Commit Graph

2340 Commits

Author SHA1 Message Date
VakarisZ 45be010470 Refactoring and improvements 2019-03-25 21:44:39 +02:00
VakarisZ 33e78ba4e8 Implemented file restoration endpoint, file upload front end 2019-03-25 21:44:39 +02:00
VakarisZ 7281f2284b Added deletion of files 2019-03-25 21:44:39 +02:00
VakarisZ a51d7da1f9 Refactoring file upload UI -> server to be via filepond 2019-03-25 21:44:39 +02:00
VakarisZ 4292fc845b File deletion 2019-03-25 21:44:38 +02:00
VakarisZ d539f2301c Separating my post breach from previous post breach 2019-03-25 21:44:38 +02:00
VakarisZ 2ce27dc885 Added primitive display of post breach actions 2019-03-25 21:44:38 +02:00
VakarisZ eb05dd46e7 PBA's stored on the database 2019-03-25 21:44:38 +02:00
VakarisZ 20d774b7df Core functionality added, not tested yet 2019-03-25 21:44:38 +02:00
VakarisZ 8e78150db4 Front end input changed to text area 2019-03-25 21:44:38 +02:00
VakarisZ e5f908754a Started implementing custom post-breach actions 2019-03-25 21:44:38 +02:00
itaymmguardicore 9c0f4efce5
Merge pull request #280 from VakarisZ/monkey_dir
New directory for monkey and it's files
2019-03-25 11:39:54 +02:00
VakarisZ fecfd138a0 Directory removal moved to happen before self_delete call 2019-03-25 10:48:56 +02:00
VakarisZ d61c080848 Small refactor, values to island's config added. 2019-03-20 14:02:53 +02:00
VakarisZ eb1cb91704 Removed monkey dir paths from island's configuration 2019-03-20 09:33:10 +02:00
VakarisZ 0268fa833f New directory for monkey and it's files 2019-03-19 18:41:14 +02:00
Dhayalan 525e541156 Update vsftpd.py
Replaced sleep with recv, waits for the server to respond instead of sleeping
2019-03-15 15:24:17 +01:00
Dhayalan 1587aa2d4c Update vsftpd.py 2019-03-15 12:47:59 +01:00
Dhayalan 7eaeef6919 Update ReportPage.js
Fix for issue #213
2019-03-13 13:07:59 +01:00
Dhayalan 0ed66f2cd8 Merge remote-tracking branch 'upstream/develop' into develop 2019-03-13 12:54:57 +01:00
Dhayalan 01cc702906 Update vsftpd.py
Removed (+,! ) used for debugging.
Changed the recv size from 1024 to 128
2019-03-13 11:31:26 +01:00
Dhayalan 53f12f4b67 Update ReportPage.js
Fix for issue #213
2019-03-12 20:53:16 +01:00
Dhayalan 9b0c0d4233 Update vsftpd.py
using `ftp_socket.recv(1024).decode('utf-8')` to prevent chances of race conditions
2019-03-12 19:51:12 +01:00
Dhayalan 47baea039a Update vsftpd.py
Better exception log
2019-03-12 19:44:45 +01:00
Dhayalan bb8a1c5c01 Updated the exploit.
The `.` was removed from reportpage.js and the exploit was modified.
2019-03-12 19:38:48 +01:00
Dhayalan dade4daad2 Update vsftpd.py
Removed unused imports, removed hardcoded username and password.

Removed EXPLOIT_TYPE
Removed NONE in tatget_os_type

Reduced time to sleep from 2 to 1
2019-03-12 12:37:09 +01:00
Dhayalan 0b3e6274d9 Update vsftpd.py
Changed the payload from /tmp/monkey to generating payload using build_monkey_commandline
2019-03-12 12:16:20 +01:00
Dhayalan 6313ce7933 Update vsftpd.py 2019-03-12 12:06:17 +01:00
Dhayalan 0706bddda5 Added discription and details for repot.
Added discription and details about the exploit vsftpd
2019-03-11 16:09:09 +01:00
Dhayalan 2b47749385 Added a new exploit
A new exploit was added to the infection_monkey for the following vulnerability
https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor
2019-03-11 01:50:27 +01:00
Daniel Goldberg 3cd85ff85a
Merge pull request #276 from VakarisZ/mssql_partial_fix
MSSQL now is able to upload a payload
2019-03-09 12:24:47 +02:00
vakaris_zilius c205636b10 MSSQL now is able to upload a payload 2019-03-08 15:34:17 +00:00
Daniel Goldberg de2e0d88ba
Merge pull request #275 from Dhayalanb/develop
Updated Create_certificate to key of length 2048
2019-03-07 13:14:22 +02:00
Dhayalan 3372ea7820
Updated Create_certificate to key of length 2048
deb package creates a key of length 1024 by default and and since the release of openssl 1.1.1 the default openssl.conf file at /etc/ssl/openssl.conf  has CipherString = DEFAULT@SECLEVEL=2 , resulting in the key length to be small.  In order to adhere to SECLEVEL=2 the key length was increased from 1024 to 2048.
2019-03-07 12:09:03 +01:00
VakarisZ 9019db777a Removed docs that can not be versioned 2019-03-05 11:56:58 +02:00
Daniel Goldberg 16f0b475af
Merge pull request #255 from VakarisZ/avoid_sshguard
Exploitation order + tiny monkey.py refactor
2019-03-05 11:42:35 +02:00
Daniel Goldberg 3f91f273cb
Fix typo in README 2019-02-27 17:18:56 +02:00
VakarisZ cc327633ec Added enum34 to requirements 2019-02-26 19:55:47 +02:00
itay 38381c4c9d Merge branch 'develop' 2019-02-26 12:38:05 +02:00
itay ebe79d74d4 Disable MSSQL exploiter 2019-02-26 10:51:38 +02:00
VakarisZ 04358d556a Exploit ordering implemented using enum 2019-02-22 11:08:21 +02:00
Daniel Goldberg 3691b432fa
Merge pull request #272 from guardicore/bugfix/mssql-bugfixes
fix expanding of env variables
2019-02-21 17:50:15 +02:00
itay b5523a9c54 fix expanding of env variables 2019-02-21 16:50:02 +02:00
itaymmguardicore 8069d27346
Merge pull request #271 from guardicore/hotfix/sambacry-catch-another-exception
Sambacry now catches NetBIOSError on attempting credentials
2019-02-21 12:34:54 +02:00
itay df8de92ea9 Sambacry now catches NetBIOSError on attempting credentials 2019-02-21 12:10:59 +02:00
VakarisZ 765ff0e0a8
Merge pull request #269 from VakarisZ/weblogic_quickfix
Weblogic default timeout increased
2019-02-19 11:01:17 +02:00
VakarisZ 0e24f45fc9 Merge remote-tracking branch 'upstream/develop' into weblogic_quickfix 2019-02-19 10:58:10 +02:00
VakarisZ bdb8b56fcc Weblogic timeout increased 2019-02-19 10:57:47 +02:00
itaymmguardicore 85044bc0c7
Merge pull request #268 from guardicore/bugfix/reset-then-update-config
Fixed bug where config reset followed by update failed
2019-02-18 14:46:05 +02:00
itay 122ce5f406 Fixed bug where config reset followed by update failed 2019-02-18 14:45:03 +02:00