p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
11,391 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

11391 Commits

Author SHA1 Message Date
Mike Salvatore 563957f9c2 Island: Add NodeUpdateFacade.get_event_source_machine() 2022-10-07 10:38:12 -04:00
Mike Salvatore b6a6295ae8 Island: Remove disused agent_event_handlers/utils.py 
Replaced by NodeUpdateFacade
 2022-10-07 10:38:12 -04:00
Mike Salvatore e876682d84 Island: Use NodeUpdateFacade in ScanEventHandler 2022-10-07 10:38:12 -04:00
Mike Salvatore e77932f7d6 Island: Add NodeUpdateFacade 2022-10-07 10:38:12 -04:00
Mike Salvatore e1f32177e9 Island: Call get_or_create_target_machine() from ScanEventHandler 2022-10-07 10:38:12 -04:00
Mike Salvatore c4052bc5ad Island: Add utils.get_or_create_target_machine() 
Both ScanEventHandler and update_nodes_on_exploitation() will need this
functionality. Extracting it some place common.

I didn't put it into the MachineRepository because the semantics of
creating a machine if not found are likely specific to a small set of
use cases, rather than part of the general interface.
 2022-10-07 10:38:12 -04:00
Mike Salvatore a7d7c1a787 UT: Add missing __init__.py 2022-10-07 10:38:12 -04:00
vakarisz e54c950dc3 Island: Upsert node on TCP scan event if source of event don't exist 2022-10-07 17:21:28 +03:00
vakarisz d3c2d95a69 Island: Handle network services in TCP scan events 2022-10-07 16:12:01 +03:00
vakarisz c5c8bc1d2f Island: Add mongo_dot_encoder to encode "." characters 
This encoder will be needed in mongo repository, because mongodb can't handle keys with "." character (until version 5)
 2022-10-07 16:12:01 +03:00
vakarisz a96b82fa0f Island: Don't raise errors if machine upsert did no changes 
It doesn't make sense to raise an error if upsert did no changes, because the purpose of "upsert" method is to ensure that data is up-to-date. If no changes were made it means it's already up-to-date.
 2022-10-07 16:12:01 +03:00
vakarisz a143d7206e Island: Reuse the same open port logic in scan_event_handler.py 2022-10-07 16:11:59 +03:00
vakarisz d0d37ce595 Island: Update machine services with TCP scan event results 2022-10-07 16:08:35 +03:00
Mike Salvatore 6d60e33c1e Merge branch '2269-publish-events-for-mssql-exploiter' into develop 
PR #2401
 2022-10-07 08:46:40 -04:00
Mike Salvatore a558948c5d Agent: Remove unnecessary `pass` from MSSQLExploiter 2022-10-07 08:43:05 -04:00
Shreya Malviya 3b225a9c7d
Merge pull request #2376 from guardicore/dependabot/npm_and_yarn/monkey/monkey_island/cc/ui/d3-color-and-d3-3.1.0 
Bump d3-color and d3 in /monkey/monkey_island/cc/ui
 2022-10-07 18:01:53 +05:30
Mike Salvatore 79e8ce5f79 Island: Pass tuple, not set to upsert_tcp_connections() 
pydantic can probably handle the set -> tuple conversion itself, but
mypy complains.
 2022-10-07 07:44:49 -04:00
Mike Salvatore 0965b97d45 Island: Use ScanEvent for typehint in ScanEventHandler 
`event` gets passed to `_get_source_machine()`, which expects
`ScanEvent`, not `AbstractAgentEvent`
 2022-10-07 07:43:50 -04:00
Mike Salvatore 4c026241ea Island: Change method order in ScanEventHandler 2022-10-07 07:41:50 -04:00
VakarisZ 4709ae771b
Merge pull request #2400 from guardicore/2267-add-tcp-connections 
2267 add tcp connections
 2022-10-07 12:15:39 +03:00
vakarisz be4ecccdcd Island: Refactor get_node_by_id to raise UnknownRecordError 2022-10-07 10:05:06 +03:00
Mike Salvatore 77d37bdb21 Merge branch '2269-publish-events-from-log4shell-exploiter' into develop 
PR #2397
 2022-10-06 17:26:06 -04:00
Mike Salvatore 9c2cdf15e2 Agent: Add TODO in Log4ShellExploiter 2022-10-06 17:01:06 -04:00
Mike Salvatore ead979c6ca Agent: Add T1110 to Log4Shell exploiter tags 2022-10-06 16:54:02 -04:00
Mike Salvatore 03c6c5ea4b Agent: Remove unnecessary Path -> str in Log4ShellExploiter 2022-10-06 16:51:14 -04:00
Mike Salvatore eac3076828 Agent: Change typehint for build_monkey_commandline's location 
The function can handle str, PurePath, or None. This typehint change
reflects that capability
 2022-10-06 16:50:41 -04:00
Mike Salvatore 7bc9993c6f Agent: Reduce VICTIM_WAIT_SLEEP_TIME_SEC to 0.050 seconds 
1 second is a long time to wait, and we want our event timestamps to be
more accurate. 0.050 is 10 x sys.getswitchinterval(). It's reasonably
accurate but will also share the CPU nicely.
 2022-10-06 16:46:41 -04:00
Mike Salvatore 6bd7042444 Agent: Add VICTIM_WAIT_SLEEP_TIME_SEC constant in log4shell exlpoiter 2022-10-06 16:42:33 -04:00
Mike Salvatore d8fca72f28 Agent: Publish all prop/exploit events from _wait_for_victim() 2022-10-06 16:41:20 -04:00
Mike Salvatore b2c5b22128 Merge branch '2269-publish-events-from-powershell-exploiter' into develop 
PR #2402
 2022-10-06 12:45:13 -04:00
Mike Salvatore 8e3bf96589 Agent: Convert plaintext to str() 
get_plaintext() can return bytes. Convert the output to a str in
PowershellClient to avoid potential issues.
 2022-10-06 12:40:50 -04:00
Mike Salvatore 65dd386603 Agent: Collect timestamp before powershell connect 2022-10-06 12:39:37 -04:00
Mike Salvatore c4573673ce Agent: Rename timestamp -> execute_agent_timestamp 2022-10-06 12:39:11 -04:00
Ilija Lazoroski ac11d159fe Agent: Revise Powershell publishing of events 2022-10-06 16:03:15 +02:00
Mike Salvatore de9b5601d8
Merge branch 2269-publish-events-from-sshexec-exploiter into develop 
PR #2395
 2022-10-06 10:00:35 -04:00
Mike Salvatore c980bfd915 Agent: Move timestamp closer to ssh.exec_command() 2022-10-06 09:57:11 -04:00
Mike Salvatore 52380a2513 Agent: Publish exploitation event on unexpected SSH exception 2022-10-06 09:55:53 -04:00
Mike Salvatore 39bada5bb1 Agent: Move assignment outside of try/except 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 3bca02af59 Agent: Fix powershell tests 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 7d535c72d9 Agent: Publish powershell exploitation events 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 3bede2f9d1 Agent: Publish propagation events 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala bb6716df18 Common: Add attack technique T1059 2022-10-06 15:50:46 +02:00
vakarisz 8503e0f499 UT: Remove unused test data structures 2022-10-06 15:02:13 +03:00
Ilija Lazoroski ec617df06a Agent: Fix LocketHTTPServer mypy error in MSSQLExploiter 2022-10-06 13:53:17 +02:00
vakarisz 0d246a0479 Island: Rename add_tcp_connections to upsert_tcp_connections 2022-10-06 14:49:11 +03:00
Ilija Lazoroski 47846628e6 Agent: Modify MSSQL tags to be properties 2022-10-06 13:47:11 +02:00
vakarisz 3bc2e4876f Island: Handle missing node in add_tcp_connections 2022-10-06 14:45:56 +03:00
Kekoa Kaaikala 15974ff21c Agent: Stamp time before running exploit 2022-10-06 13:37:26 +02:00
Kekoa Kaaikala 66f8471f24 Agent: Remove "summary" event 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala e404416363 Agent: Use exploit tag properties 2022-10-06 13:35:18 +02:00