p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
8,607 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

8607 Commits

Author SHA1 Message Date
Mike Salvatore 353594f505
Merge pull request #2021 from guardicore/mssql-method-improvements 
MSSQL method improvements
 2022-06-15 10:25:10 -04:00
Mike Salvatore 4e71f4b6e4 Agent: Improve MSSQL command logging 2022-06-15 08:45:56 -04:00
Mike Salvatore 95acfc36ad Agent: Remove MSSQL temporary file and directory 
This temporary file was only needed when commands were subject to 128
character limit. Writing commands to a batch file and executing it was a
way to run larger commands. Now that we know single quotes circumvent
this limit, the temporary file and directory are no longer necessary.
 2022-06-15 08:37:54 -04:00
Mike Salvatore f9b3d7f5eb Agent: Move agent server methods within MSSQLExploiter 2022-06-15 08:33:18 -04:00
Mike Salvatore c2170ffc4a Agent: Rename run_agent() -> _run_agent() 2022-06-15 08:32:30 -04:00
Mike Salvatore e73c9307bf Agent: Add missing type hints to MSSQLExploiter 2022-06-15 08:16:32 -04:00
Mike Salvatore 7aca587964 Agent: Replace references to "monkey" with "agent" in MSSQLExploiter 2022-06-15 08:16:26 -04:00
Mike Salvatore 79fbd8b600 Agent: Remove stale comment 2022-06-15 08:15:49 -04:00
Mike Salvatore 339619cc56 Agent: Move _brute_force() 2022-06-15 08:15:49 -04:00
Mike Salvatore 04460e1d44 Agent: Encapsulate "monkey server" details in _upload_monkey() 2022-06-15 08:15:49 -04:00
Mike Salvatore 0204ba6343 Agent: Prefix protected methods in MSSQLExploiter with "_" 2022-06-15 08:15:49 -04:00
Mike Salvatore fd0a197b7f
Merge pull request #2020 from guardicore/2018-mangled-mssql-dropper-command 
2018 mangled mssql dropper command
 2022-06-15 08:15:22 -04:00
Mike Salvatore 62cc401981 Agent: Add a comment about escaping single quotes in SQL 2022-06-15 08:14:29 -04:00
Mike Salvatore ad1928db98
Merge pull request #2016 from guardicore/1996-agent-worm-config-decouple 
1996 agent worm config decouple
 2022-06-14 20:06:25 -04:00
Mike Salvatore 83a2a911e9 CHANGELOG: Add entry for malfomed MSSQL agent launch commands 2022-06-14 14:49:35 -04:00
Mike Salvatore 8d9a2c536f Agent: Reorder methods in MSSQLExploiter 2022-06-14 14:22:43 -04:00
Mike Salvatore 819262ef73 Agent: Remove disused "Payload" classes 2022-06-14 14:22:43 -04:00
Mike Salvatore a54eca96ba Agent: Remove disused MSSQLLimitedSizePayload 2022-06-14 14:22:43 -04:00
Mike Salvatore 0e2a63b6ac Agent: Remove disused run_mssql_commands() 2022-06-14 14:22:43 -04:00
Mike Salvatore ff83f41b4a Agent: Remove disused run_mssql_command() 2022-06-14 14:22:43 -04:00
Mike Salvatore 522e62ad14 Agent: Refactor MSSQL create directory commands 
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
 2022-06-14 14:22:43 -04:00
Mike Salvatore 7b356cf893 Agent: Refactor MSSQL run payload file commands 
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
 2022-06-14 14:22:43 -04:00
Mike Salvatore f349e1a334 Agent: Refactor MSSQL run agent commands 
Remove the dependency on the MSSQLLimitedSizePayload and use simple
methods like "_write_command_to_batch_file()".
 2022-06-14 14:22:43 -04:00
Mike Salvatore b2aa8333c3 Agent: Refactor MSSQL cleanup commands 
* Simplify!
    * Remove the dependency on MSSQLLimitedSizePayload.
    * Use f-strings
 2022-06-14 14:22:43 -04:00
Mike Salvatore 257c6b0b05 Agent: Refactor MSSQL agent download command 
The first step in exploitation is to instruct the victim to download the
agent. This commit refactors this code to remove the dependency on the
MSSQLLimitedSizePayload. To do this, it introduces
`_write_command_to_batch_file()` which will be reused by the agent
execution command.
 2022-06-14 14:22:43 -04:00
Mike Salvatore 7846a6cac1 Agent: Remove create_empty_payload_file() in MSSQLExploiter 
Since the commands are no longer split up into 128 character chunks,
it's simpler to just overwrite an existing file using `>` than to create
an empty file and append to it.
 2022-06-14 14:22:43 -04:00
Mike Salvatore ea980c4594 Agent: Use PureWindowsPath in MSSQLExploiter 
When using PurePath, Linux agents use the wrong path separator to build
Windows paths. Windows corrects this, so there's no actual issue, but
it's sloppy. Using PureWindowsPath objects creates the paths with the
correct separators

Before: xp_cmdshell "NUL>%temp%\tmp_monkey_dir/tmp_monkey.bat"
After: xp_cmdshell "NUL>%temp%\tmp_monkey_dir\tmp_monkey.bat"
 2022-06-14 14:22:43 -04:00
Mike Salvatore ef63f2699b Agent: Use single quotes to avoid 128 character limit 
The logic that splits up commands into 128 character chunks in
MSSQLExploiter is flawed, which results in malformed commands being
written to a batch file on the victim. By using single quotes instead of
double quotes, the 128 character limit is circumvented and there's no
longer any need to break up the commands. See #2018 for more details.

Fixes #2018
 2022-06-14 14:22:43 -04:00
Mike Salvatore 6db63d3c69 Agent: Add additional debug logging to MSSQLExploiter 2022-06-14 14:22:43 -04:00
Ilija Lazoroski 5ff617b811 UT: Pass MagicMock instead of instance of ControlClient 2022-06-14 16:53:16 +02:00
vakarisz e6e6587f46 Agent: Fix bugs in control.py 
Bugs happened because of incorrect indentation in the recent refactoring attempting to remove worm config dependency
 2022-06-14 16:50:26 +03:00
Mike Salvatore f1bc5f4707 Agent: Use f-strings in _connect_to_island() 2022-06-14 08:26:38 -04:00
Ilija Lazoroski ec2d736984 Agent: Add github permalink to BaseTelem in ControlClient 2022-06-14 12:55:33 +02:00
vakarisz 444b34d548 UT: Change send telemetry spy syntax in conftest.py 2022-06-14 12:14:27 +03:00
Ilija Lazoroski bbcac32172 Agent: Remove unused control channel from build_master 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 17a0be2fa0 Agent: Fix control_client_object TODOs 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 7fe6c170cd UT: Fix control client location 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 3c8530cf14 Agent: Rename cc_client to control_client 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 02a30e6950 Agent: Remove `current_server` option from custom_pba 2022-06-14 11:58:25 +03:00
Ilija Lazoroski df116e4fb7 Agent: Remove current_server and command_servers from WormConfiguration 2022-06-14 11:58:25 +03:00
Ilija Lazoroski c467dde145 Agent: Add control_client_object to ControlClient 
* Workaround global class attribute
 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 94dbd9a8e2 Agent: Add proxies to the initialization of ControlChannel 2022-06-14 11:58:25 +03:00
Ilija Lazoroski fb1a577823 Agent: Add control client proxies to tunnel telem initialization 2022-06-14 11:58:25 +03:00
Ilija Lazoroski 799ff3d6fd UT: Fix control client and custom pba tests 2022-06-14 11:58:25 +03:00
vakarisz a099f21f61 Agent: Initialize CustomPBA with a ControlClient object 
This is done to refactor ControlClient from a global
 2022-06-14 11:17:31 +03:00
vakarisz 049eb1b174 Agent: Add control client to the agent initialization 2022-06-14 11:17:27 +03:00
Mike Salvatore 133f7f5da1 Island: Add TODO about removing local_ips() 2022-06-13 13:01:57 -04:00
VakarisZ 3598b0d302
Merge pull request #2013 from guardicore/1998-remove-export_monkey_telems 
Remove `export_monkey_telems`
 2022-06-13 10:46:26 +03:00
Shreya Malviya 4947e540f2 Changelog: Add entry for removal of `export_monkey_telems` config option 2022-06-10 12:13:39 -07:00
Shreya Malviya f989fdff06 Project: Remove `export_monkey_telems` from Vulture's allowlist 2022-06-10 12:10:52 -07:00