Commit Graph

1488 Commits

Author SHA1 Message Date
Vakaris f001403a92 Fixed lock bug and made uploaded monkey names standard 2018-08-29 14:43:39 +03:00
Vakaris 8e8422b3b7 Lock changed from singleton into local variable 2018-08-29 14:43:39 +03:00
Vakaris 8fd42abd5d Refactored according to final web_rce framework changes 2018-08-29 14:43:39 +03:00
Vakaris 10528c313d Webblogic refactored to web RCE framework changes(from static methods into class methods) 2018-08-29 14:43:39 +03:00
Vakaris 66bc852742 Bugfix: http servers thread is stopped if remote target is not vulnerable 2018-08-29 14:43:39 +03:00
Vakaris ab64e78f00 Core functions of Oracle weblogic rce 2018-08-29 14:43:39 +03:00
Vakaris 8af2ab70e7 Removed unused import statement 2018-08-29 14:42:40 +03:00
Vakaris 2295f2c0ab More pythonic and clean way to apply function to url_list 2018-08-29 14:42:40 +03:00
Vakaris 84fb96d0de struts built_potential_url's now use map function to save code 2018-08-29 14:42:40 +03:00
Vakaris b07e70855c Refactored struts2 to overload get_exploit_config 2018-08-29 14:42:40 +03:00
Vakaris 071535fd01 Struts2 refactored to use default_exploit_host function 2018-08-29 14:42:40 +03:00
Vakaris beb8dfed92 Struts2 refactored for framework fixes 2018-08-29 14:42:40 +03:00
Vakaris 8d7221eada Struts2 core functions 2018-08-29 14:42:40 +03:00
Vakaris 87b0afae88 Minor changes in run_backup_commands 2018-08-29 14:41:02 +03:00
itaymmguardicore f594a5681f
Merge pull request #175 from acepace/bugfix/imports
Fix relative imports
2018-08-29 14:06:09 +03:00
Vakaris 592dd27d91 Added functions get_monkey_paths and run_backup_commands 2018-08-28 20:51:25 +03:00
Daniel Goldberg 3ce81ee78a Rewrote config parsing. Avoid the horrible cast by example function and avoid possible circular import issues. 2018-08-27 11:16:40 -04:00
Daniel Goldberg cad9aca5dd Fix one more old style import 2018-08-27 11:06:58 -04:00
Daniel Goldberg b23418782c Move configuration to be a exploit object field rather than every exploit importing it. 2018-08-27 11:04:09 -04:00
Daniel Goldberg be08027221 Fix relative imports 2018-08-27 10:58:43 -04:00
itaymmguardicore dbbb3f143e
Merge pull request #172 from VakarisZ/WebRCE_Framework
Changed constructor to have default paths set to None for convienience
2018-08-26 11:11:30 +03:00
Vakaris bd8423216b Changed constructor to have default paths set to None for convienience 2018-08-23 18:35:30 +03:00
maor.rayzin c373bfbcfb * integrated parts of the pth report to the main report module.
* Changed the ui a bit, removed some tables and add information to the current tables.
2018-08-23 15:17:08 +03:00
itaymmguardicore 685371a062
Merge pull request #168 from VakarisZ/Struts2_with_framework
Struts2 vulnerability with framework
2018-08-23 15:08:36 +03:00
Vakaris 3ff823ab04 Removed unused import statement 2018-08-23 15:06:58 +03:00
Vakaris 1c5c010028 More pythonic and clean way to apply function to url_list 2018-08-23 14:37:31 +03:00
Itay Mizeretz 5489a68049 Remove unecessary consts 2018-08-23 14:10:50 +03:00
Vakaris ef4eadf64a struts built_potential_url's now use map function to save code 2018-08-23 13:51:11 +03:00
Itay Mizeretz cdc576e77e Make mimikatz inside zip and extract only if config says so 2018-08-22 19:31:26 +03:00
itaymmguardicore fc2929ed2e
Merge pull request #159 from VakarisZ/WebRCE_Framework
Web rce framework
2018-08-22 16:46:48 +03:00
Vakaris df4b1268d1 Refactored struts2 to overload get_exploit_config 2018-08-22 16:08:38 +03:00
Vakaris 9ef44ef71f Struts2 refactored to use default_exploit_host function 2018-08-22 16:07:59 +03:00
Vakaris 6cb058eb1d Struts2 refactored for framework fixes 2018-08-22 16:07:39 +03:00
Vakaris bbd4adf2ae Struts2 core functions 2018-08-22 16:07:39 +03:00
Vakaris 3e7d7425e4 made get_exploit_config non-static for readability 2018-08-22 16:01:16 +03:00
Vakaris e1b1236fb3 Comments and CR notes fixed 2018-08-22 13:41:17 +03:00
Vakaris eae3f3440d Refactored exploit_host and added get_exploit_config 2018-08-22 13:33:36 +03:00
Itay Mizeretz 369795e375 small fixes to make everything work 2018-08-21 17:17:21 +03:00
Vakaris 911404ef68 Implemented default_exploit_host method that can implement whole framework's workflow according to some flags/params 2018-08-21 12:34:59 +03:00
Itay Mizeretz a18061d45d Merge branch 'develop' into feature/detect-cross-segment-traffic
# Conflicts:
#	infection_monkey/config.py
#	infection_monkey/example.conf
#	monkey_island/cc/services/report.py
2018-08-21 11:42:45 +03:00
Itay Mizeretz 203943bf27 Merge remote-tracking branch 'origin/master' into develop 2018-08-21 11:34:59 +03:00
Itay Mizeretz bafa0e42a0 Make feature simpler
Change config value phrasing
2018-08-21 11:34:26 +03:00
itaymmguardicore b56dec318e
Merge pull request #166 from guardicore/hotfix/fix-dep-security-vul
Hotfix/fix dep security vul
2018-08-20 14:43:29 +03:00
Vakaris e3d286dbc0 Minor bugfix for error handling in new custom monkey destination paths feature 2018-08-18 13:14:05 +03:00
Vakaris 5565a80418 Web_RCE framework now supports custom monkey uploading paths( we don't always have permissions to uppload to C:\Windows) 2018-08-17 13:53:09 +03:00
Itay Mizeretz 6e7706f9bf Fix bug which is now critical 2018-08-16 18:55:29 +03:00
Itay Mizeretz 5724d14583 Fix webpack lookup issue 2018-08-16 18:30:51 +03:00
Itay Mizeretz 422df7c71f Replace deprecated modal component 2018-08-16 18:30:26 +03:00
Itay Mizeretz a65721d0c5 Fix known bug necessary for building 2018-08-16 17:09:23 +03:00
Itay Mizeretz b8dd37c5df Temprarily comment out broken component 2018-08-16 17:08:34 +03:00