Commit Graph

6001 Commits

Author SHA1 Message Date
Shreya Malviya e339932fde island: Change 'Powershell' to 'PowerShell' in attack schema for T1210 2021-08-24 13:16:59 +05:30
Shreya Malviya b6c3623e74 agent, island, vulture: Update class name and text related to powershell exploiter to maintain consistency ('PowerShell Remoting') 2021-08-24 13:15:47 +05:30
Shreya Malviya 72e0378335 agent: Fix import path in powershell exploiter 2021-08-24 11:52:12 +05:30
Shreya Malviya ee9fde4005 agent: Refactor powershell remoting exploiter 2021-08-24 11:40:41 +05:30
Shreya Malviya 29788776fa agent: Modify exploitation log messages in powershell exploiter 2021-08-24 11:40:41 +05:30
Shreya Malviya 04125e5e14 agent: Add separate function to set log levels for sensitive packages in powershell exploiter 2021-08-24 11:40:40 +05:30
Shreya Malviya dc4a5fbb85 agent: Use variable 'is_32bit' for function argument 2021-08-24 11:40:40 +05:30
Shreya Malviya ba8c44d22c agent: Fix typos in powershell remoting exploiter 2021-08-24 11:40:40 +05:30
Shreya Malviya 5419200d61 agent: Update exploited service name in powershell remoting exploiter 2021-08-24 11:40:40 +05:30
VakarisZ 2b71fb80c7 Fixed missing powershell exploiter report components. 2021-08-24 11:40:39 +05:30
VakarisZ 9966c54fe2 Added powershell remoting exploiter. 2021-08-24 11:40:39 +05:30
VakarisZ 55a817931d Bugfix for monkey binary removal if dropper fails to do so 2021-08-24 11:40:39 +05:30
Mike Salvatore d203b28a38
Merge pull request #1424 from guardicore/post-breach-pyinstaller-hook
Post breach pyinstaller hook
2021-08-23 13:54:55 -04:00
Mike Salvatore 342b5689f1 Update changelog with fixes for #1405 and #1419 2021-08-23 11:44:29 -04:00
Mike Salvatore 7f71901a29 Agent: Use path relative to __file__ to locate powershell scripts 2021-08-23 11:14:23 -04:00
Mike Salvatore 536b061cc7 Agent: Remove unused TEMP_FILE constant from windows timestomping PBA 2021-08-23 11:14:23 -04:00
Mike Salvatore 1ef884ae4e Agent: Add pyinstaller hook for post_breach package 2021-08-23 11:14:20 -04:00
Mike Salvatore db8ea45197 Agent: Remove traceroute binaries
The traceroute binaries are no longer used. They inflate the size of the
agent binaries and add unnecessary dependencies.
2021-08-20 16:27:36 -04:00
Mike Salvatore 1f519ad1ee Agent: Deduplicate ping command list in PingScanner 2021-08-20 11:05:55 -04:00
Mike Salvatore 1d9372690d Agent: Deduplicate timeout calculation in PingScanner 2021-08-20 11:05:55 -04:00
Mike Salvatore 198fbd66f8 Merge branch 'remove-internet-access-check' into develop
PR #1420
2021-08-20 10:40:24 -04:00
Mike Salvatore 434246f21f Merge branch '1175/fix-break-on-german-system-lang' into develop
PR #1403
2021-08-20 10:37:29 -04:00
Mike Salvatore cf73d11d9e Update changelog for issue #1402 2021-08-20 09:30:56 -04:00
Mike Salvatore 1d9ae4c01a Island: Fix typo "trough" -> "through" 2021-08-20 09:23:23 -04:00
Ilija Lazoroski 9f194f3417 Merge branch '1183/hide-input-component' into develop
PR #1417
2021-08-20 13:59:45 +02:00
Mike Salvatore 0fc9631d75 Update changelog with entry for #1183 2021-08-20 07:47:29 -04:00
Mike Salvatore 54e519eeaa Agent: Gracefully handle character decode errors in ping command 2021-08-19 19:20:42 -04:00
Mike Salvatore 5f9e507dc7 Agent: Add debug logging to get_host_fingerprint() 2021-08-19 19:20:42 -04:00
Mike Salvatore ce27829753 Update CHANGELOG.md with fix for #1175 2021-08-19 19:20:38 -04:00
Mike Salvatore 769dd67b66 Agent: Automatically select correct output encoding for ping command 2021-08-19 19:19:34 -04:00
TRGamer-tech f2148db70b Add cp850 encoding to subprocess 2021-08-19 19:19:34 -04:00
Mike Salvatore 85e26beda8 Tests: Remove internet_services from test config 2021-08-19 14:17:01 -04:00
Mike Salvatore 087c8f2cf8 BB: Remove internet_services from BaseTemplate 2021-08-19 14:16:44 -04:00
Mike Salvatore b48c1720e7 Island; Remove "internet_access" and "internet_services"
Issue #1402
2021-08-19 14:16:08 -04:00
Mike Salvatore 189e1338ba Agent: Remove internet access check
Issue #1402
2021-08-19 14:15:15 -04:00
Ilija Lazoroski 8e9f5647f6 UI: Hide description that messed up the list 2021-08-19 10:35:36 -04:00
Ilija Lazoroski 24009797ab UI: Rename HideInput to SensitiveTextInput. Resolve spacing 2021-08-19 11:16:22 +02:00
Ilija Lazoroski a8cc0e6781 UI: Add HideInput component to internal exploits 2021-08-18 11:49:01 +02:00
Ilija Lazoroski 9a0837656b UI: Add hide/show component for credentials 2021-08-17 12:53:06 +02:00
Mike Salvatore dd390ff41d Update release 1.11.0 date in changelog 2021-08-13 08:38:33 -04:00
Mike Salvatore 3c0ceaf35c Common: Change build type to "dev" 2021-08-13 08:24:21 -04:00
Mike Salvatore 819de3905a Merge branch 'release/1.11.0' into develop 2021-08-13 08:23:04 -04:00
Mike Salvatore 9b442d2cae Docs: Update file checksums 2021-08-11 20:38:47 -04:00
Mike Salvatore e899f04744 UI: Change ransomware segmentation blog link 2021-08-11 13:30:46 -04:00
Mike Salvatore 5fc8ee95ae Docs: Update file checksums for v1.11.0 2021-08-11 10:43:26 -04:00
Mike Salvatore 1ce4ffa533 Docs: Use official Linux distro names 2021-08-11 08:00:46 -04:00
Mike Salvatore 3ac481fb6b Docs: Copyedits to reports/ransomware.md 2021-08-10 16:31:16 -04:00
Ilija Lazoroski f48cac3c77 docs: Add ransomware report documentation 2021-08-10 10:33:44 -04:00
Shreya Malviya 6b6cfbfc29 island: Change keyword argument in send_from_directory() (changed in flask 2.0) which was causing issues in T1216 2021-08-10 09:37:11 +05:30
Mike Salvatore 2b602cbac4 Island: Pass data_dir as a string to create_secure_directory 2021-08-09 14:12:40 -04:00