Shreya Malviya
25f90c84bc
UT: Remove arch stuff from PowerShell exploiter tests
2022-03-16 14:03:32 +01:00
Shreya Malviya
7d25bf711a
Agent: Remove arch checks from PowerShell exploiter
2022-03-16 14:03:32 +01:00
Shreya Malviya
7155896caa
Agent: Remove PowerShell exploiter's dependency on WormConfiguration
2022-03-16 14:03:32 +01:00
VakarisZ
87cbb07da0
Merge pull request #1779 from guardicore/1738-add-mssql-to-puppet
...
1738 add mssql to puppet
2022-03-15 16:21:36 +02:00
Mike Salvatore
62005e6f88
Agent: Store MSSQLExploiter error message in self.exploit_result
2022-03-15 08:41:23 -04:00
vakarisz
43c8528409
Agent: Handle unexpected errors in mssqlexec.py
2022-03-15 14:10:35 +02:00
vakarisz
1f327a1305
Agent: Improve exception handling in mssqlexec.py
2022-03-15 08:51:22 +02:00
vakarisz
66ee3527d2
Agent: Pre-commit hook fixes on MSSQL exploiter infrastructure
2022-03-14 15:40:04 +02:00
vakaris_zilius
29e494cfb1
Island: Fix a ZT multiple findings bug
...
A bug happened in zero trust findings: since multiple exploiters run at the same time, they send telemetries at the same time and those telemetries get parsed at the same time. So multiple threads fetch ZT findings at once, finds none and creates duplicate findings. With this bugfix only one thread can fetch for findings at a time. This means that one thread creates the finding and others fetch it and just add events to it
2022-03-14 13:16:41 +00:00
vakaris_zilius
14953c8cdd
Agent: register MSSQL exploiter plugin on the puppet
2022-03-14 12:47:29 +00:00
vakaris_zilius
ae8e0b6dbb
Agent: Refactor mssqlexec.py to use agent repository
2022-03-14 12:47:29 +00:00
vakarisz
50a8bf8f4a
Agent: Refactor mssqlexec.py to fit the new puppet infrastructure
2022-03-14 12:47:29 +00:00
Ilija Lazoroski
4fcb28516d
Island: Remove usage of deleted add_credentials_to_node function
2022-03-14 13:29:46 +01:00
Ilija Lazoroski
adc1010355
Island: Fix mongo query in telemetry processing
2022-03-14 13:29:46 +01:00
Shreya Malviya
11f48a95be
Island: Fix mongo query in report generation for exploits
2022-03-14 13:29:46 +01:00
Mike Salvatore
453dc21074
Merge pull request #1773 from guardicore/1737-add-zerologon-to-puppet
...
1737 add zerologon to puppet
2022-03-11 08:53:12 -05:00
Mike Salvatore
527c43a3f8
Agent: Add leading zero to single digits in worker thread names
2022-03-10 20:37:35 -05:00
Mike Salvatore
dd2168e838
Agent: Log exception information on dcom.disconnect() key error
2022-03-10 12:00:27 -05:00
Ilija Lazoroski
302718c4d4
Agent: Change monkey log argument to 'agent'
2022-03-10 16:05:31 +01:00
vakaris_zilius
2c74967d71
UI: fix exploit timeline bug in map page
...
Fixes #1769
2022-03-10 10:04:57 -05:00
Mike Salvatore
f279cc5e99
Merge pull request #1767 from guardicore/1761-rename-log-files
...
1761 rename log files
2022-03-10 09:27:39 -05:00
Mike Salvatore
452252c5c9
Docs: Update information about agent log storage locations
2022-03-10 09:25:03 -05:00
Mike Salvatore
8b4d1d084e
Changelog: Improve message for removing log path config options
2022-03-10 09:11:06 -05:00
Mike Salvatore
45936c2f79
Agent: Remove unnecessary expandvars() in _get_log_path()
2022-03-10 09:07:38 -05:00
Mike Salvatore
2d2338f1f6
Agent: Log the path of the log file to stdout
2022-03-10 09:07:38 -05:00
Mike Salvatore
02accde812
UT: Add tests for get_{agent,dropper}_log_path()
2022-03-10 09:07:36 -05:00
Mike Salvatore
17c3fa02b3
Agent: Return agent/dropper log path as a Path instead of str
2022-03-10 09:07:18 -05:00
Mike Salvatore
96069d3ae6
Agent: Wrap get_log_path() with easier to use functions
2022-03-10 09:06:05 -05:00
Ilija Lazoroski
0947e41ea9
Changelog: Add entry for changing log file name
2022-03-10 12:39:50 +01:00
Ilija Lazoroski
52617cfcdc
Docs: Change monkey log filename
2022-03-10 12:38:10 +01:00
Ilija Lazoroski
3c745f697f
Agent, UI: Remove internal-logging from config
...
The config is called after the log path is set,
so the logging config had no affect on the
log path.
2022-03-10 11:51:33 +01:00
vakaris_zilius
d9ee377945
Agent: fix access denied error handling in wmi_tools.py
2022-03-10 10:18:35 +00:00
Mike Salvatore
27e3cc6b4c
Agent: Add @wraps to WmiTools decorators
2022-03-09 15:21:46 -05:00
Mike Salvatore
720768e25d
Agent: Add debug logging to decorators in WmiTools
2022-03-09 14:45:49 -05:00
vakaris_zilius
2c8aef6d80
Island: remove unused node states
...
Exploited node state is no longer used, returning it in the list caused errors on the ui
2022-03-09 15:55:38 +00:00
vakaris_zilius
a8018a7956
Agent: Add impacket_user decorator to the zerologon
...
impacket_user decorator will awoid race conditions with other exploiters using wmi tools
2022-03-09 15:54:23 +00:00
Ilija Lazoroski
71328ea2b1
Agent, Island: User friendly log name
...
* Configurable log directories
* Random component to the log file
* 'infection-monkey-<monkey-arg>-<random-str>-<timestamp>.log'
2022-03-09 16:49:32 +01:00
Shreya Malviya
a3eb0bc6f2
Island: Remove unused `set_node_group()` in NodeService
2022-03-09 10:21:52 -05:00
Shreya Malviya
5e3829aab3
Island: Add field `propagated` to node and rename image files
2022-03-09 10:21:52 -05:00
Shreya Malviya
d6fe9c2ef2
Agent: Remove `add_extracted_creds_to_exploiter_options()` from Zerologon exploiter
2022-03-09 10:21:52 -05:00
Mike Salvatore
8bc6086e1a
Agent: Correctly set propagation/exploitation status in Zerologon
2022-03-09 10:21:52 -05:00
Mike Salvatore
0d5fcf7fbf
Agent: Fix name of self.telemetry_messenger in ZerologonExploiter
2022-03-09 10:21:52 -05:00
Mike Salvatore
118c2abaee
Agent: Load ZerologonExploiter into the puppet
2022-03-09 10:21:51 -05:00
vakarisz
c322446aee
Agent: use exploit_results in zerologon
2022-03-09 10:20:45 -05:00
vakarisz
325e58cea2
Agent: explicitly specify some timeouts in zerologon exploiter
2022-03-09 10:20:45 -05:00
Shreya Malviya
5ec05d5617
UT: Fix Zerologon UTs
2022-03-09 10:20:45 -05:00
Shreya Malviya
a927879334
Agent: Remove `host` from Zerologon exploiter's constructor
2022-03-09 10:20:45 -05:00
Shreya Malviya
040227286a
Agent: Send extracted creds as CredentialTelemetry from Zerologon exploiter
2022-03-09 10:20:45 -05:00
Shreya Malviya
aee3566a0c
Agent: Remove WormConfiguration references in Zerologon exploiter
2022-03-09 10:20:45 -05:00
Shreya Malviya
08cbf75b5f
Agent: Remove credential hashes in logging in Zerologon exploiter
2022-03-09 10:20:45 -05:00