Commit Graph

253 Commits

Author SHA1 Message Date
Itay Mizeretz 27be13b48a Rephrase readmes 2017-10-17 17:14:28 +03:00
Itay Mizeretz b58c4ea622 Remove relative range option from config 2017-10-17 11:55:27 +03:00
Itay Mizeretz 81051009d0 Fix CR 2017-10-16 10:58:11 +03:00
Daniel Goldberg ee4d206745 Simplified generic attack logic 2017-10-15 19:32:19 +03:00
Daniel Goldberg 2d47e9c228 Fix edge case in shellshock where a victim with no attackable URLs returned None 2017-10-15 19:28:41 +03:00
Daniel Goldberg aa61a4e66e Py3 + added additional string output. 2017-10-15 19:07:20 +03:00
Itay Mizeretz 02b02e43bb Report only url in shellshock 2017-10-15 18:04:39 +03:00
Itay Mizeretz bb53606a1b Fix check os supported bug 2017-10-15 15:11:58 +03:00
Itay Mizeretz 5b7a7e52d1 Merge branch 'develop' into feature/change-exploit-telemetry
# Conflicts:
#	monkey_island/cc/ui/src/components/pages/MapPage.js
2017-10-15 14:01:44 +03:00
Daniel Goldberg 875b7cb3a1 Merge pull request #58 from guardicore/bugfix/various-island-fixes
Bugfix/various island fixes
2017-10-15 10:54:03 +03:00
Itay Mizeretz 9984b411d4 Refactor exploit classes to be per-host, and not per exploit type
Exploit telemetry has a more consistent format
Minor improvements in exploits
2017-10-11 18:05:03 +03:00
Itay Mizeretz f59edb5b6e Require lower version of psutil for Windows 2003/XP and under 2017-10-09 14:39:11 +03:00
Itay Mizeretz 9b6c008330 Merge remote-tracking branch 'origin/develop' into bugfix/various-island-fixes
# Conflicts:
#	monkey_island/cc/services/config.py
2017-10-09 10:53:32 +03:00
Daniel Goldberg 930050a713 Merge pull request #57 from guardicore/bugfix/fix-various-exploit-bugs
Bugfix/fix various exploit bugs
2017-10-09 10:43:51 +03:00
Itay Mizeretz bf5fb10838 Fix CR 2017-10-08 19:23:34 +03:00
Daniel Goldberg dc27467cd7 Updated compilation instructions 2017-10-08 16:13:42 +03:00
Itay Mizeretz f9206ff817 Remove unsafe exploits from default config 2017-10-04 15:25:34 +03:00
Itay Mizeretz 8ecb895244 Change default for victims_max_find
Move things around in config
2017-10-04 14:57:56 +03:00
Daniel Goldberg 2949d4a8c2 Remove DNET library. 2017-10-03 18:20:20 +03:00
Itay Mizeretz 0c971da15c linux's implementation of local_ips returns array of strs instead of unicodes
This fixes SambaCry Linux->Linux exploit among other things
2017-10-03 17:08:23 +03:00
Itay Mizeretz 14eec1ba99 Log stack trace of exceptions thrown from exploit 2017-10-03 16:18:34 +03:00
Itay Mizeretz 65f5dbeaaf Sleep only *between* life cycles 2017-10-03 15:47:50 +03:00
Itay Mizeretz 2bbd5d4824 Fix SambaCry .close() bug 2017-10-03 15:47:07 +03:00
Itay Mizeretz 65872d9518 Fix SambaCry not working for non-root user 2017-10-02 17:11:51 +03:00
Daniel Goldberg 39ab50f376 Fix inconsistent return value in send_head 2017-10-02 12:40:53 +03:00
Daniel Goldberg 637b704fa2 remove fully qualified path 2017-10-02 12:40:53 +03:00
Daniel Goldberg 9d5ea03eb3 PEP8+python exceptions 2017-10-02 12:40:53 +03:00
Daniel Goldberg a2b1b78f0b PEP8 + Python exception 2017-10-02 12:40:53 +03:00
Daniel Goldberg b668a0d0f3 PEP8 + Python exceptions 2017-10-02 12:40:53 +03:00
Daniel Goldberg b77aa5d10c PEP8 + new exception format. 2017-10-02 12:40:53 +03:00
Itay Mizeretz 8ddac92429 Fix mimikatz lowercase hostname comparison 2017-10-02 12:14:31 +03:00
Itay Mizeretz afcd066fff Fix mimikatz bug where plain passwords weren't collected when they could have 2017-10-02 11:25:53 +03:00
Itay Mizeretz 22ff980923 Merge remote-tracking branch 'origin/develop' into bugfix/various-fixes 2017-10-01 11:36:12 +03:00
Daniel Goldberg b910baf1d0 Stupid, stupid casting bug. 2017-10-01 11:35:17 +03:00
Itay Mizeretz 9af6590e75 Fix CR 2017-09-28 19:03:31 +03:00
Itay Mizeretz 2d83657bd9 Fix missing WindowsError on linux 2017-09-28 17:56:34 +03:00
Itay Mizeretz 6233fec0f7 If exception thrown from exploit, we now send telemetry about trying 2017-09-28 16:14:30 +03:00
Itay Mizeretz 7365f7d6a7 Fix in sambacry
Sambacry tries to exploit when can't recognize version
2017-09-28 16:13:47 +03:00
Itay Mizeretz 3c345679b3 Change skip exploit if monkey exist to false 2017-09-28 14:44:18 +03:00
Itay Mizeretz 174c74cbcb Temporarily disable shellshock reporting its vulnerable pages 2017-09-28 14:43:08 +03:00
Daniel Goldberg 5586619f19 PEP8 fun 2017-09-28 14:22:35 +03:00
Daniel Goldberg a27c802b11 If already touching this file, modify it for PEP8 + better exception syntax. 2017-09-28 14:17:41 +03:00
Itay Mizeretz 48ce135194 Merge remote-tracking branch 'origin/develop' into feature/pass-the-hash
# Conflicts:
#	monkey_island/cc/services/config.py
2017-09-27 18:42:25 +03:00
Itay Mizeretz d628a27595 Add pass-the-hash for wmi 2017-09-27 18:30:44 +03:00
Itay Mizeretz 7e3f420fe0 Add pass-the-hash for sambacry 2017-09-27 17:23:23 +03:00
itaymmguardicore 9242fe3232 Merge pull request #51 from guardicore/feature/elasticgroovy
Feature/elasticgroovy
2017-09-27 15:41:40 +03:00
Daniel Goldberg 6b7f67933d Finish fixing CR notes. 2017-09-27 14:38:44 +03:00
Itay Mizeretz fe77fc833c fix ntlm_hash telem 2017-09-27 14:28:53 +03:00
Daniel Goldberg 142401e706 change the user/password combo to existing function in another place. 2017-09-27 13:40:50 +03:00
Itay Mizeretz 22ce3d9387 Expand config env variables on demand 2017-09-27 11:24:42 +03:00