Commit Graph

7669 Commits

Author SHA1 Message Date
vakarisz 13e5c03cf9 Agent: Add interrupt check before/after agent upload in wmiexec.py 2022-03-18 14:14:22 +02:00
vakaris_zilius bd07459dab Agent: Fix typos and comments in WMI and HostExploiter.py 2022-03-18 08:44:35 +00:00
vakaris_zilius b70144f5e1 Agent: Remove remote check for running monkey in WMI exploiter 2022-03-18 08:43:28 +00:00
Mike Salvatore 54bbe8bf2f Agent: Add WMI error message to results if exploit failed 2022-03-17 12:46:08 -04:00
Mike Salvatore 040a23546c Agent: Add a comment about Impacket timeouts 2022-03-17 12:45:37 -04:00
Mike Salvatore a002c96bc6 Agent: Add interrupt to powershell tests 2022-03-17 10:45:56 -04:00
vakaris_zilius 6bdd5ef179 Agent, UI: Improve style with small changes in interrupt code 2022-03-17 10:35:53 -04:00
vakaris_zilius 1d74864092 Island: Fix agent stopping bugs
2 bugs fixed: UI used miliseconds instead of seconds and island kept stopping monkeys, but it should only stop monkey once to not prevent more runs
2022-03-17 10:35:53 -04:00
vakaris_zilius 1c79efc941 Agent: Log why exploiter got interrupted when stopped 2022-03-17 10:35:53 -04:00
vakarisz 520e98032a Agent, Island: Rename "alive" to "should_stop" in configuration
"Alive" indicates state, when in fact we need a value indicating if stop command was sent to this monkey. Monkey alive state is already tracked elsewhere, in the Monkey document
2022-03-17 10:35:50 -04:00
vakarisz fae25939b5 Agent: Add interrupt to WMI exploiter 2022-03-17 10:33:31 -04:00
vakarisz d1a4018d5f Agent: Pass interrupt event to HostExploiter 2022-03-17 10:33:31 -04:00
Shreya Malviya ed5e686b04 Island: Remove `keepalive`
Fixes #1783
2022-03-17 09:34:39 -04:00
Mike Salvatore 87a742186a
Merge pull request #1786 from guardicore/remove-dead-code
Remove dead code
2022-03-17 06:54:31 -04:00
Ilija Lazoroski d29990769b Agent: Use current_depth in SSH exploit 2022-03-16 20:14:13 +01:00
Ilija Lazoroski 10bb74e402 Agent: Remove cryptography and pyopenssl from Pipfile
Fixes #1482
2022-03-16 15:04:06 -04:00
Mike Salvatore bfd9084ce1 Project: Add architecture parameter to vulture_allowlist 2022-03-16 13:39:39 -04:00
Mike Salvatore 98fb4132ec Agent: Remove disused config values from WormConfiguration 2022-03-16 13:39:35 -04:00
Mike Salvatore aac8638df2 Agent: Remove disused get_interfaces_ranges() 2022-03-16 13:39:31 -04:00
Mike Salvatore 4cf448ebe1 Agent: Remove disused struct_unpack_tracker*() 2022-03-16 13:39:24 -04:00
Mike Salvatore 916f4a6a46 Agent: Remove disused get_exploit_user_ssh_key_pairs() 2022-03-16 13:39:21 -04:00
Mike Salvatore 7a71a99420 Agent:Remove disused TIMEOUT constant in network/info.py 2022-03-16 13:38:57 -04:00
Mike Salvatore 77e0cae441 Agent: Remove disused methods in WebRCE 2022-03-16 13:38:53 -04:00
Mike Salvatore 7facf302a4 Agent: Rename unused '_' parameter to architecture in get_agent_binary 2022-03-16 13:38:49 -04:00
Mike Salvatore 048817d60a Agent: Remove disused VictimHostGenerator 2022-03-16 13:38:43 -04:00
Mike Salvatore f0fed888cb Common: Remove disused SYSTEM_INFO telemetry category 2022-03-16 13:38:39 -04:00
Mike Salvatore cd3f5e7f16 Project: Add get_file_sha256_hash() to vulture_allowlist.py 2022-03-16 13:38:33 -04:00
Mike Salvatore 5a708db5cc Agent: Remove disused methods from ControlClient 2022-03-16 13:38:29 -04:00
Mike Salvatore 5d2303f300 Agent: Remove disused DOWNLOAD_CHUNK 2022-03-16 13:38:25 -04:00
Mike Salvatore 1eb8e07c06 Agent: Remove disused get_target_monkey_by_os() 2022-03-16 13:38:06 -04:00
Mike Salvatore 9976b8b044 Agent: Remove disused RUNS_AGENT_ON_SUCCESS 2022-03-16 13:36:41 -04:00
Mike Salvatore 7a8442b331 Agent: Remove disused ExploitType Enum 2022-03-16 13:36:20 -04:00
Mike Salvatore 2683594983
Merge pull request #1778 from guardicore/1740-add-powershell-to-puppet
1740 add powershell to puppet
2022-03-16 13:13:42 -04:00
Mike Salvatore 8ae37a5370 Island: Hide unresponsive hosts from the infection map
Don't display a host on the infection map if the agent did not either
receive a response to its ICMP packet or detect an open port on the
scan target.
2022-03-16 13:11:34 -04:00
Mike Salvatore f9936fe65d Agent: Add connect() method to IPowerShellClient 2022-03-16 17:24:22 +01:00
Ilija Lazoroski 55f969b44f Agent: Use random instead of random.SystemRandom
The calls to random doesn't need to be cryptographically secure.
SystemRandom can block in Linux indefinitely.
2022-03-16 17:24:10 +01:00
Ilija Lazoroski 747365818f BB: Update documentation for PowerShell machines 2022-03-16 14:20:42 +01:00
Ilija Lazoroski 1d81072d83 Agent: Remove unsued GET_ARCH_WINDOWS command 2022-03-16 14:20:42 +01:00
Mike Salvatore 48cded4c7c Agent: Make CachingAgentRepository fully thread-safe 2022-03-16 14:20:42 +01:00
Ilija Lazoroski 153d65eca0 Agent: User current_depth instead of get_monkey_depth() in PowerShell 2022-03-16 14:20:42 +01:00
Ilija Lazoroski e8a162ab5b Agent: Fix powershell second hop authentication
On the second hop powershell is trying to authenticate with
only a dummy username and passsword which is not enough.
We need to provide the local domain for the username,
which case is '.\'
2022-03-16 14:20:42 +01:00
Ilija Lazoroski 241641ba80 Island: Fix WindowsPath when running monkey from island 2022-03-16 14:20:42 +01:00
Ilija Lazoroski 264fa440c6 Agent: Use random name for monkey temporary bin 2022-03-16 14:20:42 +01:00
Ilija Lazoroski e4d3cc8841 Agent: Use logger variable instead of logging 2022-03-16 14:18:12 +01:00
Ilija Lazoroski d154d26fe9 Agent: Load PowerShellExploiter into the puppet 2022-03-16 14:18:12 +01:00
Mike Salvatore e09f15b1bc Agent: Add a debug log message on successful auth to PowerShellClient 2022-03-16 14:03:32 +01:00
Mike Salvatore 5be0a3d6f9 UT: Use a mock IAgentRepository instead of monkeypatching open() 2022-03-16 14:03:32 +01:00
Mike Salvatore 020dbbf2fe Agent: Set exploitation_success==True if powershell login successful 2022-03-16 14:03:32 +01:00
Mike Salvatore 3b094d0478 Agent: Move test for successful login to PowerShellClient
The current powershell client does not alert the caller that login was
unsuccessful until an attempt is made to execute a command. This is
likely a detail that is specific to the underlying pypsrp. This detail
should be abstracted away from the PowerShellExploiter so that the
PowerShellExploiter is not dealing with implementation details of the
PowerShellClient.
2022-03-16 14:03:32 +01:00
Mike Salvatore df572d84c0 Agent: Set self.exploit_result.error_message in PowerShellExploiter 2022-03-16 14:03:32 +01:00