Ilija Lazoroski
ef4a465515
Agent: Add tags to exploitation and propagation events in Log4Shell
2022-10-06 13:22:38 +02:00
Ilija Lazoroski
c5506f98e8
Agent: Publish Propagation and Exploitation events from Log4Shell
2022-10-06 13:22:38 +02:00
vakarisz
c90044074d
Island: Remove storage error when node wasn't modified
...
Upserting should throw an error when updating or inserting went wrong, not when a node is already up to date.
2022-10-06 14:21:13 +03:00
Ilija Lazoroski
95f1e3cb7b
Agent: Modify tags methods to be properties in SSHExploiter
2022-10-06 13:16:49 +02:00
Ilija Lazoroski
dcb08b2881
Agent: Convert IPv4Address to str when connecting to socket
2022-10-06 13:15:42 +02:00
Ilija Lazoroski
f0112410c9
Agent: Rename stamp to timestamp in SSHExploiter
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
e11bd2c7f2
Agent: Stamp start time prior to running exploit
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
aba886624e
Agent: Send propagation events sooner
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
e8f48085a4
Agent: Use the tag properties
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
79f72dda55
Agent: Stop sending PropagationEvent before attempt
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
72378f4e53
Agent: Publish scan event when checking ssh port
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
431d6ae775
Agent: Extract method _get_ssh_port
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
0a1901b9a1
Agent: Use error to propagate failure
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
a2534391a6
Agent: Extract method _propagate
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
1cb88e029a
Agent: Extract method _exploit
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
b31eb885f0
Agent: Extract method _get_victim_os
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
dc8a0ac2ad
Agent: Extract method _upload_agent_binary
2022-10-06 13:15:42 +02:00
Kekoa Kaaikala
9dac64b60e
Agent: Update ssh exploiter tags
2022-10-06 13:15:42 +02:00
Ilija Lazoroski
5d9416c385
Agent: Use common.tags to publish events in SSHExploiter
2022-10-06 13:15:42 +02:00
Ilija Lazoroski
5948537d4a
Agent: Add tags to SSHExploiter
2022-10-06 13:15:42 +02:00
Ilija Lazoroski
ddaada1f09
Agent: Revise event publishing in SSHExploiter
2022-10-06 13:15:42 +02:00
vakarisz
2248bdcd67
Island: Add _get_node_by_id method to mongo_node_repository.py
2022-10-06 14:10:47 +03:00
Shreya Malviya
e2453e481c
Agent: Rename variables in HostExploiter
2022-10-06 16:38:42 +05:30
Kekoa Kaaikala
254b4e1c6c
Agent: Update publish methods to accept timestamp
2022-10-05 19:43:25 +00:00
Kekoa Kaaikala
12e9aaf42e
Agent: Add abstract properties for exploiter tags
2022-10-05 17:32:48 +00:00
Kekoa Kaaikala
95b1d9c62d
Agent: Remove target from publish methods
2022-10-05 15:57:15 +00:00
vakarisz
249950d602
Island: Improve tcp handler code and coverage
2022-10-05 17:07:19 +03:00
vakarisz
6c913895c5
Island: Add TCP connections to nodes based on TCP scan event
2022-10-05 15:33:16 +03:00
vakarisz
bbcdc1bef4
Island: Make upsert_node method public
...
Updating/inserting the node into the repository is required outside of repository itself.
2022-10-05 15:33:11 +03:00
Mike Salvatore
73a8c14397
Merge branch '2269-add-attack-technique-tags' into develop
...
PR #2394
2022-10-05 08:25:51 -04:00
Ilija Lazoroski
63f869d296
Project: Add common.tags and HostExploiter publish functions to Vulture
2022-10-05 14:21:23 +02:00
Mike Salvatore
82217b4094
Merge branch 2267-add-network-services into develop
...
PR #2398
2022-10-05 08:20:13 -04:00
Mike Salvatore
10e3c97489
Island: Use Tuple[SocketAddress] for tcp_connections
...
There are serialization issues when using FrozenSet because pydantic
converts the SocketAddress to a dict, which is not hashable. There are
probably ways to work around this, but it's not worth the effort at thsi
time. If performance becomes an issue (doubtful) we can revisit using a
frozenset instead.
2022-10-05 14:51:31 +03:00
Mike Salvatore
8799a60f47
Island: Fix serialization/deserialization of Machine.network_services
2022-10-05 14:51:30 +03:00
Mike Salvatore
d8cf5d33dd
Common: Extract MutableInfectionMonkeyModelConfig
2022-10-05 14:51:30 +03:00
Mike Salvatore
eb3daf84f1
Common: Use strings for NetworkService Enum values
2022-10-05 14:51:30 +03:00
Mike Salvatore
f6ed8a997c
Common: Rename NetworkServiceNameEnum -> NetworkService
...
"Name" and "Enum" are redundant in this case
2022-10-05 14:51:25 +03:00
vakarisz
8bf1d1f46f
Island, Common: Add services to machine.py
2022-10-05 14:51:01 +03:00
vakarisz
a390c97b70
Island: Add tcp_connections to node
2022-10-05 14:50:02 +03:00
vakarisz
80a095b657
Agent: Use NetworkPort instead of Port
2022-10-05 14:50:02 +03:00
Ilija Lazoroski
2ece91b9df
Agent: Rename event_queue to agent_event_queue in SSHCredentialCollector
2022-10-05 11:37:58 +02:00
Ilija Lazoroski
c7e2b91735
Agent: Rename event_queue to agent_event_queue in
...
MimikatzCredentialCollector
2022-10-05 11:34:50 +02:00
Ilija Lazoroski
19fcf8d053
Agent: Import attack technique tags from common in MimikatzCollector
2022-10-05 11:30:09 +02:00
Ilija Lazoroski
c8aee645fa
Agent: Import attack technique tags from common in SSHCollector
2022-10-05 11:24:52 +02:00
Ilija Lazoroski
491612f9e8
Common: Add T1005 and T1145 attack technique tags
2022-10-05 11:21:28 +02:00
Ilija Lazoroski
0ed167fb48
Agent: Import attack technique tags from common in Zerologon
2022-10-05 11:13:39 +02:00
Ilija Lazoroski
e46bb8964d
Common: Add T1003 and T1098 attack technique tags
2022-10-05 11:11:18 +02:00
Mike Salvatore
fd8ea53e8b
Merge branch '2269-remove-find_monkeys_in_db' into develop
...
PR #2391
2022-10-04 18:21:00 -04:00
Mike Salvatore
bbbb1ac773
Island: Remove disused LogBlackboxEndpoint
2022-10-04 16:30:13 -04:00
Mike Salvatore
6ae7676322
BB: Pass generator instead of list comprehension to all()
...
This will allow a short-circuit.
2022-10-04 16:30:13 -04:00