Ilija Lazoroski
38714bb178
Changelog: Add entry for removal of "/api/client-monkey" endpoint
2022-04-18 14:50:57 +02:00
Ilija Lazoroski
743efe37dc
Changelog: Add entry for renaming api/monkey endpoint to api/agent
2022-04-18 13:54:34 +02:00
Mike Salvatore
f3d55c423f
CHANGELOG: Add changelog entries for endpoint renaming
2022-04-15 09:54:42 -04:00
Mike Salvatore
16e887a94a
Merge pull request #1887 from guardicore/agent-refactor
2022-04-14 12:20:43 -04:00
Mike Salvatore
b1c125f420
Island: Remove disused T1216 file download endpoint
2022-04-11 06:36:25 -04:00
Mike Salvatore
ad0cb20e35
Agent: Package T1216_random_executable.exe with the agent
...
Packaging the T1216_random_executable.exe binary with the agent removes
coupling between the island's API and a specific post-breach action.
2022-04-11 06:35:56 -04:00
Ilija Lazoroski
5228af2a69
Changelog: Add entry for removal of WebLogic exploiter
2022-04-11 11:58:24 +02:00
Mike Salvatore
2b33aaa50c
Merge pull request #1862 from EliaOnceAgain/1552/setup_service
...
Deploy: Script to install appimage sysd service that runs on boot
2022-04-10 14:58:11 -04:00
Mike Salvatore
420e99a902
Changelog: Add a changelog entry for install-infection-monkey-service.sh
2022-04-10 14:55:42 -04:00
Mike Salvatore
1f5bb7efaf
Merge pull request #1876 from guardicore/1869-remove-drupal
...
Remove Drupal exploiter
2022-04-10 09:45:24 -04:00
Shreya Malviya
533a1b7d98
Changelog: Add entry for removing Drupal exploiter
2022-04-08 21:02:13 +05:30
Ilija Lazoroski
4793e81831
Changelog: Add entry for removal of Struts2 exploiter
2022-04-08 12:19:34 +02:00
Mike Salvatore
61344f9861
Merge pull request #1792 from guardicore/1741-add-smb-to-puppet
...
1741 add smb to puppet
2022-03-21 08:16:24 -04:00
Mike Salvatore
753f00de65
Agent: Put timestamp before random string in log names
...
Putting the timestamp before the random string in the agent and dropper
log names allows them to be sorted by time.
2022-03-20 20:40:35 -04:00
Mike Salvatore
415f3e6468
Agent: Remove smb_service_name configuration option
...
This option is never changed and can be more easily stored as a
constant.
2022-03-18 13:38:02 -04:00
Mike Salvatore
8b4d1d084e
Changelog: Improve message for removing log path config options
2022-03-10 09:11:06 -05:00
Ilija Lazoroski
0947e41ea9
Changelog: Add entry for changing log file name
2022-03-10 12:39:50 +01:00
Mike Salvatore
03145a1392
Changelog: Add changelog entry for human-readable thread names
2022-03-09 10:04:45 -05:00
Mike Salvatore
145078839d
Merge branch '1675-remove-32-bit-agents' into agent-refactor
...
PR #1758
2022-03-02 08:49:52 -05:00
Mike Salvatore
46eb8a4484
CHANGELOG: Add changelog entries for removing 32-bit agents.
2022-03-02 06:50:15 -05:00
vakarisz
458b2121cd
Changelog: added entry for removed T1082 attack technique report
2022-03-01 16:16:06 +02:00
Mike Salvatore
caa6405315
Agent: Change agent permissions to 700 in SSH exploiter
...
Changing the permissions to 777 introduces a security risk into the
target host. A malicious attacker with local access can potentially
modify the binary, resulting in code execution and privilege escalation
when the attacking agent launches the agent on the victim.
Issue #1750
2022-02-28 13:18:07 -05:00
Shreya Malviya
7e362283fa
Changelog: Add entry for removing the Elastic Search exploiter
2022-02-24 19:14:20 +05:30
Mike Salvatore
55c3236d8e
Changelog: Remove ShellShock exploiter
2022-02-23 10:24:23 -05:00
Mike Salvatore
095572f919
Merge branch '1606-run-credential-collectors' into agent-refactor
...
PR #1719
2022-02-17 09:30:01 -05:00
Mike Salvatore
cc27dc9710
Changelog: Add changelog entry for SSHCollector
2022-02-16 15:17:13 -05:00
Shreya Malviya
123f0aab16
Changelog: Add entry for process list collection PBA
2022-02-16 17:09:13 +05:30
Ilija Lazoroski
fb8847b5c5
Agent: Remove sambacry binaries from monkey spec
...
PR #1698
2022-02-09 08:25:20 -05:00
Mike Salvatore
9a88ac3ed8
Changelog: Add entry for ScoutSuite removal
2022-02-09 14:28:00 +05:30
Ilija Lazoroski
88d4e9b11f
Agent: Remove sambacry binaries from monkey spec
...
PR #1698
2022-02-04 13:25:16 -05:00
Ilija Lazoroski
e224470161
Changelog: Add entry for removal of agent's bootloader
2022-02-01 18:27:51 +01:00
vakarisz
d953755fd2
Changelog: fixup changelog entries for "1640 simplify log download"
2022-01-31 15:50:24 +02:00
Mike Salvatore
d257276f30
Changelog: Add entry for removal of MS08-067 exploiter
2022-01-31 08:15:43 -05:00
vakarisz
3e5c1c8044
Changelog: add log download from map entry
2022-01-31 11:54:40 +02:00
Mike Salvatore
8371a268ba
Island: Change the order of log messages on startup to improve UX
...
Some users were confused when the Island started up and thought it had
frozen. I hope to alleviate this confusion by changing the order of the
log messages. If the last message displayed after initialization
gives the user instructions on accessing the island, hopefully users
will no longer be confused.
PR #1684
2022-01-26 12:09:43 -05:00
Mike Salvatore
e1cf4fa9c2
Merge branch 'release/1.13.0' into agent-refactor
2022-01-25 13:35:49 -05:00
Mike Salvatore
4a7c8fe411
Merge branch 'release/1.13.0' into develop
2022-01-25 13:23:17 -05:00
Mike Salvatore
fed7d050be
Changelog: Update version and release date for v1.13.0
2022-01-25 09:54:12 -05:00
Mike Salvatore
75ed119c00
Changelog: Add changelog entries for Log4Shell exploiter
2022-01-21 07:40:42 -05:00
Ilija Lazoroski
654ff38ea0
Changelog: Add entry for removing unneeded options in internal config.
2021-12-14 16:01:25 +01:00
Ilija Lazoroski
e73b4af026
Changelog: Add entry for removing MySQL fingerprinter
2021-12-14 14:54:45 +01:00
Mike Salvatore
6a1b6c784e
Merge pull request #1643 from guardicore/1538-propagation-credentials-endpoint
...
Implement propagation credentials endpoint
2021-12-08 06:42:49 -05:00
Mike Salvatore
5052e21d97
Island: Remove /api/monkey_control/check_remote_port/<string:port>
2021-12-07 13:26:37 -05:00
Mike Salvatore
91a8376df6
Changelog: Add propagation-credentials endpoint entry
2021-12-07 11:59:40 -05:00
Mike Salvatore
30afe3cc85
Island: Strip credentials out of config before sending to agent
...
The credentials for credential reuse attacks will now be retrieved by
the agent via a new endpoint that returns only credentials in order to
reduce unnecessary network traffic (issue #1538 ).
2021-12-03 09:13:08 -05:00
Mike Salvatore
1d7c80bfec
Changelog: Add changelog entry for #1576
2021-12-01 07:40:30 -05:00
Ilija Lazoroski
a41cad6291
Changelog: Add entry for removing ATT&CK configuration screen
2021-11-22 11:27:46 +01:00
Shreya Malviya
828d152203
Changelog: Add entry for removing max iters and timeout between iters config options
2021-11-19 08:07:33 -05:00
Mike Salvatore
ee285b6fbd
Merge pull request #1617 from guardicore/1535-hostname-collector-removal
...
1535 hostname collector removal
2021-11-19 07:14:10 -05:00
Mike Salvatore
c3424b46bc
Changelog: Add credentials.json to the changelog
2021-11-18 14:27:43 -05:00
VakarisZ
bab54e8976
Changelog: add an entry about removed hostname system info collector
2021-11-17 12:00:55 +02:00
VakarisZ
0b8af5e78f
Changelog: add entry about removed environment system info collector
2021-11-16 17:50:00 +02:00
Ilija Lazoroski
729de3ae9e
Changelog: Add entry for removing custom monkey dir name option
2021-11-16 11:08:50 +01:00
VakarisZ
c6e180bd73
Changelog: add entry about removed azure credential collector
2021-11-16 09:46:22 +02:00
Shreya Malviya
f90434d38d
Chaneglog: Add entry for removing custom singleton mutex name config option
2021-11-16 11:34:14 +05:30
Ilija Lazoroski
de0fff9fbb
Changelog: Remove checkbox to try move the dropper
2021-11-15 14:17:32 +01:00
Ilija Lazoroski
cb06f408d4
Changelog: Remove serialize config
2021-11-15 13:36:21 +01:00
Ilija Lazoroski
5073d1fe2b
Changelog: Remove checkbox for file logging
2021-11-15 12:43:13 +01:00
Ilija Lazoroski
0f2a86d672
Changelog: Remove checkbox for self deleting a monkey on cleanup
2021-11-15 12:13:16 +01:00
Ilija Lazoroski
bbe01778cf
Changelog: Removed checkbox to send log to server
2021-11-12 15:56:11 +01:00
VakarisZ
6ee1949d46
Merge pull request #1582 from guardicore/1535-netstat-info-collector-removal
...
1535 netstat info collector removal
2021-11-12 17:05:44 +02:00
Shreya Malviya
59e7ac34f7
Agent: Don't download exe on Linux during signed script PBA execution
2021-11-12 07:58:04 -05:00
VakarisZ
435f52a658
Changelog: add entry about removed netstat collector
2021-11-12 14:09:07 +02:00
Shreya Malviya
9ee6049636
Changelog: Add entry for backdoor uer PBA's HTTP request modifications
2021-11-11 19:26:47 +05:30
VakarisZ
e618f0613d
Changelog: add entry about the removed sambacry exploiter
2021-11-10 15:44:01 +02:00
Shreya Malviya
124e9efe91
Changelog: Add entry for removing 'kill file'
2021-11-10 18:49:41 +05:30
VakarisZ
7e1e5917cb
Changelog: add entry for manual monkey run option modifications
2021-11-05 11:46:43 -04:00
Shreya Malviya
779ae79499
Changelog: Add entry for removing the VSFTPD exploiter
2021-10-29 18:24:23 +05:30
VakarisZ
5cfe6de927
Changelog: add entry for fixed #1545
2021-10-28 10:49:25 -04:00
Mike Salvatore
d5e12725a9
Changelog: Release v1.12.0
2021-10-27 10:14:36 -04:00
Mike Salvatore
2df588ca59
Changelog: Add missing period
2021-10-25 14:56:29 -04:00
Mike Salvatore
bc3b1b274f
Changelog: Formatting changes and other small fixes
2021-10-25 14:40:28 -04:00
Ilija Lazoroski
e406294b28
Changelog: Log for broken updates issue
2021-10-21 16:53:35 +02:00
Shreya Malviya
f0f2f02b96
Changelog: Fix issue number in entry for browser window popup fix
2021-10-21 15:03:20 +05:30
VakarisZ
19cce1fb8b
Merge pull request #1539 from guardicore/1432-disable-browser-prompt-windows
...
1428 disable browser prompt windows
2021-10-21 10:07:20 +03:00
VakarisZ
39047a3a90
Island: Remove the browser popup on the island launch in production
...
These changes alter the run_server.bat to not throw a browser pop-up.
These changes are needed to focus users attention to the command prompt.
We plan to add interactivity to the prompt
Fixes #1432
2021-10-20 13:52:02 -04:00
Mike Salvatore
9b005255f1
Changelog: Update changelog for issue #1114
2021-10-20 13:30:11 -04:00
VakarisZ
c23a0721c5
CHANGELOG.md entry about data dir backup based on version file
2021-10-18 12:26:21 +03:00
Mike Salvatore
997ad1ee4b
Merge pull request #1526 from guardicore/1392/telemetry-filter-fix
...
UI: Fix telemetry filter
2021-10-14 08:32:03 -04:00
Shreya Malviya
e42a9d8b8f
CHANGELOG: Add entry for modified ATT&CK report messages
2021-10-14 14:22:15 +05:30
Ilija Lazoroski
c3fb5ae441
UI: Change datatable for telemetries
...
Used MUIDataTable instead of DataTable from
react-data-components.
The above package is deleted as it is not used
anywhere else.
2021-10-13 23:20:25 +02:00
Ilija Lazoroski
b404f75a34
UI: Fix telemetry filter
2021-10-12 13:37:42 +02:00
Shreya Malviya
5a4f66d080
CHANGELOG: Add entry for T1086 reporting changes
2021-10-11 17:40:52 +05:30
Shreya Malviya
f7e37b0767
CHANGELOG: Add entry for bugix that wrongly reported the "`.bash_profile` and `.bashrc`" technique
2021-10-06 19:27:29 +05:30
Shreya Malviya
f347088412
CHANGELOG: Add entry for ATT&CK report telemetry bugfix
2021-10-06 16:05:58 +05:30
Ilija Lazoroski
e80662f7f8
Agent: Check for empty result in Modify shell files
2021-10-05 10:39:50 -04:00
VakarisZ
bc422128f5
Monkey: add CHANGELOG.md entry about fixed Mimikatz credential collector when Azure credential collector is disabled
2021-10-05 17:16:51 +03:00
Shreya Malviya
19dad89468
CHANGELOG: Add entry for encryptor not working with utf-8 characters bugfix
2021-10-05 12:31:17 +05:30
VakarisZ
b2bbb62bdd
Add CHANGELOG.md entry for #1463 (Encrypt the database key with user's credentials.)
2021-10-01 12:48:08 +03:00
VakarisZ
b73958dd55
Rename the CHANGELOG.md entry about resetting login credentials to "Resetting login credentials also cleans the contents of the database. #1495"
2021-09-29 16:45:26 +03:00
Shreya Malviya
ab7872d103
CHANGELOG: Add entry for delaying mongo init
2021-09-29 16:44:42 +03:00
Mike Salvatore
0839f04b1d
Merge pull request #1483 from guardicore/incorrect-attack-report-msgs
...
Fix incorrect ATT&CK report messages
2021-09-28 07:24:17 -04:00
VakarisZ
d79892427b
Moved credential encryption in mongo CHANGELOG.md entry from Fixes to Security
2021-09-28 11:04:42 +03:00
VakarisZ
8b9973238e
Add CHANGELOG.md entry about fixed plaintext credentials in mongodb
2021-09-27 16:59:11 +03:00
Shreya Malviya
a857d291d8
CHANGELOG: Add entry for modifying ATT&CK report messages
2021-09-24 17:32:17 +05:30
Mike Salvatore
9d07f82bd6
Fix typo in CHANGELOG
2021-09-17 07:46:27 -04:00
VakarisZ
5a8507e5c6
Add the removal of "Execution through the module load" T1129 attack technique to the CHANGELOG.md
2021-09-17 14:21:06 +03:00
Mike Salvatore
1d991be6b4
Update CHANGELOG.md
2021-09-14 12:30:43 -04:00
Shreya Malviya
eefd7a69e8
Merge pull request #1453 from guardicore/bugfix-expanded-report-reset
...
Don't collapse PBA table in security report on data change
2021-09-07 13:09:00 +05:30
Shreya Malviya
f917258979
CHANGELOG: Add entry for bugfix (table collapse on reset)
2021-09-06 18:33:23 +05:30