Commit Graph

1039 Commits

Author SHA1 Message Date
Vakaris 2d27972e7e Struts exploitation working, and tested with win-64 and ubuntu 2018-06-20 16:58:20 +03:00
Vakaris 413bdd9254 Not yet functioning and tested, but most functions are done 2018-06-19 18:08:52 +03:00
Vakaris 9a8a6c6e28 Now exploiting both win and linux. Also, added check if monkey is not already present 2018-06-19 18:05:09 +03:00
Itay Mizeretz ddaeb7dbf8 more fixes to deb 2018-06-13 20:48:04 +03:00
Itay Mizeretz 79d8012bb2 Merge branch 'develop' into feature/support-common-folder
# Conflicts:
#	monkey/infection_monkey/exploit/shellshock.py
#	monkey/infection_monkey/test/config__test.py
2018-06-13 18:03:43 +03:00
Itay Mizeretz 0173aaf3f6 Update mocha
Change color structure for edge - required by update
2018-06-13 17:36:17 +03:00
Itay Mizeretz 20d4b3a642 Fix default config values 2018-06-13 16:05:12 +03:00
Itay Mizeretz 36230fa25c monkey island can now be run from both monkey_island.py and run_cc.bat 2018-06-13 15:40:13 +03:00
Itay Mizeretz 4e207256dd infection monkey works via infection_monkey.py or monkey.exe 2018-06-13 14:38:58 +03:00
maor.rayzin db6f44109b * Responding to the PR comments with the logs and usage changes. 2018-06-12 16:29:27 +03:00
maor.rayzin d312a3a771 * Changed name from MSSQLFingerprint to MSSQLFinger to match convention.
* Added UI support for the new fingerprint in Monkey Island.
* UI supports includes writing up MSSQL as a service under node's
  services list.
2018-06-12 13:26:28 +03:00
maor.rayzin fe1f6d67e5 Merge branch 'develop' into feature/MSSQL_fingerprint 2018-06-11 20:19:12 +03:00
maor.rayzin 1272700fe5 * Added an author mark and updated docs
* Changed the module to use the VictimHost object as host
* added True\False return statements.
2018-06-09 20:02:18 +03:00
maor.rayzin fadafdbd3a Updated the config files to default include the mssql fingerfrint class: MSSQLFingerprinter, in the monkey's configuration. 2018-06-09 18:23:54 +03:00
maor.rayzin d4c1871f87 Implemented the first draft of the mssql fingerprint class
Every line of code is documented and straight forward.
2018-06-09 18:23:08 +03:00
maor.rayzin 8b22a52006 Added the mssql finger class to the main network init file so it will be usable. 2018-06-09 18:16:39 +03:00
maor.rayzin 293c204ddd Created the MSSQL_fingerprinter branch,
added the fingerprint class WIP.
2018-06-09 17:51:46 +03:00
Daniel Goldberg de832780b6 Removed overly verbose logging line, triggered every 2 seconds 2018-06-06 13:54:21 +03:00
Daniel Goldberg 5e7a218b44
Merge pull request #138 from VakarisZ/SSH_key_stealing
SSH key stealing
2018-06-05 16:59:54 +03:00
Daniel Goldberg ecdd2e8762
Merge branch 'develop' into SSH_key_stealing 2018-06-05 16:59:28 +03:00
Daniel Goldberg d77704b3e2
Merge pull request #139 from guardicore/feature/Adding_logs_to_monkey_island
Feature/adding logs to monkey island
2018-06-05 14:06:23 +03:00
Vakaris 0503f90168 Notes fixed 2018-06-04 12:07:10 +03:00
maor.rayzin f37fabaf75 I've added logs to cover these situations and modules:
Configuration reset
    Configuration Insert
    Configuration Update
    Report steps
    Monkey downloads
    Env startup logs

Also I've changed the logging init position so it covers every functions from main, some functions and vars are being called and init from import level, in order to log those situations I had to init the log system right on the beginning of the module.
2018-05-31 19:27:26 +03:00
maor.rayzin ad0d9f4567 Added more log lines 2018-05-31 18:35:33 +03:00
Daniel Goldberg 9fa92d0c88 Fix typo in warning 2018-05-31 15:39:36 +03:00
Daniel Goldberg c7ed02b98e Bugfix, run Shellshock attack as dropper rather than monkey 2018-05-31 15:38:54 +03:00
maor.rayzin 509558fbb2 Changed the log formatting a bit, added file and function name and line
numbers to the log string.
2018-05-31 13:18:33 +03:00
maor.rayzin 05c4bb7ac7 Integrated an option to download the monkey island log files from the Log page in the web app. 2018-05-31 10:44:47 +03:00
maor.rayzin 6aeaf0f857 Integrated an option to download the monkey island log files from the Log page in the web app. 2018-05-30 18:30:56 +03:00
Vakaris 30a3bbf9a0 Exploitation of machines using ssh keys added. Also, added shh keys exploitation to report 2018-05-29 01:02:49 +03:00
Daniel Goldberg 3be4f07c75
Remove Monkey testing code, dead code as it is. (#137)
Remove the current UT code, it's not useful as it is.
2018-05-27 17:20:10 +03:00
Vakaris f45cebfd5e Does not store encrypted or already present ssh keys, shows all users from whom SSH private key were stolen under "stolen credentials" in report 2018-05-25 01:34:24 +03:00
Vakaris 5f194b70f2 Unecessary import fixed 2018-05-24 17:11:45 +03:00
Vakaris 4197ab12a3 SSH keys are now encrypted and added to database 2018-05-24 16:59:22 +03:00
Itay Mizeretz 8a56144a09 Various required fixes 2018-05-23 20:29:32 +03:00
Itay Mizeretz d30f2cf8dc Update scripts 2018-05-23 20:26:33 +03:00
Itay Mizeretz d831769d1f Fix CR 2018-05-23 18:06:30 +03:00
Itay Mizeretz a594bd11c2 Update gitignore, another relative file fix 2018-05-23 16:09:35 +03:00
Itay Mizeretz 0c6f9cb7c2 Move everything under monkey 2018-05-23 16:05:41 +03:00
Itay Mizeretz f3742c67d0 make monkey_island work with common folder 2018-05-23 15:56:08 +03:00
Daniel Goldberg ee835d51b0 Remove Monkey testing code, dead code as it is. 2018-05-23 15:22:27 +03:00
Itay Mizeretz c91aee3129 Add documentation 2018-05-23 12:27:06 +03:00
Vakaris e8b388482b quick fix 2018-05-22 19:06:12 +03:00
Vakaris a6d2483f7b Tested with windows and fixed all notes 2018-05-22 18:54:10 +03:00
cclauss 0411811fe5 from six import string_types, text_type, xrange (#128)
* from six import string_types, text_type, xrange
2018-05-22 11:13:18 +03:00
maor.rayzin 79db44d4ea Merge remote-tracking branch 'origin/develop' into develop
# Conflicts:
#	infection_monkey/example.conf
2018-05-17 19:28:59 +03:00
maor.rayzin 60730db45d Fixed the example configuration file, it had a json syntax error. 2018-05-17 19:28:04 +03:00
maor.rayzin 13fa4fa6a4 Added a logging system to the monkey_island module.
Added a main function in main.py
Inserted a few logs to test the log system
2018-05-17 19:24:50 +03:00
Daniel Goldberg dd507261ff
Merge pull request #136 from guardicore/master
Update develop with dockerfile and travis config
2018-05-17 19:14:37 +03:00
Daniel Goldberg bb1851dcc9
Merge pull request #124 from theonlydoo/master
quickwin dockerization
2018-05-17 17:46:43 +03:00