Mike Salvatore
0a6ced443c
Agent: Reduce smb_download_timeout to 30 seconds
2022-03-09 10:00:20 -05:00
vakarisz
7e6f1df3f5
Agent: Make thread name mandatory for creating daemon threads
2022-03-09 16:55:22 +02:00
vakarisz
83c25c6469
Agent: Refactor generate_brute_force_combinations
2022-03-09 16:51:15 +02:00
vakaris_zilius
130c62a5c2
Agent: add a wrapper for wmi_tools users
...
Add a dedicated wrapper to make sure that wmi_tools users don't run into race conditions
2022-03-09 16:38:52 +02:00
Mike Salvatore
e5acdf4cb7
Agent: Fix formatting in utils/brute_force.py with Black
2022-03-09 16:38:52 +02:00
Mike Salvatore
66d9549507
Agent: Add human-readable thread names to AutomatedMaster
2022-03-09 16:38:52 +02:00
Mike Salvatore
847c7fbf9b
Agent: Add human-readable thread name to aws_environment_check
2022-03-09 16:38:52 +02:00
Mike Salvatore
87dbe20c23
Agent: Add human-readable thread name to MonkeyTunnel
2022-03-09 16:38:52 +02:00
Mike Salvatore
f9a7672767
Agent: Add optional name to create_daemon_thread and run_worker_threads
2022-03-09 16:38:52 +02:00
Mike Salvatore
b34c287238
Agent: Log thread name instead of thread ID
2022-03-09 16:38:52 +02:00
vakaris_zilius
3dc8ef606c
Agent: add lock to wmi tools
...
impacket libraries used for WMI are not designed for multithreading
2022-03-09 16:38:52 +02:00
vakaris_zilius
16535e06c7
Agent: fix a bug in WMI exploiter related to depth
2022-03-09 16:38:52 +02:00
vakaris_zilius
4ce731c769
Agent: generate brute force credentials from exploiter options
...
All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
2022-03-09 16:38:52 +02:00
vakarisz
4e7e4a9eee
Agent: replace get_monkey_depth with self.current_depth
2022-03-09 16:38:52 +02:00
vakarisz
dc1a2ab1c1
Agent: move brute-force input generation from wmiexec to brute_force
2022-03-09 16:38:52 +02:00
Mike Salvatore
77f58b942b
Agent: Remove monkeyfs references in smb_tools.py
2022-03-09 16:38:52 +02:00
Mike Salvatore
f57977dd53
Agent: Add missing return to WmiExploiter
2022-03-09 16:38:52 +02:00
Mike Salvatore
98f8a5b48a
Agent: Fix malformed WMI query in WMIExploiter
2022-03-09 16:38:52 +02:00
Mike Salvatore
e76b46c8ca
Island: Add smb_download_timeout to SMB and WMI exploiter options
2022-03-09 16:38:52 +02:00
Mike Salvatore
6862ef39ee
Agent: Load WMIExploiter into puppet
2022-03-09 16:38:52 +02:00
vakarisz
aa5220b04a
Agent: modify wmiexec.py to return ExploitResultData
2022-03-09 16:38:52 +02:00
vakarisz
c932a19b47
Agent: decouple wmiexec.py from WormConfig object
2022-03-09 16:38:52 +02:00
vakarisz
d7e222c8a8
Agent: improve logging in wmiexec.py
2022-03-09 16:38:52 +02:00
vakarisz
af9736a8ea
Agent: added a todo to assess smb connection timeout
2022-03-09 16:38:52 +02:00
vakarisz
afc43ae806
Agent: fix a bug in wmi_tools
...
Fix a bug in wmi connection cleanup where incorrect keys were being used on a dictionary
2022-03-09 16:38:51 +02:00
Mike Salvatore
4832bc12d9
Merge pull request #1764 from guardicore/scan-depth
...
Scan depth
2022-03-07 12:37:20 -05:00
Mike Salvatore
1de449351e
Merge pull request #1765 from guardicore/1755-fix-hadoop-cmd
...
Agent: Prevent overwriting hadoop linux agent
2022-03-07 12:37:02 -05:00
Mike Salvatore
c886daba8a
Agent: Increase detail of HADOOP_LINUX_COMMAND comment
2022-03-07 12:35:52 -05:00
Mike Salvatore
aef3de1e8e
Agent: Remove special depth processing from WormConfiguration
2022-03-07 10:30:19 -05:00
Mike Salvatore
524b97078d
Agent: Pass current depth to AutomatedMaster
2022-03-07 10:30:17 -05:00
Mike Salvatore
7cae4d6dec
Agent: Pass depth to exploiters
2022-03-07 10:25:53 -05:00
Mike Salvatore
41287d458b
Agent: Don't propagate if depth == 0
2022-03-07 10:25:53 -05:00
Mike Salvatore
fd2143a4df
Agent: Re-raise exceptions in HostExploiter
...
The AutomatedMaster can't process the exceptions if the HostExploiter
swallows them. The HostExploiter can log and re-raise the exceptions so
they can be processed by the AutomatedMaster.
2022-03-07 10:24:22 -05:00
Ilija Lazoroski
c802f21756
Agent: Prevent overwriting hadoop linux agent
...
Because hadoop is re-requesting agents, we don't get the
agent if it already there, if it has size 0 and if it exists
we remove it.
2022-03-07 15:40:15 +01:00
Mike Salvatore
00829ac094
Agent: Add TODOs to AutomatedMaster
2022-03-07 06:20:34 -05:00
Mike Salvatore
754402c69d
Agent: Gracefully handle unexpected exceptions when running exploiters
2022-03-07 06:16:23 -05:00
Mike Salvatore
e58d06b91e
Merge pull request #1757 from guardicore/1736-add-log4shell-to-puppet
...
Add Log4Shell to puppet
2022-03-07 05:52:21 -05:00
Mike Salvatore
0e01264bb6
Agent: Make do_GET() and inner function of _get_new_http_handler_class
2022-03-07 05:21:48 -05:00
Mike Salvatore
95be74ed81
Agent: Reorder exploit_class_http_server.py
2022-03-07 05:18:28 -05:00
Mike Salvatore
c4f971ff33
Agent: Add comment to _get_new_http_handler_class()
2022-03-07 05:16:46 -05:00
Mike Salvatore
3698a28e26
Agent: Add return type annotation to remove_monkey_dir()
2022-03-07 05:13:48 -05:00
Mike Salvatore
ca485bf569
Agent: Return temporary monkey_dir as Path instead of str
2022-03-07 05:13:46 -05:00
Mike Salvatore
efa0c5beb4
Agent: Format HTTPFingerprinter with Black
2022-03-04 17:05:35 -05:00
Mike Salvatore
bf998f5021
Agent: Fix HTTPHandler class name in ExploitClassHTTPServer
2022-03-04 17:03:37 -05:00
Mike Salvatore
df495f98c7
Agent: Fix twisted import parallelization bug
2022-03-03 14:49:39 -05:00
Mike Salvatore
93415cf2c8
Agent: Add TODO to Log4ShellExploiter
2022-03-03 14:40:41 -05:00
Mike Salvatore
515edf265a
Island: Add helpful logging to MonkeyDownload resource
2022-03-03 13:48:18 -05:00
Mike Salvatore
928192b9b0
Agent: Add helpful debug logging to log4shell exploiter
2022-03-03 13:48:00 -05:00
Mike Salvatore
d3c75200fd
Agent: Remove SystemInfoCollector references from dropper.py
2022-03-03 11:31:11 -05:00
vakarisz
b20abad0b6
Island: change manual run commands to target /os download endpoints
...
Now monkey agents are downloaded not by name, but by os, so url's had to change
2022-03-03 17:42:10 +02:00