ybasford
7dd4fe820d
Docs: Fixed spelling
2022-08-29 12:16:10 -04:00
ybasford
4d723b07fa
Docs: Corrected the number of reports
2022-08-29 12:16:07 -04:00
ybasford
d9eb867a2d
Docs: Corrected grammatical error
2022-08-29 12:16:06 -04:00
ybasford
2783db69b9
Docs: No need for capitalization
2022-08-29 12:15:48 -04:00
ybasford
159eb2b45b
Docs: Capital letters and changed a word
2022-08-29 12:15:46 -04:00
ybasford
5bc2b1ba5a
Docs: Turned into singular because there is only one note
2022-08-29 12:15:30 -04:00
ybasford
99cd35aae5
Docs: Removed redundant word
2022-08-29 12:15:24 -04:00
ybasford
c98a55bcd4
Docs: Changed punctuation
...
Used a colon because it precedes a list
2022-08-29 12:15:20 -04:00
ybasford
aae513ce00
Docs: Added a word
2022-08-29 12:15:16 -04:00
ybasford
bc66b6defa
Docs: Changed punctuation
2022-08-29 12:15:11 -04:00
ybasford
43c8778c7c
Docs: Capitalized heading
2022-08-29 12:15:09 -04:00
ybasford
4e5e800222
Docs: Corrected typo
2022-08-29 12:15:06 -04:00
ybasford
6bcd5816ee
Docs: Corrected grammar
2022-08-29 12:13:44 -04:00
ybasford
8794d2a3c1
Docs: Update aws-run-on-ec2-machine.md
...
Changed wording
2022-08-29 12:12:36 -04:00
ybasford
4ca7fdeae9
Docs: Changed to US spelling
2022-08-29 12:12:32 -04:00
ybasford
9dbe0016e1
Docs: Deleted extra word
2022-08-29 12:12:18 -04:00
Mike Salvatore
be2a683732
Merge branch 'release/1.13.0'
2022-01-25 09:58:01 -05:00
Mike Salvatore
fed7d050be
Changelog: Update version and release date for v1.13.0
2022-01-25 09:54:12 -05:00
vakarisz
ab290fd732
Docs: clarify that AppImage can only run in WSL 2 on windows
2022-01-25 15:20:33 +02:00
vakarisz
28cf8b55cf
BB: modified performance config template to contain log4shell machines
2022-01-25 15:16:32 +02:00
vakarisz
62dc4a4d5c
Docs: add version to docker examples
...
Based on docs it wasn't clear what user should substitute for "VERSION". By providing specific version like "v1.13.0" we clarify the format of the version string.
2022-01-25 15:03:06 +02:00
vakarisz
014108e360
Docs: remove outdated documentation about AWS deployment
2022-01-25 14:59:55 +02:00
vakarisz
a59c6b59b6
Docs: add hashes of 1.13.0 release binaries
2022-01-24 10:29:44 +02:00
vakarisz
189505a97d
Agent: add vulnerable log4shell url's
...
Url's are used in mitre report
2022-01-21 15:35:07 +02:00
Mike Salvatore
75ed119c00
Changelog: Add changelog entries for Log4Shell exploiter
2022-01-21 07:40:42 -05:00
VakarisZ
39a48c2b64
Merge pull request #1670 from guardicore/1663-log4shell-exploit
...
Log4Shell exploiter
2022-01-21 11:52:14 +02:00
Mike Salvatore
4c30118f67
Docs: Increase v1.12.0 -> v1.13.0
2022-01-20 14:38:14 -05:00
Mike Salvatore
5bf82659bd
UI: Switch CVE-2021-44228 from href to react-bootstrap Button
...
This resolves an eslint error regarding `target="blank"` without
`rel="noopener"` and makes this code more consistent with other code.
2022-01-20 12:14:52 -05:00
Mike Salvatore
d21dd6da13
Agent: Wait for victim to download agent before killing servers
...
The Log4Shell exploiter requires the victim to contact a number of
different servers. Wait a reasonable amount of time for the victim to
call home and download the agent before issuing the shutdown command to
the server.
2022-01-20 10:42:51 -05:00
Mike Salvatore
e576136a63
Agent: Skip Log4Shell exploiter if there are no open ports
2022-01-20 08:52:09 -05:00
Mike Salvatore
6d87289bd0
Agent: Minor change to log statement in ExploitClassHTTPServer
2022-01-20 08:17:57 -05:00
Shreya Malviya
83d2a0aac0
Common, UI: Bump version numbers to 1.13.0
2022-01-20 17:49:02 +05:30
Shreya Malviya
ce8c178297
BB: Add Log4Shell zoo machines to table of contents, grammar fixes
2022-01-20 17:24:11 +05:30
Mike Salvatore
d0e26f770f
Agent: Add lock to HTTPHandler.do_GET() to avoid potential race
2022-01-19 19:37:23 -05:00
vakarisz
76d6071f7c
Island: add cve link to log4shell report
2022-01-19 15:09:03 +02:00
Mike Salvatore
1840dd54ca
Agent: Add class documentation to ExploitClassHTTPServer
2022-01-18 12:33:06 -05:00
Mike Salvatore
63085273a9
Agent: Encapsulate parallelism in ExploitClassHTTPServer
2022-01-18 08:57:05 -05:00
vakarisz
212fb3a653
BB: black format config_generation_script.py
2022-01-18 15:23:59 +02:00
vakarisz
a5a4957c29
Agent: small readability and style improvements
2022-01-18 15:01:47 +02:00
vakarisz
03919c3caf
Agent: fix struts2 url building
2022-01-18 14:29:57 +02:00
vakarisz
76a32d241c
Agent: log4shell readability and style fixes
2022-01-18 12:48:56 +02:00
vakarisz
52ac7dd295
Agent: fix a bug in web_rce url building
...
build_potential_urls was made static and takes IP as first parameter, but the users of this method wasn't changed and only passed ports
2022-01-18 12:22:38 +02:00
vakarisz
e3f9312ff9
BB: change log4j exploit depth to 1 (default)
...
This change is necessary to make sure that exploitation is successfull from a particular machine being tested.
2022-01-18 11:44:47 +02:00
vakarisz
f667d9203b
Agent: update Pipfile.lock to contain pyinstaller changes
...
Pyinstaller got changed to not crash ldap server that's running on a spawned process, by continuing if no m0nk3y or dr0pp3r flags are specified
2022-01-18 11:41:18 +02:00
Ilija Lazoroski
51bf553fb5
Agent, Island: Minor changes to Log4Shell
...
Return types, removing logging from solr service
and change Log4j to Log4Shell in Island reporting
2022-01-17 16:37:03 +01:00
Ilija Lazoroski
311a721880
BB: Fix IP address for Tomcat machines
2022-01-17 16:34:56 +01:00
vakarisz
77eb3ce004
BB: Added log4j configs to the list of manually generatable configs
2022-01-17 11:40:31 +02:00
Mike Salvatore
363d0e14bf
UT: Add unit test for Log4Shell LDAPExploitServer
2022-01-14 11:53:50 -05:00
Mike Salvatore
c9e59bd266
Agent: Refactor Log4Shell LDAP server to avoid race condition
...
A race condition existed between the time when the LDAP server was
instructed to start and the first exploit was sent to the victim.
Sometimes, the first exploit would be sent before the LDAP server
finished starting, resulting in failed exploitation.
To remedy this, the LDAPExploitServer.run() function now blocks until
the server has successfully started. Once the server has started,
LDAPExploitServer.run() returns. This allows the caller to have
confidence that the LDAP server is running after LDAPExploitServer.run()
returns and alleviates the need to sleep in order to avoid the race
condition.
2022-01-14 09:43:14 -05:00
Mike Salvatore
d5e05d7885
Agent: Change log level of Log4Shell HTTP startup message to INFO
2022-01-14 09:31:25 -05:00