Commit Graph

2349 Commits

Author SHA1 Message Date
Shay Nehmad 44a1f70da9 Fixed circular imports 2019-10-03 15:20:50 +03:00
Shay Nehmad 1ffdc7528f Added some doc, and moved separated classes to files. 2019-10-03 15:14:57 +03:00
Shay Nehmad 129fd7d2de Not using new_user.username as it causes exception NoneType 2019-10-03 15:08:55 +03:00
Shay Nehmad 6b315d96c0 Fixed NotImplemented error in __init__ method 2019-10-03 15:06:17 +03:00
Shay Nehmad 321c93063e Refactored new user in linux to AutoNewLinuxUser and created AutoNewUser ABC 2019-10-03 14:58:55 +03:00
Shay Nehmad 3f5272b83b Changed adduser to useradd for compatibility 2019-10-03 14:21:19 +03:00
Shay Nehmad 16f8c7841e Changed to similar levels of abstracion in user creation and deletion + not async 2019-10-03 12:25:26 +03:00
Shay Nehmad 04e1817931 Added debug log with the deletion commands 2019-10-03 12:05:15 +03:00
Shay Nehmad f5aeb0a38e Moved win32event to its correct location
Cause exception on Linux
2019-10-03 12:02:14 +03:00
Shay Nehmad 9dc1607754 Added user deactivation as another "security" layer for the user deletion in windows 2019-10-03 11:36:47 +03:00
Daniel Goldberg c767250760
Merge pull request #450 from VakarisZ/T1078_removal
Bugfix unused attack technique and bad import of is_windows_os
2019-10-02 16:19:10 +03:00
VakarisZ 84830015fd Fixed bad is_windows_os import 2019-10-02 14:00:49 +03:00
VakarisZ f600a0b2c9 Removed unused attack technique from schema 2019-10-02 13:59:06 +03:00
Daniel Goldberg 32e98fa418
Merge pull request #437 from guardicore/feature/scan_hosts_fast
Feature/scan hosts fast 
Yay, done with my longest waiting branch. 
Next up, OS sniffing.
2019-09-29 09:37:58 +03:00
Daniel Goldberg f55a3e483b Changed VictimHostGenerator to accept the local addresses rather than generating them itself.
Changed UTs to be independent.
2019-09-27 18:10:59 +03:00
Daniel Goldberg 297686dc53 Changed default scanning size to be bigger. 2019-09-27 17:00:18 +03:00
Daniel Goldberg 0a61e83a15 Add chunking test and some basic docs 2019-09-27 16:57:36 +03:00
Daniel Goldberg 2f25e5b127 Added basic tests for VictimHostGenerator 2019-09-27 16:51:55 +03:00
Daniel Goldberg a1d631b39e Remove list comprehension 2019-09-27 16:33:29 +03:00
Daniel Goldberg cf66a096f8
Merge pull request #445 from VakarisZ/weblogic_fix
Delay in weblogic to make exploiter more reliable
2019-09-27 15:37:57 +03:00
VakarisZ 06182a485a Added delay in weblogic to make exploiter more reliable 2019-09-25 15:42:24 +03:00
VakarisZ 5c680256cd
Merge pull request #444 from guardicore/434/bugfix/plaintext-passwords-logged
Hashing lm+ntlm hashes to make sure we don't log them plaintext
2019-09-24 08:44:26 +03:00
Daniel Goldberg 8c55d2acd4 Refactor victim generation.
Now we have a VictimHost generator that handles all the filtering.
2019-09-23 18:01:39 +03:00
Daniel Goldberg c76cc72821 Fixed horrible bug where we would return more victims than we needed to 2019-09-23 17:45:17 +03:00
Daniel Goldberg ccc6c50a7f Remove unused constant 2019-09-22 16:46:55 +03:00
Daniel Goldberg c4ec6683a1 Silly bugfix in scanning 2019-09-22 16:44:20 +03:00
Daniel Goldberg a32a783257 Factor out generating VictimHosts from NetworkRange object 2019-09-22 15:59:15 +03:00
Daniel Goldberg 4dcc919b49 Remove unused import, remove author 2019-09-22 15:59:14 +03:00
Daniel Goldberg 032ee2ee0e Bugfix in generator 2019-09-22 15:59:14 +03:00
Daniel Goldberg d8d55cb546 PEP8 changes
Documentation improvements
2019-09-22 15:59:11 +03:00
Shay Nehmad f175c93f5a Now hashes are hashed as well 2019-09-22 13:00:33 +03:00
Daniel Goldberg 8c69cc0af9
Merge pull request #438 from guardicore/434/bugfix/plaintext-passwords-logged
Hashing passwords to make sure we don't log passwords plaintext
2019-09-19 23:30:58 +03:00
Shay Nehmad 4762cbc545 Using the new utils - probably a merge mistake somewhere along the lines 2019-09-18 10:57:46 +03:00
Shay Nehmad e605c1c410 Merge branch 'develop' into 434/bugfix/plaintext-passwords-logged 2019-09-18 10:51:40 +03:00
Shay Nehmad 6fc37cef07 Hashing passwords to make sure we don't log passwords plaintext 2019-09-18 10:39:25 +03:00
Daniel Goldberg f0ee88182f
Merge pull request #435 from VakarisZ/attack_winapi_smallfix
WinAPI attack telem fix.
2019-09-18 09:51:15 +03:00
Shay Nehmad 014e47ad5e
Merge pull request #405 from guardicore/400/zero-trust-mvp
400/zero trust mvp
2019-09-18 08:43:42 +03:00
Shay Nehmad 5754ec6044
Merge pull request #428 from guardicore/400/more-tests
400/more tests
2019-09-18 08:37:44 +03:00
Shay Nehmad 6a2510a657 Merge branch 'develop' into 400/more-tests 2019-09-18 08:19:44 +03:00
VakarisZ 01a2a448de delays singleton attack telem and sends it when monkey can communicate with server 2019-09-17 14:51:42 +03:00
VakarisZ bc9b994cba
Merge pull request #422 from guardicore/mssql_bugfix
MSSQL bugs fixed, refactored to be more stable
2019-09-17 09:19:13 +03:00
Shay Nehmad 0667aad87f Small fixes - reversed condition accidentaly and missed one reference to get_windows_commands_to_add_user 2019-09-16 17:57:35 +03:00
Shay Nehmad db328a3432 Accidentaly committed server config testing 👎 2019-09-16 17:42:21 +03:00
Shay Nehmad 841e54afc8 Fixed UTs 2019-09-16 17:41:26 +03:00
Shay Nehmad 9f98025d33 Using protocol as well for cases when we are running on HTTP and not HTTPS (npm run start for example) 2019-09-16 16:44:16 +03:00
Shay Nehmad d4947d97f3 Lock npm version for `pluralize` 2019-09-16 16:37:30 +03:00
Shay Nehmad 1f56e8df61 Use classname instead of self for static method 2019-09-16 16:34:13 +03:00
Shay Nehmad 3b06768a98 Replaced sleep loop for waiting on the process with WaitForSingleObject winapi. 2019-09-16 16:32:21 +03:00
Shay Nehmad 0a11c4b007 Extracted duplicate code to `add_malicious_activity_to_timeline` helper function 2019-09-16 16:17:30 +03:00
Daniel Goldberg d8bac57eb5 Change grouper to be a VictimHost generator 2019-09-16 15:16:56 +03:00