Mike Salvatore
66d9549507
Agent: Add human-readable thread names to AutomatedMaster
2022-03-09 16:38:52 +02:00
Mike Salvatore
847c7fbf9b
Agent: Add human-readable thread name to aws_environment_check
2022-03-09 16:38:52 +02:00
Mike Salvatore
87dbe20c23
Agent: Add human-readable thread name to MonkeyTunnel
2022-03-09 16:38:52 +02:00
Mike Salvatore
f9a7672767
Agent: Add optional name to create_daemon_thread and run_worker_threads
2022-03-09 16:38:52 +02:00
Mike Salvatore
b34c287238
Agent: Log thread name instead of thread ID
2022-03-09 16:38:52 +02:00
vakaris_zilius
3dc8ef606c
Agent: add lock to wmi tools
...
impacket libraries used for WMI are not designed for multithreading
2022-03-09 16:38:52 +02:00
vakaris_zilius
16535e06c7
Agent: fix a bug in WMI exploiter related to depth
2022-03-09 16:38:52 +02:00
vakaris_zilius
4ce731c769
Agent: generate brute force credentials from exploiter options
...
All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
2022-03-09 16:38:52 +02:00
vakarisz
4e7e4a9eee
Agent: replace get_monkey_depth with self.current_depth
2022-03-09 16:38:52 +02:00
vakarisz
dc1a2ab1c1
Agent: move brute-force input generation from wmiexec to brute_force
2022-03-09 16:38:52 +02:00
Mike Salvatore
77f58b942b
Agent: Remove monkeyfs references in smb_tools.py
2022-03-09 16:38:52 +02:00
Mike Salvatore
f57977dd53
Agent: Add missing return to WmiExploiter
2022-03-09 16:38:52 +02:00
Mike Salvatore
98f8a5b48a
Agent: Fix malformed WMI query in WMIExploiter
2022-03-09 16:38:52 +02:00
Mike Salvatore
e76b46c8ca
Island: Add smb_download_timeout to SMB and WMI exploiter options
2022-03-09 16:38:52 +02:00
Mike Salvatore
6862ef39ee
Agent: Load WMIExploiter into puppet
2022-03-09 16:38:52 +02:00
vakarisz
aa5220b04a
Agent: modify wmiexec.py to return ExploitResultData
2022-03-09 16:38:52 +02:00
vakarisz
c932a19b47
Agent: decouple wmiexec.py from WormConfig object
2022-03-09 16:38:52 +02:00
vakarisz
d7e222c8a8
Agent: improve logging in wmiexec.py
2022-03-09 16:38:52 +02:00
vakarisz
af9736a8ea
Agent: added a todo to assess smb connection timeout
2022-03-09 16:38:52 +02:00
vakarisz
afc43ae806
Agent: fix a bug in wmi_tools
...
Fix a bug in wmi connection cleanup where incorrect keys were being used on a dictionary
2022-03-09 16:38:51 +02:00
Mike Salvatore
4832bc12d9
Merge pull request #1764 from guardicore/scan-depth
...
Scan depth
2022-03-07 12:37:20 -05:00
Mike Salvatore
1de449351e
Merge pull request #1765 from guardicore/1755-fix-hadoop-cmd
...
Agent: Prevent overwriting hadoop linux agent
2022-03-07 12:37:02 -05:00
Mike Salvatore
c886daba8a
Agent: Increase detail of HADOOP_LINUX_COMMAND comment
2022-03-07 12:35:52 -05:00
Mike Salvatore
aef3de1e8e
Agent: Remove special depth processing from WormConfiguration
2022-03-07 10:30:19 -05:00
Mike Salvatore
524b97078d
Agent: Pass current depth to AutomatedMaster
2022-03-07 10:30:17 -05:00
Mike Salvatore
7cae4d6dec
Agent: Pass depth to exploiters
2022-03-07 10:25:53 -05:00
Mike Salvatore
41287d458b
Agent: Don't propagate if depth == 0
2022-03-07 10:25:53 -05:00
Mike Salvatore
fd2143a4df
Agent: Re-raise exceptions in HostExploiter
...
The AutomatedMaster can't process the exceptions if the HostExploiter
swallows them. The HostExploiter can log and re-raise the exceptions so
they can be processed by the AutomatedMaster.
2022-03-07 10:24:22 -05:00
Ilija Lazoroski
c802f21756
Agent: Prevent overwriting hadoop linux agent
...
Because hadoop is re-requesting agents, we don't get the
agent if it already there, if it has size 0 and if it exists
we remove it.
2022-03-07 15:40:15 +01:00
Mike Salvatore
00829ac094
Agent: Add TODOs to AutomatedMaster
2022-03-07 06:20:34 -05:00
Mike Salvatore
754402c69d
Agent: Gracefully handle unexpected exceptions when running exploiters
2022-03-07 06:16:23 -05:00
Mike Salvatore
e58d06b91e
Merge pull request #1757 from guardicore/1736-add-log4shell-to-puppet
...
Add Log4Shell to puppet
2022-03-07 05:52:21 -05:00
Mike Salvatore
0e01264bb6
Agent: Make do_GET() and inner function of _get_new_http_handler_class
2022-03-07 05:21:48 -05:00
Mike Salvatore
95be74ed81
Agent: Reorder exploit_class_http_server.py
2022-03-07 05:18:28 -05:00
Mike Salvatore
c4f971ff33
Agent: Add comment to _get_new_http_handler_class()
2022-03-07 05:16:46 -05:00
Mike Salvatore
3698a28e26
Agent: Add return type annotation to remove_monkey_dir()
2022-03-07 05:13:48 -05:00
Mike Salvatore
ca485bf569
Agent: Return temporary monkey_dir as Path instead of str
2022-03-07 05:13:46 -05:00
Mike Salvatore
efa0c5beb4
Agent: Format HTTPFingerprinter with Black
2022-03-04 17:05:35 -05:00
Mike Salvatore
bf998f5021
Agent: Fix HTTPHandler class name in ExploitClassHTTPServer
2022-03-04 17:03:37 -05:00
Mike Salvatore
df495f98c7
Agent: Fix twisted import parallelization bug
2022-03-03 14:49:39 -05:00
Mike Salvatore
93415cf2c8
Agent: Add TODO to Log4ShellExploiter
2022-03-03 14:40:41 -05:00
Mike Salvatore
515edf265a
Island: Add helpful logging to MonkeyDownload resource
2022-03-03 13:48:18 -05:00
Mike Salvatore
928192b9b0
Agent: Add helpful debug logging to log4shell exploiter
2022-03-03 13:48:00 -05:00
Mike Salvatore
d3c75200fd
Agent: Remove SystemInfoCollector references from dropper.py
2022-03-03 11:31:11 -05:00
vakarisz
b20abad0b6
Island: change manual run commands to target /os download endpoints
...
Now monkey agents are downloaded not by name, but by os, so url's had to change
2022-03-03 17:42:10 +02:00
Shreya Malviya
04facab583
UI: Fix manual running commands' address shown on Island's run page
2022-03-03 20:08:10 +05:30
Mike Salvatore
9af6c3bed1
Agent: Suppress debug logging of urllib3
...
urllib3 debug logs are unnecessarily verbose for our purposes. Setting
the log level of urllib3 to debug unclutters the logs and makes
debugging simpler.
2022-03-03 09:37:39 -05:00
Mike Salvatore
4408601332
UT: Add unit test for missing server header in valid http response
2022-03-03 09:18:54 -05:00
vakaris_zilius
08aac019d8
Agent: Fix false negatives in HTTPFingerprinter
2022-03-03 09:10:30 -05:00
vakaris_zilius
454b038948
Monkey: fix a bug where incorrect windows type string results in key error in pre_exploit()
2022-03-03 09:25:56 +00:00