Commit Graph

7546 Commits

Author SHA1 Message Date
Mike Salvatore 453dc21074
Merge pull request #1773 from guardicore/1737-add-zerologon-to-puppet
1737 add zerologon to puppet
2022-03-11 08:53:12 -05:00
Mike Salvatore 527c43a3f8 Agent: Add leading zero to single digits in worker thread names 2022-03-10 20:37:35 -05:00
Mike Salvatore dd2168e838 Agent: Log exception information on dcom.disconnect() key error 2022-03-10 12:00:27 -05:00
Ilija Lazoroski 302718c4d4 Agent: Change monkey log argument to 'agent' 2022-03-10 16:05:31 +01:00
vakaris_zilius 2c74967d71 UI: fix exploit timeline bug in map page
Fixes #1769
2022-03-10 10:04:57 -05:00
Mike Salvatore f279cc5e99
Merge pull request #1767 from guardicore/1761-rename-log-files
1761 rename log files
2022-03-10 09:27:39 -05:00
Mike Salvatore 452252c5c9 Docs: Update information about agent log storage locations 2022-03-10 09:25:03 -05:00
Mike Salvatore 8b4d1d084e Changelog: Improve message for removing log path config options 2022-03-10 09:11:06 -05:00
Mike Salvatore 45936c2f79 Agent: Remove unnecessary expandvars() in _get_log_path() 2022-03-10 09:07:38 -05:00
Mike Salvatore 2d2338f1f6 Agent: Log the path of the log file to stdout 2022-03-10 09:07:38 -05:00
Mike Salvatore 02accde812 UT: Add tests for get_{agent,dropper}_log_path() 2022-03-10 09:07:36 -05:00
Mike Salvatore 17c3fa02b3 Agent: Return agent/dropper log path as a Path instead of str 2022-03-10 09:07:18 -05:00
Mike Salvatore 96069d3ae6 Agent: Wrap get_log_path() with easier to use functions 2022-03-10 09:06:05 -05:00
Ilija Lazoroski 0947e41ea9 Changelog: Add entry for changing log file name 2022-03-10 12:39:50 +01:00
Ilija Lazoroski 52617cfcdc Docs: Change monkey log filename 2022-03-10 12:38:10 +01:00
Ilija Lazoroski 3c745f697f Agent, UI: Remove internal-logging from config
The config is called after the log path is set,
so the logging config had no affect on the
log path.
2022-03-10 11:51:33 +01:00
vakaris_zilius d9ee377945 Agent: fix access denied error handling in wmi_tools.py 2022-03-10 10:18:35 +00:00
Mike Salvatore 27e3cc6b4c Agent: Add @wraps to WmiTools decorators 2022-03-09 15:21:46 -05:00
Mike Salvatore 720768e25d Agent: Add debug logging to decorators in WmiTools 2022-03-09 14:45:49 -05:00
vakaris_zilius 2c8aef6d80 Island: remove unused node states
Exploited node state is no longer used, returning it in the list caused errors on the ui
2022-03-09 15:55:38 +00:00
vakaris_zilius a8018a7956 Agent: Add impacket_user decorator to the zerologon
impacket_user decorator will awoid race conditions with other exploiters using wmi tools
2022-03-09 15:54:23 +00:00
Ilija Lazoroski 71328ea2b1 Agent, Island: User friendly log name
* Configurable log directories
* Random component to the log file
* 'infection-monkey-<monkey-arg>-<random-str>-<timestamp>.log'
2022-03-09 16:49:32 +01:00
Shreya Malviya a3eb0bc6f2 Island: Remove unused `set_node_group()` in NodeService 2022-03-09 10:21:52 -05:00
Shreya Malviya 5e3829aab3 Island: Add field `propagated` to node and rename image files 2022-03-09 10:21:52 -05:00
Shreya Malviya d6fe9c2ef2 Agent: Remove `add_extracted_creds_to_exploiter_options()` from Zerologon exploiter 2022-03-09 10:21:52 -05:00
Mike Salvatore 8bc6086e1a Agent: Correctly set propagation/exploitation status in Zerologon 2022-03-09 10:21:52 -05:00
Mike Salvatore 0d5fcf7fbf Agent: Fix name of self.telemetry_messenger in ZerologonExploiter 2022-03-09 10:21:52 -05:00
Mike Salvatore 118c2abaee Agent: Load ZerologonExploiter into the puppet 2022-03-09 10:21:51 -05:00
vakarisz c322446aee Agent: use exploit_results in zerologon 2022-03-09 10:20:45 -05:00
vakarisz 325e58cea2 Agent: explicitly specify some timeouts in zerologon exploiter 2022-03-09 10:20:45 -05:00
Shreya Malviya 5ec05d5617 UT: Fix Zerologon UTs 2022-03-09 10:20:45 -05:00
Shreya Malviya a927879334 Agent: Remove `host` from Zerologon exploiter's constructor 2022-03-09 10:20:45 -05:00
Shreya Malviya 040227286a Agent: Send extracted creds as CredentialTelemetry from Zerologon exploiter 2022-03-09 10:20:45 -05:00
Shreya Malviya aee3566a0c Agent: Remove WormConfiguration references in Zerologon exploiter 2022-03-09 10:20:45 -05:00
Shreya Malviya 08cbf75b5f Agent: Remove credential hashes in logging in Zerologon exploiter 2022-03-09 10:20:45 -05:00
Mike Salvatore cbaa3256dd
Merge pull request #1766 from guardicore/1742-wmi-exploiter
1742 add wmi exploiter to puppet
2022-03-09 10:17:54 -05:00
Mike Salvatore 03145a1392 Changelog: Add changelog entry for human-readable thread names 2022-03-09 10:04:45 -05:00
Mike Salvatore 0a6ced443c Agent: Reduce smb_download_timeout to 30 seconds 2022-03-09 10:00:20 -05:00
vakarisz 7e6f1df3f5 Agent: Make thread name mandatory for creating daemon threads 2022-03-09 16:55:22 +02:00
vakarisz 83c25c6469 Agent: Refactor generate_brute_force_combinations 2022-03-09 16:51:15 +02:00
vakaris_zilius 130c62a5c2 Agent: add a wrapper for wmi_tools users
Add a dedicated wrapper to make sure that wmi_tools users don't run into race conditions
2022-03-09 16:38:52 +02:00
Mike Salvatore e5acdf4cb7 Agent: Fix formatting in utils/brute_force.py with Black 2022-03-09 16:38:52 +02:00
Mike Salvatore 66d9549507 Agent: Add human-readable thread names to AutomatedMaster 2022-03-09 16:38:52 +02:00
Mike Salvatore 847c7fbf9b Agent: Add human-readable thread name to aws_environment_check 2022-03-09 16:38:52 +02:00
Mike Salvatore 87dbe20c23 Agent: Add human-readable thread name to MonkeyTunnel 2022-03-09 16:38:52 +02:00
Mike Salvatore f9a7672767 Agent: Add optional name to create_daemon_thread and run_worker_threads 2022-03-09 16:38:52 +02:00
Mike Salvatore b34c287238 Agent: Log thread name instead of thread ID 2022-03-09 16:38:52 +02:00
vakaris_zilius 3dc8ef606c Agent: add lock to wmi tools
impacket libraries used for WMI are not designed for multithreading
2022-03-09 16:38:52 +02:00
vakaris_zilius 16535e06c7 Agent: fix a bug in WMI exploiter related to depth 2022-03-09 16:38:52 +02:00
vakaris_zilius 4ce731c769 Agent: generate brute force credentials from exploiter options
All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
2022-03-09 16:38:52 +02:00