Commit Graph

122 Commits

Author SHA1 Message Date
daniel goldberg 91427eb346 Tiny PEP8 change and changed reporting of vulnerable URLs in shellshock 2016-08-29 18:58:16 +03:00
daniel goldberg 30cb88f01d Update conf to use shellshock as well 2016-08-29 18:58:16 +03:00
Daniel Goldberg 835c861219 Add ShellShockExploiter to default config 2016-08-29 18:58:16 +03:00
daniel goldberg d80c670392 Fixed bug in HTTPFingering
Added support for skip_exploit_if_file_exists in linux exploiters.
Delayed/fixed a race in the monkey patching that gevents does.
2016-08-29 18:58:16 +03:00
daniel goldberg cd27438a1e PEP 8 changes 2016-08-29 18:58:15 +03:00
daniel goldberg 1806f9bc62 Issue #33 - Added support for skip_exploit_if_file_exist in linux 2016-08-29 13:34:21 +03:00
daniel goldberg a322a619cb Issue 23 - Added shellshock exploit. 2016-08-29 12:09:46 +03:00
daniel goldberg bdde8dfeed Added func to find route to victim, reorganised firewall 2016-08-29 12:08:42 +03:00
daniel goldberg 3b39ee4308 Added more logging to HTTP server 2016-08-29 12:05:24 +03:00
daniel goldberg 57525b6450 Moved to using HEAD to save code 2016-08-25 16:32:16 +03:00
daniel goldberg dd8738a4f1 Fixed collision where HTTP auto upgraded to HTTPS 2016-08-25 16:27:29 +03:00
daniel goldberg bee9fc23ea BugFix 2016-08-25 15:46:29 +03:00
daniel goldberg 4f1dfb4016 PEP8 2016-08-25 15:45:47 +03:00
daniel goldberg 8c9014684c Fixed some bugs in HTTP fingerprinting 2016-08-25 15:43:59 +03:00
daniel goldberg d455a8bb40 Added basic HTTP fingering by using banner grabbing 2016-08-24 18:31:16 +03:00
daniel goldberg 67d77408f6 PEP8 2016-08-22 18:34:22 +03:00
acepace 8c4288d100 PEP8 changes 2016-08-20 23:37:42 +03:00
acepace e16debeff9 Documented config variable 2016-08-20 17:56:23 +03:00
acepace 88951f920d Bunch of generic PEP8 improvements 2016-08-20 17:03:49 +03:00
acepace 0eb655c44b Changed Monkey SSH file path to /tmp to not require root.
Tiny PEP8 changes
2016-08-20 15:28:14 +03:00
itsikkes fba5bea912 Tunnel improvements - bugfix for using default tunnel, improvement in tunnel shutdown
1) Bugfix when searching for tunnel - registration packet might be sent
from wrong interface in case of the default tunnel
2) Tunnel shutdown now verifies that no one used the tunnel before
shutting it down (added code to allow tracing of last used time)
3) Timeouts increasments
2016-08-13 18:38:31 +03:00
itsikkes a2fccaca03 Bug fix in shutdown sequence and added sleep for allowing newly exploited use the tunnel
1) When exploiting new host, ensure it has enough time to get access to
the tunnel before shut down
2) When shutting down, first report to the island and only then quit the
tunnel (if in use)
2016-08-13 18:33:49 +03:00
itsikkes 82efd24c4e updated to reflect recent patch 2016-08-13 18:30:24 +03:00
acepace 8f1669dd44 Added functionality to report all brute force password attempts even if unsuccessful. 2016-08-09 00:23:18 +03:00
acepace d75ce529ab Issue #18, added ability to attack multiple users in SSH brute force.
Also fixed small bug in windows kill path parsing.
2016-08-08 22:25:33 +03:00
acepace 2ed7cc359e Merge branch 'master' of https://github.com/guardicore/monkey
# Conflicts:
#	chaos_monkey/example.conf
2016-08-03 09:24:55 +03:00
itsikkes de958088b4 depth commandline option is not overwritten when getting config from the island 2016-08-01 16:52:27 +03:00
itsikkes f55b8d429d moved connectivity checking outside of loop 2016-08-01 14:46:21 +03:00
itsikkes 2afcae489e updated missing fields 2016-07-31 20:40:45 +03:00
acepace 39a208afc3 Added local kill switch to flow, right after loading configuration. 2016-07-31 14:33:48 +03:00
acepace 1c5ec3086f Change default server to non-sense IP to force override. Must never be localhost. 2016-07-31 14:33:13 +03:00
acepace d466824a0c Fixed Pyinstaller versioning 2016-07-28 11:22:21 +03:00
acepace dfb8b8b812 Added local network scan to default configuration 2016-07-28 11:22:02 +03:00
itsikkes 07db5ea348 Merge branch 'master' of https://github.com/guardicore/monkey 2016-07-26 18:53:05 +03:00
itsikkes 76e3350fa3 merge duplicate code 2016-07-26 18:52:58 +03:00
acepace 3cd0d5818a Merge branch 'master' of https://github.com/guardicore/monkey 2016-07-25 17:44:37 +03:00
acepace 59712c6816 Updated requirements to include netifaces 2016-07-25 17:44:10 +03:00
itsikkes fc95dccf22 bug fixes and features
added support for multi-parent, auto mark dead monkeys,; UI: get exploit
details, can select edges, show num pf monkeys alive, show failed
exploit attempts; some bug fixes;
2016-07-24 01:04:42 +03:00
itsikkes b8519300ab config bugfix - missing field 2016-07-23 08:59:26 +03:00
itsikkes e26f849286 RDP module bugfix 2016-07-23 08:41:57 +03:00
itsikkes df4c8c6415 restored mission import 2016-07-21 11:45:29 +03:00
itsikkes 9adffe86dc Merge branch 'master' of https://github.com/guardicore/monkey 2016-07-21 11:23:21 +03:00
itsikkes ad6b7a9893 missing parent flag 2016-07-21 11:22:01 +03:00
acepace c9eb743ea7 Merge branch 'master' of https://github.com/guardicore/monkey
# Conflicts:
#	README.md
2016-07-20 08:54:41 +03:00
itsikkes 4a42fc540e fixes and improvements after test-run 1 2016-07-20 00:53:41 +03:00
acepace 5eb2379fa2 Merge branch 'master' of https://github.com/guardicore/monkey
# Conflicts:
#	chaos_monkey/config.py
#	chaos_monkey/network/info.py
2016-07-18 23:45:02 +03:00
acepace 6871a3da4f Removed unused import. Added kill file option. 2016-07-18 23:43:17 +03:00
itsikkes 2c3d0af3e3 merge fix 2016-07-15 17:00:55 +03:00
itsikkes c5fd92c570 Merge remote-tracking branch 'origin/master'
# Conflicts:
#	chaos_monkey/config.py
2016-07-15 16:58:09 +03:00
itsikkes 3da0c1a57c Added auto-scan subnets option
Monkey is now able to auto scan the local host subnets, removing the
need to preconfigure it to scan the network subnets (option is on by
default)
2016-07-15 16:54:46 +03:00