p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
3,838 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

2167 Commits

Author SHA1 Message Date
VakarisZ 0be9b19186 Added custom config validation errors 2020-07-27 15:32:45 +03:00
VakarisZ 026daba3e0 Validation bugfix (unescaped .), improved comments 2020-07-27 11:57:40 +03:00
VakarisZ 02a710e15a Updated default password list according to the most popular password statistics 2020-07-27 11:49:31 +03:00
Shreya e6c93056cc Improve code readibility 
TODO: Add tests
 2020-07-26 23:50:03 +05:30
Shreya e6560ba3d4 Small CR changes 2020-07-26 23:25:30 +05:30
Shay Nehmad e21d67c37a Clean some JS warnings 2020-07-26 14:40:13 +03:00
Shay Nehmad 0deb8c63c5 Fix import formatting 2020-07-26 11:21:57 +03:00
Shreya 45fdf4b62c Pass build 2020-07-24 23:15:54 +05:30
Shreya eaf0cc854f Generate T1156 and T1504 reports via mongo query 2020-07-24 22:43:50 +05:30
VakarisZ 951794a707 More linting fixes 2020-07-24 17:23:53 +03:00
VakarisZ 49825d460b Bugfix in HeightCalculator.js 2020-07-24 17:20:24 +03:00
VakarisZ b366d12c99 Linting fixes 2020-07-24 17:17:38 +03:00
VakarisZ ecea415e36 Separated InternalConfig into separate tabs for easier navigation 2020-07-24 17:02:53 +03:00
Shreya 90fe06e212 Modifications to get the telemetry feed and reports rendering properly 2020-07-24 18:21:04 +05:30
Shreya 5a7e8a0b08 Override `run()` for PBA "modify shell startup files" + assign EXECUTION_WITHOUT_OUTPUT to all relevant PBAs on the island side 2020-07-24 18:21:04 +05:30
Shreya 1fdca52788 Fixes 2020-07-24 18:20:33 +05:30
Shreya f6556704d6 Modify `run()` for "modify shell startup files" PBA 2020-07-24 18:20:33 +05:30
Shreya dec7d9021f Move data modification for PBA from frontend to backend 2020-07-24 18:18:53 +05:30
Shreya a39a0c2ce6 CR changes 
- Added nested classes
- Extracted repetitive code
 2020-07-24 18:18:53 +05:30
Shreya 1182a3ad03 Manipulate PBA data to show multiple results of PBAs as separate entries in the report 2020-07-24 18:18:53 +05:30
Shreya 5fc6b6eb40 Modify logic to call PostBreachTelem.send() only once for modify shell startup files PBA 2020-07-24 18:18:53 +05:30
VakarisZ 76401f0778 Rolled back server_config.json to a clean one 2020-07-24 12:41:07 +03:00
VakarisZ cf45ec9401 Typo fixes and improvements 2020-07-24 12:40:06 +03:00
VakarisZ e8d210f001 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 2020-07-24 11:25:06 +03:00
VakarisZ 53707436df
Merge pull request #733 from guardicore/feature/pba_linux_bugfixes 
Removed unused imports and improved logging in PBA
 2020-07-24 11:24:19 +03:00
VakarisZ 6f993d34e1
Merge pull request #737 from guardicore/feature/broken_attack_matix_ui 
Fixed broken attack matrix checkbox UI in config
 2020-07-24 11:23:34 +03:00
VakarisZ d049b88c99 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 2020-07-24 11:22:09 +03:00
VakarisZ a1c11df50b Added descriptions to post breach actions, where it was missing 2020-07-24 11:20:42 +03:00
VakarisZ cc78076d32 Added hostname's to IP range validation 2020-07-24 10:45:33 +03:00
VakarisZ c1717d01a5 Merge branch 'feature/configuration_improvement' of https://github.com/guardicore/monkey into feature/configuration_improvements 2020-07-24 09:45:52 +03:00
VakarisZ 696dd83ef6 Changed exploiter documentation links in config 2020-07-24 09:45:17 +03:00
VakarisZ c9468b8600 Changed empty checkbox UI to unfilled in AdvancedMultiSelect.js 2020-07-24 09:18:56 +03:00
Shay Nehmad b25802c466 Merge branch 'feature/configuration_improvement' of https://github.com/guardicore/monkey into feature/configuration_improvement 2020-07-23 18:18:59 +03:00
Shay Nehmad 336c3cbb47 Update descriptions of config values 
Now can use whitespace
 2020-07-23 18:18:53 +03:00
VakarisZ 5449084394 Added validation to important tabs (not-internal) 2020-07-23 16:04:29 +03:00
Shay Nehmad 17587802ff pywin32 is missing from the Monkey 
WMI package upgraded and required pywin32.
because we have this package imported but not used in linux machines
we downgraded
 2020-07-23 12:45:37 +03:00
VakarisZ db6552a136 Moved "victims_max_exploit" and "victims_max_find" to "internal", increased "victims_max_exploit" default to 100 2020-07-23 10:52:05 +03:00
VakarisZ bca5ad912e "Exploits" config section moved to "Internal", UI fix for other moved sections 2020-07-23 10:41:17 +03:00
VakarisZ 2506fdc501 "Network" config section moved to "Internal" 2020-07-23 10:18:03 +03:00
VakarisZ b2eb5a40ad Removed "Monkey island" config tab (moved everything into internal) 2020-07-23 09:44:13 +03:00
VakarisZ 57ee55d9ff Moved "is monkey alive" into internal(still hidden) config, fixed PBA UI 2020-07-23 09:12:27 +03:00
VakarisZ 2c96ace908 Mimikatz, Azure collectors moved to system info collectors in config, "Behaviour" renamed to "Post breach" in config 2020-07-22 18:06:49 +03:00
VakarisZ 8b2797306b Split up config_schema.py into separate files 2020-07-22 13:19:12 +03:00
VakarisZ 3fec6ac753 Renamed values in config: Network->General to Network->Scope, Exploits->General to Exploits->Exploiters 2020-07-22 12:33:21 +03:00
VakarisZ eba779cd2d Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 2020-07-22 12:05:59 +03:00
VakarisZ fb5d3a0541 Fixed broken attack matrix checkbox UI in config 2020-07-22 12:02:13 +03:00
Shay Nehmad 27b1c7a710
Merge pull request #729 from guardicore/snyk-fix-8605a12c0d6e7129269774950a531099 
[Snyk] Security upgrade PyJWT from 1.4.2 to 1.5.1
 2020-07-21 18:55:58 +03:00
Shay Nehmad 2bbb2d2c2c Some small CR fixes - improved doc and logs 2020-07-21 18:40:08 +03:00
Shay Nehmad dd1320418a Update vsftpd.py 2020-07-21 18:17:29 +03:00
Shay Nehmad c66fd0f2a6 Update vsftpd.py 2020-07-21 18:08:22 +03:00
Shay Nehmad 1072607c42 Fix import order 2020-07-21 18:02:17 +03:00
Shay Nehmad 1f26d7ffb9 replace flask-jwt with flask-jwt-extended 2020-07-21 17:30:21 +03:00
Shay Nehmad ed2366e612
Merge pull request #730 from guardicore/snyk-upgrade-1d178c687faf134440c71413f44c538d 
[Snyk] Upgrade react-tooltip-lite from 1.11.2 to 1.12.0
 2020-07-21 17:19:44 +03:00
VakarisZ 271466c6b5 Removed core-js/fn/object/assign import 2020-07-21 16:08:23 +03:00
VakarisZ d00abde17b Removed one more unused import 2020-07-21 12:33:08 +03:00
VakarisZ 8c356d91f5 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 
# Conflicts:
#	monkey/monkey_island/cc/ui/package-lock.json
 2020-07-21 12:29:31 +03:00
VakarisZ 3db8e0cb2f Merge remote-tracking branch 'upstream/develop' into change_file_privileges_bugfix 2020-07-21 12:23:37 +03:00
VakarisZ 3af6fff5ca Fixed bug: linux only PBA's throwing errors on Windows 2020-07-21 12:10:23 +03:00
Shay Nehmad 1827cfab93 Merge branch 'develop' into snyk-fix-8605a12c0d6e7129269774950a531099 2020-07-21 12:05:17 +03:00
Shay Nehmad 35a665b831 Merge branch 'develop' into snyk-upgrade-1d178c687faf134440c71413f44c538d 2020-07-21 11:49:35 +03:00
VakarisZ eb4056ab7f Removed should exploit network machines config param - same will be achieved by removing all exploiters. 2020-07-21 11:29:29 +03:00
Shay Nehmad f34d7d45e8
Merge pull request #728 from guardicore/snyk-upgrade-7f12d9c688d2cf1b551e62e93453c526 
[Snyk] Upgrade @babel/polyfill from 7.8.7 to 7.10.1
 2020-07-21 10:59:32 +03:00
Shay Nehmad 594d3f2f97 Single quotes 2020-07-21 10:52:45 +03:00
VakarisZ f70b2240e1 Hid "Is monkey alive" field in configuration 2020-07-21 10:43:37 +03:00
Shay Nehmad dd50f9d4aa Fix some key prop errors so that our pages don't have errors 
It might avoid some bugs in the future as well: https://stackoverflow.com/questions/28329382/understanding-unique-keys-for-array-children-in-react-js
 2020-07-20 18:38:15 +03:00
VakarisZ 9f21ce07f1 Changed important tabs to be highlighted rather than having text in the front 2020-07-20 18:22:37 +03:00
Shreya 28e0a6ec97 Make setuid/setgid and trap PBAs not crash on windows 2020-07-20 20:09:19 +05:30
VakarisZ 167d1f50d5 Removed hidden descriptions 2020-07-20 17:32:08 +03:00
VakarisZ c88488c415 Merge remote-tracking branch 'upstream/develop' into feature/configuration_improvements 
# Conflicts:
#	monkey/monkey_island/cc/ui/package-lock.json
 2020-07-20 17:20:43 +03:00
VakarisZ f790750f57 Changed the style in configuration page to differentiate config value title from description 2020-07-20 17:15:01 +03:00
Shay Nehmad fc6db1ffbc @babel/polyfill is deprected. 
Instead of updating it, we'll use corejs 3.
https://babeljs.io/docs/en/babel-preset-env
 2020-07-20 16:59:33 +03:00
Shay Nehmad 7bc9760eef Merge branch 'develop' into snyk-upgrade-7f12d9c688d2cf1b551e62e93453c526 2020-07-20 16:29:38 +03:00
Shay Nehmad 0a1d7174c5 update package.lock mess after ugly merge. 
Let npm i do the work instead of doing it manually
 2020-07-20 16:15:29 +03:00
Shay Nehmad cd6216779f Merge branch 'develop' into snyk-upgrade-bb05e006ee678bf67c3eb4c3c10b3cdf 2020-07-20 16:09:06 +03:00
Shay Nehmad 844b2f1e2a Deleted redundant const 2020-07-20 16:04:27 +03:00
VakarisZ 35e90fc95d Added style that allows hiding config input component title and description (because advanced multi select has title and description built in) 2020-07-20 15:22:21 +03:00
VakarisZ fb9428b8a3 Added advanced selector component to all config definitions, refactored it in a way that allows to define all advanced selector properties on config_schema.py 2020-07-20 15:10:57 +03:00
snyk-bot 21eef102a8 fix: upgrade react-tooltip-lite from 1.11.2 to 1.12.0 
Snyk has created this PR to upgrade react-tooltip-lite from 1.11.2 to 1.12.0.

See this package in NPM:
https://www.npmjs.com/package/react-tooltip-lite

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-18 07:00:29 +00:00
Shay Nehmad ce7f5508ed Merge branch 'develop' into snyk-upgrade-7f12d9c688d2cf1b551e62e93453c526 2020-07-16 14:42:44 +03:00
Shay Nehmad 4dfdd447ee Update package-lock.json 
npm audit fix + lock to correct versions
 2020-07-16 14:33:05 +03:00
Shay Nehmad ed7a5ab708 Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea 2020-07-16 14:20:08 +03:00
snyk-bot ab0c9c5456 fix: monkey/monkey_island/requirements.txt to reduce vulnerabilities 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYJWT-40693
 2020-07-16 11:17:07 +00:00
Shay Nehmad 491660eb2e Added name and version to the package-json (won't compile otherwise) 
See https://stackoverflow.com/a/60112825/4119906
 2020-07-16 14:15:41 +03:00
Shay Nehmad 5fd1128554
Merge pull request #724 from guardicore/snyk-upgrade-9b0bb6804d80cebfbdc83144d3ab1240 
[Snyk] Upgrade: @fortawesome/fontawesome-svg-core, @fortawesome/free-regular-svg-icons, @fortawesome/free-solid-svg-icons, @fortawesome/react-fontawesome
 2020-07-16 14:05:52 +03:00
Shay Nehmad a7ea163d81
Merge pull request #723 from guardicore/snyk-upgrade-95eb22e72c073a402cf50c305cd68d19 
[Snyk] Upgrade rc-progress from 2.5.3 to 2.6.1
 2020-07-16 14:04:18 +03:00
Shay Nehmad 7170d5441a Update package-lock.json 2020-07-16 13:51:08 +03:00
Shay Nehmad 7e45540361 Merge branch 'develop' into snyk-fix-661b0a9571c71708f17fef5d173a39ea 2020-07-16 13:42:34 +03:00
Shay Nehmad f92cf0d973
Merge pull request #727 from guardicore/py-import-order-travis 
Py import order travis
 2020-07-16 11:29:46 +03:00
Shay Nehmad d3718a8943 Final fixed imports 2020-07-16 10:32:27 +03:00
snyk-bot 96f31a492b fix: upgrade @babel/polyfill from 7.8.7 to 7.10.1 
Snyk has created this PR to upgrade @babel/polyfill from 7.8.7 to 7.10.1.

See this package in NPM:
https://www.npmjs.com/package/@babel/polyfill

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-16 07:01:19 +00:00
Shay Nehmad 9846477bea Change to isort from flake8-import-order 
fix issues in envs/ as well
 2020-07-15 18:46:04 +03:00
Shay Nehmad 81c950b469 Ran isort to order all imports and pass CI tests 2020-07-15 17:55:45 +03:00
Shay Nehmad 832662602d Update package-lock.json 2020-07-15 17:02:47 +03:00
Shay Nehmad 4cc05637e5 Merge branch 'develop' into snyk-upgrade-bb05e006ee678bf67c3eb4c3c10b3cdf 2020-07-15 16:51:50 +03:00
Shay Nehmad 1e8e9a7d41 Bugfix in file upload for PBAs (nonexistent directory) 2020-07-15 16:49:34 +03:00
Ace Pace 3fb1d248ae Fix typos 2020-07-15 16:26:57 +03:00
snyk-bot 7ef2afb3fb fix: upgrade multiple dependencies with Snyk 
Snyk has created this PR to upgrade:
  - @fortawesome/fontawesome-svg-core from 1.2.28 to 1.2.29.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/fontawesome-svg-core
  - @fortawesome/free-regular-svg-icons from 5.13.0 to 5.13.1.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/free-regular-svg-icons
  - @fortawesome/free-solid-svg-icons from 5.13.0 to 5.13.1.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/free-solid-svg-icons
  - @fortawesome/react-fontawesome from 0.1.9 to 0.1.11.
    See this package in NPM: https://www.npmjs.com/package/@fortawesome/react-fontawesome

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:52 +00:00
snyk-bot e417ed3e27 fix: upgrade rc-progress from 2.5.3 to 2.6.1 
Snyk has created this PR to upgrade rc-progress from 2.5.3 to 2.6.1.

See this package in NPM:
https://www.npmjs.com/package/rc-progress

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:47 +00:00
snyk-bot 40aca91b28 fix: upgrade filepond from 4.13.5 to 4.18.0 
Snyk has created this PR to upgrade filepond from 4.13.5 to 4.18.0.

See this package in NPM:
https://www.npmjs.com/package/filepond

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:41 +00:00
snyk-bot f98e2ea972 fix: upgrade react-spinners from 0.5.13 to 0.9.0 
Snyk has created this PR to upgrade react-spinners from 0.5.13 to 0.9.0.

See this package in NPM:
https://www.npmjs.com/package/react-spinners

See this project in Snyk:
https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr
 2020-07-15 07:01:36 +00:00
snyk-bot 2f0b777533 fix: monkey/monkey_island/cc/ui/package.json, monkey/monkey_island/cc/ui/package-lock.json & monkey/monkey_island/cc/ui/.snyk to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NPM-575435


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
 2020-07-14 15:09:34 +00:00
Shreya 5bbef83b83 Linux: delete `TEMP_CRON` file even if command fails 2020-07-13 20:13:47 +05:30
Shreya c38875d71e Code review changes 
- windows commands readibility
- f-strings
- directory structure
 2020-07-13 20:08:04 +05:30
Shreya 9c0c298631 Mongo search logic changes + used/scanned/unscanned message changes 2020-07-13 20:08:04 +05:30
Shreya 7588cd8eea Add T1053 (windows PBA) 2020-07-13 20:08:04 +05:30
Shreya 73c4070f54 Add T1168 (linux PBA) 2020-07-13 20:05:49 +05:30
Shreya 37b4717eb1 Add techniques' info to attack_schema 2020-07-13 20:03:32 +05:30
Shreya ec26baae8f Add PBA T1166 2020-07-13 19:40:08 +05:30
Shreya e6b3613db2 Check status using mongo 2020-07-13 19:20:38 +05:30
Shreya d9d8c813aa Code review + other tiny changes 2020-07-13 19:11:13 +05:30
Shreya a74f2a5ead Add PBA T1154 2020-07-13 19:11:13 +05:30
Shreya Malviya 8c255ece06
Merge pull request #693 from shreyamalviya/mongo-search-T1136 
Use mongo search for T1136's report data
 2020-07-13 19:06:35 +05:30
Shay Nehmad d501bf3b00 Add six minimum requirement to explicitly resolve conflict 
Added pip freeze to travis to ease debugging
 2020-07-08 16:43:52 +03:00
Shay Nehmad 45035cc3c3 Unlock pyinstaller 
On systems where you have one venv for agent and server, the pyinstaller version is our own build from the GC repo
 2020-07-08 16:04:32 +03:00
Shay Nehmad 9ce2c5eb83 Sort and lock pip requirement files 2020-07-08 15:56:48 +03:00
Shreya e12374b7d3 Add mongo query to count successful PBA attempts 2020-07-04 15:29:25 +05:30
VakarisZ 6a824efab3 Finished AdvancedMultiSelect component 2020-07-03 17:41:41 +03:00
VakarisZ 989020c5ba Removed old react-jsonshema-form npm package 2020-07-03 17:38:43 +03:00
VakarisZ 67eeb2b670 Grouped stylesheets into components and pages 2020-07-03 17:38:02 +03:00
Shreya 8c18731b45 Use mongo search for T1136's report data 2020-07-03 15:56:40 +05:30
VakarisZ fda600eb60 Finished PBA refactoring 2020-06-30 18:10:48 +03:00
VakarisZ aad9e5069e PBA file refactoring almost working 2020-06-30 16:07:43 +03:00
VakarisZ 6cc4c85132
Merge pull request #688 from guardicore/password_setup 
Password setup and bootstrap v4 migration
 2020-06-25 11:52:33 +03:00
VakarisZ 8a31ff21b8 Disabled no-unescaped-entities, because it throws warnings on ' usage in text, because typographically it's not an apostrophe 2020-06-25 11:33:28 +03:00
VakarisZ edfbf370c6 Merge remote-tracking branch 'upstream/password_setup' into password_setup 2020-06-25 11:01:34 +03:00
VakarisZ 4e9a749c7d Couple of PEP8 issues related to password creation files fixed 2020-06-25 11:01:20 +03:00
Shay Nehmad f34a607f15
Merge pull request #692 from guardicore/mongo_requirement_fix 
Changed minimum mongodb version required
 2020-06-25 10:59:17 +03:00
Shay Nehmad 4c6f2efe18 Merge branch 'password_setup' of https://github.com/guardicore/monkey into password_setup 2020-06-25 10:56:06 +03:00
Shay Nehmad 27c50fdc55 Fix some whitespace issues in the events modal 2020-06-25 10:54:59 +03:00
VakarisZ 938a5e225c Merge remote-tracking branch 'upstream/password_setup' into password_setup 2020-06-25 10:53:12 +03:00
VakarisZ d22e784aaa Redundant failed login attempts with no auth credentials fixed 2020-06-25 10:52:56 +03:00
Shay Nehmad da58ea7250 Adding some server logs re: registration 
Will possibly help debug client issues with registration in future.
 2020-06-25 10:29:37 +03:00
VakarisZ e58cdee246 Small typo in register page, submit on enter fixed in auth pages 2020-06-25 10:26:59 +03:00
VakarisZ 7462c1c701 Merge remote-tracking branch 'upstream/develop' into password_setup 
# Conflicts:
#	.travis.yml
 2020-06-25 10:04:04 +03:00
VakarisZ 468bd7db2c UI fixes for registration and login pages and zero trust report 2020-06-25 10:00:43 +03:00
Shreya a11852ce3c Pass build 
Pass build
 2020-06-24 16:47:46 +05:30
Shreya 971a102eb6 Change order of techniques in ATT&CK matrix 
T1158: Hidden files before T1504: Powershell profile
 2020-06-24 15:22:34 +05:30
Shreya 6b75092823 Small fixes after rebasing 2020-06-24 15:15:45 +05:30
Shreya a91e65e49a Use mongo search for report data 2020-06-24 14:37:42 +05:30
Shreya 37d37b6f9f Fix status being sent in report data 2020-06-24 14:37:42 +05:30
Shreya 3819041632 PBA command modifications 2020-06-24 14:37:42 +05:30
Shreya 2dbf798c4a Linux: fix hidden file/folder deletion issue 2020-06-24 14:37:42 +05:30
Shreya d0dc305a33 Remove detection time for AV software 2020-06-24 14:37:42 +05:30
Shreya a98f321ed0 Windows: change location of hidden file/folder + add system attribute 2020-06-24 14:37:42 +05:30
Shreya 87bfe41c50 Linux: change location of hidden file/folder 2020-06-24 14:37:42 +05:30
Shreya eea5352084 Little changes based on review 2020-06-24 14:36:03 +05:30
Shreya 6b4e90e6d0 PBA tweaks: Windows 2020-06-24 14:36:03 +05:30
Shreya 80c8a42bd0 Mentioning 'type' doesn't seem necessary 2020-06-24 14:36:03 +05:30
Shreya 0f6fcc799c Add report components, link to matrix 2020-06-24 14:36:03 +05:30
Shreya 49350aa303 PBA changes: Windows 2020-06-24 14:33:08 +05:30
Shreya 15ac77056a PBA changes: Linux 2020-06-24 14:33:08 +05:30
Shreya 2b9d54408a Tweak PBA logic 
Don't need to use winAPI to delete file
 2020-06-24 14:33:08 +05:30
Shreya 1d952a4781 PBA stuff 2020-06-24 14:33:08 +05:30
Shreya 45c5546f17 Add "Hidden files" PBA feature 
TODO: winAPI
 2020-06-24 14:33:08 +05:30
Shreya Malviya 08727305d8
Merge pull request #687 from shreyamalviya/T1156 
Add T1156 and T1504 attack techniques (shell startup file modifications)
 2020-06-24 14:13:09 +05:30
Shreya 53e6f893c6 Disabled prop-types warning in eslint 
(Accidentally force-pushed over the previous commit changing this)
 2020-06-24 13:58:52 +05:30
Shreya f21dbde27d Extend windows PBA for all users on system 2020-06-24 13:37:08 +05:30
Shreya 7efeff3ff0 Modify linux PBA so it doesn't give errors when running on windows 2020-06-24 13:25:54 +05:30
Shreya 6f6bfca9f9 Use mongo search for report data 
(For linux, shows only bash startup files in ATT&CK report)
 2020-06-24 13:25:54 +05:30
Shreya 7459105bbc Extend linux PBA for all users on system 
TODO: ATT&CK report stuff (mongo search + show only bash file modification info)
TODO: Windows
 2020-06-24 13:25:54 +05:30
Shreya 8d2aaac65f Fix + make linux PBA commands cleaner 2020-06-24 13:25:54 +05:30
Shreya e5f92d29b5 Add startup files for fish, zsh, dash, ksh, sh, csh, tcsh 2020-06-24 13:25:54 +05:30
Shreya 0c60ad16ae Code design changes 2020-06-24 13:25:54 +05:30
Shreya 60207e3a79 Change file locations 2020-06-24 13:25:54 +05:30
Shreya 6d98f95d4c Make used/scanned/unscanned messages descriptive 2020-06-24 13:25:54 +05:30
Shreya 58a0a67244 Add T1504 to config_schema 2020-06-24 13:25:54 +05:30
Shreya ef6bb52302 Remove Privilege escalation/T1504 in attack_schema 
Shows it twice in ATT&CK matrix in the configuration,
but shows it only once in the ATT&CK matrix in the report section.
 2020-06-24 13:25:54 +05:30
Shreya 8bb5096add Add T1504 report data + modify T1156 report data 2020-06-24 13:25:54 +05:30
Shreya 1b040dc874 Add windows PBA 2020-06-24 13:25:54 +05:30
Shreya 3fe4dd679b Pass empty string to linux_cmds if OS is windows 2020-06-24 13:25:54 +05:30
Shreya dfa34e602f Started T1504 implementation 
Add to `attack_schema.py`, `attack_report.py`
Add report `T1504.js`
 2020-06-24 13:25:54 +05:30
Shreya e2d35ca267 Simpler bash commands for linux PBA 2020-06-24 13:25:54 +05:30
Shreya a9c763cd9c Add linux PBA + report components 2020-06-24 13:25:49 +05:30
VakarisZ 9ca2507f34 Changed minimum mongodb version required in main 2020-06-23 16:36:37 +03:00
VakarisZ 37f356a6e2 Run monkey page improvement, small style and attack report fixes 2020-06-23 16:31:00 +03:00
VakarisZ 44c8ffda60 Missing svg image added, registration error overlap fixed 2020-06-23 15:38:25 +03:00
VakarisZ 09b8239fdb More quote fixes, increased JS warnings to 500 2020-06-23 12:46:11 +03:00
VakarisZ 4c8c423b9d Linting fixes 2020-06-23 12:24:36 +03:00
VakarisZ bd537faa11 Bugfix: PreviewPane.js log download button no longer enabled when no log is present 2020-06-23 12:23:30 +03:00
VakarisZ 0be1b3a908 Merge remote-tracking branch 'upstream/develop' into password_setup 2020-06-23 11:11:22 +03:00
VakarisZ 6f6cf76977 UI bugfix: non-existent PTH map include 2020-06-23 10:34:18 +03:00
VakarisZ be51de2756 JS minor quotes refactor 2020-06-23 10:32:47 +03:00
VakarisZ 9b5029a05c Lowered the amount of python lint warnings with small style improvements 2020-06-22 16:59:51 +03:00
VakarisZ 90b05a184b Small improvements: aws test removed and path parsing changed to use path library in environment_config.py 2020-06-22 15:17:01 +03:00
VakarisZ 79bf05d320 Rolled back merge changes that broke map page UI 2020-06-22 12:16:23 +03:00
VakarisZ 78cf0b5791 Refactored try_add_user and needs_registration to avoid code duplication 2020-06-22 11:59:02 +03:00
VakarisZ 8c428aa44d Added registration to aws, small typo fixes 2020-06-22 11:57:48 +03:00
VakarisZ 85275f6141 Bugfix: bad import path fix 2020-06-22 10:17:55 +03:00
VakarisZ a093cb0d6f Bugfix: Include statement of absent PTH map removed 2020-06-22 10:17:22 +03:00
VakarisZ 4a082fb390 Merge remote-tracking branch 'upstream/develop' into password_setup 
# Conflicts:
#	monkey/monkey_island/cc/resources/netmap.py
#	monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
#	monkey/monkey_island/cc/ui/src/components/report-components/security/ScannedServers.js
 2020-06-22 09:56:01 +03:00
VakarisZ 8af4246f66 Reverted server_config.json that contains test credentials 2020-06-19 16:08:33 +03:00
VakarisZ 1cc5310713 Changed login page to match the style of registration page 2020-06-19 16:07:57 +03:00
VakarisZ a1da0e3239 Migration to bootstrap v4 changes 2020-06-19 15:35:11 +03:00
VakarisZ ce5e415788 Finished "no password" environment option 2020-06-16 13:45:10 +03:00
VakarisZ a5b1ac22f9 Removed server_config from tracking 2020-06-16 11:04:43 +03:00
VakarisZ 947f9d244a Reverted accidental test credential commit 2020-06-16 10:42:50 +03:00
VakarisZ 5996569607 Fixed registration bugs: empty password gets registered, credentials not being sent 2020-06-15 11:33:56 +03:00
VakarisZ ac83d7fc48 Migration to bootstrap v4 started, Registration UI finished 2020-06-15 11:04:25 +03:00
VakarisZ 1b98080102 Refactored side navigation into a separate component 2020-06-12 15:56:42 +03:00
VakarisZ b419ed5e65 Password setup - password environment by default 2020-06-12 11:50:45 +03:00
VakarisZ 889bf359e1 Password setup - backend fixes 2020-06-12 11:50:07 +03:00
VakarisZ c8cf7d52a4 Backend refactoring: server environment and authentication 2020-06-11 18:20:32 +03:00
VakarisZ 18dec0c652 Password setup: Backed environment changes and unit tests 2020-06-10 11:52:55 +03:00
VakarisZ 0ec5259540
Merge pull request #678 from guardicore/feature/pypykatz 
Mimikatz dll to pypykatz refactor
 2020-06-08 15:21:49 +03:00
VakarisZ 7e9251272f
Merge pull request #671 from guardicore/feature/edge_refactoring 
Edge refactoring to DAL and minor PIP improvements
 2020-06-08 15:17:19 +03:00
VakarisZ 966599a038 Removed pass the hash map UI component 2020-06-08 15:12:40 +03:00
VakarisZ 5669ae652c Bugfix - username with "." character fix 2020-06-08 14:24:16 +03:00
VakarisZ 3228bcf2c7 CR comments fixed: renames and readability improvements 2020-06-08 14:23:39 +03:00
VakarisZ 4c8319669f Map jiggle small-fix: wait less for map to stop moving 2020-06-08 10:31:31 +03:00
VakarisZ fb59531969 Refactored EdgeService into a boundary object. 2020-06-08 10:29:04 +03:00
VakarisZ 0dc864baa5 Fixed a bug that added empty credentials to configuration 2020-06-05 15:59:31 +03:00
VakarisZ 6703e32ff2 UI bugs, related to PTH map hiding, fixed. 2020-06-05 14:54:04 +03:00
VakarisZ c03c70ba28 Removed infrastructure related to mimikatz binary: deployment scripts and docs updated 2020-06-05 14:40:58 +03:00
VakarisZ 0be709958c Improved scanned servers overview by inputting space character code 2020-06-05 12:09:28 +03:00
VakarisZ f5b37044fd Removed PTH map 2020-06-05 09:36:53 +03:00
VakarisZ 895db8b446 Fixed bugs and finished up pypykatz integration 2020-06-05 09:36:35 +03:00
VakarisZ 192ac67159 Fixed typo in ScannedServers.js 2020-06-05 09:27:09 +03:00
Shay Nehmad 9ea6718d37 Moved a function into common, since Monkey doesn't have ring as a dependency 
Also renamed it and added UTs
 2020-06-03 16:18:19 +03:00
Shay Nehmad ca87ff1330 Merge branch 'develop' into release/1.8.2 2020-06-03 15:55:29 +03:00
VakarisZ 90b47a4bb6 Migrated to pypykatz on monkey 2020-06-03 10:02:31 +03:00
VakarisZ a160e3396b Small PEP improvements all around, unused method deleted on displayed_edge.py 2020-05-29 11:42:27 +03:00
VakarisZ 0a52158a61 Merge remote-tracking branch 'upstream/develop' into feature/edge_and_config_refactoring 2020-05-29 11:08:00 +03:00
VakarisZ 092482ad87 Refactored edge from mongo queries to DAL 2020-05-29 11:07:25 +03:00
ophirharpazg a07ec9251c formatting of the binaries path 2020-05-29 00:30:03 +03:00
ophirharpazg 02bdf4bb11 Added text to the missing-binaries modal 2020-05-27 21:31:32 +03:00
ophirharpazg a4d4f629e0 Raise a modal indicating that Monkey binaries are missing. 2020-05-27 19:32:09 +03:00
ophirharpazg e1229baa61 The Missing Binaries modal works but in a non-elegant way 2020-05-27 17:10:36 +03:00
Shay Nehmad 090beb6077 We forgot to call onClose for the button 2020-05-27 10:12:32 +03:00
VakarisZ 50dcfa3f73 Merge remote-tracking branch 'upstream/develop' into release/1.8.2 2020-05-26 14:37:01 +03:00
VakarisZ ffda4e858c
Merge pull request #664 from guardicore/feature/smb_vulnerable_port_fix 
SMB vulnerable port fix
 2020-05-26 14:33:00 +03:00
VakarisZ 8cf9c9f8f4 Explicitly set vulnerable port to None 2020-05-26 14:17:21 +03:00
VakarisZ 1ed49c6eb0 Fixed smb exploiter bug where vulnerable port was not passed 2020-05-26 11:50:01 +03:00
Shay Nehmad 5ea4a90223 Bump path version 2020-05-26 10:52:41 +03:00
VakarisZ 43a94b626d Merge remote-tracking branch 'upstream/develop' into ui_performance_fixes 2020-05-25 18:36:47 +03:00
VakarisZ 3405f29f15 Added small readability changes 2020-05-25 18:25:15 +03:00
VakarisZ 1e812b987a Revert "Map jitter fix" 
This reverts commit 30be2715
 2020-05-25 10:05:19 +03:00
VakarisZ 1ce2037557 Merge remote-tracking branch 'upstream/feature/exploitation_redundancy_fix' into exploitation_redundancy_fix 2020-05-25 09:53:56 +03:00
Shay Nehmad 2cf9c9c0fe Fix minor linter issues 2020-05-24 13:55:11 +03:00
VakarisZ 9864720fb5 Get node label performance improvement and small BB test changes 2020-05-22 21:22:29 +03:00
VakarisZ bd0b1c1d34 Refactored monkey local config keys into a constant 2020-05-22 10:53:15 +03:00
VakarisZ 04b00b5d88 Revert "UI crash due to multiple redundant telemetry requests fix" 
This reverts commit 598872af
 2020-05-22 09:42:21 +03:00
VakarisZ c75190eede Map jitter fix 2020-05-22 09:16:43 +03:00
VakarisZ c730605198 UI crash due to multiple redundant telemetry requests fix 2020-05-22 09:16:32 +03:00
VakarisZ bda9b04393 Added "build_command_explicitly()" UT and improved it a bit 2020-05-21 19:58:02 +03:00
VakarisZ 436472b578 Added parameter logging on monkey start, fixed bug where dropper launched monkey inproperly 2020-05-21 19:23:23 +03:00
VakarisZ 30be271598 Map jitter fix 2020-05-21 17:30:59 +03:00
VakarisZ 598872afee UI crash due to multiple redundant telemetry requests fix 2020-05-21 15:34:57 +03:00
VakarisZ f941c9c5fc Added port not null check on island resource 2020-05-21 10:57:18 +03:00
VakarisZ ca1ee90385 Hadoop bugfix, minor readability improvement 2020-05-20 17:20:07 +03:00
VakarisZ 5def120942 Merge remote-tracking branch 'upstream/develop' into exploitation_redundancy_fix 2020-05-20 15:55:50 +03:00
VakarisZ 2cbe9c1164 Merge branch 'zt_performance_fixes' into exploitation_redundancy_fix 2020-05-20 15:54:27 +03:00
VakarisZ 44cb87a2c9 Minor js readability improvement 2020-05-20 15:03:02 +03:00
VakarisZ eb226f070f Merge remote-tracking branch 'upstream/develop' into zt_performance_fixes 2020-05-20 13:25:48 +03:00
VakarisZ ab025d9074 Merge remote-tracking branch 'upstream/develop' into zt_performance_fixes 2020-05-20 13:14:53 +03:00
VakarisZ 52767897bf Removed the mechanism of adding exploited machines to blocked machine list. This mechanism was good way to assess performance improvement, but it sacrificed coverage 2020-05-20 12:28:14 +03:00
VakarisZ c817415ef3 Fixed "is monkey running on island" check by splitting port from ip string 2020-05-20 11:25:24 +03:00
VakarisZ 507bf43b9b Renamed monkey_island.cc.utils to monkey_island.cc.network_utils as it contains only networking related code 2020-05-20 11:24:35 +03:00
VakarisZ 0e54b78664 Changes that allow to avoid monkey exploitation redundancy: checking if island can see vulnerable port, checking if monkey was started on island and comparing depth vs maximum depth 2020-05-20 10:00:42 +03:00
VakarisZ 698a13960e Removed unnecessary UI warning about config change not working if monkeys already ran 2020-05-19 13:24:48 +03:00
VakarisZ 54ac059d5e Prototype changes that fix redundant exploitations, but break multiple iterations 2020-05-15 10:42:03 +03:00
VakarisZ a360e8514e Fixed a bug of multiple telemetry exports in a single island run. 2020-05-13 16:39:47 +03:00
Shay Nehmad 5dd6b40560
Merge pull request #647 from guardicore/feature/attack_create_user_fix 
Smallfixes on persistance/create user attack technique
 2020-05-13 15:41:13 +03:00
VakarisZ ee7051fdea Smallfixes on persistance/create user attack technique 2020-05-13 12:45:19 +03:00
VakarisZ cff92303e5 Merge remote-tracking branch 'upstream/develop' into zt_performance_fixes 2020-05-13 11:21:37 +03:00
VakarisZ a8e94a90f9 Added fixtures to skip tests failing due to mongoengine 2020-05-13 11:11:07 +03:00
VakarisZ ee6b122f01 Minor improvements 2020-05-12 15:45:51 +03:00
VakarisZ 2debe98052 Profiling decorator: added readme and profiler logs added to gitignore 2020-05-12 12:43:41 +03:00
Shay Nehmad 85b5a156fc Fixed code review comments - JS linting and readability 2020-05-12 10:16:04 +03:00
Shay Nehmad c1f52ee994 Added a short summary sentence over each table in the security report 
Solves https://github.com/guardicore/monkey/issues/635
 2020-05-11 22:36:38 +03:00
VakarisZ 9b350b8bf5 Minor fixes and improvements 2020-05-11 17:58:58 +03:00
VakarisZ 3fcc9444e9
Merge pull request #632 from VakarisZ/monkey_telemetry_fabrication 
Monkey telemetry fabrication and tests
 2020-05-11 16:56:37 +03:00
Shay Nehmad c7004123c8
Merge pull request #644 from acepace/bugfix/remove_wmi_requirement_from_non_windows 
Bugfix/remove wmi requirement from non windows
 2020-05-11 16:56:12 +03:00
VakarisZ 08f46a8ac9 Merge branch 'monkey_telemetry_fabrication' into zt_performance_fixes 
# Conflicts:
#	envs/monkey_zoo/blackbox/test_blackbox.py
#	monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/EventsModal.js
 2020-05-11 16:42:53 +03:00
Shay Nehmad c1de9516a0 Update NPM dependency to latest 2020-05-11 16:34:57 +03:00
VakarisZ e189e96259 Improved the dir structure of telem parsing, other minor CR comments fixed 2020-05-11 16:32:18 +03:00
Ace Pace 1f11173545 Remove reg_utils, unused file. 
Moved WMI imports to be gated behind win32 check.
Set wmi package to be installed only on win32 platform.

The mongo_utils and wmi_utils modules are only imported by the windows_info_collector which is only imported if we're on windows.
 2020-05-11 14:35:24 +03:00
Ace Pace 735aac9c0d Remove pywin32 requirement, it's a subset requirement of wmi. 2020-05-11 14:35:19 +03:00
Shay Nehmad 69f978098c Trying to fight with NPM 
And losing
 2020-05-11 12:32:23 +03:00
Shay Nehmad ca49eb72b3 Update node sass version 2020-05-11 08:57:58 +03:00
Shay Nehmad bb54d4f4b3 Merge branch 'develop' into hotfix/fix-ui-build-problems 2020-05-11 08:57:22 +03:00
Shay Nehmad fdfa57edae Fix import typo 2020-05-10 19:38:29 +03:00
Shay Nehmad bd18893089 Added depth logging for easier debugging down the line 2020-05-10 15:09:43 +03:00
VakarisZ 10d1e7dc0b Fixed monkey ignoring depth restrictions 2020-05-08 17:15:59 +03:00
VakarisZ a98b348d24 Merge remote-tracking branch 'upstream/develop' into monkey_telemetry_fabrication 
# Conflicts:
#	envs/monkey_zoo/blackbox/island_client/monkey_island_client.py
#	envs/monkey_zoo/blackbox/test_blackbox.py
 2020-05-07 12:15:43 +03:00
VakarisZ 9aff40d974 Fake IP's don't get out of range, fixed typo in requirements and added logging to telem parsing 2020-05-07 11:20:08 +03:00
VakarisZ 571682fff9 Refactored ZT events sending and display on report to improve performance and UX 2020-05-06 16:52:50 +03:00
VakarisZ 4073e2f41f Fixed zero trust bug where all events had the same timestamp 2020-05-06 16:50:17 +03:00
Ace Pace 115cb05031 Remove flake8 warnings on import not in start of module. Possible alternative is using __all__ but that may come with change in functionality. 2020-05-06 00:04:54 +03:00
Ace Pace 1de511b1ed Remove some more PEP8 2020-05-06 00:01:50 +03:00
Ace Pace 2f4904d3a3 Merge branch 'develop' into bugfix/random_pep 2020-05-05 23:57:34 +03:00
Ace Pace 4c27ea4f7b Fix a few more. Re set the number of flake warnings to be higher :( 2020-05-05 23:47:41 +03:00
VakarisZ 8a385eca93 Style fix for modal window and report tabs 2020-05-04 16:47:17 +03:00
VakarisZ f3ec436f78
Merge pull request #582 from shreyamalviya/map-create-user-pba-to-matrix 
Map create user PBA to ATT&CK matrix
 2020-05-04 12:10:44 +03:00
VakarisZ 9470ba9729
Merge pull request #634 from acepace/feature/UI_games 
Feature/ui size improvements
 2020-05-04 12:04:08 +03:00
Shreya 3bfdcb9e9a Undo line deletion 
Forgot to add it back on undoing previous changes
 2020-05-04 14:26:20 +05:30
Shreya 319c1c27bb Remove redundant code (which was mapping matrix to PBA config) 2020-05-02 00:35:20 +05:30
VakarisZ cdf65ae097 Post breach typo in configuration_schema fix 2020-05-02 00:35:20 +05:30
Shreya 749c37f647 Add check for "Communicate as new user" PBA in T1136 2020-05-02 00:35:20 +05:30
Shreya e164f53ed4 Remove unwanted code (for mapping config to matrix [T1136]) 2020-05-02 00:35:20 +05:30
Shreya 0394b8404a Tiny changes according to review 2020-05-02 00:35:20 +05:30