Commit Graph

441 Commits

Author SHA1 Message Date
Kekoa Kaaikala 57b4ec4117 BB: Refactor agent communication check
Updated CommunicationAnalyzer to use the /api/agents and /api/machines
endpoints to determine whether or not an agent communicated back to the
island.

Resolves PR #2388
2022-10-03 14:28:22 -04:00
Mike Salvatore d922d71081 BB: Add error message when machine is missing interfaces 2022-10-03 10:14:48 -04:00
Mike Salvatore 378e8d55ff BB: Add type hints to MonkeyLogsDownloader.__init__() 2022-10-03 07:54:36 -04:00
Mike Salvatore 477e80bfba BB: Remove disused MonkeyIslandClient.find_log_in_db() 2022-10-03 07:52:40 -04:00
Mike Salvatore fc24d80410 BB: Change agent log file name
Use underscores to improve readability
2022-10-03 07:51:40 -04:00
Mike Salvatore e369ef2933 BB: Remove disused MonkeyLog 2022-10-02 16:57:58 -04:00
Mike Salvatore 6a783d9c3e BB: Use threading to download logs
Reduces time to download logs by approx. 40%, but may be unnecessary
after resolving https://github.com/guardicore/monkey/issues/2383
2022-10-02 16:57:56 -04:00
Mike Salvatore e4155648c1 BB: Download agent logs from new endpoints 2022-10-02 14:23:01 -04:00
Mike Salvatore c706466cdd BB: Add MonkeyIslandClient.get_agent_log() 2022-10-02 14:21:05 -04:00
Mike Salvatore 99c2c5c6ef BB: Add MonkeyIslandClient.get_machines() 2022-10-02 14:20:49 -04:00
Mike Salvatore b335601a05 BB: Add MonkeyIslandClient.get_agents() 2022-10-02 14:20:30 -04:00
Mike Salvatore 3db3df8bae BB: Add a TODO about parse_log() 2022-10-01 19:21:54 -04:00
vakarisz 26a5b4cf4d BB: Delete "skip_powershell_reuse" mark
Not sure why we would want to skip this test specifically
2022-09-27 17:28:12 +03:00
vakarisz 164c0d6127 BB: Add network diagram for powershell credential reuse test 2022-09-27 17:11:08 +03:00
vakarisz 85c101aff9 BB: Remove 46 from depth 3 test suite as it's reserved for credential reuse 2022-09-27 17:06:39 +03:00
vakarisz 031a0ab426 BB: Change powershell credential reuse test to a dedicated machine
Island shouldn't be part of the test, so powershell credential reuse was moved to powershell 46(exploited via log4shell) and powershell 44(exploited via credential reuse from powershell 46)
2022-09-27 17:06:39 +03:00
VakarisZ 9823301c3b
Merge pull request #2348 from guardicore/2299-rename-local-network-scan
Island: Rename local_network_scan
2022-09-27 16:00:36 +03:00
Shreya Malviya 688a41a11e BB: Rename local_network_scan -> scan_my_networks in test_configurations/noop.py 2022-09-27 16:32:09 +05:30
vakarisz b11cd9c5f1 Island: Remove agent controls
Agent controls are being replaced by agent signal events
2022-09-23 12:56:13 -04:00
Shreya Malviya 6174e8dfcb BB: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Shreya Malviya c586623b8b BB: '/api/agent-signals/terminate-all' -> '/api/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Shreya Malviya 1632d8b3e9 BB: 'kill_time' -> 'terminate_time' 2022-09-23 12:54:49 -04:00
Shreya Malviya 263fff28f3 BB: Use /api/agent-signals/terminate-all instead of /api/monkey-control/stop-all-agents 2022-09-23 12:54:49 -04:00
ilija-lazoroski 18ceb6c279
Merge pull request #2322 from guardicore/2181-credential-reuse-ete
2181 credential reuse ete
2022-09-21 13:58:12 +02:00
Ilija Lazoroski 3af38d7841 BB: Fix some minor configuration issue in CredentialsReuse 2022-09-20 18:06:12 +02:00
Ilija Lazoroski a2b8fceb28 BB: Add new CredentialReuse machines info to the Docs 2022-09-20 17:52:24 +02:00
Ilija Lazoroski 246c78e8c1 BB: Add the new machine to the Terraform scripts 2022-09-20 17:52:00 +02:00
Ilija Lazoroski 07d1062b80 BB: Add CredentialsReuse machines to test_machine_list 2022-09-20 17:51:39 +02:00
Ilija Lazoroski 6c11eb2a6b BB: Add new EtE test that reuses stolen ssh key to exploit a machine
Island --(password)--> A --(password)--> B --(A's SSH key)--> C
2022-09-20 17:49:55 +02:00
Ilija Lazoroski c13dcf464c BB: Export Credentials reuse with ssh key test configuration from
__init__
2022-09-20 17:49:01 +02:00
Ilija Lazoroski a9bec168b1 BB: Add Credentials Reuse with ssh key test configuration 2022-09-20 17:48:30 +02:00
Kekoa Kaaikala f635c2cd5f BB: Removed unneccessary logs from ZerologonAnalyzer 2022-09-20 15:32:18 +00:00
Ilija Lazoroski 0c6997c147 BB: Get the secret value from credentials in ZerologonAnalyzer 2022-09-19 15:52:04 +02:00
Ilija Lazoroski 547c9f7028 BB: Fix tunneling ToC in documentation 2022-09-16 16:41:26 +02:00
Ilija Lazoroski 95741acdf4 BB: Shorten import of depth_4_a_test_configuration 2022-09-16 16:37:00 +02:00
Ilija Lazoroski ecbee6a3cb BB: Fix tunneling-13 ip address in the test_configuration 2022-09-16 16:36:26 +02:00
Ilija Lazoroski 8df35e0107 BB: Export depth_4_a_test_configuration from __init__ 2022-09-16 16:35:54 +02:00
Ilija Lazoroski b50725b939 BB: Change zone of Depth4 machines 2022-09-16 15:36:11 +02:00
Shreya Malviya 75dddb0861 BB: Remove usage of CredentialComponentType in Zerologon analyzer 2022-09-15 14:07:18 +05:30
Shreya Malviya cf48189a07 BB: Use keyword parameters when creating Username/Password/NTHash objects 2022-09-15 14:00:14 +05:30
Shreya Malviya f57dad05c1 BB: Use keyword parameters when creating Credentials objects 2022-09-15 13:55:49 +05:30
vakarisz bc6da3d402 BB: Add documentation about changes to tunneling-11 2022-09-14 12:13:36 +03:00
vakarisz c281666504 BB: Remove tunneling-12 from depth-3 2022-09-14 12:10:06 +03:00
vakarisz 7a33802b7c BB: Add tunneling machines to the list of depth 3 test 2022-09-14 12:06:46 +03:00
Kekoa Kaaikala e7bb5ce535 BB: Add interface to tunneling-11 2022-09-13 19:52:04 +00:00
Kekoa Kaaikala b865c13a3b BB: Revert depth_3_a test 2022-09-13 19:45:57 +00:00
vakarisz c756c7ace2 BB: Add tunneling test diagrams 2022-09-09 17:51:37 +03:00
vakarisz 72c76319d1 BB: Move tunneling to depth 4a test suite 2022-09-08 16:58:14 +03:00
vakarisz b6588925e2 BB: Add tunneling-13 machine 2022-09-08 16:56:32 +03:00
Mike Salvatore 646b3a1b46 BB: Add `simplify=True` to Credentials serialization 2022-09-07 11:48:33 +00:00