Mike Salvatore
60e34636ec
UI: Fix stupid typo in the attack section of the ransomware report
2021-09-14 12:50:39 -04:00
Mike Salvatore
1d991be6b4
Update CHANGELOG.md
2021-09-14 12:30:43 -04:00
Mike Salvatore
f54b759d92
Merge pull request #1459 from guardicore/extract-deployment-field
...
Extract deployment field from server config
2021-09-14 12:24:46 -04:00
Mike Salvatore
3287f4831e
Build: Remove deployment.json files
2021-09-14 12:22:03 -04:00
Mike Salvatore
238810e743
Build: Remove unused install_common_build_prereqs()
2021-09-14 12:09:13 -04:00
Ilija Lazoroski
6ebe2e391b
Island: Add more exceptions to get_deployment_from_file
2021-09-14 16:54:06 +02:00
Mike Salvatore
412aefab3e
Island: Switch get_deployment_from_file() to use Paths
2021-09-14 10:19:14 -04:00
VakarisZ
ed93971595
Remove the empty test_server_config_handler.py file.
2021-09-14 14:49:30 +03:00
Mike Salvatore
58ed42a247
Agent: Add comment regarding NTLM hashes to format_password()
2021-09-14 07:44:03 -04:00
Shreya Malviya
38011f20b5
island: Remove unnecessary type conversion in log statement
2021-09-14 16:05:19 +05:30
Shreya Malviya
686f65e4f4
tests: Move monkeypatch statements to fixtures in test_version_update.py
2021-09-14 16:04:06 +05:30
Shreya Malviya
90c6392e16
island, tests: Handle exceptions when getting deployment type from file and add related tests
2021-09-14 15:47:50 +05:30
Shreya Malviya
9fd6ea9598
island, tests: Modify function to get deployment type with file path as input and modify related tests
2021-09-14 14:02:24 +05:30
Ilija Lazoroski
c1fc56d4ce
Island: Change monkey code to use deployment.json
...
Add UTs for get_deployment. Fix Enviroment UTs.
2021-09-13 18:47:28 +02:00
VakarisZ
4759fe1581
Merge pull request #1458 from guardicore/1450/av_explanation_missing_binary
...
UI: Add AV explanation if binaries are missing
2021-09-13 09:24:34 +03:00
Mike Salvatore
8d2b704bd9
Docs: Fix broken link in FAQ
2021-09-11 13:15:55 -04:00
VakarisZ
45429f6b29
Merge pull request #1457 from guardicore/1126/ut_for_pba_file_upload
...
UT: Add unit tests for pba_upload
2021-09-10 17:03:54 +03:00
Ilija Lazoroski
92b829ede2
UI: Add AV explanation if binaries are missing
2021-09-10 15:39:28 +02:00
Ilija Lazoroski
c348a01b16
UT: Improve readability on pba_file_upload
2021-09-10 14:48:39 +02:00
Shreya Malviya
78ab3f176c
tests: Remove deployment field from unit tests' server configs
2021-09-10 17:41:43 +05:30
Ilija Lazoroski
2fd38061b2
UT: Add unit tests for pba_upload
2021-09-10 14:10:31 +02:00
Shreya Malviya
2b4beb2200
island: Don't set deployment type from server config in env config
2021-09-10 17:36:57 +05:30
Shreya Malviya
a62328dcf6
island: Get deployment type from file in env config
2021-09-10 17:31:33 +05:30
Shreya Malviya
2af3878e81
common: Pick up version details from deployment.json in common/version.py
2021-09-10 16:36:26 +05:30
Shreya Malviya
2b9b755177
island: Extract deployment type and version number into deployment.json
2021-09-10 16:29:31 +05:30
Shreya Malviya
c46c02507f
build_scripts: Extract deployment field from server configs to separate files for appimage and docker
2021-09-10 15:21:34 +05:30
VakarisZ
dec2fc43c2
Merge pull request #1449 from guardicore/powershell-exploiter-ntlm-hashes
...
Use LM and NT hashes in powershell exploiter
2021-09-09 11:56:02 +03:00
Ilija Lazoroski
1ba10d7059
UT: Fix powershell copy_file tests
2021-09-09 10:35:24 +02:00
VakarisZ
cc1c049ee9
Refactor test_login_attemps_correctly_reported in test_powershell.py to address the changes in the flow of powershell and powershell client
2021-09-09 11:34:38 +03:00
VakarisZ
e44e8f503e
Refactor powershell client to not perform actions on init and clean up powershell exploiter a bit
2021-09-07 12:18:34 +03:00
Shreya Malviya
eefd7a69e8
Merge pull request #1453 from guardicore/bugfix-expanded-report-reset
...
Don't collapse PBA table in security report on data change
2021-09-07 13:09:00 +05:30
Shreya Malviya
f917258979
CHANGELOG: Add entry for bugfix (table collapse on reset)
2021-09-06 18:33:23 +05:30
Shreya Malviya
114758978b
cc: Set `collapseOnDataChange` to false in PBA table in security report
2021-09-06 18:31:35 +05:30
Ilija Lazoroski
d27194c568
Zoo: Fix powershell bb config for ntlm hash
2021-09-06 13:50:24 +02:00
Shreya Malviya
6740812f4b
Merge pull request #1439 from guardicore/remove-standard-environment
...
Remove standard environment (insecure access feature)
2021-09-06 13:18:27 +05:30
VakarisZ
57908b94eb
Merge pull request #1452 from guardicore/1418/bb-to-use-credentials
...
Zoo: Change island to use credentials
2021-09-06 10:28:39 +03:00
Ilija Lazoroski
1e5d49024d
Zoo: Change island to use credentials
2021-09-06 09:17:15 +02:00
VakarisZ
17bc9e3f75
Merge pull request #1451 from guardicore/logo_overlap_bugfix
...
Fix the Guardicore logo overlap
2021-09-03 15:33:08 +03:00
VakarisZ
f2739f426c
Add a CHANGELOG.md entry about the fixed Guardicore logo overlapping
2021-09-03 15:30:50 +03:00
VakarisZ
4dbd7b41f5
Fix the Guardicore logo which is overlaping the landing page buttons on smaller screens
2021-09-03 15:27:04 +03:00
Mike Salvatore
65c9be90d3
Docs: Add NTLM hash details to PowerShell exploiter docs
2021-09-02 14:29:07 -04:00
Mike Salvatore
71c4e4d8dc
Agent: Fix incorrect host arch identification in PowerShellClient
2021-09-02 14:06:36 -04:00
Mike Salvatore
1a1a130716
Agent: Format NT/LM hashes for use with pypsrp in PowerShellClient
2021-09-02 13:26:24 -04:00
Mike Salvatore
9cc488d36a
Agent: Remove powershell_utils/utils.py
...
Move single function that was previously in
powershell_utils/utils.py to powershell.py
2021-09-02 13:26:24 -04:00
Mike Salvatore
501fc162b4
Agent: Attempt login with LM and NT hashes in PowerShellExploiter
2021-09-02 13:26:23 -04:00
Mike Salvatore
a2e6b0bfbd
Agent: Add LM and NT hashes to PowerShell Credentials
...
Adds two list parameters to get_credentials() that contain LM and NT
hashes respectively. Adds a "secret_type" field to Credentials so that
the user of the Credentials object can distinguish between using cached
credentials (on windows), passwords, and NT or LM hashes.
2021-09-02 12:29:49 -04:00
Mike Salvatore
3a6f725cc4
Agent: Rename Credentials.password to Credentials.secret
...
The PowerShell Credentials dataclass will hold more than just passwords.
It will also hold NT and LM hashes. "secret" is, therefore, a more
accurate name than "password".
2021-09-02 12:02:30 -04:00
Mike Salvatore
0ecbfdea38
Merge pull request #1446 from guardicore/powershell-exploiter-refactor
...
Powershell exploiter refactor
2021-09-02 11:58:01 -04:00
Mike Salvatore
023d6a2d04
Tests: Add more tests for PowerShellExploiter
2021-09-02 11:54:22 -04:00
Mike Salvatore
936074605f
Agent: Ensure temp file is removed by PowerShellExploiter
2021-09-02 11:53:13 -04:00