p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
5,729 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

5729 Commits

Author SHA1 Message Date
Mike Salvatore 07937d7238 Agent: Move ransomware readme constants to ransomware/consts.py 2021-07-16 10:05:58 -04:00
Mike Salvatore b1fe850624 Travis: Use swimm version 0.5.0, and not "latest" from GitHub API 
GitHub only allows so many API calls per hour. If this is exceeded, the
travis ci build will fail.
 2021-07-15 12:13:16 -04:00
Mike Salvatore 23c298a5f1 Travis: Use hugo version 0.85.0, and not "latest" from GitHub API 
GitHub only allows so many API calls per hour. If this is exceeded, the
travis ci build will fail.
 2021-07-15 12:00:57 -04:00
Mike Salvatore ed2ebc79c3
Merge pull request #1325 from guardicore/ransomware-payload-refactor 
Ransomware payload refactor
 2021-07-15 11:54:12 -04:00
Mike Salvatore feda0718cc Agent: Set default self.target_directory to None 2021-07-15 11:52:17 -04:00
Mike Salvatore 4be442f814 Agent: Fix import error 2021-07-15 11:45:58 -04:00
Mike Salvatore 7966703f63 Agent: Rename readme_utils to readme_dropper 2021-07-15 11:36:10 -04:00
Mike Salvatore 8ae41907ba Tests: Remove accidental print() from test_file_selectors 2021-07-15 11:29:54 -04:00
Mike Salvatore 9044c587a6 Agent: Pass a RansomwareConfig to RansomwarePayload 
Rather than RansomwarePayload being responsible fro translating the
config dictionary into something usable, it now just accepts a
RansomwareConfig object which contains pre-processed configuration
options.
 2021-07-15 11:26:02 -04:00
Mike Salvatore 6f5a7faaa1 Agent: Add RannsomwareConfig class 2021-07-15 11:23:32 -04:00
Mike Salvatore f804d6cf5b UI: Left-align report table headers since contents are left-aligned 2021-07-14 14:56:42 -04:00
Mike Salvatore 7ae46339e0 UI: Show ransomware encrypted file count only in red or black 2021-07-14 14:56:42 -04:00
Mike Salvatore e241d46263
Merge pull request #1323 from guardicore/ransomware-show-relevant-configuration-tabs 
Display relevant configuration tabs in ransomware mode
 2021-07-14 14:31:59 -04:00
Mike Salvatore 6acd9061a3 Island: Set correct default config tab on refresh 2021-07-14 14:30:41 -04:00
Mike Salvatore fb7a615766
Merge pull request #1322 from guardicore/1241/ransomware-quickstart-hide-run-scoutsuite 
Ransomware quickstart - Hide scoutsuite run options in ransomware mode
 2021-07-14 14:29:41 -04:00
Mike Salvatore c0514e1359 Island: Pass island mode as a prop to ConfigurePageComponent 2021-07-14 14:26:14 -04:00
Shreya 7170efbf0d cc: Extract configuration tabs' order to a separate file and modify how the order is fetched 2021-07-14 13:58:19 -04:00
Shreya 6e3053cfc0 cc: Don't try rendering any monkey config tab if length of `this.state.configuration` is 0 
The config is fetched in `componentDidMount()` (which is called
after `render()` finishes successfully). If you attempt to render
the configuration (i.e. call `renderConfigContent()`) before the
config is fetched, it throws an error.
 2021-07-14 13:58:19 -04:00
Shreya 917d7dfb15 cc: Get configuration tabs' order based on Island mode 2021-07-14 13:58:19 -04:00
Shreya 035ce6c8b0 cc: Don't set `selectedSection` to 'attack' in `componentDidMount` in `ConfigurePage.js` 
Remove a line which seems to do nothing useful.
Causes issues if the first tab in the configuration page
is not the ATT&CK tab.
 2021-07-14 13:58:18 -04:00
Mike Salvatore a786428652 Island: Pass island mode as a prop from Main.js to child components 2021-07-14 13:26:30 -04:00
Mike Salvatore 918d233983 Agent: Add build_ransomware_payload() function 2021-07-14 12:48:37 -04:00
Mike Salvatore fd3cc46e55 Agent: Remove unused return value from RansomwarePayload._encrypt_files 2021-07-14 12:07:19 -04:00
Ilija Lazoroski f725efd41a ui: Refactor scoutsuite hiding functions 2021-07-14 16:30:41 +02:00
Mike Salvatore 0be919b805 Agent: Use mock encryptor in test_ransomware_payload.py 2021-07-14 09:18:59 -04:00
Ilija Lazoroski 6dbac85256 ui: Hide scoutsuite run options in ransomware mode 2021-07-14 15:00:21 +02:00
Mike Salvatore d9cc66de54 Agent: Inject InPlaceFileEncryptor into RansomwarePayload 2021-07-14 08:50:49 -04:00
Mike Salvatore 0cb975a592 Agent: Rename InPlaceEncryptor -> InPlaceFileEncryptor 2021-07-14 08:38:51 -04:00
Mike Salvatore 39171f0950 Agent: Add ability to rename file to InPlaceEncryptor 2021-07-14 08:34:58 -04:00
Mike Salvatore 55ba5f530d Agent: Add InPlaceEncryptor 
InPlaceEncryptor encrypts a file in place. It accepts a callable that
performs the actual bit manipulation. This allows the in-place
encryption functionality to be easily reused, while the actual
encryption algorithm can be changed.
 2021-07-14 08:33:42 -04:00
Mike Salvatore ce2ad81321 Island: Replace concrete file selector with mock in ransomware tests 2021-07-14 07:14:49 -04:00
VakarisZ a77b7ea7bb
Merge pull request #1321 from guardicore/1241/ransomware-quickstart-start-over 
Ransomware quickstart unset mode to get method in island mode
 2021-07-14 13:47:58 +03:00
Ilija Lazoroski 2a1d41f6c7 Island: Add unset mode to get method in island mode 2021-07-14 12:40:08 +02:00
VakarisZ bf517bf566
Merge pull request #1320 from guardicore/1241/ransomware-quickstart-get-mode 
Ransomware quickstart - Add get method for island mode
 2021-07-14 12:25:53 +03:00
Ilija Lazoroski 56b5e8bb87 Tests: Remove post tests that interact with the model 2021-07-14 11:24:48 +02:00
Mike Salvatore 81eba6e883 Agent: Accept a "select_files" Callable 2021-07-13 19:22:42 -04:00
Mike Salvatore 222c394dbc Agent: Accept a "leave_readme" Callable instead of copy_file 2021-07-13 16:24:21 -04:00
Mike Salvatore 45a382f5ff Add #1240 to CHANGELOG 2021-07-13 12:36:03 -04:00
Mike Salvatore 8977040d98
Merge pull request #1317 from guardicore/ransomware_table_ui 
Ransomware table UI
 2021-07-13 12:35:18 -04:00
Mike Salvatore 50cb687769 Island: Change colors of ransomware table text 
If some files were encrypted, warning text color should be used. If all
files were encrypted, danger text color should be used.
 2021-07-13 12:34:25 -04:00
Ilija Lazoroski 5fe7a9d204 Island: Add inital get method to island mode 2021-07-13 18:26:11 +02:00
Mike Salvatore 5aa5facf1f Island: Move renderFileEncryptionStats to FileEncryptionTable.tsx 2021-07-13 11:26:07 -04:00
Mike Salvatore 77754cb4ff Island: Remove superfluous description from ransomware report 2021-07-13 11:23:48 -04:00
Mike Salvatore 1f1b9bf2fc
Island: Deduplicate <p> in renderFileEncryptionStats() 2021-07-13 11:21:56 -04:00
Mike Salvatore 3c84e70ab1
Merge pull request #1314 from guardicore/1241/ransomware-quickstart-remove-congrats 
Ransomware quickstart - Remove "Congrats" message and change header
 2021-07-13 11:08:52 -04:00
Mike Salvatore c89416f256
Merge pull request #1318 from guardicore/ransomware_quickstart_endpoint 
Ransomware quickstart endpoint
 2021-07-13 11:05:23 -04:00
Mike Salvatore 84a78a5048 Island: Don't catch Exception in POST /api/island-mode 
Flask automatically traps exceptions, returns a 500, and logs a stack
trace. Since Flask will automatically return a 500, we don't need to
duplicate the functionality. Since it prints a stack trace, it provides
more useful information than catching it did.
 2021-07-13 11:02:18 -04:00
Mike Salvatore a0fb6fa2b6 Island: Return 400 from POST /api/island_mode on invalid JSON 2021-07-13 10:58:08 -04:00
Mike Salvatore 26d3782a66 Island: Test both "ransomware" and "advanced" modes 2021-07-13 10:49:15 -04:00
Mike Salvatore 7549e64b41 Island: Return 500 from POST /api/island-mode if unexpected exception 2021-07-13 10:46:47 -04:00