Commit Graph

4115 Commits

Author SHA1 Message Date
Shreya b82635d292 Add noqa comment to ignore complexity of DumpSecrets.dump() 2021-02-22 17:30:11 +05:30
Shreya 6883e4a5f1 Format all zerologon files with black 2021-02-20 01:12:04 +05:30
Shreya 2ef892e33f Try starting remote shell on victim with all user creds until successful 2021-02-20 01:12:04 +05:30
Shreya c227ccd3a1 Remove Zerologon fingerprinter (and move required functionality to Zerologon exploiter) 2021-02-20 01:12:04 +05:30
Shreya 869d608e09 Modify how `store_extracted_creds_for_exploitation()` is called
+ other little CR changes
2021-02-20 01:12:04 +05:30
Shreya 6c9ce028e0 Use __enter__() and __exit__() for StdoutCapture 2021-02-20 01:12:04 +05:30
Shreya e0ae8381ba restoring pwd: uses next available user account in case Administrator isn't found
and save all other credentials
2021-02-20 01:12:04 +05:30
Shreya c20e677940 Add impacket copyright notice 2021-02-20 01:12:01 +05:30
Shreya 0992e276b4 More CR changes
TODO:
- impacket license
- get pwd for some other users if 'Administrator' doesn't exist (and save all users' creds?)
- unit tests
2021-02-19 01:06:06 +05:30
Shreya 0866aee2cf Testing changes 2021-02-19 01:06:06 +05:30
Shreya 2c2a9eaaae Restructure `_exploit_host()` and `restore_password()` 2021-02-19 01:06:06 +05:30
Shreya 2bdcdcc18b CR changes 2021-02-19 01:06:06 +05:30
Shreya a3bc9188dd Increase flake8 warnings' limit from 80 to 81 2021-02-19 01:06:06 +05:30
Shreya d7086f04aa CR + testing changes 2021-02-19 01:06:06 +05:30
Shreya e357b3fbe6 Changes after rebasing 2021-02-19 01:06:06 +05:30
Shreya 435f10fb20 CR changes 2021-02-19 01:06:06 +05:30
Shreya 961d5f81f8 Make DC details object attributes 2021-02-19 01:06:06 +05:30
Shreya a908d31fc5 Remove unused imports and variable 2021-02-19 01:06:06 +05:30
Shreya 81c6de75b7 Add Zerologon to documentation 2021-02-19 01:06:06 +05:30
Shreya 290385a8a0 Zerologon's success on a machine shouldn't prevent other exploit attempts on the machine
(ZL gathers credentials for other exploits)
2021-02-19 01:06:06 +05:30
Shreya 9c0fc7e435 Changes after manual testing 2021-02-19 01:06:06 +05:30
Shreya c05a48d34d Final exploit touches and report stuff 2021-02-19 01:06:05 +05:30
Shreya b57605b58d Changes from manual testing 2021-02-19 01:06:05 +05:30
Shreya 1cf07eff89 Improve log messages and comments 2021-02-19 01:06:05 +05:30
Shreya 13ef69c3ed Clean up code and comments 2021-02-19 01:06:05 +05:30
Shreya 53ef6feadf Restore password
(wmiexec to get HKLM keys --> secretsdump to get orig pwd nthash --> restore)
2021-02-19 01:06:05 +05:30
Shreya e7485bd02f Mention CVE 2021-02-19 01:06:05 +05:30
Shreya 8549ba14cf Bringing stuff together 2021-02-19 01:06:05 +05:30
Shreya 5cd8b39f0f Get original passwords' hashes 2021-02-19 01:06:05 +05:30
Shreya a4207494ec Change classes order in file 2021-02-19 01:06:05 +05:30
Shreya 44e15bd2a0 Add restore_password() 2021-02-19 01:06:05 +05:30
Shreya 9468de471d Partially add Zerologon exploiter 2021-02-19 01:06:05 +05:30
Shreya 2cc0a159e0 Rename "WindowsServer" fingerprinter: "Zerologon" makes more sense 2021-02-19 01:06:05 +05:30
Shreya 900bb7636d Basic config and report stuff 2021-02-19 01:06:05 +05:30
Mike Salvatore 978927c329
Merge pull request #970 from shreyamalviya/telemetry-tests
Telemetry unit tests
2021-02-18 14:18:05 -05:00
Shreya 2bc27b48de Use stub for PBA 2021-02-19 00:44:28 +05:30
Shreya 8bd30ceb4c Format code using black 2021-02-19 00:09:20 +05:30
Shreya 15107eeea3 Use constants/literals for tests 2021-02-19 00:02:34 +05:30
Shreya a4603853a9 Split test_attack_telem_classes.py and test_technique_telems.py into separate test files 2021-02-18 22:44:42 +05:30
Shreya 08addff8c5 Modify tests for attack telem classes and technique telems
- test `send()` instead of `get_data()` using fixture `spy_send_telemetry`
2021-02-18 22:34:15 +05:30
Mike Salvatore 4efdeeacc3 agent: remove dependency on pytest-mock 2021-02-18 09:59:52 -05:00
Mike Salvatore 86ffaf358f agent: break test_base_telem_classes into discrete test files 2021-02-18 09:53:55 -05:00
Mike Salvatore 0ac9ce949c agent: reformat test_base_telem_classes.py with black 2021-02-18 09:38:37 -05:00
Mike Salvatore c2ed31bde8 telemetry: test `send()` for telemetry classes in `telemetry/` 2021-02-18 09:33:58 -05:00
Shreya 7960529ee9 Add conftest.py 2021-02-18 19:41:29 +05:30
Shreya 42b7fa05d6 Add requirement 2021-02-17 19:02:20 +05:30
Shreya 6b0cc1e368 Add tests for other base telems + put all telem tests in one folder 2021-02-17 19:01:55 +05:30
Shreya b9bbfac30b Add/modify tests for attack telems 2021-02-17 18:25:38 +05:30
Mike Salvatore de3adfd483
Merge pull request #964 from guardicore/payload_obfuscation
Payload obfuscation
2021-02-11 08:47:15 -05:00
VakarisZ f11736d451 Added no inspection comments and an explanation on why we use Crypto for shellcode_obfuscator.py 2021-02-11 15:29:29 +02:00