Ilija Lazoroski
371b020542
BB: Reset Island after finished test
2022-07-26 16:29:21 +02:00
vakarisz
81101d4213
Common: Rename configuration package to agent_configuration
2022-07-26 09:38:58 -04:00
Ilija Lazoroski
fd6f1db074
BB: Add todo and comment out broken code in ZerologonAnalyzer
2022-07-25 11:07:47 +02:00
Mike Salvatore
878f12736f
BB: POST config and credentials as JSON
2022-07-22 13:26:12 -04:00
Mike Salvatore
e1691b108f
BB: Fix credentials object serialization
2022-07-22 13:26:12 -04:00
Mike Salvatore
5c60656f56
BB: Rename post_json(data) parameter to json
2022-07-22 17:24:53 +00:00
Mike Salvatore
2d338fc81f
BB: Use to_mapping() to send agent configuration JSON
2022-07-22 17:24:53 +00:00
Shreya Malviya
b6703becbc
BB: Get rid of TestConfigurationParser and move its functions outside
2022-07-22 17:24:53 +00:00
Shreya Malviya
35d5592da0
BB, Island: Remove BB performance tests and *everything* related to it
2022-07-22 17:24:53 +00:00
Shreya Malviya
8b43d910b6
BB: Modify MonkeyIslandClient.import_config() to send propagation credentials to relevant endpoint
2022-07-22 17:24:53 +00:00
Shreya Malviya
379ada7a24
BB: Rename IslandConfigParser -> TestConfigurationParser
...
Even though the names start with "test", they shouldn't cause any issues
since we only run "test_blackbox.py".
2022-07-22 17:24:53 +00:00
Shreya Malviya
2764069aec
BB: Correctly pass and import test configuration and agent configuration
2022-07-22 17:24:53 +00:00
Shreya Malviya
1f4167f44c
BB: Add more specific type hint to IslandConfigParser.get_target_ips_from_configuration()
2022-07-22 17:24:53 +00:00
Shreya Malviya
42efe1fc56
BB: Remove unused function from IslandConfigParser
2022-07-22 17:24:53 +00:00
Shreya Malviya
b13fb45b04
BB: Get rid of unneeded improts and variables
2022-07-22 17:24:53 +00:00
Shreya Malviya
00626fe579
BB: Use agent configuration object to get target IPs in IslandConfigParser
2022-07-22 17:24:53 +00:00
Shreya Malviya
549a79ced4
BB: Update type hint to be more specific in CommunicationAnalyzer
...
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2022-07-22 17:24:53 +00:00
Shreya Malviya
db5187fc74
BB: Remove config templates
2022-07-22 17:24:53 +00:00
Shreya Malviya
1d45a15ea1
BB: Remove config_generation_script.py
2022-07-22 17:24:53 +00:00
Shreya Malviya
c6c38ac008
BB: Add type hints in CommunicationAnalyzer
2022-07-22 17:24:53 +00:00
Shreya Malviya
c9b10bfc3f
BB: Fix API endpoints in MonkeyIslandClient
2022-07-22 17:24:53 +00:00
Shreya Malviya
f0993d94cf
BB: Rename raw_config -> serialized_config everywhere
2022-07-22 17:24:53 +00:00
Shreya Malviya
690fb71e10
BB: Rename get_ips_of_targets() -> get_target_ips_from_serialized_config() and pass correct arguments
2022-07-22 17:24:53 +00:00
Shreya Malviya
c6ffd16e48
BB: Modify IslandConfigParser.get_ips_of_targets() logic per new configuration
2022-07-22 17:24:53 +00:00
Shreya Malviya
5d9e525ecc
BB: Remove unused apply_template_to_config() from IslandConfigParser
2022-07-22 17:24:53 +00:00
Shreya Malviya
7d98d14d3a
BB: Use IslandConfigParser.get_serialized_config() in test_blackbox.py
2022-07-22 17:24:53 +00:00
Shreya Malviya
c509b1390a
BB: Remove unused parameter in get_serialized_config() in IslandConfigParser
2022-07-22 17:24:53 +00:00
Shreya Malviya
6bda56f30c
BB: Replace config templates with configuration objects in test_blackbox.py
2022-07-22 17:24:53 +00:00
Shreya Malviya
d5736df56d
BB: Modify IslandConfigParser to return serialized config
2022-07-22 17:24:53 +00:00
Shreya Malviya
f99ad90371
BB: Reorder test configuration imports so they're alphabetical
2022-07-22 17:24:53 +00:00
Mike Salvatore
f049688160
BB: Add smb_download_timeout to test_configurations
2022-07-20 07:48:06 -04:00
Mike Salvatore
0e2cef181a
BB: Add wmi_mimikatz_test_configuration
2022-07-19 14:19:43 -04:00
Mike Salvatore
0605470af9
BB: Move Hadoop and Log4Shell to vulnerability exploiters
2022-07-19 14:17:06 -04:00
Mike Salvatore
27197ee70a
BB: Add smb_pth_test_configuration
2022-07-19 14:09:12 -04:00
Mike Salvatore
367b6de901
BB: Add powershell_credentials_reuse_test_configuration
2022-07-19 13:48:29 -04:00
Mike Salvatore
a605db7625
BB: Add Tests comment to depth_2_a.py
2022-07-19 13:31:16 -04:00
Mike Salvatore
cde0474eb2
BB: Add "Tests" comment to depth_1_a.py
2022-07-19 13:29:46 -04:00
Mike Salvatore
d354622f9a
BB: Add depth_3_a_test_configuration
2022-07-19 13:29:39 -04:00
Mike Salvatore
6e730394bf
BB: Add set_keep_tunnel_open_time()
2022-07-19 13:25:08 -04:00
Mike Salvatore
9bff20e92f
BB: Add depth_2_a_test_configuration
2022-07-19 13:25:07 -04:00
Mike Salvatore
3480b18e39
BB: Remove zerologon exploiter from depth_1_a_test_configuration
2022-07-19 09:00:51 -04:00
Mike Salvatore
4cd1c6bf3c
BB: Reorder some things in depth_1_a.py
2022-07-19 08:59:10 -04:00
Mike Salvatore
87363d3096
BB: Rename credentials -> CREDENTIALS
2022-07-19 08:57:19 -04:00
Mike Salvatore
707aa97a65
BB: Add TCP ports to depth_1_a_test_configuration
2022-07-19 08:47:57 -04:00
Mike Salvatore
189e2ad3d1
BB: Add HTTP ports to depth_1_a_test_configuration
2022-07-19 08:13:09 -04:00
Mike Salvatore
0c6764daf5
BB: Add add_http_ports()
2022-07-19 08:12:46 -04:00
Mike Salvatore
f1d9ea64e5
BB: Add tcp ports to depth_1_a_test_configuration
2022-07-18 15:17:33 -04:00
Mike Salvatore
0a0cb5de19
BB: Set maximum depth in depth_1_a_test_configuration
2022-07-18 15:17:33 -04:00
Mike Salvatore
365b4098e4
BB: Set maximum depth in zerologon_test_configuration
2022-07-18 15:17:32 -04:00
Mike Salvatore
5a1a40a515
BB: Add set_maximum_depth()
2022-07-18 15:17:30 -04:00
Mike Salvatore
c2028f15a4
BB: Add depth_1_a_test_configuration
2022-07-18 15:00:06 -04:00
Mike Salvatore
138ce81f1b
BB: Add add_credential_collectors()
2022-07-18 14:52:31 -04:00
Mike Salvatore
dbc138d263
BB: Add replace_propagation_credentials()
2022-07-18 14:52:05 -04:00
Mike Salvatore
d11fbe92e8
BB: Add missing type hints to add_exploiters()
2022-07-18 14:49:25 -04:00
Mike Salvatore
37e79f41e8
BB: Rename noop_test_configuration.py -> noop.py
2022-07-18 14:43:18 -04:00
Mike Salvatore
68c6625445
BB: Add a zerologon test configuration
2022-07-18 14:43:18 -04:00
Mike Salvatore
ed6b766cd1
BB: Add test_configurations/utils.py
2022-07-18 14:43:16 -04:00
Mike Salvatore
c42cfe3110
BB: Add noop_configuration
2022-07-18 14:26:43 -04:00
Mike Salvatore
b3499074b5
BB: Add TestConfiguration
2022-07-18 13:36:37 -04:00
Mike Salvatore
ea1dc930a1
BB: Remove "single_tests" subpackage
2022-07-18 13:08:29 -04:00
Mike Salvatore
cf45ae4c3e
BB: Remove "grouped" subpackage
2022-07-18 13:07:18 -04:00
Mike Salvatore
c1073bd1ea
BB: Remove unused "single_tests"
2022-07-18 13:06:00 -04:00
Mike Salvatore
70f3506317
BB: Remove test_blackbox_in_depth.py
2022-07-18 13:02:19 -04:00
Mike Salvatore
61793d56cf
BB: Add a note about clearing tomcat sessions
2022-05-04 10:32:23 -04:00
Mike Salvatore
2f3c08cb77
BB: Add a note about setting java.security.egd for tomcat
2022-05-04 10:32:21 -04:00
Ilija Lazoroski
30e27b4e9a
Zoo: Add timeout to zerologon bb test
...
* Fix log message in smb tools
2022-04-26 11:40:48 -04:00
Ilija Lazoroski
d2cc056a55
Island, BB: Rename api/monkey_control to api/monkey-control
2022-04-15 13:16:56 +02:00
Ilija Lazoroski
1535832279
Island, BB: Rename clear_caches endpoint to clear-caches
2022-04-15 12:36:12 +02:00
Mike Salvatore
6df2c38b0f
BB: Remove tests for drupal, struts, and weblogic exploiters
2022-04-14 14:02:43 -04:00
Mike Salvatore
c74f0ed472
BB: Change scan list order in test_depth_3_a() to decrease runtime
2022-04-14 13:53:04 -04:00
Mike Salvatore
a2c3b74d09
BB: Change test order
2022-04-14 13:52:41 -04:00
Mike Salvatore
16e887a94a
Merge pull request #1887 from guardicore/agent-refactor
2022-04-14 12:20:43 -04:00
vakarisz
3ebab643bc
BB: Small typo fix
2022-04-14 15:12:18 +03:00
Mike Salvatore
03433a8d75
BB: Format depth_3_a.py with Black
2022-04-13 11:48:32 -04:00
vakaris_zilius
43d38d90e0
BB: Extract powershell cred re-use into a separate test
...
Credential re-use only applies to windows island, that's why it's separate
2022-04-13 14:21:23 +00:00
vakaris_zilius
b20de39ce0
BB: Split depth_1_b into separate tests, add SMB_PTH
2022-04-13 16:45:14 +03:00
vakaris_zilius
76ba33a750
BB: Fix a WMI bug in configuration
...
Depth 3 a should test PTH, because mimikatz is already being tested in depth 1 a.
2022-04-13 16:45:14 +03:00
vakaris_zilius
c498b22610
BB: Improve configuration documentation with IP's
2022-04-13 16:45:14 +03:00
vakaris_zilius
2dee5698f2
BB: Remove performance test template from test_blackbox.py
2022-04-13 16:45:14 +03:00
vakaris_zilius
1d647a0c6b
BB: Move ssh keys test to a separate test suite
2022-04-13 16:45:14 +03:00
vakaris_zilius
03e23778dd
BB: Add explanation to how 46 powershell machine can be exploited
2022-04-13 16:45:14 +03:00
vakaris_zilius
4df72d08eb
BB: Reduce the time for agents to die to 2 minutes
2022-04-13 16:45:14 +03:00
vakaris_zilius
0b4f98c675
BB: Increase default test timeout to 150s
...
Timeout needed an increase because one log4shell machine was slow to communicate back
2022-04-13 16:45:14 +03:00
vakaris_zilius
549eebd55c
BB: Rename depth_4_a to depth_3_a
2022-04-13 16:45:14 +03:00
vakarisz
91a431517a
BB: Use grouped tests
...
Grouping tests will allow us to run more tests at once
2022-04-13 16:45:14 +03:00
vakarisz
7a3ec16d16
BB: Add powershell empty credential login test to depth_1_a test
2022-04-13 16:45:14 +03:00
vakarisz
ceabb99e7c
BB: Add time log for monkey killing time
2022-04-13 16:45:14 +03:00
vakarisz
9ca061e23c
BB: Add config templates for grouped tests
2022-04-13 16:45:14 +03:00
vakarisz
48469a59a6
BB: Move single test templates into a dedicated folder
2022-04-13 16:45:12 +03:00
Ilija Lazoroski
d9c295bed4
BB: Remove WebLogic exploiter
2022-04-11 11:58:24 +02:00
Mike Salvatore
1f5bb7efaf
Merge pull request #1876 from guardicore/1869-remove-drupal
...
Remove Drupal exploiter
2022-04-10 09:45:24 -04:00
Shreya Malviya
378b5178c5
BB: Relate references to the Drupal machine in the Zoo
2022-04-08 20:59:38 +05:30
Ilija Lazoroski
d3c60af960
BB: Remove Struts2 exploiter
2022-04-08 12:14:38 +02:00
Shreya Malviya
0789869316
BB: Remove Drupal BB test and related code
2022-04-08 14:27:48 +05:30
Mike Salvatore
394088e39d
BB: Reduce DELAY_BETWEEN_ANALYSIS
2022-03-29 16:10:20 -04:00
Mike Salvatore
4e489ad62b
Merge pull request #1814 from guardicore/1801-fix-blackbox-tests
...
1801 fix blackbox tests
2022-03-25 07:18:22 -04:00
Mike Salvatore
35923c1eb1
BB: Reduce the timeouts for tunneling tests
2022-03-24 13:43:04 -04:00
vakarisz
a92a8af96b
BB: Remove smb-20 machine
2022-03-24 13:08:30 -04:00
Shreya Malviya
cb51394439
BB: Add relevant TCP ports to PowerShell config template
2022-03-24 18:43:52 +05:30
Mike Salvatore
f8b3b378d6
BB: Skip tests for deprecated exploiters
2022-03-23 14:50:38 -04:00
Mike Salvatore
5835a87d3c
BB: Reduce the time that tunnels are held open in tunneling test
2022-03-23 14:50:38 -04:00
Mike Salvatore
123606f23d
BB: Reduce time to wait for agents to finish
...
Since the agents stop and start so much more quickly now, these delays
can be reduced.
2022-03-23 14:50:38 -04:00
Mike Salvatore
ef9c3f4f32
BB: Add ports 5985 and 5986 to PowerShell tests
2022-03-23 14:50:38 -04:00
Mike Salvatore
88422f9764
BB: Fix API call to kill all monkeys
2022-03-23 14:50:38 -04:00
Shreya Malviya
ad61236ed0
BB: Fix password for powershell-46 in Zoo machines' docs
2022-03-21 14:10:16 +05:30
Ilija Lazoroski
c000ab6cf8
BB: Update documentation for PowerShell machines
2022-03-21 14:06:54 +05:30
Ilija Lazoroski
747365818f
BB: Update documentation for PowerShell machines
2022-03-16 14:20:42 +01:00
Mike Salvatore
c075fed2da
BB: Remove 'PingScanner' from fingerprinters in config templates
2022-02-28 13:18:07 -05:00
Shreya Malviya
7d76d94959
Zoo: Remove Elastic machines from terraform scripts and docs
2022-02-24 15:16:19 +05:30
Shreya Malviya
6c7e630465
BB: Remove ElasticGroovyExploiter references
2022-02-24 15:14:32 +05:30
Ilija Lazoroski
ddc77e6d6a
Zoo: Remove ShellShock Exploiter
2022-02-23 13:50:12 +01:00
Shreya Malviya
7787984f4a
BB: Remove ProcessListCollector from BB config templates
2022-02-16 17:31:40 +05:30
Mike Salvatore
e1cf4fa9c2
Merge branch 'release/1.13.0' into agent-refactor
2022-01-25 13:35:49 -05:00
Mike Salvatore
4a7c8fe411
Merge branch 'release/1.13.0' into develop
2022-01-25 13:23:17 -05:00
vakarisz
28cf8b55cf
BB: modified performance config template to contain log4shell machines
2022-01-25 15:16:32 +02:00
Shreya Malviya
ce8c178297
BB: Add Log4Shell zoo machines to table of contents, grammar fixes
2022-01-20 17:24:11 +05:30
vakarisz
212fb3a653
BB: black format config_generation_script.py
2022-01-18 15:23:59 +02:00
vakarisz
e3f9312ff9
BB: change log4j exploit depth to 1 (default)
...
This change is necessary to make sure that exploitation is successfull from a particular machine being tested.
2022-01-18 11:44:47 +02:00
Ilija Lazoroski
311a721880
BB: Fix IP address for Tomcat machines
2022-01-17 16:34:56 +01:00
vakarisz
77eb3ce004
BB: Added log4j configs to the list of manually generatable configs
2022-01-17 11:40:31 +02:00
vakarisz
be79f2bcdb
BB: add log4j machines to gcp machine list
2022-01-14 14:51:18 +02:00
vakarisz
a7b31dd9e4
BB: add log4shell BB tests
2022-01-13 16:11:10 +02:00
vakarisz
aef7beedb3
Zoo: add logstash machines that test log4shell
2022-01-13 12:42:03 +02:00
Ilija Lazoroski
dcc68914bd
BB: Add log4j machines to monkey zoo
2022-01-10 14:17:48 +01:00
vakarisz
6782f806eb
Zoo: add log4j solr machines to terraform scripts and docs
2022-01-07 15:27:50 +02:00
Mike Salvatore
3d56d88512
BB: Remove stale TODO from poweshell test
2021-11-30 13:40:13 -05:00
VakarisZ
86f2a0dc78
BB: remove deleted system info collectors from config templates
2021-11-17 12:59:34 +02:00
VakarisZ
f5c8db979f
Project: remove remaining sambacry exploiter references in performance.py config template, vulture_allowlist.py and monkey_config_standard.json unit test data file
2021-11-10 15:44:05 +02:00
VakarisZ
136a105e56
BB: remove sambacry machines from BB infrastructure and docs
2021-11-10 15:43:51 +02:00
Shreya Malviya
b005946d88
BB: Remove VSFTPD exploiter from BB performance test's config template
2021-10-29 18:17:33 +05:30
VakarisZ
1ad74a4bff
BB: fix zerologon test to check propagation via SMB as well
...
ZeroLogon doesn't propagate to the machine it only steals the credentials. It's best to make sure that propagation is also possible by running SMB exploiter
2021-10-26 10:21:36 -04:00
Mike Salvatore
8d7a5a410c
BB: Remove ".\\m0nk3y" user from Powershell user list
...
This user was added to work around issue #1486 . Since d4a1c2bda resolves
that issue, this user can be removed from the config for this test.
2021-10-19 08:23:07 -04:00
Ilija Lazoroski
6787cce1d0
Zoo: Change API registration parameter
2021-10-14 14:52:13 +02:00
VakarisZ
2d28c4e800
Zoo: fix the fullDocs.md by removing the outdated section about monkey configurations, add a sections about what to do with the island if you're a simple user
2021-10-07 16:56:10 +03:00
VakarisZ
f7e0b4fef1
Zoo: add missing tunneling-12 image definition to terraform scripts
2021-10-07 13:55:48 +03:00
Ilija Lazoroski
a438f3afb0
Zoo: Replace --os with --skip-powershell-reuse
...
With this logic the powershell cached will run
if we don't provide the cli param --skip-powershell-reuse.
2021-09-28 17:31:20 +02:00
Ilija Lazoroski
07c08ac0b6
Zoo: Reformat powershell cached credentials test
2021-09-27 19:02:13 +02:00
Ilija Lazoroski
689e6ac532
Zoo: Add os specific black box test.
...
Add new --os flag to the blackbox tests.
If not specified it will skip all os marked tests.
2021-09-27 13:08:52 +02:00
Ilija Lazoroski
b90e9ccf21
Zoo: Add second hop bb test
...
Added new powershell-3-48 machine for second hop test.
Explanation why cached are not working after the first hop.
Documentation for the zoo.
2021-09-24 15:29:11 +02:00
VakarisZ
b69916428b
Remove T1129 attack technique from the codebase
2021-09-17 14:19:42 +03:00
VakarisZ
dec2fc43c2
Merge pull request #1449 from guardicore/powershell-exploiter-ntlm-hashes
...
Use LM and NT hashes in powershell exploiter
2021-09-09 11:56:02 +03:00
Ilija Lazoroski
d27194c568
Zoo: Fix powershell bb config for ntlm hash
2021-09-06 13:50:24 +02:00
VakarisZ
57908b94eb
Merge pull request #1452 from guardicore/1418/bb-to-use-credentials
...
Zoo: Change island to use credentials
2021-09-06 10:28:39 +03:00
Ilija Lazoroski
1e5d49024d
Zoo: Change island to use credentials
2021-09-06 09:17:15 +02:00
Ilija Lazoroski
18c21513af
Zoo: Add new machine for powershell exploiter
2021-09-02 17:06:22 +02:00
Shreya Malviya
13b1904cf7
Merge pull request #1427 from guardicore/1246/powershell-documentation
...
Documentation for PowerShell exploiter
2021-09-01 15:11:39 +05:30
Mike Salvatore
d22c7813a5
BB: Switch the scanning order in tunneling tests
...
Because the SMB exploiter deploys the 32-bit agent, which will then
upgrade itself to 64-bit, it takes a long time between when exploitation
is successful and the agent calls home. By switching the order that
hosts are scanned in, this test runs approximately 25 seconds quicker
and allows us to reduce the `keep_tunnel_open_time` setting by 30
seconds.
2021-08-30 13:28:25 -04:00
Shreya Malviya
54f80df1f4
bb: Remove extra line from end of file
2021-08-30 15:12:35 +05:30
Ilija Lazoroski
9a96e6ed39
Zoo: Refactor start and stop gcp machine functions
2021-08-26 10:35:22 +02:00
Ilija Lazoroski
e6ca0fd3b6
Zoo: Parallelize start and stop of gcp machines
2021-08-25 10:07:41 +02:00