Shreya Malviya
38011f20b5
island: Remove unnecessary type conversion in log statement
2021-09-14 16:05:19 +05:30
Shreya Malviya
686f65e4f4
tests: Move monkeypatch statements to fixtures in test_version_update.py
2021-09-14 16:04:06 +05:30
Shreya Malviya
90c6392e16
island, tests: Handle exceptions when getting deployment type from file and add related tests
2021-09-14 15:47:50 +05:30
Shreya Malviya
9fd6ea9598
island, tests: Modify function to get deployment type with file path as input and modify related tests
2021-09-14 14:02:24 +05:30
Ilija Lazoroski
c1fc56d4ce
Island: Change monkey code to use deployment.json
...
Add UTs for get_deployment. Fix Enviroment UTs.
2021-09-13 18:47:28 +02:00
VakarisZ
4759fe1581
Merge pull request #1458 from guardicore/1450/av_explanation_missing_binary
...
UI: Add AV explanation if binaries are missing
2021-09-13 09:24:34 +03:00
Mike Salvatore
8d2b704bd9
Docs: Fix broken link in FAQ
2021-09-11 13:15:55 -04:00
VakarisZ
45429f6b29
Merge pull request #1457 from guardicore/1126/ut_for_pba_file_upload
...
UT: Add unit tests for pba_upload
2021-09-10 17:03:54 +03:00
Ilija Lazoroski
92b829ede2
UI: Add AV explanation if binaries are missing
2021-09-10 15:39:28 +02:00
Ilija Lazoroski
c348a01b16
UT: Improve readability on pba_file_upload
2021-09-10 14:48:39 +02:00
Shreya Malviya
78ab3f176c
tests: Remove deployment field from unit tests' server configs
2021-09-10 17:41:43 +05:30
Ilija Lazoroski
2fd38061b2
UT: Add unit tests for pba_upload
2021-09-10 14:10:31 +02:00
Shreya Malviya
2b4beb2200
island: Don't set deployment type from server config in env config
2021-09-10 17:36:57 +05:30
Shreya Malviya
a62328dcf6
island: Get deployment type from file in env config
2021-09-10 17:31:33 +05:30
Shreya Malviya
2af3878e81
common: Pick up version details from deployment.json in common/version.py
2021-09-10 16:36:26 +05:30
Shreya Malviya
2b9b755177
island: Extract deployment type and version number into deployment.json
2021-09-10 16:29:31 +05:30
Shreya Malviya
c46c02507f
build_scripts: Extract deployment field from server configs to separate files for appimage and docker
2021-09-10 15:21:34 +05:30
VakarisZ
dec2fc43c2
Merge pull request #1449 from guardicore/powershell-exploiter-ntlm-hashes
...
Use LM and NT hashes in powershell exploiter
2021-09-09 11:56:02 +03:00
Ilija Lazoroski
1ba10d7059
UT: Fix powershell copy_file tests
2021-09-09 10:35:24 +02:00
VakarisZ
cc1c049ee9
Refactor test_login_attemps_correctly_reported in test_powershell.py to address the changes in the flow of powershell and powershell client
2021-09-09 11:34:38 +03:00
VakarisZ
e44e8f503e
Refactor powershell client to not perform actions on init and clean up powershell exploiter a bit
2021-09-07 12:18:34 +03:00
Shreya Malviya
eefd7a69e8
Merge pull request #1453 from guardicore/bugfix-expanded-report-reset
...
Don't collapse PBA table in security report on data change
2021-09-07 13:09:00 +05:30
Shreya Malviya
f917258979
CHANGELOG: Add entry for bugfix (table collapse on reset)
2021-09-06 18:33:23 +05:30
Shreya Malviya
114758978b
cc: Set `collapseOnDataChange` to false in PBA table in security report
2021-09-06 18:31:35 +05:30
Ilija Lazoroski
d27194c568
Zoo: Fix powershell bb config for ntlm hash
2021-09-06 13:50:24 +02:00
Shreya Malviya
6740812f4b
Merge pull request #1439 from guardicore/remove-standard-environment
...
Remove standard environment (insecure access feature)
2021-09-06 13:18:27 +05:30
VakarisZ
57908b94eb
Merge pull request #1452 from guardicore/1418/bb-to-use-credentials
...
Zoo: Change island to use credentials
2021-09-06 10:28:39 +03:00
Ilija Lazoroski
1e5d49024d
Zoo: Change island to use credentials
2021-09-06 09:17:15 +02:00
VakarisZ
17bc9e3f75
Merge pull request #1451 from guardicore/logo_overlap_bugfix
...
Fix the Guardicore logo overlap
2021-09-03 15:33:08 +03:00
VakarisZ
f2739f426c
Add a CHANGELOG.md entry about the fixed Guardicore logo overlapping
2021-09-03 15:30:50 +03:00
VakarisZ
4dbd7b41f5
Fix the Guardicore logo which is overlaping the landing page buttons on smaller screens
2021-09-03 15:27:04 +03:00
Mike Salvatore
65c9be90d3
Docs: Add NTLM hash details to PowerShell exploiter docs
2021-09-02 14:29:07 -04:00
Mike Salvatore
71c4e4d8dc
Agent: Fix incorrect host arch identification in PowerShellClient
2021-09-02 14:06:36 -04:00
Mike Salvatore
1a1a130716
Agent: Format NT/LM hashes for use with pypsrp in PowerShellClient
2021-09-02 13:26:24 -04:00
Mike Salvatore
9cc488d36a
Agent: Remove powershell_utils/utils.py
...
Move single function that was previously in
powershell_utils/utils.py to powershell.py
2021-09-02 13:26:24 -04:00
Mike Salvatore
501fc162b4
Agent: Attempt login with LM and NT hashes in PowerShellExploiter
2021-09-02 13:26:23 -04:00
Mike Salvatore
a2e6b0bfbd
Agent: Add LM and NT hashes to PowerShell Credentials
...
Adds two list parameters to get_credentials() that contain LM and NT
hashes respectively. Adds a "secret_type" field to Credentials so that
the user of the Credentials object can distinguish between using cached
credentials (on windows), passwords, and NT or LM hashes.
2021-09-02 12:29:49 -04:00
Mike Salvatore
3a6f725cc4
Agent: Rename Credentials.password to Credentials.secret
...
The PowerShell Credentials dataclass will hold more than just passwords.
It will also hold NT and LM hashes. "secret" is, therefore, a more
accurate name than "password".
2021-09-02 12:02:30 -04:00
Mike Salvatore
0ecbfdea38
Merge pull request #1446 from guardicore/powershell-exploiter-refactor
...
Powershell exploiter refactor
2021-09-02 11:58:01 -04:00
Mike Salvatore
023d6a2d04
Tests: Add more tests for PowerShellExploiter
2021-09-02 11:54:22 -04:00
Mike Salvatore
936074605f
Agent: Ensure temp file is removed by PowerShellExploiter
2021-09-02 11:53:13 -04:00
VakarisZ
be5d354c06
Merge pull request #1447 from guardicore/add-machine-to-powershell-bb
...
Zoo: Add new machine for powershell exploiter
2021-09-02 18:27:17 +03:00
Ilija Lazoroski
18c21513af
Zoo: Add new machine for powershell exploiter
2021-09-02 17:06:22 +02:00
Mike Salvatore
8144a3334e
Tests: Add HTTP vs HTPS unit tests for PowerShellExploiter
2021-09-02 10:05:08 -04:00
Ilija Lazoroski
cd9d5b4c5e
Agent: Change trap command signal to TERM
2021-09-02 07:55:47 -04:00
Mike Salvatore
a5af16e44e
Agent: Extract PowerShellClient from PowerShellExploiter
2021-09-01 19:59:02 -04:00
Mike Salvatore
c9e54412c0
Agent: Use dummy username and password when testing PowerShell HTTP
...
The exploit_user_list and exploit_password_list are not guaranteed to
have at least one entry. If either list is empty the exploiter will
fail. Use constant strings for the username and password to avoid
potentially crashing the exploiter.
2021-09-01 13:55:18 -04:00
Mike Salvatore
61c6bf2567
Agent: Reduce code duplication in _try_http(s)() methods
2021-09-01 13:52:55 -04:00
Mike Salvatore
d30a8b007a
Agent: Add comment explaining user/password == None in PowerShell
2021-09-01 13:48:13 -04:00
Mike Salvatore
e6399de860
Agent: Move get_credentials() to credentials.py
2021-09-01 13:39:46 -04:00