Commit Graph

1488 Commits

Author SHA1 Message Date
maor.rayzin b46810e02b * Finalized the MS-SQL code
* Changed the log to the right handle and added exceptions info.

* better docs and some pep 8
2018-06-27 21:30:54 +03:00
Daniel Goldberg 3118620c8a
Merge pull request #146 from VakarisZ/struts2RCE
Struts2 rce
2018-06-26 18:37:07 +03:00
Vakaris c278b0a29c Small changes 2018-06-26 18:03:31 +03:00
maor.rayzin 149525d205 Added the MSSQLExploiter class
The helper functions and utils are in mssqlexec_utils.py file
Everything is documented and this commit is still WIP.

* Added the class to the monkey's config file and example.
* Added the class to the UI config.
* Added the class import to __init__.py file
2018-06-26 17:47:43 +03:00
Vakaris 6a37f2b953 removed debugging code 2018-06-25 19:11:58 +03:00
Vakaris 671452243d Fixed some bugs and more notes 2018-06-25 18:26:34 +03:00
Vakaris 81712ddbf0 Merge branch 'struts2RCE' of https://github.com/VakarisZ/monkey into struts2RCE 2018-06-22 14:57:04 +03:00
Vakaris 7ce790affa Some notes fixed 2018-06-22 14:55:52 +03:00
Daniel Goldberg d510476658
Merge branch 'develop' into struts2RCE 2018-06-21 13:23:12 +03:00
Daniel Goldberg f55133e8c1
Merge pull request #142 from guardicore/feature/MSSQL_fingerprint
Feature/mssql fingerprint
2018-06-21 11:46:21 +03:00
Daniel Goldberg 2ddae99687
Merge pull request #144 from guardicore/bugfix/fix-bad-default-config
Fix default config values
2018-06-21 11:40:44 +03:00
Daniel Goldberg 385cf13636
Merge pull request #143 from guardicore/hotfix/update-growl
Update mocha
2018-06-21 11:40:07 +03:00
Vakaris 208411d6fc Cosmetic changes 2018-06-21 00:10:56 +03:00
Vakaris ef6c512ea9 Finished up exploitation and added reporting 2018-06-20 22:35:18 +03:00
Vakaris 2d27972e7e Struts exploitation working, and tested with win-64 and ubuntu 2018-06-20 16:58:20 +03:00
Vakaris 413bdd9254 Not yet functioning and tested, but most functions are done 2018-06-19 18:08:52 +03:00
Vakaris 9a8a6c6e28 Now exploiting both win and linux. Also, added check if monkey is not already present 2018-06-19 18:05:09 +03:00
Itay Mizeretz ddaeb7dbf8 more fixes to deb 2018-06-13 20:48:04 +03:00
Itay Mizeretz 79d8012bb2 Merge branch 'develop' into feature/support-common-folder
# Conflicts:
#	monkey/infection_monkey/exploit/shellshock.py
#	monkey/infection_monkey/test/config__test.py
2018-06-13 18:03:43 +03:00
Itay Mizeretz 0173aaf3f6 Update mocha
Change color structure for edge - required by update
2018-06-13 17:36:17 +03:00
Itay Mizeretz 20d4b3a642 Fix default config values 2018-06-13 16:05:12 +03:00
Itay Mizeretz 36230fa25c monkey island can now be run from both monkey_island.py and run_cc.bat 2018-06-13 15:40:13 +03:00
Itay Mizeretz 4e207256dd infection monkey works via infection_monkey.py or monkey.exe 2018-06-13 14:38:58 +03:00
maor.rayzin db6f44109b * Responding to the PR comments with the logs and usage changes. 2018-06-12 16:29:27 +03:00
maor.rayzin d312a3a771 * Changed name from MSSQLFingerprint to MSSQLFinger to match convention.
* Added UI support for the new fingerprint in Monkey Island.
* UI supports includes writing up MSSQL as a service under node's
  services list.
2018-06-12 13:26:28 +03:00
maor.rayzin fe1f6d67e5 Merge branch 'develop' into feature/MSSQL_fingerprint 2018-06-11 20:19:12 +03:00
maor.rayzin 1272700fe5 * Added an author mark and updated docs
* Changed the module to use the VictimHost object as host
* added True\False return statements.
2018-06-09 20:02:18 +03:00
maor.rayzin fadafdbd3a Updated the config files to default include the mssql fingerfrint class: MSSQLFingerprinter, in the monkey's configuration. 2018-06-09 18:23:54 +03:00
maor.rayzin d4c1871f87 Implemented the first draft of the mssql fingerprint class
Every line of code is documented and straight forward.
2018-06-09 18:23:08 +03:00
maor.rayzin 8b22a52006 Added the mssql finger class to the main network init file so it will be usable. 2018-06-09 18:16:39 +03:00
maor.rayzin 293c204ddd Created the MSSQL_fingerprinter branch,
added the fingerprint class WIP.
2018-06-09 17:51:46 +03:00
Daniel Goldberg de832780b6 Removed overly verbose logging line, triggered every 2 seconds 2018-06-06 13:54:21 +03:00
Daniel Goldberg 5e7a218b44
Merge pull request #138 from VakarisZ/SSH_key_stealing
SSH key stealing
2018-06-05 16:59:54 +03:00
Daniel Goldberg ecdd2e8762
Merge branch 'develop' into SSH_key_stealing 2018-06-05 16:59:28 +03:00
Daniel Goldberg d77704b3e2
Merge pull request #139 from guardicore/feature/Adding_logs_to_monkey_island
Feature/adding logs to monkey island
2018-06-05 14:06:23 +03:00
Vakaris 0503f90168 Notes fixed 2018-06-04 12:07:10 +03:00
maor.rayzin f37fabaf75 I've added logs to cover these situations and modules:
Configuration reset
    Configuration Insert
    Configuration Update
    Report steps
    Monkey downloads
    Env startup logs

Also I've changed the logging init position so it covers every functions from main, some functions and vars are being called and init from import level, in order to log those situations I had to init the log system right on the beginning of the module.
2018-05-31 19:27:26 +03:00
maor.rayzin ad0d9f4567 Added more log lines 2018-05-31 18:35:33 +03:00
Daniel Goldberg 9fa92d0c88 Fix typo in warning 2018-05-31 15:39:36 +03:00
Daniel Goldberg c7ed02b98e Bugfix, run Shellshock attack as dropper rather than monkey 2018-05-31 15:38:54 +03:00
maor.rayzin 509558fbb2 Changed the log formatting a bit, added file and function name and line
numbers to the log string.
2018-05-31 13:18:33 +03:00
maor.rayzin 05c4bb7ac7 Integrated an option to download the monkey island log files from the Log page in the web app. 2018-05-31 10:44:47 +03:00
maor.rayzin 6aeaf0f857 Integrated an option to download the monkey island log files from the Log page in the web app. 2018-05-30 18:30:56 +03:00
Vakaris 30a3bbf9a0 Exploitation of machines using ssh keys added. Also, added shh keys exploitation to report 2018-05-29 01:02:49 +03:00
Daniel Goldberg 3be4f07c75
Remove Monkey testing code, dead code as it is. (#137)
Remove the current UT code, it's not useful as it is.
2018-05-27 17:20:10 +03:00
Vakaris f45cebfd5e Does not store encrypted or already present ssh keys, shows all users from whom SSH private key were stolen under "stolen credentials" in report 2018-05-25 01:34:24 +03:00
Vakaris 5f194b70f2 Unecessary import fixed 2018-05-24 17:11:45 +03:00
Vakaris 4197ab12a3 SSH keys are now encrypted and added to database 2018-05-24 16:59:22 +03:00
Itay Mizeretz 8a56144a09 Various required fixes 2018-05-23 20:29:32 +03:00
Itay Mizeretz d30f2cf8dc Update scripts 2018-05-23 20:26:33 +03:00