Itay Mizeretz
81051009d0
Fix CR
2017-10-16 10:58:11 +03:00
Daniel Goldberg
2d47e9c228
Fix edge case in shellshock where a victim with no attackable URLs returned None
2017-10-15 19:28:41 +03:00
Itay Mizeretz
02b02e43bb
Report only url in shellshock
2017-10-15 18:04:39 +03:00
Itay Mizeretz
bb53606a1b
Fix check os supported bug
2017-10-15 15:11:58 +03:00
Itay Mizeretz
9984b411d4
Refactor exploit classes to be per-host, and not per exploit type
...
Exploit telemetry has a more consistent format
Minor improvements in exploits
2017-10-11 18:05:03 +03:00
Daniel Goldberg
930050a713
Merge pull request #57 from guardicore/bugfix/fix-various-exploit-bugs
...
Bugfix/fix various exploit bugs
2017-10-09 10:43:51 +03:00
Daniel Goldberg
2949d4a8c2
Remove DNET library.
2017-10-03 18:20:20 +03:00
Itay Mizeretz
2bbd5d4824
Fix SambaCry .close() bug
2017-10-03 15:47:07 +03:00
Itay Mizeretz
65872d9518
Fix SambaCry not working for non-root user
2017-10-02 17:11:51 +03:00
Itay Mizeretz
22ff980923
Merge remote-tracking branch 'origin/develop' into bugfix/various-fixes
2017-10-01 11:36:12 +03:00
Daniel Goldberg
b910baf1d0
Stupid, stupid casting bug.
2017-10-01 11:35:17 +03:00
Itay Mizeretz
9af6590e75
Fix CR
2017-09-28 19:03:31 +03:00
Itay Mizeretz
7365f7d6a7
Fix in sambacry
...
Sambacry tries to exploit when can't recognize version
2017-09-28 16:13:47 +03:00
Itay Mizeretz
174c74cbcb
Temporarily disable shellshock reporting its vulnerable pages
2017-09-28 14:43:08 +03:00
Daniel Goldberg
5586619f19
PEP8 fun
2017-09-28 14:22:35 +03:00
Daniel Goldberg
a27c802b11
If already touching this file, modify it for PEP8 + better exception syntax.
2017-09-28 14:17:41 +03:00
Itay Mizeretz
48ce135194
Merge remote-tracking branch 'origin/develop' into feature/pass-the-hash
...
# Conflicts:
# monkey_island/cc/services/config.py
2017-09-27 18:42:25 +03:00
Itay Mizeretz
d628a27595
Add pass-the-hash for wmi
2017-09-27 18:30:44 +03:00
Itay Mizeretz
7e3f420fe0
Add pass-the-hash for sambacry
2017-09-27 17:23:23 +03:00
itaymmguardicore
9242fe3232
Merge pull request #51 from guardicore/feature/elasticgroovy
...
Feature/elasticgroovy
2017-09-27 15:41:40 +03:00
Daniel Goldberg
6b7f67933d
Finish fixing CR notes.
2017-09-27 14:38:44 +03:00
Itay Mizeretz
fe77fc833c
fix ntlm_hash telem
2017-09-27 14:28:53 +03:00
Daniel Goldberg
142401e706
change the user/password combo to existing function in another place.
2017-09-27 13:40:50 +03:00
Daniel Goldberg
5e8288e211
Fixed CR notes in
...
https://github.com/guardicore/monkey/pull/51#pullrequestreview-65212211
2017-09-26 18:16:20 +03:00
Itay Mizeretz
89b442be58
Implement pass the hash for SMB
2017-09-26 18:11:13 +03:00
Daniel Goldberg
6708e623fc
Added Elastic attack
2017-09-26 15:43:46 +03:00
Itay Mizeretz
b420f74a55
Fix dropper bug on wmiexec and win_ms08_067
2017-09-04 16:51:22 +03:00
Itay Mizeretz
40b03793c9
Fix user_password_pairs indentation bug in
2017-09-04 16:44:40 +03:00
Itay Mizeretz
3014763e99
minor fixes
2017-09-04 15:41:36 +03:00
Itay Mizeretz
cc889f9124
Fix CR
2017-09-04 14:52:24 +03:00
Itay Mizeretz
c8d7a2c4d3
SambaCry now works for both 32,64bit
2017-09-03 11:50:01 +03:00
Itay Mizeretz
c612ea0361
Documented sambacry, moved everything to configuration, minor fixes
2017-08-31 20:03:32 +03:00
Itay Mizeretz
5de433eae0
sambacry works
...
default monkey binary in linux is now 64bit
2017-08-31 18:40:42 +03:00
Itay Mizeretz
194ed624c2
sambacry almost working e2e
2017-08-31 17:50:55 +03:00
Itay Mizeretz
4ce1653c8f
sambacry: Add support for using both architectures
2017-08-30 10:16:54 +03:00
Itay Mizeretz
7d72150e4e
Add working POC of sambacry. still needs some modifications to fir monkey, and minor functionality
2017-08-28 19:20:44 +03:00
Itay Mizeretz
57e69fafee
minor fix in dropper
...
Rename constants
2017-08-28 10:41:11 +03:00
Itay Mizeretz
97205e6427
Fix config property bug
2017-08-21 11:51:47 +03:00
Itay Mizeretz
26df64fb87
Fixed CR
2017-08-20 19:32:18 +03:00
Itay Mizeretz
1a55c8362f
Add C&C ability to share credentials found from monkeys
2017-08-17 18:04:36 +03:00
Itay Mizeretz
a671b55df3
Add mimikatz collector
...
Combine all users and passwords in config
2017-08-16 15:14:26 +03:00
daniel goldberg
ab7f731ed5
Removed reliance on grequests. Complicates other code and no real performance improvement in a LAN enviornment.
2016-09-21 14:55:13 +03:00
itsikkes
155a03efad
Small hack to support fast-user switching when RDPing to already loggen-in host
...
Although it doesn't always happen, because there is no easy wasy to know
- trying to press YES on the dialog box (if any) can help the login
process
2016-09-19 22:27:17 +03:00
itsikkes
b3322b2541
improved local interface selection when exploiting
2016-09-08 12:30:40 +03:00
danielguardicore
d2203b2220
Removed legacy ChaosMonkey from SMB execution.
2016-09-07 19:10:30 +03:00
danielguardicore
ce3eaa9b2e
Fixed grequsts/gevents monkey patching of socket code, which lead to paramiko being unable to function after a shellshock scan.
2016-09-07 10:16:17 +03:00
itsikkes
39eaca300f
RDP: change VBS object to reduce requirements + process is more verbose
2016-09-06 11:05:15 +03:00
daniel goldberg
32c326bd7b
PEP8 in diff files
...
Add concept of non default timeout for copying SMB files. This is by default 5 minutes.
Changed behavior of SMB exploiter if file already exists, we don't assume exploitation is useless and try again. Worse case is we run the monkey after it finished running.
Changed behavior if managed to connect to machine to IPC$ over some dialect. If Success, we don't try again.
2016-09-05 17:45:27 +03:00
daniel goldberg
91427eb346
Tiny PEP8 change and changed reporting of vulnerable URLs in shellshock
2016-08-29 18:58:16 +03:00
daniel goldberg
d80c670392
Fixed bug in HTTPFingering
...
Added support for skip_exploit_if_file_exists in linux exploiters.
Delayed/fixed a race in the monkey patching that gevents does.
2016-08-29 18:58:16 +03:00