Vakaris
|
7e2cc86ab9
|
Code cleaned and tested on ubuntu
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
8ddfb03f27
|
Uploaded and modified standard web_rce code usage.Not working, not tested
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
3f809403d1
|
Custom http server class moved to the end of file
|
2018-08-29 16:55:03 +03:00 |
itaymmguardicore
|
9317d0a805
|
Merge pull request #179 from VakarisZ/Struts2_with_framework
Struts2 with framework
|
2018-08-29 15:05:09 +03:00 |
itaymmguardicore
|
aab8f9295e
|
Merge pull request #178 from VakarisZ/WebRCE_Framework
Added functions get_monkey_paths and run_backup_commands
|
2018-08-29 15:01:12 +03:00 |
itaymmguardicore
|
7a5e53ee69
|
Merge pull request #176 from acepace/feature/support-common-folder-exploit-import
Feature/support common folder exploit import
|
2018-08-29 14:52:34 +03:00 |
Vakaris
|
57e795573e
|
Documented what's required and other minor changes
|
2018-08-29 14:43:40 +03:00 |
Vakaris
|
307a7c396c
|
Notes fixed and tested
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
39bb41ed25
|
Removed unused imports and tested
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
f001403a92
|
Fixed lock bug and made uploaded monkey names standard
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8e8422b3b7
|
Lock changed from singleton into local variable
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8fd42abd5d
|
Refactored according to final web_rce framework changes
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
10528c313d
|
Webblogic refactored to web RCE framework changes(from static methods into class methods)
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
66bc852742
|
Bugfix: http servers thread is stopped if remote target is not vulnerable
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
ab64e78f00
|
Core functions of Oracle weblogic rce
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8af2ab70e7
|
Removed unused import statement
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
2295f2c0ab
|
More pythonic and clean way to apply function to url_list
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
84fb96d0de
|
struts built_potential_url's now use map function to save code
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
b07e70855c
|
Refactored struts2 to overload get_exploit_config
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
071535fd01
|
Struts2 refactored to use default_exploit_host function
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
beb8dfed92
|
Struts2 refactored for framework fixes
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
8d7221eada
|
Struts2 core functions
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
87b0afae88
|
Minor changes in run_backup_commands
|
2018-08-29 14:41:02 +03:00 |
itaymmguardicore
|
f594a5681f
|
Merge pull request #175 from acepace/bugfix/imports
Fix relative imports
|
2018-08-29 14:06:09 +03:00 |
Vakaris
|
592dd27d91
|
Added functions get_monkey_paths and run_backup_commands
|
2018-08-28 20:51:25 +03:00 |
Daniel Goldberg
|
3ce81ee78a
|
Rewrote config parsing. Avoid the horrible cast by example function and avoid possible circular import issues.
|
2018-08-27 11:16:40 -04:00 |
Daniel Goldberg
|
cad9aca5dd
|
Fix one more old style import
|
2018-08-27 11:06:58 -04:00 |
Daniel Goldberg
|
b23418782c
|
Move configuration to be a exploit object field rather than every exploit importing it.
|
2018-08-27 11:04:09 -04:00 |
Daniel Goldberg
|
be08027221
|
Fix relative imports
|
2018-08-27 10:58:43 -04:00 |
itaymmguardicore
|
dbbb3f143e
|
Merge pull request #172 from VakarisZ/WebRCE_Framework
Changed constructor to have default paths set to None for convienience
|
2018-08-26 11:11:30 +03:00 |
Vakaris
|
bd8423216b
|
Changed constructor to have default paths set to None for convienience
|
2018-08-23 18:35:30 +03:00 |
maor.rayzin
|
c373bfbcfb
|
* integrated parts of the pth report to the main report module.
* Changed the ui a bit, removed some tables and add information to the current tables.
|
2018-08-23 15:17:08 +03:00 |
itaymmguardicore
|
685371a062
|
Merge pull request #168 from VakarisZ/Struts2_with_framework
Struts2 vulnerability with framework
|
2018-08-23 15:08:36 +03:00 |
Vakaris
|
3ff823ab04
|
Removed unused import statement
|
2018-08-23 15:06:58 +03:00 |
Vakaris
|
1c5c010028
|
More pythonic and clean way to apply function to url_list
|
2018-08-23 14:37:31 +03:00 |
Itay Mizeretz
|
5489a68049
|
Remove unecessary consts
|
2018-08-23 14:10:50 +03:00 |
Vakaris
|
ef4eadf64a
|
struts built_potential_url's now use map function to save code
|
2018-08-23 13:51:11 +03:00 |
Itay Mizeretz
|
cdc576e77e
|
Make mimikatz inside zip and extract only if config says so
|
2018-08-22 19:31:26 +03:00 |
itaymmguardicore
|
fc2929ed2e
|
Merge pull request #159 from VakarisZ/WebRCE_Framework
Web rce framework
|
2018-08-22 16:46:48 +03:00 |
Vakaris
|
df4b1268d1
|
Refactored struts2 to overload get_exploit_config
|
2018-08-22 16:08:38 +03:00 |
Vakaris
|
9ef44ef71f
|
Struts2 refactored to use default_exploit_host function
|
2018-08-22 16:07:59 +03:00 |
Vakaris
|
6cb058eb1d
|
Struts2 refactored for framework fixes
|
2018-08-22 16:07:39 +03:00 |
Vakaris
|
bbd4adf2ae
|
Struts2 core functions
|
2018-08-22 16:07:39 +03:00 |
Vakaris
|
3e7d7425e4
|
made get_exploit_config non-static for readability
|
2018-08-22 16:01:16 +03:00 |
Vakaris
|
e1b1236fb3
|
Comments and CR notes fixed
|
2018-08-22 13:41:17 +03:00 |
Vakaris
|
eae3f3440d
|
Refactored exploit_host and added get_exploit_config
|
2018-08-22 13:33:36 +03:00 |
Itay Mizeretz
|
369795e375
|
small fixes to make everything work
|
2018-08-21 17:17:21 +03:00 |
Vakaris
|
911404ef68
|
Implemented default_exploit_host method that can implement whole framework's workflow according to some flags/params
|
2018-08-21 12:34:59 +03:00 |
Itay Mizeretz
|
a18061d45d
|
Merge branch 'develop' into feature/detect-cross-segment-traffic
# Conflicts:
# infection_monkey/config.py
# infection_monkey/example.conf
# monkey_island/cc/services/report.py
|
2018-08-21 11:42:45 +03:00 |
Itay Mizeretz
|
203943bf27
|
Merge remote-tracking branch 'origin/master' into develop
|
2018-08-21 11:34:59 +03:00 |