Commit Graph

11380 Commits

Author SHA1 Message Date
Kekoa Kaaikala 016bf5c795 Agent: Stamp times before the exploit runs 2022-10-06 13:24:03 +02:00
Kekoa Kaaikala 48e6e95271 Agent: Update propagation tags for log4shell 2022-10-06 13:22:38 +02:00
Kekoa Kaaikala ac69064dec Agent: Send failed exploitation event 2022-10-06 13:22:38 +02:00
Kekoa Kaaikala 0c4b90beb5 Agent: Fix typo 2022-10-06 13:22:38 +02:00
Ilija Lazoroski c5d5418af4 Agent: Fix typo in t1203 attack technique in Log4Shell 2022-10-06 13:22:38 +02:00
Ilija Lazoroski ef4a465515 Agent: Add tags to exploitation and propagation events in Log4Shell 2022-10-06 13:22:38 +02:00
Ilija Lazoroski c5506f98e8 Agent: Publish Propagation and Exploitation events from Log4Shell 2022-10-06 13:22:38 +02:00
vakarisz c90044074d Island: Remove storage error when node wasn't modified
Upserting should throw an error when updating or inserting went wrong, not when a node is already up to date.
2022-10-06 14:21:13 +03:00
Ilija Lazoroski 95f1e3cb7b Agent: Modify tags methods to be properties in SSHExploiter 2022-10-06 13:16:49 +02:00
Ilija Lazoroski dcb08b2881 Agent: Convert IPv4Address to str when connecting to socket 2022-10-06 13:15:42 +02:00
Ilija Lazoroski f0112410c9 Agent: Rename stamp to timestamp in SSHExploiter 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala e11bd2c7f2 Agent: Stamp start time prior to running exploit 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala aba886624e Agent: Send propagation events sooner 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala e8f48085a4 Agent: Use the tag properties 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 79f72dda55 Agent: Stop sending PropagationEvent before attempt 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 72378f4e53 Agent: Publish scan event when checking ssh port 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 431d6ae775 Agent: Extract method _get_ssh_port 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 0a1901b9a1 Agent: Use error to propagate failure 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala a2534391a6 Agent: Extract method _propagate 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 1cb88e029a Agent: Extract method _exploit 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala b31eb885f0 Agent: Extract method _get_victim_os 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala dc8a0ac2ad Agent: Extract method _upload_agent_binary 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 9dac64b60e Agent: Update ssh exploiter tags 2022-10-06 13:15:42 +02:00
Ilija Lazoroski 5d9416c385 Agent: Use common.tags to publish events in SSHExploiter 2022-10-06 13:15:42 +02:00
Ilija Lazoroski 5948537d4a Agent: Add tags to SSHExploiter 2022-10-06 13:15:42 +02:00
Ilija Lazoroski ddaada1f09 Agent: Revise event publishing in SSHExploiter 2022-10-06 13:15:42 +02:00
vakarisz 2248bdcd67 Island: Add _get_node_by_id method to mongo_node_repository.py 2022-10-06 14:10:47 +03:00
Shreya Malviya e2453e481c Agent: Rename variables in HostExploiter 2022-10-06 16:38:42 +05:30
Kekoa Kaaikala 254b4e1c6c Agent: Update publish methods to accept timestamp 2022-10-05 19:43:25 +00:00
Kekoa Kaaikala 12e9aaf42e Agent: Add abstract properties for exploiter tags 2022-10-05 17:32:48 +00:00
Kekoa Kaaikala 95b1d9c62d Agent: Remove target from publish methods 2022-10-05 15:57:15 +00:00
vakarisz 249950d602 Island: Improve tcp handler code and coverage 2022-10-05 17:07:19 +03:00
vakarisz 6c913895c5 Island: Add TCP connections to nodes based on TCP scan event 2022-10-05 15:33:16 +03:00
vakarisz bbcdc1bef4 Island: Make upsert_node method public
Updating/inserting the node into the repository is required outside of repository itself.
2022-10-05 15:33:11 +03:00
Mike Salvatore 73a8c14397 Merge branch '2269-add-attack-technique-tags' into develop
PR #2394
2022-10-05 08:25:51 -04:00
Ilija Lazoroski 63f869d296 Project: Add common.tags and HostExploiter publish functions to Vulture 2022-10-05 14:21:23 +02:00
Mike Salvatore 82217b4094
Merge branch 2267-add-network-services into develop
PR #2398
2022-10-05 08:20:13 -04:00
Mike Salvatore 10e3c97489 Island: Use Tuple[SocketAddress] for tcp_connections
There are serialization issues when using FrozenSet because pydantic
converts the SocketAddress to a dict, which is not hashable. There are
probably ways to work around this, but it's not worth the effort at thsi
time. If performance becomes an issue (doubtful) we can revisit using a
frozenset instead.
2022-10-05 14:51:31 +03:00
Mike Salvatore 8799a60f47 Island: Fix serialization/deserialization of Machine.network_services 2022-10-05 14:51:30 +03:00
Mike Salvatore d8cf5d33dd Common: Extract MutableInfectionMonkeyModelConfig 2022-10-05 14:51:30 +03:00
Mike Salvatore eb3daf84f1 Common: Use strings for NetworkService Enum values 2022-10-05 14:51:30 +03:00
Mike Salvatore f6ed8a997c Common: Rename NetworkServiceNameEnum -> NetworkService
"Name" and "Enum" are redundant in this case
2022-10-05 14:51:25 +03:00
vakarisz 8bf1d1f46f Island, Common: Add services to machine.py 2022-10-05 14:51:01 +03:00
vakarisz a390c97b70 Island: Add tcp_connections to node 2022-10-05 14:50:02 +03:00
vakarisz 80a095b657 Agent: Use NetworkPort instead of Port 2022-10-05 14:50:02 +03:00
Ilija Lazoroski 2ece91b9df Agent: Rename event_queue to agent_event_queue in SSHCredentialCollector 2022-10-05 11:37:58 +02:00
Ilija Lazoroski c7e2b91735 Agent: Rename event_queue to agent_event_queue in
MimikatzCredentialCollector
2022-10-05 11:34:50 +02:00
Ilija Lazoroski 19fcf8d053 Agent: Import attack technique tags from common in MimikatzCollector 2022-10-05 11:30:09 +02:00
Ilija Lazoroski c8aee645fa Agent: Import attack technique tags from common in SSHCollector 2022-10-05 11:24:52 +02:00
Ilija Lazoroski 491612f9e8 Common: Add T1005 and T1145 attack technique tags 2022-10-05 11:21:28 +02:00