Commit Graph

1448 Commits

Author SHA1 Message Date
maor.rayzin 9877b9499c * Using get_interface_to_target function in order to retrieve right ip
to use.

* changed exception syntax to 'as' instead of ','
* added Object to the FTP class
2018-07-16 16:29:28 +03:00
maor.rayzin 782ced912d * Added a coverage for the force connection closing in the mssql fingerprinter. 2018-07-16 16:01:26 +03:00
maor.rayzin 2de474667d * Fixed a weird text alignment 2018-07-16 14:43:38 +03:00
maor.rayzin aae9704cbb * Changed the more info tab's location to the right place. 2018-07-16 12:45:14 +03:00
maor.rayzin 80d6b327bc * Added MSSQL exploiter report frontend details. 2018-07-16 11:57:56 +03:00
Daniel Goldberg 97e5b96637 Opportunistic waiting, make get_tcp_ports O(timeout) rather than timeout. 2018-07-15 16:27:46 +03:00
Daniel Goldberg 977e0a8769
Merge pull request #151 from guardicore/master
Update develop from master
2018-07-09 18:53:57 +03:00
Daniel Goldberg f98a121c51
Merge branch 'develop' into master 2018-07-09 18:53:43 +03:00
Daniel Goldberg 35b535f97a Removed hard coded debug address and replaced with non routable IP 2018-07-08 12:14:45 +03:00
maor.rayzin 19d324d81f Merge branch 'develop' into feature/mssql_exploiter
# Conflicts:
#	infection_monkey/config.py
#	infection_monkey/example.conf
#	infection_monkey/exploit/__init__.py
2018-06-27 21:40:05 +03:00
maor.rayzin b46810e02b * Finalized the MS-SQL code
* Changed the log to the right handle and added exceptions info.

* better docs and some pep 8
2018-06-27 21:30:54 +03:00
Daniel Goldberg 3118620c8a
Merge pull request #146 from VakarisZ/struts2RCE
Struts2 rce
2018-06-26 18:37:07 +03:00
Vakaris c278b0a29c Small changes 2018-06-26 18:03:31 +03:00
maor.rayzin 149525d205 Added the MSSQLExploiter class
The helper functions and utils are in mssqlexec_utils.py file
Everything is documented and this commit is still WIP.

* Added the class to the monkey's config file and example.
* Added the class to the UI config.
* Added the class import to __init__.py file
2018-06-26 17:47:43 +03:00
Vakaris 6a37f2b953 removed debugging code 2018-06-25 19:11:58 +03:00
Vakaris 671452243d Fixed some bugs and more notes 2018-06-25 18:26:34 +03:00
Vakaris 81712ddbf0 Merge branch 'struts2RCE' of https://github.com/VakarisZ/monkey into struts2RCE 2018-06-22 14:57:04 +03:00
Vakaris 7ce790affa Some notes fixed 2018-06-22 14:55:52 +03:00
Daniel Goldberg d510476658
Merge branch 'develop' into struts2RCE 2018-06-21 13:23:12 +03:00
Daniel Goldberg f55133e8c1
Merge pull request #142 from guardicore/feature/MSSQL_fingerprint
Feature/mssql fingerprint
2018-06-21 11:46:21 +03:00
Daniel Goldberg 2ddae99687
Merge pull request #144 from guardicore/bugfix/fix-bad-default-config
Fix default config values
2018-06-21 11:40:44 +03:00
Daniel Goldberg 385cf13636
Merge pull request #143 from guardicore/hotfix/update-growl
Update mocha
2018-06-21 11:40:07 +03:00
Vakaris 208411d6fc Cosmetic changes 2018-06-21 00:10:56 +03:00
Vakaris ef6c512ea9 Finished up exploitation and added reporting 2018-06-20 22:35:18 +03:00
Vakaris 2d27972e7e Struts exploitation working, and tested with win-64 and ubuntu 2018-06-20 16:58:20 +03:00
Vakaris 413bdd9254 Not yet functioning and tested, but most functions are done 2018-06-19 18:08:52 +03:00
Vakaris 9a8a6c6e28 Now exploiting both win and linux. Also, added check if monkey is not already present 2018-06-19 18:05:09 +03:00
Itay Mizeretz ddaeb7dbf8 more fixes to deb 2018-06-13 20:48:04 +03:00
Itay Mizeretz 79d8012bb2 Merge branch 'develop' into feature/support-common-folder
# Conflicts:
#	monkey/infection_monkey/exploit/shellshock.py
#	monkey/infection_monkey/test/config__test.py
2018-06-13 18:03:43 +03:00
Itay Mizeretz 0173aaf3f6 Update mocha
Change color structure for edge - required by update
2018-06-13 17:36:17 +03:00
Itay Mizeretz 20d4b3a642 Fix default config values 2018-06-13 16:05:12 +03:00
Itay Mizeretz 36230fa25c monkey island can now be run from both monkey_island.py and run_cc.bat 2018-06-13 15:40:13 +03:00
Itay Mizeretz 4e207256dd infection monkey works via infection_monkey.py or monkey.exe 2018-06-13 14:38:58 +03:00
maor.rayzin db6f44109b * Responding to the PR comments with the logs and usage changes. 2018-06-12 16:29:27 +03:00
maor.rayzin d312a3a771 * Changed name from MSSQLFingerprint to MSSQLFinger to match convention.
* Added UI support for the new fingerprint in Monkey Island.
* UI supports includes writing up MSSQL as a service under node's
  services list.
2018-06-12 13:26:28 +03:00
maor.rayzin fe1f6d67e5 Merge branch 'develop' into feature/MSSQL_fingerprint 2018-06-11 20:19:12 +03:00
maor.rayzin 1272700fe5 * Added an author mark and updated docs
* Changed the module to use the VictimHost object as host
* added True\False return statements.
2018-06-09 20:02:18 +03:00
maor.rayzin fadafdbd3a Updated the config files to default include the mssql fingerfrint class: MSSQLFingerprinter, in the monkey's configuration. 2018-06-09 18:23:54 +03:00
maor.rayzin d4c1871f87 Implemented the first draft of the mssql fingerprint class
Every line of code is documented and straight forward.
2018-06-09 18:23:08 +03:00
maor.rayzin 8b22a52006 Added the mssql finger class to the main network init file so it will be usable. 2018-06-09 18:16:39 +03:00
maor.rayzin 293c204ddd Created the MSSQL_fingerprinter branch,
added the fingerprint class WIP.
2018-06-09 17:51:46 +03:00
Daniel Goldberg de832780b6 Removed overly verbose logging line, triggered every 2 seconds 2018-06-06 13:54:21 +03:00
Daniel Goldberg 5e7a218b44
Merge pull request #138 from VakarisZ/SSH_key_stealing
SSH key stealing
2018-06-05 16:59:54 +03:00
Daniel Goldberg ecdd2e8762
Merge branch 'develop' into SSH_key_stealing 2018-06-05 16:59:28 +03:00
Daniel Goldberg d77704b3e2
Merge pull request #139 from guardicore/feature/Adding_logs_to_monkey_island
Feature/adding logs to monkey island
2018-06-05 14:06:23 +03:00
Vakaris 0503f90168 Notes fixed 2018-06-04 12:07:10 +03:00
maor.rayzin f37fabaf75 I've added logs to cover these situations and modules:
Configuration reset
    Configuration Insert
    Configuration Update
    Report steps
    Monkey downloads
    Env startup logs

Also I've changed the logging init position so it covers every functions from main, some functions and vars are being called and init from import level, in order to log those situations I had to init the log system right on the beginning of the module.
2018-05-31 19:27:26 +03:00
maor.rayzin ad0d9f4567 Added more log lines 2018-05-31 18:35:33 +03:00
Daniel Goldberg 9fa92d0c88 Fix typo in warning 2018-05-31 15:39:36 +03:00
Daniel Goldberg c7ed02b98e Bugfix, run Shellshock attack as dropper rather than monkey 2018-05-31 15:38:54 +03:00