Vakaris
|
f001403a92
|
Fixed lock bug and made uploaded monkey names standard
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8e8422b3b7
|
Lock changed from singleton into local variable
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8fd42abd5d
|
Refactored according to final web_rce framework changes
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
10528c313d
|
Webblogic refactored to web RCE framework changes(from static methods into class methods)
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
66bc852742
|
Bugfix: http servers thread is stopped if remote target is not vulnerable
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
ab64e78f00
|
Core functions of Oracle weblogic rce
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8af2ab70e7
|
Removed unused import statement
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
2295f2c0ab
|
More pythonic and clean way to apply function to url_list
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
84fb96d0de
|
struts built_potential_url's now use map function to save code
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
b07e70855c
|
Refactored struts2 to overload get_exploit_config
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
071535fd01
|
Struts2 refactored to use default_exploit_host function
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
beb8dfed92
|
Struts2 refactored for framework fixes
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
8d7221eada
|
Struts2 core functions
|
2018-08-29 14:42:40 +03:00 |
Vakaris
|
87b0afae88
|
Minor changes in run_backup_commands
|
2018-08-29 14:41:02 +03:00 |
itaymmguardicore
|
f594a5681f
|
Merge pull request #175 from acepace/bugfix/imports
Fix relative imports
|
2018-08-29 14:06:09 +03:00 |
Vakaris
|
592dd27d91
|
Added functions get_monkey_paths and run_backup_commands
|
2018-08-28 20:51:25 +03:00 |
Daniel Goldberg
|
3ce81ee78a
|
Rewrote config parsing. Avoid the horrible cast by example function and avoid possible circular import issues.
|
2018-08-27 11:16:40 -04:00 |
Daniel Goldberg
|
cad9aca5dd
|
Fix one more old style import
|
2018-08-27 11:06:58 -04:00 |
Daniel Goldberg
|
b23418782c
|
Move configuration to be a exploit object field rather than every exploit importing it.
|
2018-08-27 11:04:09 -04:00 |
Daniel Goldberg
|
be08027221
|
Fix relative imports
|
2018-08-27 10:58:43 -04:00 |
itaymmguardicore
|
dbbb3f143e
|
Merge pull request #172 from VakarisZ/WebRCE_Framework
Changed constructor to have default paths set to None for convienience
|
2018-08-26 11:11:30 +03:00 |
Vakaris
|
bd8423216b
|
Changed constructor to have default paths set to None for convienience
|
2018-08-23 18:35:30 +03:00 |
maor.rayzin
|
c373bfbcfb
|
* integrated parts of the pth report to the main report module.
* Changed the ui a bit, removed some tables and add information to the current tables.
|
2018-08-23 15:17:08 +03:00 |
itaymmguardicore
|
685371a062
|
Merge pull request #168 from VakarisZ/Struts2_with_framework
Struts2 vulnerability with framework
|
2018-08-23 15:08:36 +03:00 |
Vakaris
|
3ff823ab04
|
Removed unused import statement
|
2018-08-23 15:06:58 +03:00 |
Vakaris
|
1c5c010028
|
More pythonic and clean way to apply function to url_list
|
2018-08-23 14:37:31 +03:00 |
Itay Mizeretz
|
5489a68049
|
Remove unecessary consts
|
2018-08-23 14:10:50 +03:00 |
Vakaris
|
ef4eadf64a
|
struts built_potential_url's now use map function to save code
|
2018-08-23 13:51:11 +03:00 |
Itay Mizeretz
|
cdc576e77e
|
Make mimikatz inside zip and extract only if config says so
|
2018-08-22 19:31:26 +03:00 |
itaymmguardicore
|
fc2929ed2e
|
Merge pull request #159 from VakarisZ/WebRCE_Framework
Web rce framework
|
2018-08-22 16:46:48 +03:00 |
Vakaris
|
df4b1268d1
|
Refactored struts2 to overload get_exploit_config
|
2018-08-22 16:08:38 +03:00 |
Vakaris
|
9ef44ef71f
|
Struts2 refactored to use default_exploit_host function
|
2018-08-22 16:07:59 +03:00 |
Vakaris
|
6cb058eb1d
|
Struts2 refactored for framework fixes
|
2018-08-22 16:07:39 +03:00 |
Vakaris
|
bbd4adf2ae
|
Struts2 core functions
|
2018-08-22 16:07:39 +03:00 |
Vakaris
|
3e7d7425e4
|
made get_exploit_config non-static for readability
|
2018-08-22 16:01:16 +03:00 |
Vakaris
|
e1b1236fb3
|
Comments and CR notes fixed
|
2018-08-22 13:41:17 +03:00 |
Vakaris
|
eae3f3440d
|
Refactored exploit_host and added get_exploit_config
|
2018-08-22 13:33:36 +03:00 |
Itay Mizeretz
|
369795e375
|
small fixes to make everything work
|
2018-08-21 17:17:21 +03:00 |
Vakaris
|
911404ef68
|
Implemented default_exploit_host method that can implement whole framework's workflow according to some flags/params
|
2018-08-21 12:34:59 +03:00 |
Itay Mizeretz
|
a18061d45d
|
Merge branch 'develop' into feature/detect-cross-segment-traffic
# Conflicts:
# infection_monkey/config.py
# infection_monkey/example.conf
# monkey_island/cc/services/report.py
|
2018-08-21 11:42:45 +03:00 |
Itay Mizeretz
|
203943bf27
|
Merge remote-tracking branch 'origin/master' into develop
|
2018-08-21 11:34:59 +03:00 |
Itay Mizeretz
|
bafa0e42a0
|
Make feature simpler
Change config value phrasing
|
2018-08-21 11:34:26 +03:00 |
itaymmguardicore
|
b56dec318e
|
Merge pull request #166 from guardicore/hotfix/fix-dep-security-vul
Hotfix/fix dep security vul
|
2018-08-20 14:43:29 +03:00 |
Vakaris
|
e3d286dbc0
|
Minor bugfix for error handling in new custom monkey destination paths feature
|
2018-08-18 13:14:05 +03:00 |
Vakaris
|
5565a80418
|
Web_RCE framework now supports custom monkey uploading paths( we don't always have permissions to uppload to C:\Windows)
|
2018-08-17 13:53:09 +03:00 |
Itay Mizeretz
|
6e7706f9bf
|
Fix bug which is now critical
|
2018-08-16 18:55:29 +03:00 |
Itay Mizeretz
|
5724d14583
|
Fix webpack lookup issue
|
2018-08-16 18:30:51 +03:00 |
Itay Mizeretz
|
422df7c71f
|
Replace deprecated modal component
|
2018-08-16 18:30:26 +03:00 |
Itay Mizeretz
|
a65721d0c5
|
Fix known bug necessary for building
|
2018-08-16 17:09:23 +03:00 |
Itay Mizeretz
|
b8dd37c5df
|
Temprarily comment out broken component
|
2018-08-16 17:08:34 +03:00 |