Vakaris
68d949c655
Web RCE framework core files/changes
2018-07-19 12:33:44 +03:00
Daniel Goldberg
3e1edeac61
Merge pull request #156 from VakarisZ/dropper_samefile_fix
...
Dropper bug fix
2018-07-18 20:53:52 +03:00
Vakaris
d78e81db06
Changed to a better file comparison function
2018-07-18 20:48:15 +03:00
maor.rayzin
77610d4994
* WIP changing the payload static file to be written on runtime
2018-07-18 13:26:31 +03:00
Vakaris
dfecc6d6ac
os.path.samefile does not work on windows. My code checks if files handlers are the same instead
2018-07-18 12:44:19 +03:00
Daniel Goldberg
ae4227731c
Merge pull request #155 from guardicore/bugfix/remove_ftp_server
...
Remove FTP server from infra
2018-07-18 10:50:31 +03:00
maor.rayzin
f2d17bcedc
* Added a cleanup function to attack's files
2018-07-17 18:48:58 +03:00
Daniel Goldberg
d853e02693
Remove FTP server from infra
...
New FTP server will come from pyftp
2018-07-17 13:08:08 +03:00
maor.rayzin
9877b9499c
* Using get_interface_to_target function in order to retrieve right ip
...
to use.
* changed exception syntax to 'as' instead of ','
* added Object to the FTP class
2018-07-16 16:29:28 +03:00
maor.rayzin
782ced912d
* Added a coverage for the force connection closing in the mssql fingerprinter.
2018-07-16 16:01:26 +03:00
maor.rayzin
2de474667d
* Fixed a weird text alignment
2018-07-16 14:43:38 +03:00
maor.rayzin
aae9704cbb
* Changed the more info tab's location to the right place.
2018-07-16 12:45:14 +03:00
maor.rayzin
80d6b327bc
* Added MSSQL exploiter report frontend details.
2018-07-16 11:57:56 +03:00
Daniel Goldberg
97e5b96637
Opportunistic waiting, make get_tcp_ports O(timeout) rather than timeout.
2018-07-15 16:27:46 +03:00
Daniel Goldberg
977e0a8769
Merge pull request #151 from guardicore/master
...
Update develop from master
2018-07-09 18:53:57 +03:00
Daniel Goldberg
f98a121c51
Merge branch 'develop' into master
2018-07-09 18:53:43 +03:00
Daniel Goldberg
35b535f97a
Removed hard coded debug address and replaced with non routable IP
2018-07-08 12:14:45 +03:00
maor.rayzin
19d324d81f
Merge branch 'develop' into feature/mssql_exploiter
...
# Conflicts:
# infection_monkey/config.py
# infection_monkey/example.conf
# infection_monkey/exploit/__init__.py
2018-06-27 21:40:05 +03:00
maor.rayzin
b46810e02b
* Finalized the MS-SQL code
...
* Changed the log to the right handle and added exceptions info.
* better docs and some pep 8
2018-06-27 21:30:54 +03:00
Daniel Goldberg
3118620c8a
Merge pull request #146 from VakarisZ/struts2RCE
...
Struts2 rce
2018-06-26 18:37:07 +03:00
Vakaris
c278b0a29c
Small changes
2018-06-26 18:03:31 +03:00
maor.rayzin
149525d205
Added the MSSQLExploiter class
...
The helper functions and utils are in mssqlexec_utils.py file
Everything is documented and this commit is still WIP.
* Added the class to the monkey's config file and example.
* Added the class to the UI config.
* Added the class import to __init__.py file
2018-06-26 17:47:43 +03:00
Vakaris
6a37f2b953
removed debugging code
2018-06-25 19:11:58 +03:00
Vakaris
671452243d
Fixed some bugs and more notes
2018-06-25 18:26:34 +03:00
Vakaris
81712ddbf0
Merge branch 'struts2RCE' of https://github.com/VakarisZ/monkey into struts2RCE
2018-06-22 14:57:04 +03:00
Vakaris
7ce790affa
Some notes fixed
2018-06-22 14:55:52 +03:00
Daniel Goldberg
d510476658
Merge branch 'develop' into struts2RCE
2018-06-21 13:23:12 +03:00
Daniel Goldberg
f55133e8c1
Merge pull request #142 from guardicore/feature/MSSQL_fingerprint
...
Feature/mssql fingerprint
2018-06-21 11:46:21 +03:00
Daniel Goldberg
2ddae99687
Merge pull request #144 from guardicore/bugfix/fix-bad-default-config
...
Fix default config values
2018-06-21 11:40:44 +03:00
Daniel Goldberg
385cf13636
Merge pull request #143 from guardicore/hotfix/update-growl
...
Update mocha
2018-06-21 11:40:07 +03:00
Vakaris
208411d6fc
Cosmetic changes
2018-06-21 00:10:56 +03:00
Vakaris
ef6c512ea9
Finished up exploitation and added reporting
2018-06-20 22:35:18 +03:00
Vakaris
2d27972e7e
Struts exploitation working, and tested with win-64 and ubuntu
2018-06-20 16:58:20 +03:00
Vakaris
413bdd9254
Not yet functioning and tested, but most functions are done
2018-06-19 18:08:52 +03:00
Vakaris
9a8a6c6e28
Now exploiting both win and linux. Also, added check if monkey is not already present
2018-06-19 18:05:09 +03:00
Itay Mizeretz
ddaeb7dbf8
more fixes to deb
2018-06-13 20:48:04 +03:00
Itay Mizeretz
79d8012bb2
Merge branch 'develop' into feature/support-common-folder
...
# Conflicts:
# monkey/infection_monkey/exploit/shellshock.py
# monkey/infection_monkey/test/config__test.py
2018-06-13 18:03:43 +03:00
Itay Mizeretz
0173aaf3f6
Update mocha
...
Change color structure for edge - required by update
2018-06-13 17:36:17 +03:00
Itay Mizeretz
20d4b3a642
Fix default config values
2018-06-13 16:05:12 +03:00
Itay Mizeretz
36230fa25c
monkey island can now be run from both monkey_island.py and run_cc.bat
2018-06-13 15:40:13 +03:00
Itay Mizeretz
4e207256dd
infection monkey works via infection_monkey.py or monkey.exe
2018-06-13 14:38:58 +03:00
maor.rayzin
db6f44109b
* Responding to the PR comments with the logs and usage changes.
2018-06-12 16:29:27 +03:00
maor.rayzin
d312a3a771
* Changed name from MSSQLFingerprint to MSSQLFinger to match convention.
...
* Added UI support for the new fingerprint in Monkey Island.
* UI supports includes writing up MSSQL as a service under node's
services list.
2018-06-12 13:26:28 +03:00
maor.rayzin
fe1f6d67e5
Merge branch 'develop' into feature/MSSQL_fingerprint
2018-06-11 20:19:12 +03:00
maor.rayzin
1272700fe5
* Added an author mark and updated docs
...
* Changed the module to use the VictimHost object as host
* added True\False return statements.
2018-06-09 20:02:18 +03:00
maor.rayzin
fadafdbd3a
Updated the config files to default include the mssql fingerfrint class: MSSQLFingerprinter, in the monkey's configuration.
2018-06-09 18:23:54 +03:00
maor.rayzin
d4c1871f87
Implemented the first draft of the mssql fingerprint class
...
Every line of code is documented and straight forward.
2018-06-09 18:23:08 +03:00
maor.rayzin
8b22a52006
Added the mssql finger class to the main network init file so it will be usable.
2018-06-09 18:16:39 +03:00
maor.rayzin
293c204ddd
Created the MSSQL_fingerprinter branch,
...
added the fingerprint class WIP.
2018-06-09 17:51:46 +03:00
Daniel Goldberg
de832780b6
Removed overly verbose logging line, triggered every 2 seconds
2018-06-06 13:54:21 +03:00