Commit Graph

7181 Commits

Author SHA1 Message Date
Mike Salvatore c39fb6746d Agent: Rename ICredentialComponent.type -> credential_type
"type" is built-in function in Python. To avoid confusion or a potential
name collision, this commit renames the ICredentialComponent.type field
to ICredentialComponent.credential_type
2022-02-15 13:47:01 -05:00
Mike Salvatore 236b545816 UT: Extract function collect_credentials() to reduce code duplication 2022-02-15 13:30:13 -05:00
Mike Salvatore 86f2c7b08c UT: Parametrize test_mimikatz_collector.test_empty_results() 2022-02-15 13:28:38 -05:00
Mike Salvatore ebd5642b52 Agent: Refactor credentials and credential_components as dataclasses
Using frozen dataclasses for Credentials and ICredentialComponents
automatically creates a useful __eq__() function that allows us to
easily compare credentials-related objects.
2022-02-15 12:27:56 -05:00
vakarisz 811434ff22 Agent: improved type hints in mimikatz_cred_collector.py 2022-02-15 18:41:19 +02:00
vakarisz ac376a0014 Agent: change the interface of Credentials
Refactor from dataclass to object with tuples. This enforces read only identities and secrets so users don't modify them
2022-02-15 18:39:17 +02:00
vakarisz 8868fb9b0c Agent: change ICredentialComponent interface
Interface changed from dataclass (dataclasses are not inheritable) to simple class with type abstract property
2022-02-15 18:35:32 +02:00
vakarisz 26806392ec Agent: split up nt and lm hash credential types 2022-02-15 18:33:04 +02:00
vakarisz d392de4a02 Agent: remove ssh_keypair, as it's not used anywhere 2022-02-15 18:32:00 +02:00
vakarisz ae9fed3c2b Agent: fixup typehints in ICredentialCollector 2022-02-15 16:16:43 +02:00
vakarisz 01612c402a Agent: add options to ICredentialCollector interface 2022-02-15 15:25:42 +02:00
vakarisz 0fae933477 Agent: refactor content dict out of credential component
Content dict serves no purpose, because dataclasses can be serialized without explicit conversion to dict
2022-02-15 14:46:21 +02:00
vakarisz b7003bc231 Agent: split up nt and lm hashes into separate credential components 2022-02-15 14:19:53 +02:00
vakarisz 9037dfdf99 Agent: rename CredentialTypes enum to CredentialType 2022-02-15 12:42:36 +02:00
vakarisz 02cdebb88b Agent: fix ICredentialCollector return type-hint 2022-02-15 12:41:19 +02:00
vakarisz f5740b2a6e Agent: add mimikatz collector unit tests 2022-02-15 10:09:53 +01:00
vakarisz a6c2762823 Agent: change mimikatz collector to return a list of credentials 2022-02-15 10:09:53 +01:00
vakarisz 2f1b57a526 Agent: fix pypykatz import in mimikatz_cred_collector.py 2022-02-15 10:09:53 +01:00
vakarisz 2ba793e0cf Agent: move mimikatz collector to credential collectors 2022-02-15 10:09:53 +01:00
vakarisz 6aa2160f31 Agent: refactor mimikatz_cred_collector to credential collector 2022-02-14 15:25:06 +02:00
vakarisz c21cf681a4 Agent: define credential collector, credentials interfaces 2022-02-14 12:12:13 +02:00
Mike Salvatore 98a2f0b887 Agent: Use consistent DISPLAY_NAME constant in fingerprinters 2022-02-10 07:15:03 -05:00
Mike Salvatore aadc055f74
Merge pull request #1708 from guardicore/1603-refactor-ssh-fingerprinter
Agent: refactor ssh fingerprinter to fit the new model
2022-02-10 07:11:41 -05:00
Mike Salvatore f9b803b1ae Agent: Minor code quality improvements to SSHFingerprinter 2022-02-10 07:10:47 -05:00
vakarisz 1c7ec9c41f Agent: refactor ssh fingerprinter to fit the new model 2022-02-10 07:10:45 -05:00
Mike Salvatore 1dc08e2087
Merge pull request #1706 from guardicore/1603-refactor-smb-fingerprinter
1603 refactor smb fingerprinter
2022-02-10 06:47:32 -05:00
Mike Salvatore 37eab76044 Agent: Load SMBFingerprinter into the puppet 2022-02-09 13:41:00 -05:00
Mike Salvatore f85bb389cc Agent: Add some debug logging to SMBFingerprinter 2022-02-09 13:40:23 -05:00
Mike Salvatore fec7d987d8 Agent: Skip SMBFingerprinter if SMB_PORT is not open 2022-02-09 13:40:23 -05:00
Mike Salvatore ab3daeb2e8 Agent: Refactor the SMB fingerprinter to implement IFingerprinter 2022-02-09 13:40:23 -05:00
Mike Salvatore a7022011d9 Agent: Rename smb_finger.py -> smb_fingerprinter.py 2022-02-09 13:40:23 -05:00
Mike Salvatore b63d739578 Agent: Replace *Finger* names with *Fingerprinter* in SMBFinger 2022-02-09 13:40:23 -05:00
Mike Salvatore 26681abc86
Merge pull request #1707 from guardicore/1603-refactor-mssql-fingerprinter
1603 refactor mssql fingerprinter
2022-02-09 13:39:57 -05:00
Ilija Lazoroski 5d818154b9 Agent: Load MSSQL fingerprinter into the Puppet 2022-02-09 19:35:59 +01:00
Ilija Lazoroski e6f5b6113f Agent: Refactor MSSQL fingerprinter
* Refactor code to conform to the IFingerprinter interface
* Non-structured server response will return empty Fingerprint data
* Rename mssql_fingerprint to mssql_fingerprinter
* Unit tests
2022-02-09 19:35:51 +01:00
Ilija Lazoroski fb8847b5c5 Agent: Remove sambacry binaries from monkey spec
PR #1698
2022-02-09 08:25:20 -05:00
Mike Salvatore f0602edffb
Merge pull request #1703 from guardicore/1603-refactor-elastic-fingerprinter
Refactor elastic fingerprinter
2022-02-09 07:33:07 -05:00
Mike Salvatore 6de05df665 Agent: Load ElasticSearchFingerprinter into the Puppet 2022-02-09 07:28:12 -05:00
Mike Salvatore cc3be599d7 Agent: Refactor ElasticSearchFingerprinter
* Rename ElasticFinger -> ElasticSearchFingerprinter
* Don't scan port if port is closed or not configured
* Refactor code to conform to the IFingerprinter interface
* Add unit tests
2022-02-09 07:28:10 -05:00
Shreya Malviya 5a64db4ce9
Merge pull request #1699 from guardicore/1669-remove-scoutsuite-integration
Remove scoutsuite
2022-02-09 01:15:30 -08:00
Shreya Malviya 30bbfec182 Docs: Remove trailing whitespace in operating systems support page 2022-02-09 14:35:13 +05:30
Shreya Malviya f8ad233729 Island: Remove ScoutSuite from dependencies 2022-02-09 14:32:19 +05:30
Shreya Malviya ccb72471bb Agent: Remove ScoutSuite from dependencies 2022-02-09 14:31:58 +05:30
Shreya Malviya 97059dcd75 Common: Add sleep before AWS command invocation 2022-02-09 14:28:04 +05:30
Shreya Malviya c129f809b0 UI: Rename function to make more sense 2022-02-09 14:28:04 +05:30
Ilija Lazoroski c458f933c4 Agent: Remove print statement for policyuniverse in monkey spec 2022-02-09 14:28:04 +05:30
Mike Salvatore 9a88ac3ed8 Changelog: Add entry for ScoutSuite removal 2022-02-09 14:28:00 +05:30
Mike Salvatore fcbdb5a65f Common: Remove disused get_host_from_network_location() function 2022-02-09 14:27:20 +05:30
Mike Salvatore c1c04d804f Agent: Remove disused is_running_on_island() function 2022-02-09 14:27:20 +05:30
Shreya Malviya c0d1df6252 UI: Remove Scoutsuite reporting 2022-02-09 14:27:20 +05:30