Commit Graph

7710 Commits

Author SHA1 Message Date
vakaris_zilius 41278c8044 Agent: Make log4shell interruptable 2022-03-21 15:04:24 +00:00
Mike Salvatore b1716e9457
Merge pull request #1791 from guardicore/1611-interruptable-powershell
1611 Make powershell exploiter interruptable
2022-03-21 10:27:01 -04:00
Mike Salvatore cda113d291 Agent: Check _signal_handler before resetting on Windows
We don't need to call win32api.SetConsoleCtrlHandler if _signal_handler
is None (i.e. was never set).
2022-03-21 10:21:10 -04:00
Mike Salvatore a2ac2658ed Agent: Initialize self._master = None 2022-03-21 10:19:54 -04:00
Mike Salvatore 7a1fcced2f Agent: Extract method _set_interrupted() from is_interrupted() 2022-03-21 09:09:15 -04:00
Mike Salvatore b0f03179c1 Agent: Add `interrupted` boolean to ExploiterResultData
Setting an interrupted flag on the ExploiterResultData is a more useful
way to present the information to anything that uses it. If decisions
need to be made based on whether or not something was interrupted, a
flag can be checked instead of parsing an error message.
2022-03-21 09:00:43 -04:00
Mike Salvatore 83b18debc0 Agent: Remove InterruptError and use `if` instead 2022-03-21 09:00:43 -04:00
vakaris_zilius f50f4cf71c Agent: Add interrupt error message to powershell results 2022-03-21 09:00:43 -04:00
vakaris_zilius 02154e38fd Agent: Make powershell exploiter interruptable 2022-03-21 09:00:43 -04:00
Mike Salvatore 61344f9861
Merge pull request #1792 from guardicore/1741-add-smb-to-puppet
1741 add smb to puppet
2022-03-21 08:16:24 -04:00
Mike Salvatore 75ea2c8c3a Docs: Remove reference to example.conf 2022-03-21 08:15:25 -04:00
Mike Salvatore 896a9171ac Agent: Add missing 'f' to f-string 2022-03-21 08:14:01 -04:00
Mike Salvatore cadc23d8a5 Agent: Only start/stop tunnel if the agent is able to propagate
Starting and stopping the tunnel is slow, and only necessary if the
agent plans to propagate. If depth < 1, propagation will not occur, so
there's no point in having a tunnel open. If a `-d` parameter is not
supplied to the agent, the tunnel will be started.
2022-03-21 08:11:19 -04:00
Mike Salvatore 7e4ec00454 Agent: Add error message to exploit_result when SMB exploiter gives up 2022-03-21 07:21:05 -04:00
Mike Salvatore 9ca8bc1a60 Agent: Remove example.conf
This file is out of date and an unnecessary maintenance burden.
2022-03-21 07:16:22 -04:00
Mike Salvatore 89bda5ae87 Agent: Improve logging in SMBExploiter 2022-03-21 07:15:47 -04:00
VakarisZ fe7c7d5d9c
Merge pull request #1793 from guardicore/agent-log-timestamp-ordering
Agent log timestamp ordering
2022-03-21 07:46:04 +00:00
Mike Salvatore 96c8072c21 Docs: Update agent log naming scheme to put timestamp before random 2022-03-20 20:40:43 -04:00
Mike Salvatore 753f00de65 Agent: Put timestamp before random string in log names
Putting the timestamp before the random string in the agent and dropper
log names allows them to be sorted by time.
2022-03-20 20:40:35 -04:00
Mike Salvatore 9b66b98428 Island: Move smb_service into exploit.properties.smb_service 2022-03-20 19:39:39 -04:00
Mike Salvatore 9532aba033 Agent: Improve logging around SCM connection attempts 2022-03-18 13:38:02 -04:00
Mike Salvatore 75dd26b3df Agent: Handle case where SMB service already exists in SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore abb05730b8 Agent: Remove unnecessary __init__() from SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore c3ffd91990 Agent: Load SMBExploiter into the puppet 2022-03-18 13:38:02 -04:00
Mike Salvatore d56a6e23db Agent: Remove disused {try,}get_target_monkey() 2022-03-18 13:38:02 -04:00
Mike Salvatore f3d4f972a0 Agent: Remove disused MonkeyHTTPServer 2022-03-18 13:38:02 -04:00
Mike Salvatore 732568b34f Agent: Remove disused get_monkey_depth() 2022-03-18 13:38:02 -04:00
Mike Salvatore 8eace7c736 Agent: Return ExploitResultData from SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore eddb9d527f Agent: Remove dependency on SMBFingerprinter from SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore df24d4ab6a Agent: Use self.telemetry_messenger in SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore 4a10882bcc Agent: Remove disused methods and attributes from WormConfiguration 2022-03-18 13:38:02 -04:00
Mike Salvatore 32491d5998 Agent: Remove logging of sensitive data from SmbTools 2022-03-18 13:38:02 -04:00
Mike Salvatore 396dd0fca6 Agent: Rename SmbExploiter SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore 6fda2691e5 Agent: Remove dependency on WormConfig from SmbExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore 415f3e6468 Agent: Remove smb_service_name configuration option
This option is never changed and can be more easily stored as a
constant.
2022-03-18 13:38:02 -04:00
VakarisZ 6c1a4faf3a
Merge pull request #1790 from guardicore/1611-interruptible-mssql
1611 interruptible mssql
2022-03-18 14:33:13 +00:00
Mike Salvatore a247fa954c Agent: Use LONG_REQUEST_TIMEOUT for LOGIN_TIMEOUT in MSSQLExploiter 2022-03-18 10:12:34 -04:00
Mike Salvatore df5a0fe119 Agent: Make MSSQLExploiter interruptible 2022-03-18 08:29:44 -04:00
Mike Salvatore 0ffe023a9f Agent: Add a query timeout to pymssql.connect() 2022-03-18 08:29:44 -04:00
Mike Salvatore 33f2bac275
Merge pull request #1785 from guardicore/1611-interruptable-exploiters
1611 interruptable exploiters
2022-03-18 08:28:52 -04:00
vakarisz bf6d856015 Agent: Remove interrupt check after agent upload in wmiexec.py 2022-03-18 14:27:30 +02:00
vakarisz 13e5c03cf9 Agent: Add interrupt check before/after agent upload in wmiexec.py 2022-03-18 14:14:22 +02:00
vakaris_zilius bd07459dab Agent: Fix typos and comments in WMI and HostExploiter.py 2022-03-18 08:44:35 +00:00
vakaris_zilius b70144f5e1 Agent: Remove remote check for running monkey in WMI exploiter 2022-03-18 08:43:28 +00:00
Mike Salvatore 54bbe8bf2f Agent: Add WMI error message to results if exploit failed 2022-03-17 12:46:08 -04:00
Mike Salvatore 040a23546c Agent: Add a comment about Impacket timeouts 2022-03-17 12:45:37 -04:00
Mike Salvatore a002c96bc6 Agent: Add interrupt to powershell tests 2022-03-17 10:45:56 -04:00
vakaris_zilius 6bdd5ef179 Agent, UI: Improve style with small changes in interrupt code 2022-03-17 10:35:53 -04:00
vakaris_zilius 1d74864092 Island: Fix agent stopping bugs
2 bugs fixed: UI used miliseconds instead of seconds and island kept stopping monkeys, but it should only stop monkey once to not prevent more runs
2022-03-17 10:35:53 -04:00
vakaris_zilius 1c79efc941 Agent: Log why exploiter got interrupted when stopped 2022-03-17 10:35:53 -04:00