazoroski
ddc77e6d6a
Zoo: Remove ShellShock Exploiter
2022-02-23 13:50:12 +01:00
Ilija Lazoroski
fe3b263398
Docs: Remove ShellShock documentation
2022-02-23 13:50:12 +01:00
Ilija Lazoroski
291755e5c9
UT: Remove ShellShock from tests config
2022-02-23 13:50:05 +01:00
Ilija Lazoroski
60d16ea4d6
Island: Remove ShellShock Exploiter
2022-02-23 13:48:41 +01:00
Ilija Lazoroski
64b900b94d
Agent: Remove ShellShock exploiter
2022-02-23 13:48:41 +01:00
Mike Salvatore
1e12a55240
UT: Use time.per_counter_ns() in test_request_cache()
...
The time.time() function on windows does not provide adequate resolution
for test_request_cache(). For comparison, the time.get_clock_info()
function shows the resolution of the clock.
Linux:
>>> import time
>>> time.get_clock_info("time")
namespace(
adjustable=True,
implementation='clock_gettime(CLOCK_REALTIME)',
monotonic=False,
resolution=1e-09
)
>>> time.get_clock_info("perf_counter")
namespace(
adjustable=False,
implementation='clock_gettime(CLOCK_MONOTONIC)',
monotonic=True,
resolution=1e-09
)
Windows:
>>> time.get_clock_info("time")
namespace(
adjustable=True,
implementation='GetSystemTimeAsFileTime()',
monotonic=False,
resolution=0.015625
)
>>> time.get_clock_info("perf_counter")
namespace(
adjustable=False,
implementation='QueryPerformanceCounter()',
monotonic=True,
resolution=1e-07
)
As shown above, the "perf_counter" clock on Windows if over 5 orders of
magnitude more precise than the "time" clock. This lack of precision
caused the test to fail on Windows, as the entire test often ran in less
than 0.015625 seconds.
2022-02-23 07:44:56 -05:00
Shreya Malviya
2a8186928d
Agent: Remove unused function `send_exploit_telemetry` in `HostExploiter`
2022-02-23 17:42:00 +05:30
Shreya Malviya
58703f9b5b
Agent: Remove code that set `exploit_result`'s fields to the default value in SSH exploiter
2022-02-23 17:38:48 +05:30
VakarisZ
3fee7dec90
Merge pull request #1731 from guardicore/1695-parsing-mimikatz
...
1695 parsing mimikatz
2022-02-23 13:58:47 +02:00
Shreya Malviya
4ecc5283e5
Agent: Rename function for returning ExploiterResultData
2022-02-23 17:11:53 +05:30
Shreya Malviya
6cdb86aa4b
Agent: Add TODO comment for VictimHost type hint to HostExploiter.py
2022-02-23 17:10:53 +05:30