p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
9,278 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

6293 Commits

Author SHA1 Message Date
Shreya Malviya f542c9d0a8 Island: Fix KeyBasedEncryptor's encrypt function's logic 2022-07-19 14:51:58 +05:30
Shreya Malviya 637926ed09 Island: Extract fernet_object to an object variable in KeyBasedEncryptor 2022-07-19 14:51:58 +05:30
Shreya Malviya 373d34dce6 Island: Use cryptography.fernet for encryption in KeyBasedEncryptor 2022-07-19 14:51:58 +05:30
Shreya Malviya c1449fb897 Island: Remove TODO comment about using cryptography.fernet 2022-07-19 14:51:58 +05:30
Shreya Malviya 09e57541cc Project: Update Island dependencies to add `cryptography` 2022-07-19 14:51:58 +05:30
Shreya Malviya c12e281e4e Island: Use secrets instead of Crypto (pycryptodome) in DataStoreEncryptor 2022-07-19 14:51:58 +05:30
Ilija Lazoroski cc021f33ff UI: Add note about removal of 'weak_password' issue 2022-07-19 10:15:22 +02:00
Ilija Lazoroski b3ec9e340f UI: Fix Credentials parsing to use simplified credentials object 2022-07-18 21:49:24 +02:00
Ilija Lazoroski 57f2c7e058 Island: Fix credentials formatting to use simplified credentials object 2022-07-18 21:48:47 +02:00
Ilija Lazoroski c56b38f695 UI: Add note in StolenPasswords component 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 67e67441c1 UI: Remove unused getCredenatislSecrets function 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 07b4956717 UI: Set stolen_creds issues in state 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 5e1adbb877 UI: Add formatting to StolenPasswordsComponent 
This component was used in security and attack report with
two different sets of data. The first one is from the
credentials endpoint which needed formatting and the second
from the telemetry which was already formatted.
 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 27c0b838c4 Island: Fix one missed telemetry processor 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 474a26aeff UI: Fix StolenCredentials issue to add if we have any stolen credentials 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 5c765f85c2 UI: Add StolenCredentialsIssue to issues 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 35ed7f60c4 Island: Fix an import in initialize 2022-07-18 21:23:17 +02:00
Ilija Lazoroski c65439e049 UI: Remove WeakPassword issue 
* We don't have the passwords used for exploiting the machines
  in the UI
* All it will be reworked
 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 1683265868 Island: Rename reporting/stolen_credentials.py to 
reporting/format_credentials.py
 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 5ebf0ed8f6 Island: Remove StolenCredentials model 2022-07-18 21:23:17 +02:00
Ilija Lazoroski a24bdd43b8 Island: Move credentials parser hack to dirty_hacks function 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 885f0565a8 Island: Patch T1003 with a callable class 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 06a64c14d7 Island: Add callable class for T1003 2022-07-18 21:23:17 +02:00
Ilija Lazoroski c83f76b02b Island: Add formatting credentials for report 2022-07-18 21:23:17 +02:00
Ilija Lazoroski c75ee22c29 Island: Remove get_config_{users,passwords} from reporting 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 94419d8141 Island: Add PTHReportservice get issues functions 
* get_duplicated_passwords_issues
* get strong_users_on_crit_issues
 2022-07-18 21:23:17 +02:00
Ilija Lazoroski f417cff17b UI: Rename UsedCredentials.tsx.js to UsedCredentials.js 2022-07-18 21:23:17 +02:00
Ilija Lazoroski bfda71dd45 UI: Check for actual stolen credentials in issues 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 89f5ff89d2 Island: Remove extract_ssh_keys from stolen_credentials reporting 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 4dbdbcc75e UI: Remove unneeded logging in UsedCredentials component 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 8ccdba7528 UI: Grab credentials from endpoint and render them 2022-07-18 21:23:17 +02:00
Ilija Lazoroski f99bd74cd4 UI: Construct and render stolen credentials 2022-07-18 21:23:17 +02:00
Ilija Lazoroski 2861f0b085 UI: Add UsedCredentials component to render credentials 2022-07-18 21:23:17 +02:00
Ilija Lazoroski e61b0bfdca UI: Add credentials parsing functionalities 2022-07-18 21:23:17 +02:00
Ilija Lazoroski f0f4f6d591 Island: Remove credentials from reporting 2022-07-18 21:23:17 +02:00
Mike Salvatore dde3fd3476 UT: Parametrize test_get_credentials_from_store() 2022-07-18 10:30:52 -04:00
Mike Salvatore ebc854735e Agent: Use new Credentials objects in AggregatingCredentialsStore 2022-07-18 10:22:14 -04:00
Mike Salvatore ef4fbb30cc Agent: Use new credentials format in ControlChannel 2022-07-18 09:55:08 -04:00
Mike Salvatore 19a7bfd8e6
Merge pull request #2098 from guardicore/2072-simplify-credentials 
2072 simplify credentials
 2022-07-18 09:35:54 -04:00
Mike Salvatore e5d3271b74 UT: Use Credentials.to_mapping() in test_credential_telem_send() 2022-07-18 09:23:21 -04:00
Mike Salvatore 068dbbe963 Agent: Extract methods to clean up AggregatingCredentialsStore 2022-07-18 09:14:51 -04:00
Mike Salvatore 7c920cced3 Agent: Fix identity logic in AggregatingCredentialsStore 2022-07-18 09:07:11 -04:00
Mike Salvatore 9edfe6979b Agent: Capture secrets if missing username in SSHCredentialCollector 2022-07-18 08:53:36 -04:00
Mike Salvatore d5a125d985 Agent: Capture username even if no secrets are associated 2022-07-18 08:46:07 -04:00
Mike Salvatore c144ad9e64 Agent: Fix "new user" logic in MimikatzCredentialCollector 
Neither Passwords nor hashes should be included for and users that
Infection Monkey creates.
 2022-07-18 08:42:31 -04:00
Mike Salvatore cb9f43d242 Agent: Fix type hint in MimikatzCredentialCollector 2022-07-18 08:27:32 -04:00
Mike Salvatore 302803b779 Agent: Improve variable names in MimikatzCredentialCollector 2022-07-18 08:27:08 -04:00
Mike Salvatore acf12c2de1 Common: Simplify _make_credentials() 2022-07-18 08:14:01 -04:00
Mike Salvatore 9e7963afc0 Common: Simplify _serialize_credentials() 2022-07-18 08:13:09 -04:00
Ilija Lazoroski 575fff0cdb Agent: Simplify credentials object in MimikatzCredentialCollector 2022-07-18 11:49:44 +02:00
Ilija Lazoroski 2cb6c60866 UT: Fix credentials intercepting telemetry messenger tests 2022-07-18 11:47:49 +02:00
Ilija Lazoroski 0f2fc0902f Agent: Simplify credentials object in aggregating credentials store 2022-07-18 11:32:12 +02:00
Ilija Lazoroski f421f42604 Agent: Simplify credentials in ssh credentials collector 2022-07-18 11:32:12 +02:00
Mike Salvatore 213b161d1a Common: Fix type hints in credentials.py 2022-07-15 12:34:42 -04:00
Mike Salvatore 62ce91b59b Common: Prevent invalid Credentials objects from being constructed 2022-07-15 12:19:12 -04:00
Mike Salvatore 19a720898e Island: Handle encryption/decryption of None credential components 2022-07-15 11:36:07 -04:00
Mike Salvatore 2af713dabd Common: Allow identities or secrets to be None 
It's possible that credentials are stolen and an identity/secret
association can not be made. For example, a list of usernames can be
acquired by `ls /home`, but no passwords will be retrieved this way.
Credentials(identity=Username("username"), secret=None) will represent
this case.
 2022-07-15 10:50:25 -04:00
Mike Salvatore e3b23993fa Common: Add type hints to dicts in credentials.py 2022-07-15 10:44:14 -04:00
Mike Salvatore 63731b8334 UT: Test identity/password combos in test_credentials.py 2022-07-15 10:44:14 -04:00
Mike Salvatore fb11c29208 UT: Use nested comprehension in get_all_collections_in_mongo() 2022-07-15 10:44:14 -04:00
Mike Salvatore 3f20b71d25 UT: Simplify Credentials tests 2022-07-15 10:44:14 -04:00
Mike Salvatore bd0425beb8 UT: Add missing __init__.py to tests/data_for_tests/ 2022-07-15 10:44:14 -04:00
Mike Salvatore febec2ecef UT: Use all caps for constants in propagation_credentials.py 2022-07-15 10:44:14 -04:00
Mike Salvatore 424022d58a UT: Remove unused constants from test_mongo_credentials_repository 2022-07-15 10:44:14 -04:00
Mike Salvatore 7bf80946ba UT: Rename test propagation credentials 2022-07-15 10:44:14 -04:00
Mike Salvatore e9dc8d88e7 UT: Improve code quality of credentials encryption/decryption tests 2022-07-15 10:44:11 -04:00
Mike Salvatore 52f5e70812 Island: Add new locking test for RepositoryEncryptor 2022-07-15 07:52:36 -04:00
Mike Salvatore 3c4883b304
Merge pull request #2082 from guardicore/1965-add-credentials-ui-form 
1965 add credentials UI form
 2022-07-15 07:47:22 -04:00
vakarisz ec9a654fdf UI: Fix style problems in minor components 2022-07-15 11:20:14 +03:00
vakarisz 77b24ba7a6 UI: Fix a typo in credentials.js 2022-07-15 11:02:26 +03:00
Mike Salvatore 0687b010ff Island: Improve code quality of credentials encryption/decryption 2022-07-14 14:29:06 -04:00
Mike Salvatore add6ca3941 Island: Use new Credentials object in MongoCredentialsRepository 2022-07-14 13:32:16 -04:00
Mike Salvatore 04d72c0d36 UT: Use new Credentials object in test_credential_telem_send() 2022-07-14 13:11:45 -04:00
Mike Salvatore 2b245b34cb Island: Simplify Credentials 
Storing a sequence of identities and secrets in Credentials objects
added a lot of complication. From now on, a Credentials object consists
of one identity and one secret. See #2072.
 2022-07-14 13:10:24 -04:00
Mike Salvatore 3909dca4c9 Island: Pass special logger to WSGIServer 2022-07-14 11:19:17 -04:00
Mike Salvatore 52bc877f86 Island: Add PyWSGILoggingFilter 2022-07-14 11:19:16 -04:00
Mike Salvatore bdd432fab6 Island: Reformat docstring for setup_logging() 2022-07-14 11:11:38 -04:00
Mike Salvatore 771b9e05c2 Island: Add type hints to setup_logging() 2022-07-14 11:11:38 -04:00
Mike Salvatore 12643706b1 Island: Treat data_dir like a path in setup_logging() 2022-07-14 11:11:35 -04:00
vakarisz d2c8065163 UI: Adjust safe option validation to new schema 2022-07-14 17:37:57 +03:00
vakarisz 138a065d75 UI: Remove float format from schema 
There is no such format and ui throws warnings
 2022-07-14 17:20:26 +03:00
vakarisz 1445bcf4ad UI: Reorganize and simplify configuration schema 2022-07-14 17:05:54 +03:00
vakarisz efbc1d3860 UI: Change PropagationConfig.tsx to use more trivial config schema 2022-07-14 16:54:43 +03:00
vakarisz a721508be2 UI: Remove unnecessary console log in ConfigurePage.js 2022-07-14 15:19:27 +03:00
vakarisz c0ecaa0096 UI: Simplify AdvancedMultiSelect.js 
AdvancedMultiSelect.js no longer needs to pull data from definitions since we no longer need the definitions in schema
 2022-07-14 15:18:21 +03:00
Mike Salvatore d11c8bfdbc Island: Remove disused config_key in technique_reports 2022-07-14 08:03:27 -04:00
Mike Salvatore 792d1f2e4d Island: Remove disused field_encryptors subpackage 2022-07-14 08:00:39 -04:00
Mike Salvatore de0e604518 Island: Remove disused IFieldEncryptor 2022-07-14 07:59:59 -04:00
Mike Salvatore 9639acffa5 Island: Remove disused StringEncryptor 2022-07-14 07:59:13 -04:00
Mike Salvatore 86ce7f2cf9 Island: Remove disused dict_encryptor 2022-07-14 07:59:11 -04:00
Mike Salvatore 80f2dfd590 Island: Ignore unused is_island 2022-07-14 07:55:36 -04:00
Mike Salvatore 5209d6982a Common: Remove disused config_value_paths.py 2022-07-14 07:53:34 -04:00
Mike Salvatore c57672b9ae
Merge pull request #2090 from guardicore/1662-remove-configservice 
Remove ConfigService
 2022-07-14 07:52:06 -04:00
Mike Salvatore 6b94d5c04a
Merge pull request #2089 from guardicore/1662-remove-configservice-from-utils 
Remove `services/configuration/utils.py`, use AgentConfiguration
 2022-07-14 07:51:33 -04:00
Mike Salvatore 753970f644
Merge pull request #2088 from guardicore/1662-remove-configservice-from-reportservice 
1662 remove configservice from reportservice
 2022-07-14 07:51:04 -04:00
Mike Salvatore dc73b11f6f
Merge pull request #2091 from guardicore/create-init-files 
Create `__init__.py` files for proper code coverage
 2022-07-14 07:36:42 -04:00
Mike Salvatore ea1414d0b5 Island: Remove encryption from report_dal.py 
Since passwords were removed from the report in 60a1e791, there's no
need to encrypt any data in the report.
 2022-07-14 07:28:53 -04:00
Mike Salvatore 7760520cc8 Island: Remove disused StringListEncryptor 2022-07-14 07:27:47 -04:00
Shreya Malviya 4bd90505c2 Island: Add __init__.py files to all source code directories for proper code coverage results 2022-07-14 16:56:04 +05:30
Shreya Malviya a2677a1a0e Agent: Add __init__.py files to all source code directories for proper code coverage results 2022-07-14 16:55:47 +05:30