Shreya
|
b82635d292
|
Add noqa comment to ignore complexity of DumpSecrets.dump()
|
2021-02-22 17:30:11 +05:30 |
Shreya
|
6883e4a5f1
|
Format all zerologon files with black
|
2021-02-20 01:12:04 +05:30 |
Shreya
|
2ef892e33f
|
Try starting remote shell on victim with all user creds until successful
|
2021-02-20 01:12:04 +05:30 |
Shreya
|
c227ccd3a1
|
Remove Zerologon fingerprinter (and move required functionality to Zerologon exploiter)
|
2021-02-20 01:12:04 +05:30 |
Shreya
|
869d608e09
|
Modify how `store_extracted_creds_for_exploitation()` is called
+ other little CR changes
|
2021-02-20 01:12:04 +05:30 |
Shreya
|
6c9ce028e0
|
Use __enter__() and __exit__() for StdoutCapture
|
2021-02-20 01:12:04 +05:30 |
Shreya
|
e0ae8381ba
|
restoring pwd: uses next available user account in case Administrator isn't found
and save all other credentials
|
2021-02-20 01:12:04 +05:30 |
Shreya
|
c20e677940
|
Add impacket copyright notice
|
2021-02-20 01:12:01 +05:30 |
Shreya
|
0992e276b4
|
More CR changes
TODO:
- impacket license
- get pwd for some other users if 'Administrator' doesn't exist (and save all users' creds?)
- unit tests
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
0866aee2cf
|
Testing changes
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
2c2a9eaaae
|
Restructure `_exploit_host()` and `restore_password()`
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
2bdcdcc18b
|
CR changes
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
a3bc9188dd
|
Increase flake8 warnings' limit from 80 to 81
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
d7086f04aa
|
CR + testing changes
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
e357b3fbe6
|
Changes after rebasing
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
435f10fb20
|
CR changes
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
961d5f81f8
|
Make DC details object attributes
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
a908d31fc5
|
Remove unused imports and variable
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
81c6de75b7
|
Add Zerologon to documentation
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
290385a8a0
|
Zerologon's success on a machine shouldn't prevent other exploit attempts on the machine
(ZL gathers credentials for other exploits)
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
9c0fc7e435
|
Changes after manual testing
|
2021-02-19 01:06:06 +05:30 |
Shreya
|
c05a48d34d
|
Final exploit touches and report stuff
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
b57605b58d
|
Changes from manual testing
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
1cf07eff89
|
Improve log messages and comments
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
13ef69c3ed
|
Clean up code and comments
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
53ef6feadf
|
Restore password
(wmiexec to get HKLM keys --> secretsdump to get orig pwd nthash --> restore)
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
e7485bd02f
|
Mention CVE
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
8549ba14cf
|
Bringing stuff together
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
5cd8b39f0f
|
Get original passwords' hashes
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
a4207494ec
|
Change classes order in file
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
44e15bd2a0
|
Add restore_password()
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
9468de471d
|
Partially add Zerologon exploiter
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
2cc0a159e0
|
Rename "WindowsServer" fingerprinter: "Zerologon" makes more sense
|
2021-02-19 01:06:05 +05:30 |
Shreya
|
900bb7636d
|
Basic config and report stuff
|
2021-02-19 01:06:05 +05:30 |
Mike Salvatore
|
978927c329
|
Merge pull request #970 from shreyamalviya/telemetry-tests
Telemetry unit tests
|
2021-02-18 14:18:05 -05:00 |
Shreya
|
2bc27b48de
|
Use stub for PBA
|
2021-02-19 00:44:28 +05:30 |
Shreya
|
8bd30ceb4c
|
Format code using black
|
2021-02-19 00:09:20 +05:30 |
Shreya
|
15107eeea3
|
Use constants/literals for tests
|
2021-02-19 00:02:34 +05:30 |
Shreya
|
a4603853a9
|
Split test_attack_telem_classes.py and test_technique_telems.py into separate test files
|
2021-02-18 22:44:42 +05:30 |
Shreya
|
08addff8c5
|
Modify tests for attack telem classes and technique telems
- test `send()` instead of `get_data()` using fixture `spy_send_telemetry`
|
2021-02-18 22:34:15 +05:30 |
Mike Salvatore
|
4efdeeacc3
|
agent: remove dependency on pytest-mock
|
2021-02-18 09:59:52 -05:00 |
Mike Salvatore
|
86ffaf358f
|
agent: break test_base_telem_classes into discrete test files
|
2021-02-18 09:53:55 -05:00 |
Mike Salvatore
|
0ac9ce949c
|
agent: reformat test_base_telem_classes.py with black
|
2021-02-18 09:38:37 -05:00 |
Mike Salvatore
|
c2ed31bde8
|
telemetry: test `send()` for telemetry classes in `telemetry/`
|
2021-02-18 09:33:58 -05:00 |
Shreya
|
7960529ee9
|
Add conftest.py
|
2021-02-18 19:41:29 +05:30 |
Shreya
|
42b7fa05d6
|
Add requirement
|
2021-02-17 19:02:20 +05:30 |
Shreya
|
6b0cc1e368
|
Add tests for other base telems + put all telem tests in one folder
|
2021-02-17 19:01:55 +05:30 |
Shreya
|
b9bbfac30b
|
Add/modify tests for attack telems
|
2021-02-17 18:25:38 +05:30 |
Mike Salvatore
|
de3adfd483
|
Merge pull request #964 from guardicore/payload_obfuscation
Payload obfuscation
|
2021-02-11 08:47:15 -05:00 |
VakarisZ
|
f11736d451
|
Added no inspection comments and an explanation on why we use Crypto for shellcode_obfuscator.py
|
2021-02-11 15:29:29 +02:00 |