79d92afcd4
Agent: Add Apache Tomcat support for Log4Shell exploit
2022-01-06 13:56:17 +01:00
0006112e79
Agent: fix log4shell to be able to exploit more than 1 service
2022-01-06 13:01:50 +02:00
0cd6b1e616
Agent: remove unused upload_monkey() and rename _trigger_exploit
2022-01-06 13:00:37 +02:00
7bace927f8
Agent: fix log4shell to always close ldap and http servers, even on errors
2022-01-06 12:56:04 +02:00
9d5ea0f41f
Island: add log4shell issue processing and reporting
2022-01-06 12:26:00 +02:00
0b76b9f949
Agent: fix log4shell to override the correct _exploit_host method
2022-01-06 12:18:58 +02:00
09988b0f80
Agent: report vulnerable port and service in log4shell
...
Refactor log4shell.py and related service exploiters to adhere to IExploitableService interface and save which service on which port was vulnerable to log4shell
2022-01-05 17:43:28 +02:00
5ac6d12fe9
Agent: fix log4shell exploitation indication
2022-01-05 15:47:45 +02:00
c382987430
Project: vulture allow LDAPServerFactory.buildProtocol
2022-01-05 15:18:12 +02:00
dd3c5aac6f
Agent: small logging improvements in log4shel
2022-01-05 14:21:26 +02:00
d2181f6577
Agent, UT: fix ldap builder UT's and some imports in log4shell
2022-01-05 14:16:24 +02:00
563438c7f8
Agent, Island: Add Apache Solr support for Log4Shell exploit
2022-01-05 12:37:08 +01:00
8a120110f5
Agent: change ldap and http ports to be chosen dynamically in log4shell
2022-01-05 12:46:40 +02:00
0659fddac6
Agent: add the docker POC exploit to log4shell
...
Implements the infrastructure needed to add different log4shell exploits and adds the
2022-01-04 17:48:45 +02:00
206abfa5e8
Agent: refactor a couple web_rce methods to static
2022-01-04 17:41:19 +02:00
e69639b426
Agent: use separate java classes for windows and linux in log4shell
...
Linux and windows targets should use different java classes, because one is compiled to be launched in /bin/bash, another in cmd.exe. We can't just inject the whole command, because Runtime.getRuntime().exec() interprets the string in strange ways
2022-01-04 16:09:19 +02:00
1884c6d767
TEMP: base implementation of the log4shell
2021-12-23 16:45:25 +02:00
41b97cb54a
TEMP: base implementation of the log4shell
2021-12-22 17:17:02 +02:00
fddaa16931
Agent: Improve InvalidExploitTemplateError messages
2021-12-21 15:19:45 -05:00
4d5a2511c6
Agent: Add LDAP server for log4shell exploit
2021-12-21 15:19:44 -05:00
2a795723ab
Agent: Add ldaptor to dependencies
2021-12-21 15:12:50 -05:00
68978907e2
Agent: Add build_exploit_bytecode for log4shell exploiter
2021-12-20 15:12:11 -05:00
a48c1afefd
Agent: Construct concrete puppet in monkey.py
2021-12-20 06:56:47 -05:00
e392915b26
Merge branch '1597-integrate-automated-master' into agent-refactor
2021-12-20 06:55:53 -05:00
50930017fb
Agent: Use address_to_ip_port() in _running_on_island()
2021-12-17 10:55:58 -05:00
8658b9edb3
Merge branch '1598-implement-run-payload' into agent-refactor
2021-12-17 10:30:46 -05:00
b19ce79df6
Agent: Use relative imports within puppet package
2021-12-17 10:25:16 -05:00
7b8b485b57
Agent: Mock out unimplemented functions in Puppet
2021-12-17 10:22:42 -05:00
973c88678e
Agent: Move PluginType to the i_plugin package
2021-12-17 10:13:28 -05:00
afbc313a7c
Agent: Handle interrupts in ransomware
2021-12-17 16:10:42 +01:00
05c5764487
Agent: Add i_puppet package
2021-12-17 09:40:46 -05:00
61a7647f9b
Agent: Add interrupt handling to ransomware
2021-12-17 15:31:20 +01:00
958cf3a252
Agent, UT: Rename 'config' to 'options' in ransomware files
2021-12-17 19:55:26 +05:30
0328d2860e
Agent: Add a RansomwarePayload that implements to the IPayload interface
2021-12-17 09:19:47 -05:00
2299c029d7
Agent: Rename RansomwarePayload to Ransomware
...
A payload adheres to a specific IPayload interface. The class that is
now called RansomwarePayload is just a concrete ransomware. A new
RansomwarePayload will be introduced to wrap the build and execute of
the Ransomware.
2021-12-17 09:16:27 -05:00
0a4ff25843
Agent: Implement Puppet.run_payload()
2021-12-17 09:02:12 -05:00
b798255249
Agent: Add plugin_name attribute to puppet's load_plugin
2021-12-17 09:02:12 -05:00
8e6abcb795
Agent: Add PluginRegistry
2021-12-17 09:02:12 -05:00
ee1fa01dda
UT: Move ransomware unit tests to payload/ransomware/
2021-12-17 09:02:12 -05:00
33e3a31030
Agent: Move ransomware/ to payload/ransomware/
2021-12-17 09:02:04 -05:00
09a1297f47
Agent: User relative imports within ransomware package
2021-12-17 09:00:56 -05:00
c18af3c3fb
Agent: Change return type of IPuppet.run_payload() to None
...
At the moment, we don't expect payloads to return any values. This may
be reevaluated as development proceeds or when telemetry is refactored.
2021-12-17 09:00:54 -05:00
89368f729f
Agent, Common, UT: Separate IP and Port in monkey
...
Instead of splitting IP/port on demand, separate the IP and port from monkey commandline parameter and pass them to VictimHostFactory
2021-12-17 15:30:10 +02:00
3adb1d5b07
Agent: Add IPayload interface
2021-12-17 08:12:37 -05:00
19bcaad7f2
Agent: Fix broken logic in get_local_network_interfaces()
2021-12-17 07:08:48 -05:00
9e127b49ae
Agent: Get local network interfaces inside _build_master()
2021-12-16 19:17:05 -05:00
637053e6cd
Agent: Integrate VictimHostFactory with monkey.py
2021-12-16 15:20:38 -05:00
18fb4e7533
Agent: Add self._default_server to monkey.py
2021-12-16 15:08:43 -05:00
b3bc9b2ffa
Agent: Refactor build_victim_host() to improve readability
2021-12-16 14:39:54 -05:00
b6f2bab15b
Agent: Pass str (not None) to VictimHost constructor
2021-12-16 14:39:54 -05:00
Ilija Lazoroski
vakarisz
Mike Salvatore
Shreya Malviya