Commit Graph

7990 Commits

Author SHA1 Message Date
vakarisz 84a7d864b5 Agent: Remove timeouts from communicate_as_backdoor_user.py
Timeouts are removed from commands because timeouts are defined in popen instead
2022-03-31 11:41:23 -04:00
vakarisz 4ad07ae3ff Agent: Add timeouts in shell startup modification PBA's 2022-03-31 17:32:33 +03:00
Mike Salvatore 91f0a4e8ea UT: Remove stale TODOs in MockPuppet 2022-03-31 08:56:03 -04:00
vakarisz eae96c19b1 Agent: Handle pypykatz permission error 2022-03-31 08:03:41 -04:00
Mike Salvatore 32a9fe7bf9 Island: Fix import sorting in credentials.py 2022-03-30 13:55:35 -04:00
Mike Salvatore fda0411555 Island: Format with Black 2022-03-30 13:53:23 -04:00
Mike Salvatore 86b8cf63b9 Agent: Format with Black 2022-03-30 13:53:20 -04:00
Mike Salvatore 53d36a7a0c Common: Format with Black 2022-03-30 13:53:16 -04:00
Mike Salvatore 86cc565b65 UT: Remove unused imports 2022-03-30 13:45:09 -04:00
Mike Salvatore 3b4e762997 Agent: Remove unused imports 2022-03-30 13:44:47 -04:00
Mike Salvatore a8c222b610 Island: Reenable POST_BREACH_PROCESS_LIST_COLLECTION 2022-03-30 13:42:52 -04:00
Ilija Lazoroski f2b498d3c9 Project: Add upgrade to pipenv in Travis 2022-03-30 13:34:22 -04:00
Mike Salvatore bd5f51e31b
Merge pull request #1833 from guardicore/fix-ut-windows-bugs
Fix ut windows bugs
2022-03-30 11:00:35 -04:00
vakarisz 301284f4d0 UT: Fix windows bug in test_monkey_log_path.py
Bug was happening due to an attempt to delete a file with an unclosed handle
2022-03-30 17:58:13 +03:00
vakarisz 72984bb3e3 UT: Fix windows bug in test_t1107_telem.py 2022-03-30 16:53:16 +03:00
Mike Salvatore 581ece577d
Merge pull request #1818 from guardicore/1604-custom-pba
1604 custom pba
2022-03-30 09:40:44 -04:00
vakarisz 29a545a58f Agent: Move the decision if custom pba should run to master 2022-03-30 16:37:19 +03:00
vakarisz e855d2ed34 Agent: Remove unused pba properties in config.py 2022-03-30 16:07:14 +03:00
vakarisz 2e3a718469 Agent: Fix custom PBA related unit tests 2022-03-30 15:52:04 +03:00
vakarisz 1f31e96adb Agent: Make custom PBA related imports shorter 2022-03-30 15:52:02 +03:00
vakarisz 67543ef91a Agent: Add a custom PBA run check
We only want to run the custom PBA if commands are specified
2022-03-30 15:51:46 +03:00
vakarisz 079d768f73 Agent: Rename UsersPBA to CustomPBA for consistency 2022-03-30 15:51:44 +03:00
vakarisz 24915ba797 Agent: Load and fix the custom PBA into puppet 2022-03-30 15:51:24 +03:00
vakarisz 23b8c351fb Island, Agent: Add custom user PBA to puppet and master 2022-03-30 15:51:22 +03:00
Mike Salvatore ee0561a061 Agent: Move MockPuppet to unit test suite
The MockPuppet is now only used by the unit tests.
2022-03-30 07:39:34 -04:00
Mike Salvatore b5f65b16d7 Agent: Remove disused Puppet._mock_puppet attribute 2022-03-30 07:36:49 -04:00
Mike Salvatore 1f34a72421
Merge pull request #1828 from guardicore/1604-remove-dead-code
Remove dead code
2022-03-30 07:35:21 -04:00
Mike Salvatore 315471ab57 Agent: Remove disused WebRCE.target_url attribute 2022-03-30 07:33:53 -04:00
Mike Salvatore 9738430333 Project: Remove temporary agent-refactor vulture exceptions 2022-03-30 07:31:29 -04:00
Mike Salvatore 2c32c354ae Agent: Remove MockMaster
This mock has outlived its usefulness and can now be removed.
2022-03-30 07:20:37 -04:00
Mike Salvatore 73b678ae19 Agent: Remove redundant telemetry_messenger instantiation 2022-03-30 07:16:56 -04:00
Mike Salvatore 29b19a667b Swimm: update exercise Implement a new PBA — VW4rf3AxRslfT7lwaug7 2022-03-30 07:16:35 -04:00
Shreya Malviya 6c59c54739 UI: Fix logic in PostBreachParser.js for process list collection PBA 2022-03-30 15:59:46 +05:30
VakarisZ 896755f54d
Merge pull request #1829 from guardicore/1604-modify-puppet-to-run-pbas
PBA modifications so they run
2022-03-30 12:09:37 +03:00
Shreya Malviya ca0972f847 Agent: Pass None to telemetry_messenger arg in nested PBA classes
This is not the most ideal way but it gets the job done without the unnecessary complexity of passing the telemetry messenger through different classes and functions when it's not needed.
2022-03-30 14:01:12 +05:30
Shreya Malviya 3f01b9bcac Agent: Pass telemetry_messenger to PBA constructors where it was missing 2022-03-30 13:52:53 +05:30
Shreya Malviya a2bad110a1 Agent: Modify PBA base class to return pba_data and not None 2022-03-30 13:46:09 +05:30
Shreya Malviya 501d32b171 Agent: Modify master to pass PostBreachData to PostBreachTelem 2022-03-30 13:44:38 +05:30
Shreya Malviya 9f8463f707 Agent: Modify PBA base class to accept options in its run method 2022-03-30 13:42:58 +05:30
Shreya Malviya 0be6af2d5c Agent: Modify clear command history PBA to return pba_data and not None 2022-03-30 13:42:17 +05:30
Shreya Malviya 40b1ae0058 Agent: Modify puppet to run PBAs instead of using the mock puppet 2022-03-30 13:37:47 +05:30
Shreya Malviya 296a91a458 Agent: Remove unused file post_breach_handler.py 2022-03-30 12:29:35 +05:30
Shreya Malviya 99b621f2c8 Project: Add config's post_breach_actions to Vulture's allowlist 2022-03-30 12:29:27 +05:30
Shreya Malviya 31d9f04fe7 Agent: Remove leftover WormConfiguration code from HostExploiter 2022-03-30 12:28:29 +05:30
Mike Salvatore 394088e39d BB: Reduce DELAY_BETWEEN_ANALYSIS 2022-03-29 16:10:20 -04:00
Mike Salvatore d596e8c593 Agent: Rename typing to custom_types
Naming the module "typing" and then importing from "typing" within the
module itself caused some confusion for python and resulted in failed
builds.
2022-03-29 14:28:16 -04:00
Mike Salvatore 8733d3f6c4 Swimm: update exercise Implement a new PBA — VW4rf3AxRslfT7lwaug7 2022-03-29 14:28:12 -04:00
Mike Salvatore 52ff1e894a Swimm: update exercise Add a new Post Breach Action (PBA) afMu3y3ny5lnrYFWl3EI 2022-03-29 14:28:07 -04:00
Mike Salvatore 2992d91f16
Merge pull request #1817 from guardicore/1801-credentials-store
1801 credentials store
2022-03-29 13:54:32 -04:00
Ilija Lazoroski 6ab7bd2f45 Agent, UT: Remove leftover that cause overwrite in CredentialsStore
* Use `add` instead of `update` - `add` doesn't let to have duplicates
* Move TestTelem to conftest in UT telemetry messenger
2022-03-29 19:53:39 +02:00