VakarisZ
45be010470
Refactoring and improvements
2019-03-25 21:44:39 +02:00
VakarisZ
33e78ba4e8
Implemented file restoration endpoint, file upload front end
2019-03-25 21:44:39 +02:00
VakarisZ
7281f2284b
Added deletion of files
2019-03-25 21:44:39 +02:00
VakarisZ
a51d7da1f9
Refactoring file upload UI -> server to be via filepond
2019-03-25 21:44:39 +02:00
VakarisZ
4292fc845b
File deletion
2019-03-25 21:44:38 +02:00
VakarisZ
d539f2301c
Separating my post breach from previous post breach
2019-03-25 21:44:38 +02:00
VakarisZ
2ce27dc885
Added primitive display of post breach actions
2019-03-25 21:44:38 +02:00
VakarisZ
eb05dd46e7
PBA's stored on the database
2019-03-25 21:44:38 +02:00
VakarisZ
20d774b7df
Core functionality added, not tested yet
2019-03-25 21:44:38 +02:00
VakarisZ
8e78150db4
Front end input changed to text area
2019-03-25 21:44:38 +02:00
VakarisZ
e5f908754a
Started implementing custom post-breach actions
2019-03-25 21:44:38 +02:00
itaymmguardicore
9c0f4efce5
Merge pull request #280 from VakarisZ/monkey_dir
...
New directory for monkey and it's files
2019-03-25 11:39:54 +02:00
VakarisZ
fecfd138a0
Directory removal moved to happen before self_delete call
2019-03-25 10:48:56 +02:00
VakarisZ
d61c080848
Small refactor, values to island's config added.
2019-03-20 14:02:53 +02:00
VakarisZ
eb1cb91704
Removed monkey dir paths from island's configuration
2019-03-20 09:33:10 +02:00
VakarisZ
0268fa833f
New directory for monkey and it's files
2019-03-19 18:41:14 +02:00
Dhayalan
525e541156
Update vsftpd.py
...
Replaced sleep with recv, waits for the server to respond instead of sleeping
2019-03-15 15:24:17 +01:00
Dhayalan
1587aa2d4c
Update vsftpd.py
2019-03-15 12:47:59 +01:00
Dhayalan
7eaeef6919
Update ReportPage.js
...
Fix for issue #213
2019-03-13 13:07:59 +01:00
Dhayalan
0ed66f2cd8
Merge remote-tracking branch 'upstream/develop' into develop
2019-03-13 12:54:57 +01:00
Dhayalan
01cc702906
Update vsftpd.py
...
Removed (+,! ) used for debugging.
Changed the recv size from 1024 to 128
2019-03-13 11:31:26 +01:00
Dhayalan
53f12f4b67
Update ReportPage.js
...
Fix for issue #213
2019-03-12 20:53:16 +01:00
Dhayalan
9b0c0d4233
Update vsftpd.py
...
using `ftp_socket.recv(1024).decode('utf-8')` to prevent chances of race conditions
2019-03-12 19:51:12 +01:00
Dhayalan
47baea039a
Update vsftpd.py
...
Better exception log
2019-03-12 19:44:45 +01:00
Dhayalan
bb8a1c5c01
Updated the exploit.
...
The `.` was removed from reportpage.js and the exploit was modified.
2019-03-12 19:38:48 +01:00
Dhayalan
dade4daad2
Update vsftpd.py
...
Removed unused imports, removed hardcoded username and password.
Removed EXPLOIT_TYPE
Removed NONE in tatget_os_type
Reduced time to sleep from 2 to 1
2019-03-12 12:37:09 +01:00
Dhayalan
0b3e6274d9
Update vsftpd.py
...
Changed the payload from /tmp/monkey to generating payload using build_monkey_commandline
2019-03-12 12:16:20 +01:00
Dhayalan
6313ce7933
Update vsftpd.py
2019-03-12 12:06:17 +01:00
Dhayalan
0706bddda5
Added discription and details for repot.
...
Added discription and details about the exploit vsftpd
2019-03-11 16:09:09 +01:00
Dhayalan
2b47749385
Added a new exploit
...
A new exploit was added to the infection_monkey for the following vulnerability
https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor
2019-03-11 01:50:27 +01:00
Daniel Goldberg
3cd85ff85a
Merge pull request #276 from VakarisZ/mssql_partial_fix
...
MSSQL now is able to upload a payload
2019-03-09 12:24:47 +02:00
vakaris_zilius
c205636b10
MSSQL now is able to upload a payload
2019-03-08 15:34:17 +00:00
Daniel Goldberg
de2e0d88ba
Merge pull request #275 from Dhayalanb/develop
...
Updated Create_certificate to key of length 2048
2019-03-07 13:14:22 +02:00
Dhayalan
3372ea7820
Updated Create_certificate to key of length 2048
...
deb package creates a key of length 1024 by default and and since the release of openssl 1.1.1 the default openssl.conf file at /etc/ssl/openssl.conf has CipherString = DEFAULT@SECLEVEL=2 , resulting in the key length to be small. In order to adhere to SECLEVEL=2 the key length was increased from 1024 to 2048.
2019-03-07 12:09:03 +01:00
VakarisZ
9019db777a
Removed docs that can not be versioned
2019-03-05 11:56:58 +02:00
Daniel Goldberg
16f0b475af
Merge pull request #255 from VakarisZ/avoid_sshguard
...
Exploitation order + tiny monkey.py refactor
2019-03-05 11:42:35 +02:00
Daniel Goldberg
3f91f273cb
Fix typo in README
2019-02-27 17:18:56 +02:00
VakarisZ
cc327633ec
Added enum34 to requirements
2019-02-26 19:55:47 +02:00
itay
38381c4c9d
Merge branch 'develop'
2019-02-26 12:38:05 +02:00
itay
ebe79d74d4
Disable MSSQL exploiter
2019-02-26 10:51:38 +02:00
VakarisZ
04358d556a
Exploit ordering implemented using enum
2019-02-22 11:08:21 +02:00
Daniel Goldberg
3691b432fa
Merge pull request #272 from guardicore/bugfix/mssql-bugfixes
...
fix expanding of env variables
2019-02-21 17:50:15 +02:00
itay
b5523a9c54
fix expanding of env variables
2019-02-21 16:50:02 +02:00
itaymmguardicore
8069d27346
Merge pull request #271 from guardicore/hotfix/sambacry-catch-another-exception
...
Sambacry now catches NetBIOSError on attempting credentials
2019-02-21 12:34:54 +02:00
itay
df8de92ea9
Sambacry now catches NetBIOSError on attempting credentials
2019-02-21 12:10:59 +02:00
VakarisZ
765ff0e0a8
Merge pull request #269 from VakarisZ/weblogic_quickfix
...
Weblogic default timeout increased
2019-02-19 11:01:17 +02:00
VakarisZ
0e24f45fc9
Merge remote-tracking branch 'upstream/develop' into weblogic_quickfix
2019-02-19 10:58:10 +02:00
VakarisZ
bdb8b56fcc
Weblogic timeout increased
2019-02-19 10:57:47 +02:00
itaymmguardicore
85044bc0c7
Merge pull request #268 from guardicore/bugfix/reset-then-update-config
...
Fixed bug where config reset followed by update failed
2019-02-18 14:46:05 +02:00
itay
122ce5f406
Fixed bug where config reset followed by update failed
2019-02-18 14:45:03 +02:00