p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
7,933 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

5184 Commits

Author SHA1 Message Date
vakarisz cb18f823b1 UI: Move to "react-tsparticles" 
react-particles-js got deprecated
 2022-04-04 16:22:28 +03:00
Mike Salvatore 5c6ac3d2cf
Merge pull request #1851 from guardicore/1830-nodejs-upgrade 
1830 nodejs upgrade
 2022-04-04 08:37:43 -04:00
vakarisz f49490bbc8 UI: Update javascript packages 2022-04-04 14:39:35 +03:00
Mike Salvatore 4bb0e506c9
Merge pull request #1845 from guardicore/1650-timeouts-for-creating-new-users 
Add timeout to new user creation
 2022-04-04 07:06:02 -04:00
Shreya Malviya cc83896724
Merge pull request #1848 from guardicore/1836-fix-eslint-errors 
Fix eslint errors
 2022-04-04 13:08:04 +05:30
Shreya Malviya 85b866e1cb UI: Remove unneeded argument in MapPage.js 2022-04-04 13:07:03 +05:30
Shreya Malviya bb798898c1 Agent: Catch subprocess exceptions in utils/*/users.py 2022-04-04 13:03:50 +05:30
Shreya Malviya a43c1479c8 UI: Fix eslint errors 2022-04-04 11:39:30 +05:30
Ilija Lazoroski 9c25b3590b Agent: User ceil on ping timeouts 
This is due to older version of ping which doesn't support
float timeouts. It is throwing `bad linger time` Error.
 2022-04-01 10:41:05 -04:00
Ilija Lazoroski 6cd74453cf Agent: Add timeout to scheduling jobs PBA 2022-04-01 10:41:05 -04:00
Mike Salvatore 6be631f731
Merge pull request #1839 from guardicore/1650-signed-scripts-timeout 
Add timeout to signed script PBA
 2022-04-01 10:39:16 -04:00
Shreya Malviya 7bd1ed4c67 Agent: Catch exceptions in cleanup function of signed script PBA 2022-04-01 18:16:38 +05:30
Shreya Malviya b312c509ce UT: Fix tests for new user creation 2022-04-01 18:11:55 +05:30
Shreya Malviya 88788d24d0 Agent: Add timeouts to utils/windows/users.py 2022-04-01 18:05:20 +05:30
Shreya Malviya 885a871be8 Agent: Add timeouts to utils/linux/users.py 2022-04-01 17:09:50 +05:30
Ilija Lazoroski 2e389cc87e Agent: Add long timeout to clear command history PBA 2022-04-01 07:25:02 -04:00
Mike Salvatore 649404d50f
Merge pull request #1841 from guardicore/1650-shell-startup-modification 
Agent: Add timeouts in shell startup modification PBA's
 2022-04-01 07:22:28 -04:00
vakaris_zilius 7d3a679135 Agent: Fix error handling in modify_shell_startup_files.py 2022-04-01 10:54:53 +00:00
vakarisz df34991466 Agent: Add timeout handling in modify shell startup PBA 2022-04-01 11:38:25 +03:00
Shreya Malviya 9ac4d23f28 Agent: Catch timeout error in PBA base class 2022-04-01 12:05:18 +05:30
Shreya Malviya 4cc57f1236 Agent: Add timeouts to signed script PBA 2022-04-01 12:05:18 +05:30
Shreya Malviya 31ae13ed0b Agent: Add timeout to PBA base class's run() 2022-04-01 12:05:18 +05:30
Mike Salvatore dc133a9d97 Island: Update formatting packages in Pipfile 
Updates black, dlint, flake8, isort
 2022-03-31 20:37:23 -04:00
Mike Salvatore a3a99faec7 Agent: Reformat all code with latest version of Black 2022-03-31 20:15:51 -04:00
Mike Salvatore 5134533f0f Island: Reformat all code with latest version of Black 2022-03-31 20:15:27 -04:00
vakarisz 84a7d864b5 Agent: Remove timeouts from communicate_as_backdoor_user.py 
Timeouts are removed from commands because timeouts are defined in popen instead
 2022-03-31 11:41:23 -04:00
vakarisz 4ad07ae3ff Agent: Add timeouts in shell startup modification PBA's 2022-03-31 17:32:33 +03:00
Mike Salvatore 91f0a4e8ea UT: Remove stale TODOs in MockPuppet 2022-03-31 08:56:03 -04:00
vakarisz eae96c19b1 Agent: Handle pypykatz permission error 2022-03-31 08:03:41 -04:00
Mike Salvatore 32a9fe7bf9 Island: Fix import sorting in credentials.py 2022-03-30 13:55:35 -04:00
Mike Salvatore fda0411555 Island: Format with Black 2022-03-30 13:53:23 -04:00
Mike Salvatore 86b8cf63b9 Agent: Format with Black 2022-03-30 13:53:20 -04:00
Mike Salvatore 53d36a7a0c Common: Format with Black 2022-03-30 13:53:16 -04:00
Mike Salvatore 86cc565b65 UT: Remove unused imports 2022-03-30 13:45:09 -04:00
Mike Salvatore 3b4e762997 Agent: Remove unused imports 2022-03-30 13:44:47 -04:00
Mike Salvatore a8c222b610 Island: Reenable POST_BREACH_PROCESS_LIST_COLLECTION 2022-03-30 13:42:52 -04:00
vakarisz 301284f4d0 UT: Fix windows bug in test_monkey_log_path.py 
Bug was happening due to an attempt to delete a file with an unclosed handle
 2022-03-30 17:58:13 +03:00
vakarisz 72984bb3e3 UT: Fix windows bug in test_t1107_telem.py 2022-03-30 16:53:16 +03:00
vakarisz 29a545a58f Agent: Move the decision if custom pba should run to master 2022-03-30 16:37:19 +03:00
vakarisz e855d2ed34 Agent: Remove unused pba properties in config.py 2022-03-30 16:07:14 +03:00
vakarisz 2e3a718469 Agent: Fix custom PBA related unit tests 2022-03-30 15:52:04 +03:00
vakarisz 1f31e96adb Agent: Make custom PBA related imports shorter 2022-03-30 15:52:02 +03:00
vakarisz 67543ef91a Agent: Add a custom PBA run check 
We only want to run the custom PBA if commands are specified
 2022-03-30 15:51:46 +03:00
vakarisz 079d768f73 Agent: Rename UsersPBA to CustomPBA for consistency 2022-03-30 15:51:44 +03:00
vakarisz 24915ba797 Agent: Load and fix the custom PBA into puppet 2022-03-30 15:51:24 +03:00
vakarisz 23b8c351fb Island, Agent: Add custom user PBA to puppet and master 2022-03-30 15:51:22 +03:00
Mike Salvatore ee0561a061 Agent: Move MockPuppet to unit test suite 
The MockPuppet is now only used by the unit tests.
 2022-03-30 07:39:34 -04:00
Mike Salvatore b5f65b16d7 Agent: Remove disused Puppet._mock_puppet attribute 2022-03-30 07:36:49 -04:00
Mike Salvatore 1f34a72421
Merge pull request #1828 from guardicore/1604-remove-dead-code 
Remove dead code
 2022-03-30 07:35:21 -04:00
Mike Salvatore 315471ab57 Agent: Remove disused WebRCE.target_url attribute 2022-03-30 07:33:53 -04:00
Mike Salvatore 2c32c354ae Agent: Remove MockMaster 
This mock has outlived its usefulness and can now be removed.
 2022-03-30 07:20:37 -04:00
Mike Salvatore 73b678ae19 Agent: Remove redundant telemetry_messenger instantiation 2022-03-30 07:16:56 -04:00
Shreya Malviya 6c59c54739 UI: Fix logic in PostBreachParser.js for process list collection PBA 2022-03-30 15:59:46 +05:30
Shreya Malviya ca0972f847 Agent: Pass None to telemetry_messenger arg in nested PBA classes 
This is not the most ideal way but it gets the job done without the unnecessary complexity of passing the telemetry messenger through different classes and functions when it's not needed.
 2022-03-30 14:01:12 +05:30
Shreya Malviya 3f01b9bcac Agent: Pass telemetry_messenger to PBA constructors where it was missing 2022-03-30 13:52:53 +05:30
Shreya Malviya a2bad110a1 Agent: Modify PBA base class to return pba_data and not None 2022-03-30 13:46:09 +05:30
Shreya Malviya 501d32b171 Agent: Modify master to pass PostBreachData to PostBreachTelem 2022-03-30 13:44:38 +05:30
Shreya Malviya 9f8463f707 Agent: Modify PBA base class to accept options in its run method 2022-03-30 13:42:58 +05:30
Shreya Malviya 0be6af2d5c Agent: Modify clear command history PBA to return pba_data and not None 2022-03-30 13:42:17 +05:30
Shreya Malviya 40b1ae0058 Agent: Modify puppet to run PBAs instead of using the mock puppet 2022-03-30 13:37:47 +05:30
Shreya Malviya 296a91a458 Agent: Remove unused file post_breach_handler.py 2022-03-30 12:29:35 +05:30
Shreya Malviya 31d9f04fe7 Agent: Remove leftover WormConfiguration code from HostExploiter 2022-03-30 12:28:29 +05:30
Mike Salvatore d596e8c593 Agent: Rename typing to custom_types 
Naming the module "typing" and then importing from "typing" within the
module itself caused some confusion for python and resulted in failed
builds.
 2022-03-29 14:28:16 -04:00
Mike Salvatore 2992d91f16
Merge pull request #1817 from guardicore/1801-credentials-store 
1801 credentials store
 2022-03-29 13:54:32 -04:00
Ilija Lazoroski 6ab7bd2f45 Agent, UT: Remove leftover that cause overwrite in CredentialsStore 
* Use `add` instead of `update` - `add` doesn't let to have duplicates
* Move TestTelem to conftest in UT telemetry messenger
 2022-03-29 19:53:39 +02:00
Mike Salvatore 7e476fb649 UT: Fix failing telemetry/pba tests 2022-03-29 13:38:18 -04:00
Mike Salvatore 2ecfdcfe46 Agent: Remove stale TODO in ZerologonExploiter 2022-03-29 13:02:26 -04:00
Mike Salvatore 9ded75d05d Agent: Update TODO in bit_manipulators.py 2022-03-29 12:57:31 -04:00
Mike Salvatore baa9de4087 Agent: Remove stale TODO in AutomatedMaster 2022-03-29 12:44:41 -04:00
Mike Salvatore a3c5d9dd7a Agent: Remove stale TODO in monkey.py 2022-03-29 12:40:20 -04:00
Mike Salvatore 763cf578c7 Agent: Move credentials request caching to AggregatingCredentialsStore 
The ControlChannel shouldn't be concerned with caching. It's mission
should be to service requests. The caching is more appropriately placed
in the AggregatingCredentialsStore.
 2022-03-29 12:00:57 -04:00
Ilija Lazoroski b49d9d9b9a Agent, UT: Update credentials store using `setdefault().update` 
* get_credentials use PropgationCredentials type
* private stored credentials in Aggregating Credentials Store
* initial values in credentials store constructor
* build_puppet accepts ICredentialsStore
* private telemetry_messenger in monkey
 2022-03-29 17:56:39 +02:00
Mike Salvatore def62940af Agent: Add PropagationCredentials type 2022-03-29 17:36:48 +02:00
Ilija Lazoroski e844ecf4e4 Agent: Create credentials store before building the puppet 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 638658178b Agent: Create credential attribute even if we don't have credentials 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 0a5fc84b4e Agent: Fix timeout in ZeroLogon 
Timeout should be on DCERPC transport factory.
 2022-03-29 17:36:48 +02:00
Ilija Lazoroski e7e6201d75 Agent: Use credential intercepting messenger in Zerologon 2022-03-29 17:36:48 +02:00
Ilija Lazoroski b8a72a9719 UT: Add credentials intercepting telemetry messenger tests 
Add __test__ to False to discard pytest warning about __init__
constructors of TestTelem classes
 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 06773ba9d9 UT: Fix AutomatedMaster unit test to include Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 1b9bbfe752 Agent: Fix ssh string to include proper user and ip 2022-03-29 17:36:48 +02:00
Ilija Lazoroski ccb0337aef Agent: Add return to get credentials method in Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski d434c20bcb Agent: Inject credentials store to Automated Master 
Intercept credentials and update the credentials store using
credentials intercepting telemetry messenger
 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 4de90584c9 Agent: Add Credentials intercepting telemetry messenger 2022-03-29 17:36:48 +02:00
Mike Salvatore eb6342e2f8 Agent: Add public credentials property to CredentialsTelem 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 5060ddb5d1 Agent: Fix logic in concrete Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 162dd0a920 UT: Add Credentials Store tests 2022-03-29 17:36:48 +02:00
Ilija Lazoroski b5d2d1d641 Agent: Implement concrete Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski cafbe97880 Agent: Add interface for Credentials Store 2022-03-29 17:36:48 +02:00
Mike Salvatore cf211bc46f
Merge pull request #1824 from guardicore/1604-itelemetrymessenger-in-pbas 
Telemetry messenger in PBAs
 2022-03-29 11:31:42 -04:00
vakarisz dbbdb508e3 Agent: Change PBA constructor to accept telemetry messenger 
This change allows to run different PBA's with different telemetry messengers
 2022-03-29 17:04:48 +03:00
Mike Salvatore 6937b1a5c5
Merge pull request #1825 from guardicore/check-supported-os-for-exploiters 
Check supported os for exploiters
 2022-03-29 09:57:24 -04:00
Mike Salvatore a2e283e824 UT: Update automated_master_config.json 2022-03-29 09:49:43 -04:00
Mike Salvatore 8737a3df89 Agent: Remove disused HostExploiter._TARGET_OS_TYPE 2022-03-29 09:49:43 -04:00
Mike Salvatore ddbe5b463f Agent: Skip exploiter if victim OS is not supported 2022-03-29 09:49:41 -04:00
Shreya Malviya 1c24411b26 Agent: Pass telemetry messenger to PBAs for sending ATT&CK telem 2022-03-29 16:29:24 +03:00
Shreya Malviya 8d4c29fc06 Agent: Fix return types for run_pba in puppets and master 2022-03-29 18:38:25 +05:30
Shreya Malviya 246a72c940 Agent: Modify comment in shell startup PBA to make more sense 2022-03-29 17:16:17 +05:30
Shreya Malviya 70186a40f6 Agent: Remove comment from function in backdoor user PBA since the code is self-explanatory 2022-03-29 17:13:44 +05:30
vakarisz ba49e4d23e Agent: Small style improvements in PBA code 2022-03-29 14:20:29 +03:00
Shreya Malviya 61ff95b568 Agent: Modify PBAs to return Iterable[PostBreachData] 2022-03-29 14:20:29 +03:00