p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,505 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

6505 Commits

Author SHA1 Message Date
VakarisZ 4b5c8c23ea UI: removed cmd manual run option for windows 
Reasoning behind removal: hard to fix "launch as user" option, agent doesn't support machines without powershell (winXP)
 2021-11-05 10:04:00 +02:00
VakarisZ 896cf7a21d UI: remove -noexit flag from manual run command, because there's no point in opening an empty powershell window 2021-11-05 10:04:00 +02:00
VakarisZ 51eb6f2ce5 UI: fix manual run command for powershell as a user 2021-11-05 10:04:00 +02:00
Mike Salvatore 9eff78fb60
Merge pull request #1565 from guardicore/1533-remove-vsftpd 
Remove the VSFTPD exploiter
 2021-10-29 09:46:11 -04:00
Shreya Malviya 779ae79499 Changelog: Add entry for removing the VSFTPD exploiter 2021-10-29 18:24:23 +05:30
Shreya Malviya 455a8f2680 Docs: Remove VSFTPD exploiter from the docs 2021-10-29 18:20:12 +05:30
Shreya Malviya c6cbaca75b UT: Remove VSFTPD exploiter from unit tests' data - standard monkey config 2021-10-29 18:19:25 +05:30
Shreya Malviya b005946d88 BB: Remove VSFTPD exploiter from BB performance test's config template 2021-10-29 18:17:33 +05:30
Shreya Malviya ee79ea0a9d Project: Remove variable 'VSFTPD' from Vulture's allowlist 2021-10-29 18:15:38 +05:30
Shreya Malviya 3f19c0bb3c Island: Remove config and reporting stuff related to the VSFTPD exploiter 2021-10-29 18:12:40 +05:30
Shreya Malviya 97c50c3caa UI: Remove components related to the VSFTPD exploiter 2021-10-29 18:12:06 +05:30
Shreya Malviya 40b9b5b730 Agent: Remove VSFTPD exploiter 2021-10-29 17:57:12 +05:30
Mike Salvatore 8ee918b5a2
Merge pull request #1561 from guardicore/1554-authentication-service-refactor 
Authentication service refactor
 2021-10-28 14:47:01 -04:00
Mike Salvatore 28df604d7b Island: Raise exception instead of returning bool in authenticate() 2021-10-28 14:45:44 -04:00
VakarisZ 35509b2671
Merge pull request #1562 from guardicore/1545-telemetry-brief-loading 
Bugfix: telemetry brief loading
 2021-10-28 17:58:38 +03:00
VakarisZ 5cfe6de927 Changelog: add entry for fixed #1545 2021-10-28 10:49:25 -04:00
Mike Salvatore 730565c2aa Island: Add missing typehints to AuthenticationService 2021-10-28 09:28:02 -04:00
Mike Salvatore 5e7a252a6b Island: Rename KEY_FILE_DIRECTORY -> DATA_DIR 
Neither the AuthenticationService, nor the function that initializes it
needs to know what the data_dir is for. AuthenticationService only needs
to know that datastore_encryptor needs it, but not why.
 2021-10-28 09:28:02 -04:00
Mike Salvatore c3412ac58f Tests: Add unit tests for Authentication resource 2021-10-28 09:28:02 -04:00
Mike Salvatore d51f331453 Tests: Add unit tests for Registration resource 2021-10-28 09:28:02 -04:00
Mike Salvatore 6e5b4cc793 Island: Move password_matches_hash() to AuthenticationService 2021-10-28 09:28:02 -04:00
Mike Salvatore 1be7232983 Island: Rename and relocate methods in AuthenticationService 2021-10-28 09:28:02 -04:00
Mike Salvatore 8a2bae7e14 Island: Move authentication logic into AuthenticationService 2021-10-28 09:28:02 -04:00
Mike Salvatore 17f7e22584 Island: Add needs_registration() to AuthenticationService 2021-10-28 09:28:02 -04:00
Mike Salvatore 252c1d940a Island: Remove "auth user" 2021-10-28 09:28:02 -04:00
Mike Salvatore 6bdba71b69 Island: Remove _is_credentials_set_up() from Environment 2021-10-28 09:28:02 -04:00
Mike Salvatore caa62c6272 Island: Remove _credentials_required property from Environment 
Since #1418, credentials are always required, rendering the
_credentials_required property of the Environment class obsolete.
 2021-10-28 09:28:02 -04:00
Mike Salvatore 6736699cf4 Island: Remove disused TestingEnvironment 2021-10-28 09:28:02 -04:00
Mike Salvatore bfad0256f8 Island: Remove UserStore 2021-10-28 09:28:02 -04:00
Mike Salvatore bb806522a1 Island: Rename get_users() -> get_user() 
This function only ever returns one user. The plural name "get_users()"
is misleading. Returning a list is also misleading.
 2021-10-28 09:28:02 -04:00
Mike Salvatore a5d3c218b4 Island: Move registration logic into AuthenticationService 
Resoures should be kept relatively thin and serve as the layer between
the API and the backend.
 2021-10-28 09:28:02 -04:00
VakarisZ 063286e899 UI: fix long telemetry log loading bug 2021-10-28 16:22:24 +03:00
VakarisZ 97327f08a2 UI: add loading icon to TelemetryLog.tsx 2021-10-28 16:21:26 +03:00
VakarisZ 7425bf1bbd UI: refactor TelemetryLog component out of MapPage and migrate it to hook with typescript 2021-10-28 14:39:30 +03:00
VakarisZ 7f903efb07 Project: open correct web address when starting UI in development mode (npm start) 
When UI is started in development mode, browser window is opened to 0.0.0.0:8000, instead it should be local-ip:8000. This commit fixes this problem
 2021-10-28 11:36:37 +03:00
Mike Salvatore 953816b536 Docs: Add v1.12.0 checksums 2021-10-27 10:21:53 -04:00
Mike Salvatore 8554ab6fd5 Merge branch 'release/1.12.0' into develop 2021-10-27 10:15:02 -04:00
Mike Salvatore d5e12725a9 Changelog: Release v1.12.0 2021-10-27 10:14:36 -04:00
Mike Salvatore bc5ca5b613 Docs: Add --tty and --interactive to docker commands 
These options allow the monkey-island docker container to be killed with
<CTRL-C>
 2021-10-27 07:58:39 -04:00
Shreya Malviya a55f86ceea Docs: Update Zerologon documentation to mention that brute force exploiters use its stolen creds 2021-10-26 19:58:11 +05:30
Shreya Malviya ea31d27bf1 Island: Update Zerologon's description in the configuration 2021-10-26 19:58:11 +05:30
VakarisZ 1ad74a4bff BB: fix zerologon test to check propagation via SMB as well 
ZeroLogon doesn't propagate to the machine it only steals the credentials. It's best to make sure that propagation is also possible by running SMB exploiter
 2021-10-26 10:21:36 -04:00
Shreya Malviya 820d47c9cc Agent: Change logic for generating random password 2021-10-26 19:39:34 +05:30
Mike Salvatore b8ed464909
Merge pull request #1550 from guardicore/config_import_fix 
Config import fix
 2021-10-26 09:57:48 -04:00
VakarisZ aa6f202a8f Island: change the log message level of wrong password in password_based_bytes_encryptor.py to debug 
Wrong password is in some cases expected behavior, not an error of an application
 2021-10-26 15:47:33 +03:00
VakarisZ 8e6a2d8e7d UI: bugfix the need to double click on the import when importing an encrypted configuration 
When back-end sends the schema for ui to validate that no unsafe options are selected, UI didn't automatically send a response back in case there were no unsafe options selected
 2021-10-26 15:23:07 +03:00
Mike Salvatore 2df588ca59 Changelog: Add missing period 2021-10-25 14:56:29 -04:00
Mike Salvatore bc3b1b274f Changelog: Formatting changes and other small fixes 2021-10-25 14:40:28 -04:00
Mike Salvatore 1b74119812
Merge pull request #1548 from guardicore/update-docker-docs 
Docs: Update docker Upgrading section
 2021-10-25 13:03:08 -04:00
Mike Salvatore c91d922277 Docs: Clarify "upgrade proceedure" for docker 2021-10-25 12:58:30 -04:00