p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
7,096 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

7096 Commits

Author SHA1 Message Date
Mike Salvatore b72ad39aa6 Agent: Invoke reactor.stop() with reactor.callFromThread() 2022-01-12 10:53:10 -05:00
Shreya Malviya 7fae22e993 Docs: Add Log4Shell exploiter page 2022-01-12 14:29:38 +05:30
Shreya Malviya f8ac13c164 Island: Add info about Log4Shell to config schema 2022-01-12 14:05:17 +05:30
Mike Salvatore c51be159b6 Agent: Use classmethods to improve readability of HTTPHandler 2022-01-11 13:08:32 -05:00
Mike Salvatore b79bf96359 Agent: Don't install signal handlers in LDAPExploitServer 
This avoids exceptions that are raised when the LDAPExploitServer is not
started on the main thread.
 2022-01-11 12:54:53 -05:00
Ilija Lazoroski ab7a47384c Agent, Island: Add Logstash service to Log4Shell exploit 2022-01-11 18:23:15 +01:00
Mike Salvatore 30c41592fb Agent: Remove dependency on threading from LDAPExploitServer 2022-01-10 08:50:09 -05:00
Mike Salvatore 67ade141a0 Agent: Start log4shell java class server on daemon thread 2022-01-10 08:40:51 -05:00
Mike Salvatore 64827ac589 Agent: Rename IServiceExploiter -> IExploitableService 2022-01-10 08:30:55 -05:00
Mike Salvatore eb10bdaa4e Agent: Add unit tests for log4shell ldap server tree 2022-01-10 08:22:01 -05:00
Ilija Lazoroski dcc68914bd BB: Add log4j machines to monkey zoo 2022-01-10 14:17:48 +01:00
Mike Salvatore d467f30d16 Island: Fix updating logic for IslandConfigOptions 2022-01-10 08:17:17 -05:00
vakarisz 6782f806eb Zoo: add log4j solr machines to terraform scripts and docs 2022-01-07 15:27:50 +02:00
vakarisz 7ba2051bf6 Agent: fix a bug in log4shell 
Fix a bug that prevents single agent from exploiting multiple machines, by resetting the state of global HTTPHandler params
 2022-01-06 16:58:40 +02:00
vakarisz a38536b59b Agent: refactor log4shell 
Refactor extracts server setup and shutdown functionality into separate methods
 2022-01-06 16:35:38 +02:00
Ilija Lazoroski 79d92afcd4 Agent: Add Apache Tomcat support for Log4Shell exploit 2022-01-06 13:56:17 +01:00
vakarisz 0006112e79 Agent: fix log4shell to be able to exploit more than 1 service 2022-01-06 13:01:50 +02:00
vakarisz 0cd6b1e616 Agent: remove unused upload_monkey() and rename _trigger_exploit 2022-01-06 13:00:37 +02:00
vakarisz 7bace927f8 Agent: fix log4shell to always close ldap and http servers, even on errors 2022-01-06 12:56:04 +02:00
vakarisz 9d5ea0f41f Island: add log4shell issue processing and reporting 2022-01-06 12:26:00 +02:00
vakarisz 0b76b9f949 Agent: fix log4shell to override the correct _exploit_host method 2022-01-06 12:18:58 +02:00
vakarisz 09988b0f80 Agent: report vulnerable port and service in log4shell 
Refactor log4shell.py and related service exploiters to adhere to IExploitableService interface and save which service on which port was vulnerable to log4shell
 2022-01-05 17:43:28 +02:00
vakarisz 5ac6d12fe9 Agent: fix log4shell exploitation indication 2022-01-05 15:47:45 +02:00
vakarisz c382987430 Project: vulture allow LDAPServerFactory.buildProtocol 2022-01-05 15:18:12 +02:00
vakarisz dd3c5aac6f Agent: small logging improvements in log4shel 2022-01-05 14:21:26 +02:00
vakarisz d2181f6577 Agent, UT: fix ldap builder UT's and some imports in log4shell 2022-01-05 14:16:24 +02:00
Ilija Lazoroski 563438c7f8 Agent, Island: Add Apache Solr support for Log4Shell exploit 2022-01-05 12:37:08 +01:00
vakarisz 8a120110f5 Agent: change ldap and http ports to be chosen dynamically in log4shell 2022-01-05 12:46:40 +02:00
vakarisz 0659fddac6 Agent: add the docker POC exploit to log4shell 
Implements the infrastructure needed to add different log4shell exploits and adds the
 2022-01-04 17:48:45 +02:00
vakarisz 206abfa5e8 Agent: refactor a couple web_rce methods to static 2022-01-04 17:41:19 +02:00
vakarisz e69639b426 Agent: use separate java classes for windows and linux in log4shell 
Linux and windows targets should use different java classes, because one is compiled to be launched in /bin/bash, another in cmd.exe. We can't just inject the whole command, because Runtime.getRuntime().exec() interprets the string in strange ways
 2022-01-04 16:09:19 +02:00
vakarisz 1884c6d767 TEMP: base implementation of the log4shell 2021-12-23 16:45:25 +02:00
vakarisz 41b97cb54a TEMP: base implementation of the log4shell 2021-12-22 17:17:02 +02:00
Mike Salvatore fddaa16931 Agent: Improve InvalidExploitTemplateError messages 2021-12-21 15:19:45 -05:00
Mike Salvatore 4d5a2511c6 Agent: Add LDAP server for log4shell exploit 2021-12-21 15:19:44 -05:00
Mike Salvatore 2a795723ab Agent: Add ldaptor to dependencies 2021-12-21 15:12:50 -05:00
Mike Salvatore 68978907e2 Agent: Add build_exploit_bytecode for log4shell exploiter 2021-12-20 15:12:11 -05:00
Mike Salvatore a48c1afefd Agent: Construct concrete puppet in monkey.py 2021-12-20 06:56:47 -05:00
Mike Salvatore e392915b26 Merge branch '1597-integrate-automated-master' into agent-refactor 2021-12-20 06:55:53 -05:00
Mike Salvatore 50930017fb Agent: Use address_to_ip_port() in _running_on_island() 2021-12-17 10:55:58 -05:00
Mike Salvatore 8658b9edb3 Merge branch '1598-implement-run-payload' into agent-refactor 2021-12-17 10:30:46 -05:00
Mike Salvatore b19ce79df6 Agent: Use relative imports within puppet package 2021-12-17 10:25:16 -05:00
Mike Salvatore 7b8b485b57 Agent: Mock out unimplemented functions in Puppet 2021-12-17 10:22:42 -05:00
Mike Salvatore 973c88678e Agent: Move PluginType to the i_plugin package 2021-12-17 10:13:28 -05:00
Ilija Lazoroski afbc313a7c Agent: Handle interrupts in ransomware 2021-12-17 16:10:42 +01:00
Mike Salvatore 05c5764487 Agent: Add i_puppet package 2021-12-17 09:40:46 -05:00
Ilija Lazoroski 61a7647f9b Agent: Add interrupt handling to ransomware 2021-12-17 15:31:20 +01:00
Shreya Malviya 958cf3a252 Agent, UT: Rename 'config' to 'options' in ransomware files 2021-12-17 19:55:26 +05:30
Mike Salvatore 0328d2860e Agent: Add a RansomwarePayload that implements to the IPayload interface 2021-12-17 09:19:47 -05:00
Mike Salvatore 2299c029d7 Agent: Rename RansomwarePayload to Ransomware 
A payload adheres to a specific IPayload interface. The class that is
now called RansomwarePayload is just a concrete ransomware. A new
RansomwarePayload will be introduced to wrap the build and execute of
the Ransomware.
 2021-12-17 09:16:27 -05:00