Shreya Malviya
a3eb0bc6f2
Island: Remove unused `set_node_group()` in NodeService
2022-03-09 10:21:52 -05:00
Shreya Malviya
5e3829aab3
Island: Add field `propagated` to node and rename image files
2022-03-09 10:21:52 -05:00
Shreya Malviya
d6fe9c2ef2
Agent: Remove `add_extracted_creds_to_exploiter_options()` from Zerologon exploiter
2022-03-09 10:21:52 -05:00
Mike Salvatore
8bc6086e1a
Agent: Correctly set propagation/exploitation status in Zerologon
2022-03-09 10:21:52 -05:00
Mike Salvatore
0d5fcf7fbf
Agent: Fix name of self.telemetry_messenger in ZerologonExploiter
2022-03-09 10:21:52 -05:00
Mike Salvatore
118c2abaee
Agent: Load ZerologonExploiter into the puppet
2022-03-09 10:21:51 -05:00
vakarisz
c322446aee
Agent: use exploit_results in zerologon
2022-03-09 10:20:45 -05:00
vakarisz
325e58cea2
Agent: explicitly specify some timeouts in zerologon exploiter
2022-03-09 10:20:45 -05:00
Shreya Malviya
5ec05d5617
UT: Fix Zerologon UTs
2022-03-09 10:20:45 -05:00
Shreya Malviya
a927879334
Agent: Remove `host` from Zerologon exploiter's constructor
2022-03-09 10:20:45 -05:00
Shreya Malviya
040227286a
Agent: Send extracted creds as CredentialTelemetry from Zerologon exploiter
2022-03-09 10:20:45 -05:00
Shreya Malviya
aee3566a0c
Agent: Remove WormConfiguration references in Zerologon exploiter
2022-03-09 10:20:45 -05:00
Shreya Malviya
08cbf75b5f
Agent: Remove credential hashes in logging in Zerologon exploiter
2022-03-09 10:20:45 -05:00
Mike Salvatore
cbaa3256dd
Merge pull request #1766 from guardicore/1742-wmi-exploiter
...
1742 add wmi exploiter to puppet
2022-03-09 10:17:54 -05:00
Mike Salvatore
03145a1392
Changelog: Add changelog entry for human-readable thread names
2022-03-09 10:04:45 -05:00
Mike Salvatore
0a6ced443c
Agent: Reduce smb_download_timeout to 30 seconds
2022-03-09 10:00:20 -05:00
vakarisz
7e6f1df3f5
Agent: Make thread name mandatory for creating daemon threads
2022-03-09 16:55:22 +02:00
vakarisz
83c25c6469
Agent: Refactor generate_brute_force_combinations
2022-03-09 16:51:15 +02:00
vakaris_zilius
130c62a5c2
Agent: add a wrapper for wmi_tools users
...
Add a dedicated wrapper to make sure that wmi_tools users don't run into race conditions
2022-03-09 16:38:52 +02:00
Mike Salvatore
e5acdf4cb7
Agent: Fix formatting in utils/brute_force.py with Black
2022-03-09 16:38:52 +02:00
Mike Salvatore
66d9549507
Agent: Add human-readable thread names to AutomatedMaster
2022-03-09 16:38:52 +02:00
Mike Salvatore
847c7fbf9b
Agent: Add human-readable thread name to aws_environment_check
2022-03-09 16:38:52 +02:00
Mike Salvatore
87dbe20c23
Agent: Add human-readable thread name to MonkeyTunnel
2022-03-09 16:38:52 +02:00
Mike Salvatore
f9a7672767
Agent: Add optional name to create_daemon_thread and run_worker_threads
2022-03-09 16:38:52 +02:00
Mike Salvatore
b34c287238
Agent: Log thread name instead of thread ID
2022-03-09 16:38:52 +02:00
vakaris_zilius
3dc8ef606c
Agent: add lock to wmi tools
...
impacket libraries used for WMI are not designed for multithreading
2022-03-09 16:38:52 +02:00
vakaris_zilius
16535e06c7
Agent: fix a bug in WMI exploiter related to depth
2022-03-09 16:38:52 +02:00
vakaris_zilius
4ce731c769
Agent: generate brute force credentials from exploiter options
...
All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
2022-03-09 16:38:52 +02:00
vakarisz
4e7e4a9eee
Agent: replace get_monkey_depth with self.current_depth
2022-03-09 16:38:52 +02:00
vakarisz
dc1a2ab1c1
Agent: move brute-force input generation from wmiexec to brute_force
2022-03-09 16:38:52 +02:00
Mike Salvatore
77f58b942b
Agent: Remove monkeyfs references in smb_tools.py
2022-03-09 16:38:52 +02:00
Mike Salvatore
f57977dd53
Agent: Add missing return to WmiExploiter
2022-03-09 16:38:52 +02:00
Mike Salvatore
98f8a5b48a
Agent: Fix malformed WMI query in WMIExploiter
2022-03-09 16:38:52 +02:00
Mike Salvatore
e76b46c8ca
Island: Add smb_download_timeout to SMB and WMI exploiter options
2022-03-09 16:38:52 +02:00
Mike Salvatore
6862ef39ee
Agent: Load WMIExploiter into puppet
2022-03-09 16:38:52 +02:00
vakarisz
aa5220b04a
Agent: modify wmiexec.py to return ExploitResultData
2022-03-09 16:38:52 +02:00
vakarisz
c932a19b47
Agent: decouple wmiexec.py from WormConfig object
2022-03-09 16:38:52 +02:00
vakarisz
d7e222c8a8
Agent: improve logging in wmiexec.py
2022-03-09 16:38:52 +02:00
vakarisz
af9736a8ea
Agent: added a todo to assess smb connection timeout
2022-03-09 16:38:52 +02:00
vakarisz
afc43ae806
Agent: fix a bug in wmi_tools
...
Fix a bug in wmi connection cleanup where incorrect keys were being used on a dictionary
2022-03-09 16:38:51 +02:00
Mike Salvatore
4832bc12d9
Merge pull request #1764 from guardicore/scan-depth
...
Scan depth
2022-03-07 12:37:20 -05:00
Mike Salvatore
1de449351e
Merge pull request #1765 from guardicore/1755-fix-hadoop-cmd
...
Agent: Prevent overwriting hadoop linux agent
2022-03-07 12:37:02 -05:00
Mike Salvatore
c886daba8a
Agent: Increase detail of HADOOP_LINUX_COMMAND comment
2022-03-07 12:35:52 -05:00
Mike Salvatore
aef3de1e8e
Agent: Remove special depth processing from WormConfiguration
2022-03-07 10:30:19 -05:00
Mike Salvatore
524b97078d
Agent: Pass current depth to AutomatedMaster
2022-03-07 10:30:17 -05:00
Mike Salvatore
7cae4d6dec
Agent: Pass depth to exploiters
2022-03-07 10:25:53 -05:00
Mike Salvatore
41287d458b
Agent: Don't propagate if depth == 0
2022-03-07 10:25:53 -05:00
Mike Salvatore
fd2143a4df
Agent: Re-raise exceptions in HostExploiter
...
The AutomatedMaster can't process the exceptions if the HostExploiter
swallows them. The HostExploiter can log and re-raise the exceptions so
they can be processed by the AutomatedMaster.
2022-03-07 10:24:22 -05:00
Ilija Lazoroski
c802f21756
Agent: Prevent overwriting hadoop linux agent
...
Because hadoop is re-requesting agents, we don't get the
agent if it already there, if it has size 0 and if it exists
we remove it.
2022-03-07 15:40:15 +01:00
Mike Salvatore
00829ac094
Agent: Add TODOs to AutomatedMaster
2022-03-07 06:20:34 -05:00