Commit Graph

219 Commits

Author SHA1 Message Date
Ilija Lazoroski 743efe37dc Changelog: Add entry for renaming api/monkey endpoint to api/agent 2022-04-18 13:54:34 +02:00
Mike Salvatore f3d55c423f CHANGELOG: Add changelog entries for endpoint renaming 2022-04-15 09:54:42 -04:00
Mike Salvatore 16e887a94a Merge pull request #1887 from guardicore/agent-refactor 2022-04-14 12:20:43 -04:00
Mike Salvatore b1c125f420 Island: Remove disused T1216 file download endpoint 2022-04-11 06:36:25 -04:00
Mike Salvatore ad0cb20e35 Agent: Package T1216_random_executable.exe with the agent
Packaging the T1216_random_executable.exe binary with the agent removes
coupling between the island's API and a specific post-breach action.
2022-04-11 06:35:56 -04:00
Ilija Lazoroski 5228af2a69 Changelog: Add entry for removal of WebLogic exploiter 2022-04-11 11:58:24 +02:00
Mike Salvatore 2b33aaa50c
Merge pull request #1862 from EliaOnceAgain/1552/setup_service
Deploy: Script to install appimage sysd service that runs on boot
2022-04-10 14:58:11 -04:00
Mike Salvatore 420e99a902 Changelog: Add a changelog entry for install-infection-monkey-service.sh 2022-04-10 14:55:42 -04:00
Mike Salvatore 1f5bb7efaf Merge pull request #1876 from guardicore/1869-remove-drupal
Remove Drupal exploiter
2022-04-10 09:45:24 -04:00
Shreya Malviya 533a1b7d98 Changelog: Add entry for removing Drupal exploiter 2022-04-08 21:02:13 +05:30
Ilija Lazoroski 4793e81831 Changelog: Add entry for removal of Struts2 exploiter 2022-04-08 12:19:34 +02:00
Mike Salvatore 61344f9861
Merge pull request #1792 from guardicore/1741-add-smb-to-puppet
1741 add smb to puppet
2022-03-21 08:16:24 -04:00
Mike Salvatore 753f00de65 Agent: Put timestamp before random string in log names
Putting the timestamp before the random string in the agent and dropper
log names allows them to be sorted by time.
2022-03-20 20:40:35 -04:00
Mike Salvatore 415f3e6468 Agent: Remove smb_service_name configuration option
This option is never changed and can be more easily stored as a
constant.
2022-03-18 13:38:02 -04:00
Mike Salvatore 8b4d1d084e Changelog: Improve message for removing log path config options 2022-03-10 09:11:06 -05:00
Ilija Lazoroski 0947e41ea9 Changelog: Add entry for changing log file name 2022-03-10 12:39:50 +01:00
Mike Salvatore 03145a1392 Changelog: Add changelog entry for human-readable thread names 2022-03-09 10:04:45 -05:00
Mike Salvatore 145078839d Merge branch '1675-remove-32-bit-agents' into agent-refactor
PR #1758
2022-03-02 08:49:52 -05:00
Mike Salvatore 46eb8a4484 CHANGELOG: Add changelog entries for removing 32-bit agents. 2022-03-02 06:50:15 -05:00
vakarisz 458b2121cd Changelog: added entry for removed T1082 attack technique report 2022-03-01 16:16:06 +02:00
Mike Salvatore caa6405315 Agent: Change agent permissions to 700 in SSH exploiter
Changing the permissions to 777 introduces a security risk into the
target host. A malicious attacker with local access can potentially
modify the binary, resulting in code execution and privilege escalation
when the attacking agent launches the agent on the victim.

Issue #1750
2022-02-28 13:18:07 -05:00
Shreya Malviya 7e362283fa Changelog: Add entry for removing the Elastic Search exploiter 2022-02-24 19:14:20 +05:30
Mike Salvatore 55c3236d8e Changelog: Remove ShellShock exploiter 2022-02-23 10:24:23 -05:00
Mike Salvatore 095572f919 Merge branch '1606-run-credential-collectors' into agent-refactor
PR #1719
2022-02-17 09:30:01 -05:00
Mike Salvatore cc27dc9710 Changelog: Add changelog entry for SSHCollector 2022-02-16 15:17:13 -05:00
Shreya Malviya 123f0aab16 Changelog: Add entry for process list collection PBA 2022-02-16 17:09:13 +05:30
Ilija Lazoroski fb8847b5c5 Agent: Remove sambacry binaries from monkey spec
PR #1698
2022-02-09 08:25:20 -05:00
Mike Salvatore 9a88ac3ed8 Changelog: Add entry for ScoutSuite removal 2022-02-09 14:28:00 +05:30
Ilija Lazoroski 88d4e9b11f Agent: Remove sambacry binaries from monkey spec
PR #1698
2022-02-04 13:25:16 -05:00
Ilija Lazoroski e224470161 Changelog: Add entry for removal of agent's bootloader 2022-02-01 18:27:51 +01:00
vakarisz d953755fd2 Changelog: fixup changelog entries for "1640 simplify log download" 2022-01-31 15:50:24 +02:00
Mike Salvatore d257276f30 Changelog: Add entry for removal of MS08-067 exploiter 2022-01-31 08:15:43 -05:00
vakarisz 3e5c1c8044 Changelog: add log download from map entry 2022-01-31 11:54:40 +02:00
Mike Salvatore 8371a268ba Island: Change the order of log messages on startup to improve UX
Some users were confused when the Island started up and thought it had
frozen. I hope to alleviate this confusion by changing the order of the
log messages. If the last message displayed after initialization
gives the user instructions on accessing the island, hopefully users
will no longer be confused.

PR #1684
2022-01-26 12:09:43 -05:00
Mike Salvatore e1cf4fa9c2 Merge branch 'release/1.13.0' into agent-refactor 2022-01-25 13:35:49 -05:00
Mike Salvatore 4a7c8fe411 Merge branch 'release/1.13.0' into develop 2022-01-25 13:23:17 -05:00
Mike Salvatore fed7d050be Changelog: Update version and release date for v1.13.0 2022-01-25 09:54:12 -05:00
Mike Salvatore 75ed119c00 Changelog: Add changelog entries for Log4Shell exploiter 2022-01-21 07:40:42 -05:00
Ilija Lazoroski 654ff38ea0 Changelog: Add entry for removing unneeded options in internal config. 2021-12-14 16:01:25 +01:00
Ilija Lazoroski e73b4af026 Changelog: Add entry for removing MySQL fingerprinter 2021-12-14 14:54:45 +01:00
Mike Salvatore 6a1b6c784e
Merge pull request #1643 from guardicore/1538-propagation-credentials-endpoint
Implement propagation credentials endpoint
2021-12-08 06:42:49 -05:00
Mike Salvatore 5052e21d97 Island: Remove /api/monkey_control/check_remote_port/<string:port> 2021-12-07 13:26:37 -05:00
Mike Salvatore 91a8376df6 Changelog: Add propagation-credentials endpoint entry 2021-12-07 11:59:40 -05:00
Mike Salvatore 30afe3cc85 Island: Strip credentials out of config before sending to agent
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538).
2021-12-03 09:13:08 -05:00
Mike Salvatore 1d7c80bfec Changelog: Add changelog entry for #1576 2021-12-01 07:40:30 -05:00
Ilija Lazoroski a41cad6291 Changelog: Add entry for removing ATT&CK configuration screen 2021-11-22 11:27:46 +01:00
Shreya Malviya 828d152203 Changelog: Add entry for removing max iters and timeout between iters config options 2021-11-19 08:07:33 -05:00
Mike Salvatore ee285b6fbd
Merge pull request #1617 from guardicore/1535-hostname-collector-removal
1535 hostname collector removal
2021-11-19 07:14:10 -05:00
Mike Salvatore c3424b46bc Changelog: Add credentials.json to the changelog 2021-11-18 14:27:43 -05:00
VakarisZ bab54e8976 Changelog: add an entry about removed hostname system info collector 2021-11-17 12:00:55 +02:00
VakarisZ 0b8af5e78f Changelog: add entry about removed environment system info collector 2021-11-16 17:50:00 +02:00
Ilija Lazoroski 729de3ae9e Changelog: Add entry for removing custom monkey dir name option 2021-11-16 11:08:50 +01:00
VakarisZ c6e180bd73 Changelog: add entry about removed azure credential collector 2021-11-16 09:46:22 +02:00
Shreya Malviya f90434d38d Chaneglog: Add entry for removing custom singleton mutex name config option 2021-11-16 11:34:14 +05:30
Ilija Lazoroski de0fff9fbb Changelog: Remove checkbox to try move the dropper 2021-11-15 14:17:32 +01:00
Ilija Lazoroski cb06f408d4 Changelog: Remove serialize config 2021-11-15 13:36:21 +01:00
Ilija Lazoroski 5073d1fe2b Changelog: Remove checkbox for file logging 2021-11-15 12:43:13 +01:00
Ilija Lazoroski 0f2a86d672 Changelog: Remove checkbox for self deleting a monkey on cleanup 2021-11-15 12:13:16 +01:00
Ilija Lazoroski bbe01778cf Changelog: Removed checkbox to send log to server 2021-11-12 15:56:11 +01:00
VakarisZ 6ee1949d46
Merge pull request #1582 from guardicore/1535-netstat-info-collector-removal
1535 netstat info collector removal
2021-11-12 17:05:44 +02:00
Shreya Malviya 59e7ac34f7
Agent: Don't download exe on Linux during signed script PBA execution 2021-11-12 07:58:04 -05:00
VakarisZ 435f52a658 Changelog: add entry about removed netstat collector 2021-11-12 14:09:07 +02:00
Shreya Malviya 9ee6049636 Changelog: Add entry for backdoor uer PBA's HTTP request modifications 2021-11-11 19:26:47 +05:30
VakarisZ e618f0613d Changelog: add entry about the removed sambacry exploiter 2021-11-10 15:44:01 +02:00
Shreya Malviya 124e9efe91 Changelog: Add entry for removing 'kill file' 2021-11-10 18:49:41 +05:30
VakarisZ 7e1e5917cb Changelog: add entry for manual monkey run option modifications 2021-11-05 11:46:43 -04:00
Shreya Malviya 779ae79499 Changelog: Add entry for removing the VSFTPD exploiter 2021-10-29 18:24:23 +05:30
VakarisZ 5cfe6de927 Changelog: add entry for fixed #1545 2021-10-28 10:49:25 -04:00
Mike Salvatore d5e12725a9 Changelog: Release v1.12.0 2021-10-27 10:14:36 -04:00
Mike Salvatore 2df588ca59 Changelog: Add missing period 2021-10-25 14:56:29 -04:00
Mike Salvatore bc3b1b274f Changelog: Formatting changes and other small fixes 2021-10-25 14:40:28 -04:00
Ilija Lazoroski e406294b28 Changelog: Log for broken updates issue 2021-10-21 16:53:35 +02:00
Shreya Malviya f0f2f02b96 Changelog: Fix issue number in entry for browser window popup fix 2021-10-21 15:03:20 +05:30
VakarisZ 19cce1fb8b
Merge pull request #1539 from guardicore/1432-disable-browser-prompt-windows
1428 disable browser prompt windows
2021-10-21 10:07:20 +03:00
VakarisZ 39047a3a90 Island: Remove the browser popup on the island launch in production
These changes alter the run_server.bat to not throw a browser pop-up.
These changes are needed to focus users attention to the command prompt.
We plan to add interactivity to the prompt

Fixes #1432
2021-10-20 13:52:02 -04:00
Mike Salvatore 9b005255f1 Changelog: Update changelog for issue #1114 2021-10-20 13:30:11 -04:00
VakarisZ c23a0721c5 CHANGELOG.md entry about data dir backup based on version file 2021-10-18 12:26:21 +03:00
Mike Salvatore 997ad1ee4b
Merge pull request #1526 from guardicore/1392/telemetry-filter-fix
UI: Fix telemetry filter
2021-10-14 08:32:03 -04:00
Shreya Malviya e42a9d8b8f CHANGELOG: Add entry for modified ATT&CK report messages 2021-10-14 14:22:15 +05:30
Ilija Lazoroski c3fb5ae441 UI: Change datatable for telemetries
Used MUIDataTable instead of DataTable from
react-data-components.
The above package is deleted as it is not used
anywhere else.
2021-10-13 23:20:25 +02:00
Ilija Lazoroski b404f75a34 UI: Fix telemetry filter 2021-10-12 13:37:42 +02:00
Shreya Malviya 5a4f66d080 CHANGELOG: Add entry for T1086 reporting changes 2021-10-11 17:40:52 +05:30
Shreya Malviya f7e37b0767 CHANGELOG: Add entry for bugix that wrongly reported the "`.bash_profile` and `.bashrc`" technique 2021-10-06 19:27:29 +05:30
Shreya Malviya f347088412 CHANGELOG: Add entry for ATT&CK report telemetry bugfix 2021-10-06 16:05:58 +05:30
Ilija Lazoroski e80662f7f8 Agent: Check for empty result in Modify shell files 2021-10-05 10:39:50 -04:00
VakarisZ bc422128f5 Monkey: add CHANGELOG.md entry about fixed Mimikatz credential collector when Azure credential collector is disabled 2021-10-05 17:16:51 +03:00
Shreya Malviya 19dad89468 CHANGELOG: Add entry for encryptor not working with utf-8 characters bugfix 2021-10-05 12:31:17 +05:30
VakarisZ b2bbb62bdd Add CHANGELOG.md entry for #1463 (Encrypt the database key with user's credentials.) 2021-10-01 12:48:08 +03:00
VakarisZ b73958dd55 Rename the CHANGELOG.md entry about resetting login credentials to "Resetting login credentials also cleans the contents of the database. #1495" 2021-09-29 16:45:26 +03:00
Shreya Malviya ab7872d103 CHANGELOG: Add entry for delaying mongo init 2021-09-29 16:44:42 +03:00
Mike Salvatore 0839f04b1d
Merge pull request #1483 from guardicore/incorrect-attack-report-msgs
Fix incorrect ATT&CK report messages
2021-09-28 07:24:17 -04:00
VakarisZ d79892427b Moved credential encryption in mongo CHANGELOG.md entry from Fixes to Security 2021-09-28 11:04:42 +03:00
VakarisZ 8b9973238e Add CHANGELOG.md entry about fixed plaintext credentials in mongodb 2021-09-27 16:59:11 +03:00
Shreya Malviya a857d291d8 CHANGELOG: Add entry for modifying ATT&CK report messages 2021-09-24 17:32:17 +05:30
Mike Salvatore 9d07f82bd6 Fix typo in CHANGELOG 2021-09-17 07:46:27 -04:00
VakarisZ 5a8507e5c6 Add the removal of "Execution through the module load" T1129 attack technique to the CHANGELOG.md 2021-09-17 14:21:06 +03:00
Mike Salvatore 1d991be6b4 Update CHANGELOG.md 2021-09-14 12:30:43 -04:00
Shreya Malviya eefd7a69e8
Merge pull request #1453 from guardicore/bugfix-expanded-report-reset
Don't collapse PBA table in security report on data change
2021-09-07 13:09:00 +05:30
Shreya Malviya f917258979 CHANGELOG: Add entry for bugfix (table collapse on reset) 2021-09-06 18:33:23 +05:30
Shreya Malviya 6740812f4b
Merge pull request #1439 from guardicore/remove-standard-environment
Remove standard environment (insecure access feature)
2021-09-06 13:18:27 +05:30