Mike Salvatore
9ed689946c
Docs: Minor edits to Linux setup documentation
2021-11-30 12:56:52 -05:00
Mike Salvatore
3e8f7382d0
Docs: Minor edits to docker setup documentation
2021-11-30 12:53:55 -05:00
Mike Salvatore
9e036c8853
Doc: Make minor edits to windows setup documentation
2021-11-30 12:52:40 -05:00
Mike Salvatore
7570064ae7
Docs: Remove erroneous comment about log level for agents
...
Agents' log level is not configurable at this time.
2021-11-30 12:49:19 -05:00
Mike Salvatore
0b7da7ed67
Docs: Fix "logging" links in FAQ
2021-11-30 12:48:03 -05:00
Mike Salvatore
e76915cf96
Merge pull request #1634 from guardicore/1610-cleanup-ransomware
...
Cleanup function for ransomware
2021-11-30 12:31:04 -05:00
Mike Salvatore
a5fc0bc393
Agent: Change readme if condition in RansomwarePayload.cleanup()
...
If the _readme_incomplete flag is set but no readme file has been left
in the target directory, do not leave a new readme file. This can happen
if the thread is forcefully killed between the time when the flag is set
and the file is first created. The cleanup function is only concerned
with cleaning up incomplete files, not ensuring the existence of the
file under all circumstances.
2021-11-30 12:03:37 -05:00
Mike Salvatore
789a6691c1
Agent: Improve log messages in RansomwarePayload.cleanup()
2021-11-30 12:03:37 -05:00
Mike Salvatore
62a6b09e00
Agent: Use `self._target_directory` in RansomwarePayload
2021-11-30 12:03:37 -05:00
Mike Salvatore
14c298e89c
Agent: Move exception handling from readme_dropper to ransomware_payload
2021-11-30 12:03:26 -05:00
Mike Salvatore
f87802678b
Tests: Use default parameters in build_ransomware_payload() fixture
...
This allows ransomware payloads with different mocks to be built on a
per-test basis with minimal effort and maximal code reuse.
2021-11-30 11:13:03 -05:00
Shreya Malviya
bedc8d4f84
Agent: Add cleanup logic for ransomware payload
2021-11-30 11:12:51 -05:00
VakarisZ
0a32ac888e
Docs: moved server configuration and common configuration operation docs to corresponding deployment option setup pages
2021-11-30 15:44:46 +02:00
VakarisZ
06f31791fc
Island, UT: fix island config option extraction to also expand paths and add a UT for that
2021-11-30 12:12:29 +02:00
VakarisZ
03566d2966
Island: remove the server config extraction from server_config.json in island's cwd
...
All deployments can be configured via command line OR by modifying the server_config.json that comes with the deployment
2021-11-30 12:06:02 +02:00
VakarisZ
e95df875be
Island: fix a bug in server's config options extraction that caused unspecified properties to get overridden by defaults
2021-11-30 10:27:09 +02:00
Ilija Lazoroski
f8441f2d7f
Agent: Refactor the new start and cleanup function
2021-11-29 19:57:25 +01:00
Ilija Lazoroski
72f4fc1ef6
Agent: Remove intialize both from monkey and dropper
...
Add legacy start and cleanup to the agent which
are the same code reformated in the previous commits.
Reformat start function.
2021-11-29 18:54:52 +01:00
VakarisZ
68ea983458
UT: fixed the path to consts in test_server_setup.py
2021-11-29 17:27:26 +02:00
VakarisZ
ffe9a65037
Docs: improve the documentation by specifying that user can use log levels `info` and `debug`, instead of saying "default Python log levels"
2021-11-29 17:21:46 +02:00
VakarisZ
04feb1b31d
Island,UT: move PACKAGE_CONFIG_PATH and USER_CONFIG_PATH consts to config_setup.py, where they are used
2021-11-29 15:16:02 +02:00
VakarisZ
7e479ec3df
Island: improve readability in config_setup.py by renaming methods and adding default parameter to IslandConfigOptions
2021-11-29 14:47:37 +02:00
Shreya Malviya
75226bdf6e
Agent: Comment out mock master things in monkey.py
...
So that both 'masters' don't run at the same time.
To test the mock master, un-comment the lines in this commit and
comment the lines `self._start_post_breach_async()` and `self._start_propagation()`
in `start()`.
2021-11-29 15:26:12 +05:30
VakarisZ
811983a8b5
Island: refactor/change exit() to the syntax of sys.exit
2021-11-29 11:35:22 +02:00
VakarisZ
3e32dbbc52
Docs: extract the server configuration workflow to a separate server_configuration.md page, which explains how to setup and use server_configuration.json
...
This change extracts server_config.json usage into a single page, which can then be referred to from any page that requires island configuration
2021-11-26 17:05:38 +02:00
Ilija Lazoroski
1ee6d10b4c
Agent: Refactor agent startup
...
Reorder and rename functions.
2021-11-26 13:34:06 +01:00
Ilija Lazoroski
3c13324e8a
Agent: Change send_exploit_telemetry for host exploiter
2021-11-26 13:32:41 +01:00
VakarisZ
dcc71faaa9
Island: try reading server_config.json from install directory
...
On windows it's not easy to pass server_config as a commandline parameter. It's easier to just create a file in install directory.
2021-11-26 12:04:46 +02:00
VakarisZ
00665cbae0
Island: implements the logic of server config extraction and adds unit tests for it
...
Since server_config.json no longer needs to be writable, we can load defaults, then override package specific options and lastly override user specified options to form the final config for island
2021-11-26 12:04:46 +02:00
VakarisZ
00819ccf40
Build: remove unused server config options from docker
...
Options removed match the defaults so there's no reason to keep them
2021-11-26 12:04:46 +02:00
VakarisZ
7e21635733
Island: separate the workflow of config extraction from data directory setup
2021-11-26 12:04:46 +02:00
Ilija Lazoroski
fb007e9cc8
Agent: Initial refactoring of monkey including mocked puppet and a master
2021-11-25 17:17:23 +01:00
Ilija Lazoroski
44d3ad8586
Agent: Add realistic puppet exploit telemetry info and attempts
...
Fix logging consistency in mock master.
2021-11-25 17:14:24 +01:00
Mike Salvatore
137afa6473
Agent: Don't register new signal handler in monkey.py (for now)
...
The signal handler is not quite ready for prime time. Issue #1595 and
issue #1597 will need to be resolved before the signal handler can be
fully ready. For now, don't register the signal handler.
2021-11-24 13:46:18 -05:00
Mike Salvatore
d31fd2c811
Agent: Improve Windows signal handler
2021-11-24 13:42:28 -05:00
Mike Salvatore
e04e8d3177
Merge pull request #1628 from guardicore/1593-i-master
...
Add IMaster and MockMaster
2021-11-24 07:59:55 -05:00
Mike Salvatore
0ec8fca766
Agent: Add start/finish logging to phases of MockMaster execution
2021-11-24 07:45:40 -05:00
Mike Salvatore
8c36b1925f
Merge pull request #1629 from guardicore/1599-unused-python-dependencies
...
1599 unused python dependencies
2021-11-24 06:46:21 -05:00
VakarisZ
a3563b97a8
Merge pull request #1625 from guardicore/1599-unused-python-dependencies
...
1599 unused python dependencies
2021-11-24 13:07:58 +02:00
VakarisZ
8a88949d1a
Island: re-add cffi explicit requirement
...
Docker island is showing ModuleNotFoundError: No module named '_cffi_backend'without it
2021-11-24 11:12:34 +02:00
VakarisZ
474e1adbf5
Merge pull request #1627 from guardicore/1594-signal-handlers
...
Agent: register signal handlers
2021-11-24 10:54:53 +02:00
VakarisZ
3f7c4a8859
Agent: add a comment warning that windows will terminate the process 5s after CTRL_CLOSE_EVENT signal
...
The comment will warn us that in case that particular signal is raised, the cleanup shouldn't take longer than 5s
2021-11-24 10:52:55 +02:00
Mike Salvatore
73329e9729
Agent: Remove input() call in monkey.py
...
The call to input() was used to pause the execution of the agent while
testing the new signal handlers. It is no longer needed.
2021-11-24 10:52:55 +02:00
Mike Salvatore
6149ef630b
Agent: Improve signal handler log message
2021-11-24 10:52:55 +02:00
Mike Salvatore
068307f0eb
Agent: Handle window close event on Windows
2021-11-24 10:52:55 +02:00
Mike Salvatore
27ef06c546
Agent: Call IMaster.terminate() from signal handler
2021-11-24 10:52:55 +02:00
VakarisZ
9d36f20b42
Agent: register signal handlers
...
Agent will now handle interrupt and break signals on linux and windows
2021-11-24 10:52:55 +02:00
Shreya Malviya
e00fd64530
Agent: Fix PBA return value
2021-11-24 13:54:49 +05:30
Shreya Malviya
d0b9fca4d7
Agent: Fix return types and statements in mock puppet for PBA and exploiters
2021-11-24 13:54:49 +05:30
Shreya Malviya
57b710fb10
UT: Modify unit tests for ExploitTelem and PostBreachTelem based on previous changes
2021-11-24 13:54:49 +05:30