Daniel Goldberg
|
df6dd194ca
|
Merge pull request #186 from guardicore/bugfix/consistent_flask_secret_key
Make flask session key consistent between sessions
|
2018-09-18 15:19:24 +03:00 |
Daniel Goldberg
|
6eb48c4445
|
See
https://stackoverflow.com/questions/27287391/why-not-generate-the-secret-key-every-time-flask-starts
|
2018-09-13 16:05:30 +03:00 |
itaymmguardicore
|
0518899475
|
Merge pull request #145 from guardicore/feature/support-common-folder
Feature/support common folder
|
2018-09-13 14:56:24 +03:00 |
Itay Mizeretz
|
080e3ab23d
|
Merge remote-tracking branch 'origin/develop' into feature/support-common-folder
# Conflicts:
# infection_monkey/transport/__init__.py
# monkey/infection_monkey/config.py
# monkey/infection_monkey/exploit/__init__.py
# monkey/infection_monkey/exploit/elasticgroovy.py
# monkey/infection_monkey/exploit/sambacry.py
# monkey/infection_monkey/exploit/struts2.py
# monkey/infection_monkey/exploit/tools.py
# monkey/infection_monkey/network/tcp_scanner.py
# monkey/infection_monkey/system_info/mimikatz_collector.py
# monkey/monkey_island/cc/ui/cfg/base.js
# monkey/monkey_island/cc/ui/cfg/defaults.js
# monkey/monkey_island/cc/ui/cfg/dev.js
# monkey/monkey_island/cc/ui/cfg/dist.js
# monkey/monkey_island/cc/ui/cfg/test.js
|
2018-09-09 14:43:03 +03:00 |
itaymmguardicore
|
95ee92ff08
|
Merge pull request #183 from VakarisZ/web_rce_bugfix
Improved error handling if firewall does not allow to open http server
|
2018-09-05 17:55:41 +03:00 |
itaymmguardicore
|
5ce902fecd
|
Merge pull request #120 from guardicore/feature/detect-cross-segment-traffic
Feature/detect cross segment traffic
|
2018-09-03 15:23:21 +03:00 |
Vakaris
|
f27f5cd919
|
Improved error handling if firewall does not allow to open http server
|
2018-08-30 15:42:07 +03:00 |
itaymmguardicore
|
66876fb970
|
Merge pull request #177 from acepace/feature/common-folder-import-rewrite
Rewrote config parsing
|
2018-08-30 15:00:55 +03:00 |
itaymmguardicore
|
686cca1723
|
Merge pull request #153 from guardicore/feature/async_scan
Opportunistic waiting, make get_tcp_ports O(timeout)
|
2018-08-30 15:00:33 +03:00 |
itaymmguardicore
|
62f6d7748b
|
Merge pull request #182 from VakarisZ/hadoop_rce
Hadoop with web_rce framework
|
2018-08-30 14:55:48 +03:00 |
Vakaris
|
c8e131d913
|
Added a space before bracket in report
|
2018-08-30 14:20:52 +03:00 |
Vakaris
|
49904d0cb0
|
Undone server's closing timeout, even though I think 60 is too much
|
2018-08-29 22:57:52 +03:00 |
Vakaris
|
818aae3a2c
|
Hadoop exploitation tested on windows and linux
|
2018-08-29 22:57:52 +03:00 |
Vakaris
|
568320c298
|
Refactored, notes fixed but file server still timeouts
|
2018-08-29 22:57:52 +03:00 |
Vakaris
|
02c27584da
|
Refactored according to latest web_rce framework changes
|
2018-08-29 22:57:30 +03:00 |
Vakaris
|
504281dbcb
|
quick-fix
|
2018-08-29 22:57:30 +03:00 |
Vakaris
|
390d94a8c3
|
Final tests, windows command changed
|
2018-08-29 22:57:30 +03:00 |
Vakaris
|
c7952dcbc5
|
Fixed reporting and upploading bugs
|
2018-08-29 22:57:30 +03:00 |
Vakaris
|
5674bebfa6
|
Core code written but nothing tested
|
2018-08-29 22:34:16 +03:00 |
Daniel Goldberg
|
f6cb7ab655
|
Fix possible empty initialization of scanner class.
Scanner now defaults to none, and we need to handle that case in the scanner.
|
2018-08-29 11:37:00 -04:00 |
itaymmguardicore
|
61592776e9
|
Merge pull request #181 from VakarisZ/elastic_with_framework
Elastic with framework
|
2018-08-29 17:40:51 +03:00 |
itaymmguardicore
|
bed482d70b
|
Merge pull request #169 from guardicore/feature/wrap-mimikatz-zip
Make mimikatz inside zip and extract only if config says so
|
2018-08-29 17:28:27 +03:00 |
Vakaris
|
a2bebca4bc
|
spaces removed
|
2018-08-29 17:20:43 +03:00 |
Daniel Goldberg
|
83b1933296
|
Remove subcasing for classes
|
2018-08-29 10:20:30 -04:00 |
Vakaris
|
477836e1c9
|
Blank newline added to match source file
|
2018-08-29 17:19:51 +03:00 |
Vakaris
|
304f5bd643
|
Removed unused commands
|
2018-08-29 17:14:55 +03:00 |
itaymmguardicore
|
91c37cc68f
|
Merge pull request #180 from VakarisZ/WebLogic_with_framework
Web logic with framework
|
2018-08-29 17:02:14 +03:00 |
Itay Mizeretz
|
cd020668ef
|
Add note regarding 7zip
|
2018-08-29 16:58:33 +03:00 |
Itay Mizeretz
|
5b6a9595f4
|
mimikatz zip is now in datas
|
2018-08-29 16:56:55 +03:00 |
Vakaris
|
4d6472cce1
|
Ports are now taken from elastic_fingerprint module
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
d4262ef0bd
|
Removed unused constants
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
56b3190cb5
|
Refactored elastic according to latest web_rce framework changes. Tested on windows and linux
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
76523e7379
|
Refactored elastic for latest framework changes
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
a54eedec11
|
Commands tested and working on windows.
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
7e2cc86ab9
|
Code cleaned and tested on ubuntu
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
8ddfb03f27
|
Uploaded and modified standard web_rce code usage.Not working, not tested
|
2018-08-29 16:55:35 +03:00 |
Vakaris
|
3f809403d1
|
Custom http server class moved to the end of file
|
2018-08-29 16:55:03 +03:00 |
itaymmguardicore
|
9317d0a805
|
Merge pull request #179 from VakarisZ/Struts2_with_framework
Struts2 with framework
|
2018-08-29 15:05:09 +03:00 |
itaymmguardicore
|
aab8f9295e
|
Merge pull request #178 from VakarisZ/WebRCE_Framework
Added functions get_monkey_paths and run_backup_commands
|
2018-08-29 15:01:12 +03:00 |
itaymmguardicore
|
7a5e53ee69
|
Merge pull request #176 from acepace/feature/support-common-folder-exploit-import
Feature/support common folder exploit import
|
2018-08-29 14:52:34 +03:00 |
Vakaris
|
57e795573e
|
Documented what's required and other minor changes
|
2018-08-29 14:43:40 +03:00 |
Vakaris
|
307a7c396c
|
Notes fixed and tested
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
39bb41ed25
|
Removed unused imports and tested
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
f001403a92
|
Fixed lock bug and made uploaded monkey names standard
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8e8422b3b7
|
Lock changed from singleton into local variable
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8fd42abd5d
|
Refactored according to final web_rce framework changes
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
10528c313d
|
Webblogic refactored to web RCE framework changes(from static methods into class methods)
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
66bc852742
|
Bugfix: http servers thread is stopped if remote target is not vulnerable
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
ab64e78f00
|
Core functions of Oracle weblogic rce
|
2018-08-29 14:43:39 +03:00 |
Vakaris
|
8af2ab70e7
|
Removed unused import statement
|
2018-08-29 14:42:40 +03:00 |