p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
7,624 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

7624 Commits

Author SHA1 Message Date
vakarisz 1d15288b64 Agent, Island: remove/rename system info collection infrastructure 
System info collectors got replaced with credential collectors. Infrastructure in the code needs to be renamed accordingly
 2022-03-01 14:54:20 +02:00
Mike Salvatore 9e8d1d2539
Merge pull request #1749 from guardicore/1695-reporting-credentials 
1695 reporting credentials
 2022-03-01 07:27:21 -05:00
vakarisz 52c0413797 Island, UT: remove credential processing from exploit telemetry 
Credentials should be sent via credential telemetry, not exploit telemetry. This will remove the need to maintain duplicate code of credential extraction
 2022-03-01 11:31:47 +02:00
Mike Salvatore c93835245c Agent: Use IAgentRepository in SSHExploiter 2022-02-28 19:26:33 -05:00
Mike Salvatore cc9cfc5e3b Agent: Inject IAgentRepository into exploiters 2022-02-28 19:08:25 -05:00
Mike Salvatore c888c84e64 Agent: Add CachingAgentRepository 2022-02-28 19:08:24 -05:00
Mike Salvatore 50ca81f0fc Agent: Add IAgentRepository 2022-02-28 19:07:50 -05:00
Mike Salvatore 0df165e140 Island: Refactor monkey download to take OS and return agent file 2022-02-28 14:55:20 -05:00
Mike Salvatore c075fed2da BB: Remove 'PingScanner' from fingerprinters in config templates 2022-02-28 13:18:07 -05:00
Mike Salvatore a3de04d9c0 Agent: Remove agent download optimization from get_target_monkey() 
This optimization was not functioning properly. This will be refactored
and optimized in the near future, so it's not worth the effort to debug
this at the present time.
 2022-02-28 13:18:07 -05:00
Mike Salvatore caa6405315 Agent: Change agent permissions to 700 in SSH exploiter 
Changing the permissions to 777 introduces a security risk into the
target host. A malicious attacker with local access can potentially
modify the binary, resulting in code execution and privilege escalation
when the attacking agent launches the agent on the victim.

Issue #1750
 2022-02-28 13:18:07 -05:00
Mike Salvatore eea07461c5 Agent: Remove attempt to get architecture from target in ssh exploiter 
Since Infection Monkey only supports the x86_64 architecture,there's
little use in collecting the architecture from the destination.
 2022-02-28 13:18:07 -05:00
vakarisz 4f58a69c54 UT: added slow marks and changed some names, related to credential tests 2022-02-28 16:59:15 +02:00
vakarisz 748178a00c Island: small style improvements in stolen_credentials.py 2022-02-28 16:57:35 +02:00
Mike Salvatore 54715df43d
Merge pull request #1748 from guardicore/1675-remove-32bit-from-hadoop 
Remove 32-bit references from Hadoop
 2022-02-28 09:52:21 -05:00
Mike Salvatore d970271016 Agent: Fix get_target_monkey() bug when running from source 2022-02-28 08:29:04 -05:00
Mike Salvatore 01a21f744f Agent: Remove disused VictimHost.monkey_exe 2022-02-28 07:56:31 -05:00
Mike Salvatore a53ff7d0d9 Agent: Fix broken logic in get_target_monkey() download optimization 2022-02-28 07:56:31 -05:00
vakarisz 40820a5ba5 Island: refactor report generation to take credentials from model 
Reporting used to fetch credentials from telemetries, but they are no longer stored. Instead, credentials are being fetched from stolen_credentials collection
 2022-02-28 12:30:26 +02:00
Shreya Malviya ec9d3822a6 Island: Remove logic to download 32-bit monkeys 2022-02-26 12:55:09 +05:30
Mike Salvatore dc8bd7008e Deploy: Remove 32-bit agents from Windows deployment script 2022-02-25 14:45:57 -05:00
Shreya Malviya 62263b8fbf Agent: Remove 32-bit references from Hadoop 2022-02-25 23:04:03 +05:30
Shreya Malviya 1bf51cd047 Agent: Fix function call (misspelled) in WebRCE 2022-02-25 22:46:33 +05:30
Ilija Lazoroski 10cfe346b6 Island: Remove 32bit manual run options 2022-02-25 10:44:08 -05:00
vakarisz 02d81771a9 Island: remove remaining references to "creds" property of monkey 2022-02-25 17:13:19 +02:00
vakarisz cf56fcbef2 UT: removed telemetry encryption test 2022-02-25 15:38:36 +02:00
vakarisz 0ecfbff1e4 Island: don't store credential telemetries 
Credential telemetries are not stored on the database to prevent the need to encrypt credentials and query database directly. Instead, credentials are parsed into a document that doesn't contain secrets and is easily queryable
 2022-02-25 15:38:36 +02:00
vakarisz afc98667c4 Island: remove unused "creds" properties from monkey model 2022-02-25 15:38:36 +02:00
Shreya Malviya 069afe677a Docs: Remove 32-bit mentions 2022-02-25 02:28:53 -05:00
Shreya Malviya a3d9904f05 Island: Update README to remove mentions of 32-bit binaries 2022-02-25 02:28:53 -05:00
Shreya Malviya 9f6c25c2b2 Agent: Update README to remove mentions of 32-bit binaries 2022-02-25 02:28:53 -05:00
Mike Salvatore 22ec96c4ee Deploy: Use `npm ci` instead of install/update in Linux deployment 2022-02-24 13:23:58 -05:00
Mike Salvatore c8c1aa7036 Deploy: Remove --single-branch from `git clone` in Linux deployment 2022-02-24 13:23:58 -05:00
Mike Salvatore fb1880dd24 Deploy: Remove 32-bit binaries from Linux deployment script 2022-02-24 13:23:58 -05:00
Mike Salvatore 1ad79b9c96
Merge pull request #1745 from guardicore/1675-remove-32-bit-config-option 
Remove dropper_target_path_win_32 bit config option
 2022-02-24 13:15:18 -05:00
Ilija Lazoroski 8a3a92182e Agent: Fix WebRCE windows target path 2022-02-24 19:04:57 +01:00
Ilija Lazoroski 47306b0d38 UT: Modify tests to suite removal of dropper_target_path_win_32 option 2022-02-24 18:43:25 +01:00
Ilija Lazoroski 6144564760 Island: Remove dropper_target_path_win_32 from config 2022-02-24 18:43:25 +01:00
Ilija Lazoroski 2c76c6de3c Agent: Remove dropper_target_path_win_32 from config 2022-02-24 18:43:16 +01:00
Mike Salvatore 8c304e809d Agent: Remove Windows 32-bit to 64-bit upgrade feature 2022-02-24 10:50:13 -05:00
Mike Salvatore d84e35f637 Build: Remove references to 32-bit agents from Docker and Appimage build 2022-02-24 09:42:40 -05:00
Mike Salvatore e21f643014 Agent: Remove references to 32-bit agents in monkey.spec 2022-02-24 09:42:40 -05:00
Mike Salvatore 0a7637c944
Merge pull request #1744 from guardicore/1732-remove-elasticsearch 
Remove ElasticGroovyExploiter
 2022-02-24 09:05:09 -05:00
Shreya Malviya 7e362283fa Changelog: Add entry for removing the Elastic Search exploiter 2022-02-24 19:14:20 +05:30
Mike Salvatore 85eb3a2c0d
Merge pull request #1743 from guardicore/1605-modify-hadoop 
Modify Hadoop exploiter
 2022-02-24 08:02:01 -05:00
Ilija Lazoroski e8ba34b055 Island: Use exploitation_result in telemetry_feed 2022-02-24 13:33:32 +01:00
Ilija Lazoroski 871b02d514 Agent: Stop Hadoop http_thread regardless the exploit result 2022-02-24 12:21:54 +01:00
Shreya Malviya 7d76d94959 Zoo: Remove Elastic machines from terraform scripts and docs 2022-02-24 15:16:19 +05:30
Shreya Malviya 6c7e630465 BB: Remove ElasticGroovyExploiter references 2022-02-24 15:14:32 +05:30
Shreya Malviya a599edec15 Project: Remove ELASTIC exploiter descriptor enum from Vulture's allowlist 2022-02-24 15:12:00 +05:30