p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity
945 Commits 31 Branches 20 Tags 48 MiB
Commit Graph

945 Commits

Author SHA1 Message Date
itaymmguardicore bed482d70b
Merge pull request #169 from guardicore/feature/wrap-mimikatz-zip 
Make mimikatz inside zip and extract only if config says so
 2018-08-29 17:28:27 +03:00
itaymmguardicore 91c37cc68f
Merge pull request #180 from VakarisZ/WebLogic_with_framework 
Web logic with framework
 2018-08-29 17:02:14 +03:00
Itay Mizeretz cd020668ef Add note regarding 7zip 2018-08-29 16:58:33 +03:00
Itay Mizeretz 5b6a9595f4 mimikatz zip is now in datas 2018-08-29 16:56:55 +03:00
Vakaris 3f809403d1 Custom http server class moved to the end of file 2018-08-29 16:55:03 +03:00
itaymmguardicore 9317d0a805
Merge pull request #179 from VakarisZ/Struts2_with_framework 
Struts2 with framework
 2018-08-29 15:05:09 +03:00
itaymmguardicore aab8f9295e
Merge pull request #178 from VakarisZ/WebRCE_Framework 
Added functions get_monkey_paths and run_backup_commands
 2018-08-29 15:01:12 +03:00
Vakaris 57e795573e Documented what's required and other minor changes 2018-08-29 14:43:40 +03:00
Vakaris 307a7c396c Notes fixed and tested 2018-08-29 14:43:39 +03:00
Vakaris 39bb41ed25 Removed unused imports and tested 2018-08-29 14:43:39 +03:00
Vakaris f001403a92 Fixed lock bug and made uploaded monkey names standard 2018-08-29 14:43:39 +03:00
Vakaris 8e8422b3b7 Lock changed from singleton into local variable 2018-08-29 14:43:39 +03:00
Vakaris 8fd42abd5d Refactored according to final web_rce framework changes 2018-08-29 14:43:39 +03:00
Vakaris 10528c313d Webblogic refactored to web RCE framework changes(from static methods into class methods) 2018-08-29 14:43:39 +03:00
Vakaris 66bc852742 Bugfix: http servers thread is stopped if remote target is not vulnerable 2018-08-29 14:43:39 +03:00
Vakaris ab64e78f00 Core functions of Oracle weblogic rce 2018-08-29 14:43:39 +03:00
Vakaris 8af2ab70e7 Removed unused import statement 2018-08-29 14:42:40 +03:00
Vakaris 2295f2c0ab More pythonic and clean way to apply function to url_list 2018-08-29 14:42:40 +03:00
Vakaris 84fb96d0de struts built_potential_url's now use map function to save code 2018-08-29 14:42:40 +03:00
Vakaris b07e70855c Refactored struts2 to overload get_exploit_config 2018-08-29 14:42:40 +03:00
Vakaris 071535fd01 Struts2 refactored to use default_exploit_host function 2018-08-29 14:42:40 +03:00
Vakaris beb8dfed92 Struts2 refactored for framework fixes 2018-08-29 14:42:40 +03:00
Vakaris 8d7221eada Struts2 core functions 2018-08-29 14:42:40 +03:00
Vakaris 87b0afae88 Minor changes in run_backup_commands 2018-08-29 14:41:02 +03:00
Vakaris 592dd27d91 Added functions get_monkey_paths and run_backup_commands 2018-08-28 20:51:25 +03:00
itaymmguardicore dbbb3f143e
Merge pull request #172 from VakarisZ/WebRCE_Framework 
Changed constructor to have default paths set to None for convienience
 2018-08-26 11:11:30 +03:00
Vakaris bd8423216b Changed constructor to have default paths set to None for convienience 2018-08-23 18:35:30 +03:00
itaymmguardicore 685371a062
Merge pull request #168 from VakarisZ/Struts2_with_framework 
Struts2 vulnerability with framework
 2018-08-23 15:08:36 +03:00
Vakaris 3ff823ab04 Removed unused import statement 2018-08-23 15:06:58 +03:00
Vakaris 1c5c010028 More pythonic and clean way to apply function to url_list 2018-08-23 14:37:31 +03:00
Itay Mizeretz 5489a68049 Remove unecessary consts 2018-08-23 14:10:50 +03:00
Vakaris ef4eadf64a struts built_potential_url's now use map function to save code 2018-08-23 13:51:11 +03:00
Itay Mizeretz cdc576e77e Make mimikatz inside zip and extract only if config says so 2018-08-22 19:31:26 +03:00
itaymmguardicore fc2929ed2e
Merge pull request #159 from VakarisZ/WebRCE_Framework 
Web rce framework
 2018-08-22 16:46:48 +03:00
Vakaris df4b1268d1 Refactored struts2 to overload get_exploit_config 2018-08-22 16:08:38 +03:00
Vakaris 9ef44ef71f Struts2 refactored to use default_exploit_host function 2018-08-22 16:07:59 +03:00
Vakaris 6cb058eb1d Struts2 refactored for framework fixes 2018-08-22 16:07:39 +03:00
Vakaris bbd4adf2ae Struts2 core functions 2018-08-22 16:07:39 +03:00
Vakaris 3e7d7425e4 made get_exploit_config non-static for readability 2018-08-22 16:01:16 +03:00
Vakaris e1b1236fb3 Comments and CR notes fixed 2018-08-22 13:41:17 +03:00
Vakaris eae3f3440d Refactored exploit_host and added get_exploit_config 2018-08-22 13:33:36 +03:00
Vakaris 911404ef68 Implemented default_exploit_host method that can implement whole framework's workflow according to some flags/params 2018-08-21 12:34:59 +03:00
Itay Mizeretz 203943bf27 Merge remote-tracking branch 'origin/master' into develop 2018-08-21 11:34:59 +03:00
itaymmguardicore b56dec318e
Merge pull request #166 from guardicore/hotfix/fix-dep-security-vul 
Hotfix/fix dep security vul
 2018-08-20 14:43:29 +03:00
Vakaris e3d286dbc0 Minor bugfix for error handling in new custom monkey destination paths feature 2018-08-18 13:14:05 +03:00
Vakaris 5565a80418 Web_RCE framework now supports custom monkey uploading paths( we don't always have permissions to uppload to C:\Windows) 2018-08-17 13:53:09 +03:00
Itay Mizeretz 6e7706f9bf Fix bug which is now critical 2018-08-16 18:55:29 +03:00
Itay Mizeretz 5724d14583 Fix webpack lookup issue 2018-08-16 18:30:51 +03:00
Itay Mizeretz 422df7c71f Replace deprecated modal component 2018-08-16 18:30:26 +03:00
Itay Mizeretz a65721d0c5 Fix known bug necessary for building 2018-08-16 17:09:23 +03:00