vakarisz
dd3c5aac6f
Agent: small logging improvements in log4shel
2022-01-05 14:21:26 +02:00
vakarisz
d2181f6577
Agent, UT: fix ldap builder UT's and some imports in log4shell
2022-01-05 14:16:24 +02:00
Ilija Lazoroski
563438c7f8
Agent, Island: Add Apache Solr support for Log4Shell exploit
2022-01-05 12:37:08 +01:00
vakarisz
8a120110f5
Agent: change ldap and http ports to be chosen dynamically in log4shell
2022-01-05 12:46:40 +02:00
vakarisz
0659fddac6
Agent: add the docker POC exploit to log4shell
...
Implements the infrastructure needed to add different log4shell exploits and adds the
2022-01-04 17:48:45 +02:00
vakarisz
206abfa5e8
Agent: refactor a couple web_rce methods to static
2022-01-04 17:41:19 +02:00
vakarisz
e69639b426
Agent: use separate java classes for windows and linux in log4shell
...
Linux and windows targets should use different java classes, because one is compiled to be launched in /bin/bash, another in cmd.exe. We can't just inject the whole command, because Runtime.getRuntime().exec() interprets the string in strange ways
2022-01-04 16:09:19 +02:00
vakarisz
1884c6d767
TEMP: base implementation of the log4shell
2021-12-23 16:45:25 +02:00
vakarisz
41b97cb54a
TEMP: base implementation of the log4shell
2021-12-22 17:17:02 +02:00
Mike Salvatore
fddaa16931
Agent: Improve InvalidExploitTemplateError messages
2021-12-21 15:19:45 -05:00
Mike Salvatore
4d5a2511c6
Agent: Add LDAP server for log4shell exploit
2021-12-21 15:19:44 -05:00
Mike Salvatore
2a795723ab
Agent: Add ldaptor to dependencies
2021-12-21 15:12:50 -05:00
Mike Salvatore
68978907e2
Agent: Add build_exploit_bytecode for log4shell exploiter
2021-12-20 15:12:11 -05:00
Mike Salvatore
a48c1afefd
Agent: Construct concrete puppet in monkey.py
2021-12-20 06:56:47 -05:00
Mike Salvatore
e392915b26
Merge branch '1597-integrate-automated-master' into agent-refactor
2021-12-20 06:55:53 -05:00
Mike Salvatore
50930017fb
Agent: Use address_to_ip_port() in _running_on_island()
2021-12-17 10:55:58 -05:00
Mike Salvatore
8658b9edb3
Merge branch '1598-implement-run-payload' into agent-refactor
2021-12-17 10:30:46 -05:00
Mike Salvatore
b19ce79df6
Agent: Use relative imports within puppet package
2021-12-17 10:25:16 -05:00
Mike Salvatore
7b8b485b57
Agent: Mock out unimplemented functions in Puppet
2021-12-17 10:22:42 -05:00
Mike Salvatore
973c88678e
Agent: Move PluginType to the i_plugin package
2021-12-17 10:13:28 -05:00
Ilija Lazoroski
afbc313a7c
Agent: Handle interrupts in ransomware
2021-12-17 16:10:42 +01:00
Mike Salvatore
05c5764487
Agent: Add i_puppet package
2021-12-17 09:40:46 -05:00
Ilija Lazoroski
61a7647f9b
Agent: Add interrupt handling to ransomware
2021-12-17 15:31:20 +01:00
Shreya Malviya
958cf3a252
Agent, UT: Rename 'config' to 'options' in ransomware files
2021-12-17 19:55:26 +05:30
Mike Salvatore
0328d2860e
Agent: Add a RansomwarePayload that implements to the IPayload interface
2021-12-17 09:19:47 -05:00
Mike Salvatore
2299c029d7
Agent: Rename RansomwarePayload to Ransomware
...
A payload adheres to a specific IPayload interface. The class that is
now called RansomwarePayload is just a concrete ransomware. A new
RansomwarePayload will be introduced to wrap the build and execute of
the Ransomware.
2021-12-17 09:16:27 -05:00
Ilija Lazoroski
0a4ff25843
Agent: Implement Puppet.run_payload()
2021-12-17 09:02:12 -05:00
Ilija Lazoroski
b798255249
Agent: Add plugin_name attribute to puppet's load_plugin
2021-12-17 09:02:12 -05:00
Shreya Malviya
8e6abcb795
Agent: Add PluginRegistry
2021-12-17 09:02:12 -05:00
Mike Salvatore
ee1fa01dda
UT: Move ransomware unit tests to payload/ransomware/
2021-12-17 09:02:12 -05:00
Mike Salvatore
33e3a31030
Agent: Move ransomware/ to payload/ransomware/
2021-12-17 09:02:04 -05:00
Mike Salvatore
09a1297f47
Agent: User relative imports within ransomware package
2021-12-17 09:00:56 -05:00
Mike Salvatore
c18af3c3fb
Agent: Change return type of IPuppet.run_payload() to None
...
At the moment, we don't expect payloads to return any values. This may
be reevaluated as development proceeds or when telemetry is refactored.
2021-12-17 09:00:54 -05:00
vakarisz
89368f729f
Agent, Common, UT: Separate IP and Port in monkey
...
Instead of splitting IP/port on demand, separate the IP and port from monkey commandline parameter and pass them to VictimHostFactory
2021-12-17 15:30:10 +02:00
Mike Salvatore
3adb1d5b07
Agent: Add IPayload interface
2021-12-17 08:12:37 -05:00
Mike Salvatore
19bcaad7f2
Agent: Fix broken logic in get_local_network_interfaces()
2021-12-17 07:08:48 -05:00
Mike Salvatore
9e127b49ae
Agent: Get local network interfaces inside _build_master()
2021-12-16 19:17:05 -05:00
Mike Salvatore
637053e6cd
Agent: Integrate VictimHostFactory with monkey.py
2021-12-16 15:20:38 -05:00
Mike Salvatore
18fb4e7533
Agent: Add self._default_server to monkey.py
2021-12-16 15:08:43 -05:00
Mike Salvatore
b3bc9b2ffa
Agent: Refactor build_victim_host() to improve readability
2021-12-16 14:39:54 -05:00
Mike Salvatore
b6f2bab15b
Agent: Pass str (not None) to VictimHost constructor
2021-12-16 14:39:54 -05:00
Mike Salvatore
7cb1f761d8
Agent: Add type hints to VictimHost constructor
2021-12-16 14:39:54 -05:00
vakarisz
29d3cc2aaf
Agent, UT: Implement VictimHostFactory
...
Implements and unit tests the VictimHostFactory. The factory allows creation of victims based on current network situation of the agent
2021-12-16 14:39:54 -05:00
Mike Salvatore
ddd8a0e53a
Agent: Build an AutomatedMaster in monkey.py
2021-12-16 14:39:54 -05:00
Mike Salvatore
da3c6a4245
Agent: Add get_local_network_interfaces()
2021-12-16 14:39:54 -05:00
Mike Salvatore
332649d5d1
Agent: Integrate scan_target_generator with AutomatedMaster
2021-12-16 14:39:54 -05:00
Mike Salvatore
8e0efb1993
Island: Replace deprecated logging.warn() with logging.warning()
2021-12-16 14:38:54 -05:00
Mike Salvatore
dc3adc9d8b
UT: Fix annoying pytest warning regarting TestAuthenticationError
2021-12-16 14:37:39 -05:00
Mike Salvatore
e60297dff1
UT: Fix broken mock in test_stop_if_cant_get_stop_signal_from_island
2021-12-16 14:36:33 -05:00
Mike Salvatore
fd29393ce4
Merge pull request #1659 from guardicore/1597-implement-scan-target-generator
...
1597 implement scan target generator
2021-12-16 09:11:23 -05:00