Commit Graph

312 Commits

Author SHA1 Message Date
Itay Mizeretz 4ce1653c8f sambacry: Add support for using both architectures 2017-08-30 10:16:54 +03:00
Itay Mizeretz 75e1877ea7 Moved monkey_runner 2017-08-29 15:32:14 +03:00
Itay Mizeretz 7d72150e4e Add working POC of sambacry. still needs some modifications to fir monkey, and minor functionality 2017-08-28 19:20:44 +03:00
Itay Mizeretz 919e462a48 remove grequests from monkey-linux spec 2017-08-28 18:32:38 +03:00
Itay Mizeretz c254412c9f Add monkey_runner.so sourcecode 2017-08-28 16:37:33 +03:00
Itay Mizeretz 57e69fafee minor fix in dropper
Rename constants
2017-08-28 10:41:11 +03:00
Itay Mizeretz 9f93fb8310 minor fix in dropper 2017-08-28 09:46:29 +03:00
Itay Mizeretz 332a11b272 minor fix in dropper 2017-08-28 09:41:27 +03:00
Itay Mizeretz 6f74a5e6cc Add arg parsing to dropper 2017-08-27 19:18:11 +03:00
itaymmguardicore 54f054a4e7 Merge pull request #42 from guardicore/feature/add_mimikatz
Feature/add mimikatz
2017-08-21 12:03:03 +03:00
Itay Mizeretz 97205e6427 Fix config property bug 2017-08-21 11:51:47 +03:00
Daniel Goldberg 56a843e35c Update README.md 2017-08-20 19:43:12 +03:00
Itay Mizeretz 26df64fb87 Fixed CR 2017-08-20 19:32:18 +03:00
Daniel Goldberg 6530dd063e Update README.md 2017-08-20 14:42:27 +03:00
Itay Mizeretz 1a55c8362f Add C&C ability to share credentials found from monkeys 2017-08-17 18:04:36 +03:00
Itay Mizeretz 1e876eb597 Update example.conf 2017-08-16 19:07:50 +03:00
Itay Mizeretz 875eba393c Fix config erasing of creds 2017-08-16 16:36:51 +03:00
Itay Mizeretz f1b7fb6706 Fix unicode problem 2017-08-16 16:13:31 +03:00
Itay Mizeretz 60d64c4e6b Fix minor bug 2017-08-16 15:40:23 +03:00
Itay Mizeretz a671b55df3 Add mimikatz collector
Combine all users and passwords in config
2017-08-16 15:14:26 +03:00
Daniel Goldberg 5e04cc825c Merge pull request #41 from guardicore/bugfix/deb-package-conflict
Bugfix/deb package conflict
2017-08-13 18:21:43 +03:00
Itay Mizeretz 943ac023c6 Add warning in readme 2017-08-13 17:51:45 +03:00
Itay Mizeretz a23317ecdf Fix deb package requirement 2017-08-13 17:13:39 +03:00
Daniel Goldberg 3ef24281a7 Merge pull request #38 from Fak3/f26
Don't crash when receiving unknown configuration variables
2016-10-08 08:33:33 -06:00
Evstifeev Roman f1dca7fa86 Don't crash when receiving unknown configuration variables
Instead of crashing if the monkey deserializes an unknown configuration
variable, send an error message to the current monkey server and keep on
working.

Add utnittests.

fixes #26
2016-09-27 23:56:26 +03:00
Daniel Goldberg de6939aea0 Merge pull request #37 from Fak3/master
update new config when json changed. fixes #25
2016-09-22 17:30:08 +03:00
Evstifeev Roman 569a9b083e update config when json changed. fixes #25 2016-09-22 16:59:57 +03:00
Daniel Goldberg aced96819b Reverted again the dup requests library 2016-09-21 15:42:26 +03:00
daniel goldberg ab7f731ed5 Removed reliance on grequests. Complicates other code and no real performance improvement in a LAN enviornment. 2016-09-21 14:55:13 +03:00
daniel goldberg 9ab5b178df Merge remote-tracking branch 'origin/master' 2016-09-21 12:32:12 +03:00
daniel goldberg 3549bb351e Issue #35 - Added option for blocked IPs. 2016-09-21 11:35:41 +03:00
Daniel Goldberg 224099a85c Merge pull request #36 from Fak3/patch-1
requirements.txt - remove duplicate (requests)
2016-09-20 19:09:35 +03:00
Evstifeev Roman 2066c19190 requirements.txt - remove duplicate (requests) 2016-09-20 19:35:23 +04:00
itsikkes 155a03efad Small hack to support fast-user switching when RDPing to already loggen-in host
Although it doesn't always happen, because there is no easy wasy to know
- trying  to press YES on the dialog box (if any) can help the login
process
2016-09-19 22:27:17 +03:00
daniel goldberg 084cee78fd Merge remote-tracking branch 'origin/master' 2016-09-14 14:19:13 +03:00
Daniel Goldberg d1f218daad Don't dup pip list 2016-09-13 14:07:48 +03:00
itsikkes b3322b2541 improved local interface selection when exploiting 2016-09-08 12:30:40 +03:00
daniel goldberg 6fcf8b2f15 Merge remote-tracking branch 'origin/master' 2016-09-08 10:21:47 +03:00
daniel goldberg 24792aec61 Remove commented build step. 2016-09-08 08:56:11 +03:00
danielguardicore d2203b2220 Removed legacy ChaosMonkey from SMB execution. 2016-09-07 19:10:30 +03:00
danielguardicore 9f27825789 Changed tcp scanning to be a bit more random. Might confuse really basic defenses. 2016-09-07 19:01:19 +03:00
danielguardicore ce3eaa9b2e Fixed grequsts/gevents monkey patching of socket code, which lead to paramiko being unable to function after a shellshock scan. 2016-09-07 10:16:17 +03:00
itsikkes 39eaca300f RDP: change VBS object to reduce requirements + process is more verbose 2016-09-06 11:05:15 +03:00
itsikkes 9b21215025 added tornado 2016-09-06 10:45:32 +03:00
itsikkes e18a19abcc Switched to tornado as webserver, same as in the island 2016-09-06 10:45:32 +03:00
daniel goldberg 6e76162b8f Added str representation of hosts. 2016-09-05 21:10:17 +03:00
daniel goldberg 397c4f82ca Merge remote-tracking branch 'origin/master' 2016-09-05 18:49:10 +03:00
daniel goldberg 32c326bd7b PEP8 in diff files
Add concept of non default timeout for copying SMB files. This is by default 5 minutes.
Changed behavior of SMB exploiter if file already exists, we don't assume exploitation is useless and try again. Worse case is we run the monkey after it finished running.
Changed behavior if managed to connect to machine to IPC$ over some dialect. If Success, we don't try again.
2016-09-05 17:45:27 +03:00
Daniel Goldberg 78cafb8d58 Set minimum Python version for Windows version.
This should fix #34
2016-09-05 16:13:55 +03:00
daniel goldberg 5ae67840a6 No manifest files, everything compiled in onefile 2016-09-04 14:33:02 +03:00