vakarisz
84a7d864b5
Agent: Remove timeouts from communicate_as_backdoor_user.py
...
Timeouts are removed from commands because timeouts are defined in popen instead
2022-03-31 11:41:23 -04:00
vakarisz
4ad07ae3ff
Agent: Add timeouts in shell startup modification PBA's
2022-03-31 17:32:33 +03:00
Mike Salvatore
91f0a4e8ea
UT: Remove stale TODOs in MockPuppet
2022-03-31 08:56:03 -04:00
vakarisz
eae96c19b1
Agent: Handle pypykatz permission error
2022-03-31 08:03:41 -04:00
Mike Salvatore
32a9fe7bf9
Island: Fix import sorting in credentials.py
2022-03-30 13:55:35 -04:00
Mike Salvatore
fda0411555
Island: Format with Black
2022-03-30 13:53:23 -04:00
Mike Salvatore
86b8cf63b9
Agent: Format with Black
2022-03-30 13:53:20 -04:00
Mike Salvatore
53d36a7a0c
Common: Format with Black
2022-03-30 13:53:16 -04:00
Mike Salvatore
86cc565b65
UT: Remove unused imports
2022-03-30 13:45:09 -04:00
Mike Salvatore
3b4e762997
Agent: Remove unused imports
2022-03-30 13:44:47 -04:00
Mike Salvatore
a8c222b610
Island: Reenable POST_BREACH_PROCESS_LIST_COLLECTION
2022-03-30 13:42:52 -04:00
Ilija Lazoroski
f2b498d3c9
Project: Add upgrade to pipenv in Travis
2022-03-30 13:34:22 -04:00
Mike Salvatore
bd5f51e31b
Merge pull request #1833 from guardicore/fix-ut-windows-bugs
...
Fix ut windows bugs
2022-03-30 11:00:35 -04:00
vakarisz
301284f4d0
UT: Fix windows bug in test_monkey_log_path.py
...
Bug was happening due to an attempt to delete a file with an unclosed handle
2022-03-30 17:58:13 +03:00
vakarisz
72984bb3e3
UT: Fix windows bug in test_t1107_telem.py
2022-03-30 16:53:16 +03:00
Mike Salvatore
581ece577d
Merge pull request #1818 from guardicore/1604-custom-pba
...
1604 custom pba
2022-03-30 09:40:44 -04:00
vakarisz
29a545a58f
Agent: Move the decision if custom pba should run to master
2022-03-30 16:37:19 +03:00
vakarisz
e855d2ed34
Agent: Remove unused pba properties in config.py
2022-03-30 16:07:14 +03:00
vakarisz
2e3a718469
Agent: Fix custom PBA related unit tests
2022-03-30 15:52:04 +03:00
vakarisz
1f31e96adb
Agent: Make custom PBA related imports shorter
2022-03-30 15:52:02 +03:00
vakarisz
67543ef91a
Agent: Add a custom PBA run check
...
We only want to run the custom PBA if commands are specified
2022-03-30 15:51:46 +03:00
vakarisz
079d768f73
Agent: Rename UsersPBA to CustomPBA for consistency
2022-03-30 15:51:44 +03:00
vakarisz
24915ba797
Agent: Load and fix the custom PBA into puppet
2022-03-30 15:51:24 +03:00
vakarisz
23b8c351fb
Island, Agent: Add custom user PBA to puppet and master
2022-03-30 15:51:22 +03:00
Mike Salvatore
ee0561a061
Agent: Move MockPuppet to unit test suite
...
The MockPuppet is now only used by the unit tests.
2022-03-30 07:39:34 -04:00
Mike Salvatore
b5f65b16d7
Agent: Remove disused Puppet._mock_puppet attribute
2022-03-30 07:36:49 -04:00
Mike Salvatore
1f34a72421
Merge pull request #1828 from guardicore/1604-remove-dead-code
...
Remove dead code
2022-03-30 07:35:21 -04:00
Mike Salvatore
315471ab57
Agent: Remove disused WebRCE.target_url attribute
2022-03-30 07:33:53 -04:00
Mike Salvatore
9738430333
Project: Remove temporary agent-refactor vulture exceptions
2022-03-30 07:31:29 -04:00
Mike Salvatore
2c32c354ae
Agent: Remove MockMaster
...
This mock has outlived its usefulness and can now be removed.
2022-03-30 07:20:37 -04:00
Mike Salvatore
73b678ae19
Agent: Remove redundant telemetry_messenger instantiation
2022-03-30 07:16:56 -04:00
Mike Salvatore
29b19a667b
Swimm: update exercise Implement a new PBA — VW4rf3AxRslfT7lwaug7
2022-03-30 07:16:35 -04:00
Shreya Malviya
6c59c54739
UI: Fix logic in PostBreachParser.js for process list collection PBA
2022-03-30 15:59:46 +05:30
VakarisZ
896755f54d
Merge pull request #1829 from guardicore/1604-modify-puppet-to-run-pbas
...
PBA modifications so they run
2022-03-30 12:09:37 +03:00
Shreya Malviya
ca0972f847
Agent: Pass None to telemetry_messenger arg in nested PBA classes
...
This is not the most ideal way but it gets the job done without the unnecessary complexity of passing the telemetry messenger through different classes and functions when it's not needed.
2022-03-30 14:01:12 +05:30
Shreya Malviya
3f01b9bcac
Agent: Pass telemetry_messenger to PBA constructors where it was missing
2022-03-30 13:52:53 +05:30
Shreya Malviya
a2bad110a1
Agent: Modify PBA base class to return pba_data and not None
2022-03-30 13:46:09 +05:30
Shreya Malviya
501d32b171
Agent: Modify master to pass PostBreachData to PostBreachTelem
2022-03-30 13:44:38 +05:30
Shreya Malviya
9f8463f707
Agent: Modify PBA base class to accept options in its run method
2022-03-30 13:42:58 +05:30
Shreya Malviya
0be6af2d5c
Agent: Modify clear command history PBA to return pba_data and not None
2022-03-30 13:42:17 +05:30
Shreya Malviya
40b1ae0058
Agent: Modify puppet to run PBAs instead of using the mock puppet
2022-03-30 13:37:47 +05:30
Shreya Malviya
296a91a458
Agent: Remove unused file post_breach_handler.py
2022-03-30 12:29:35 +05:30
Shreya Malviya
99b621f2c8
Project: Add config's post_breach_actions to Vulture's allowlist
2022-03-30 12:29:27 +05:30
Shreya Malviya
31d9f04fe7
Agent: Remove leftover WormConfiguration code from HostExploiter
2022-03-30 12:28:29 +05:30
Mike Salvatore
394088e39d
BB: Reduce DELAY_BETWEEN_ANALYSIS
2022-03-29 16:10:20 -04:00
Mike Salvatore
d596e8c593
Agent: Rename typing to custom_types
...
Naming the module "typing" and then importing from "typing" within the
module itself caused some confusion for python and resulted in failed
builds.
2022-03-29 14:28:16 -04:00
Mike Salvatore
8733d3f6c4
Swimm: update exercise Implement a new PBA — VW4rf3AxRslfT7lwaug7
2022-03-29 14:28:12 -04:00
Mike Salvatore
52ff1e894a
Swimm: update exercise Add a new Post Breach Action (PBA) afMu3y3ny5lnrYFWl3EI
2022-03-29 14:28:07 -04:00
Mike Salvatore
2992d91f16
Merge pull request #1817 from guardicore/1801-credentials-store
...
1801 credentials store
2022-03-29 13:54:32 -04:00
Ilija Lazoroski
6ab7bd2f45
Agent, UT: Remove leftover that cause overwrite in CredentialsStore
...
* Use `add` instead of `update` - `add` doesn't let to have duplicates
* Move TestTelem to conftest in UT telemetry messenger
2022-03-29 19:53:39 +02:00