Commit Graph

7654 Commits

Author SHA1 Message Date
Mike Salvatore 66d9549507 Agent: Add human-readable thread names to AutomatedMaster 2022-03-09 16:38:52 +02:00
Mike Salvatore 847c7fbf9b Agent: Add human-readable thread name to aws_environment_check 2022-03-09 16:38:52 +02:00
Mike Salvatore 87dbe20c23 Agent: Add human-readable thread name to MonkeyTunnel 2022-03-09 16:38:52 +02:00
Mike Salvatore f9a7672767 Agent: Add optional name to create_daemon_thread and run_worker_threads 2022-03-09 16:38:52 +02:00
Mike Salvatore b34c287238 Agent: Log thread name instead of thread ID 2022-03-09 16:38:52 +02:00
vakaris_zilius 3dc8ef606c Agent: add lock to wmi tools
impacket libraries used for WMI are not designed for multithreading
2022-03-09 16:38:52 +02:00
vakaris_zilius 16535e06c7 Agent: fix a bug in WMI exploiter related to depth 2022-03-09 16:38:52 +02:00
vakaris_zilius 4ce731c769 Agent: generate brute force credentials from exploiter options
All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
2022-03-09 16:38:52 +02:00
vakarisz 4e7e4a9eee Agent: replace get_monkey_depth with self.current_depth 2022-03-09 16:38:52 +02:00
vakarisz dc1a2ab1c1 Agent: move brute-force input generation from wmiexec to brute_force 2022-03-09 16:38:52 +02:00
Mike Salvatore 77f58b942b Agent: Remove monkeyfs references in smb_tools.py 2022-03-09 16:38:52 +02:00
Mike Salvatore f57977dd53 Agent: Add missing return to WmiExploiter 2022-03-09 16:38:52 +02:00
Mike Salvatore 98f8a5b48a Agent: Fix malformed WMI query in WMIExploiter 2022-03-09 16:38:52 +02:00
Mike Salvatore e76b46c8ca Island: Add smb_download_timeout to SMB and WMI exploiter options 2022-03-09 16:38:52 +02:00
Mike Salvatore 6862ef39ee Agent: Load WMIExploiter into puppet 2022-03-09 16:38:52 +02:00
vakarisz aa5220b04a Agent: modify wmiexec.py to return ExploitResultData 2022-03-09 16:38:52 +02:00
vakarisz c932a19b47 Agent: decouple wmiexec.py from WormConfig object 2022-03-09 16:38:52 +02:00
vakarisz d7e222c8a8 Agent: improve logging in wmiexec.py 2022-03-09 16:38:52 +02:00
vakarisz af9736a8ea Agent: added a todo to assess smb connection timeout 2022-03-09 16:38:52 +02:00
vakarisz afc43ae806 Agent: fix a bug in wmi_tools
Fix a bug in wmi connection cleanup where incorrect keys were being used on a dictionary
2022-03-09 16:38:51 +02:00
Mike Salvatore 4832bc12d9
Merge pull request #1764 from guardicore/scan-depth
Scan depth
2022-03-07 12:37:20 -05:00
Mike Salvatore 1de449351e
Merge pull request #1765 from guardicore/1755-fix-hadoop-cmd
Agent: Prevent overwriting hadoop linux agent
2022-03-07 12:37:02 -05:00
Mike Salvatore c886daba8a Agent: Increase detail of HADOOP_LINUX_COMMAND comment 2022-03-07 12:35:52 -05:00
Mike Salvatore aef3de1e8e Agent: Remove special depth processing from WormConfiguration 2022-03-07 10:30:19 -05:00
Mike Salvatore 524b97078d Agent: Pass current depth to AutomatedMaster 2022-03-07 10:30:17 -05:00
Mike Salvatore 7cae4d6dec Agent: Pass depth to exploiters 2022-03-07 10:25:53 -05:00
Mike Salvatore 41287d458b Agent: Don't propagate if depth == 0 2022-03-07 10:25:53 -05:00
Mike Salvatore fd2143a4df Agent: Re-raise exceptions in HostExploiter
The AutomatedMaster can't process the exceptions if the HostExploiter
swallows them. The HostExploiter can log and re-raise the exceptions so
they can be processed by the AutomatedMaster.
2022-03-07 10:24:22 -05:00
Ilija Lazoroski c802f21756 Agent: Prevent overwriting hadoop linux agent
Because hadoop is re-requesting agents, we don't get the
agent if it already there, if it has size 0 and if it exists
we remove it.
2022-03-07 15:40:15 +01:00
Mike Salvatore 00829ac094 Agent: Add TODOs to AutomatedMaster 2022-03-07 06:20:34 -05:00
Mike Salvatore 754402c69d Agent: Gracefully handle unexpected exceptions when running exploiters 2022-03-07 06:16:23 -05:00
Mike Salvatore e58d06b91e
Merge pull request #1757 from guardicore/1736-add-log4shell-to-puppet
Add Log4Shell to puppet
2022-03-07 05:52:21 -05:00
Mike Salvatore 0e01264bb6 Agent: Make do_GET() and inner function of _get_new_http_handler_class 2022-03-07 05:21:48 -05:00
Mike Salvatore 95be74ed81 Agent: Reorder exploit_class_http_server.py 2022-03-07 05:18:28 -05:00
Mike Salvatore c4f971ff33 Agent: Add comment to _get_new_http_handler_class() 2022-03-07 05:16:46 -05:00
Mike Salvatore 3698a28e26 Agent: Add return type annotation to remove_monkey_dir() 2022-03-07 05:13:48 -05:00
Mike Salvatore ca485bf569 Agent: Return temporary monkey_dir as Path instead of str 2022-03-07 05:13:46 -05:00
Mike Salvatore efa0c5beb4 Agent: Format HTTPFingerprinter with Black 2022-03-04 17:05:35 -05:00
Mike Salvatore bf998f5021 Agent: Fix HTTPHandler class name in ExploitClassHTTPServer 2022-03-04 17:03:37 -05:00
Mike Salvatore df495f98c7 Agent: Fix twisted import parallelization bug 2022-03-03 14:49:39 -05:00
Mike Salvatore 93415cf2c8 Agent: Add TODO to Log4ShellExploiter 2022-03-03 14:40:41 -05:00
Mike Salvatore 515edf265a Island: Add helpful logging to MonkeyDownload resource 2022-03-03 13:48:18 -05:00
Mike Salvatore 928192b9b0 Agent: Add helpful debug logging to log4shell exploiter 2022-03-03 13:48:00 -05:00
Mike Salvatore d3c75200fd Agent: Remove SystemInfoCollector references from dropper.py 2022-03-03 11:31:11 -05:00
vakarisz b20abad0b6 Island: change manual run commands to target /os download endpoints
Now monkey agents are downloaded not by name, but by os, so url's had to change
2022-03-03 17:42:10 +02:00
Shreya Malviya 04facab583 UI: Fix manual running commands' address shown on Island's run page 2022-03-03 20:08:10 +05:30
Mike Salvatore 9af6c3bed1 Agent: Suppress debug logging of urllib3
urllib3 debug logs are unnecessarily verbose for our purposes. Setting
the log level of urllib3 to debug unclutters the logs and makes
debugging simpler.
2022-03-03 09:37:39 -05:00
Mike Salvatore 4408601332 UT: Add unit test for missing server header in valid http response 2022-03-03 09:18:54 -05:00
vakaris_zilius 08aac019d8 Agent: Fix false negatives in HTTPFingerprinter 2022-03-03 09:10:30 -05:00
vakaris_zilius 454b038948 Monkey: fix a bug where incorrect windows type string results in key error in pre_exploit() 2022-03-03 09:25:56 +00:00