Commit Graph

7671 Commits

Author SHA1 Message Date
vakaris_zilius c2b06f22f0 Agent: Improve path comparison style in test_helpers.py 2022-03-23 13:37:33 +00:00
vakaris_zilius efb0039e34 Agent: Make _add_random_suffix method code more concise 2022-03-23 13:33:26 +00:00
vakaris_zilius 2e6b361a9d Agent: Add a method that appends random string to filename in path
This method will be used to avoid duplication in destination file paths and will avoid clashes of exploiters writing to same files
2022-03-23 10:49:25 +00:00
VakarisZ 663c1c6471
Merge pull request #1796 from guardicore/1611-interruptable-log4shell
Agent: Make log4shell interruptable
2022-03-22 07:14:36 +00:00
vakaris_zilius 3cfa72f731 Agent: Remove unreliable stop check in log4shell 2022-03-22 06:57:33 +00:00
Mike Salvatore f3fddfb4ba
Merge pull request #1789 from guardicore/1611-interruptable-ssh-exploit
1611 interruptable ssh exploit
2022-03-21 14:09:00 -04:00
Ilija Lazoroski e3e038bf40 Agent: Add timeouts to SSH exploit 2022-03-21 18:48:53 +01:00
Ilija Lazoroski 9765f64174 Agent: Make SSH interruptable 2022-03-21 17:37:35 +01:00
vakaris_zilius 684e723b09 Agent: Fix timer usage in log4shell 2022-03-21 16:20:48 +00:00
vakaris_zilius 325c4368de Agent: Remove unnecessary interrupts from log4shell 2022-03-21 16:11:59 +00:00
Mike Salvatore 0f77d4ca37 Agent: Use Timer in Log4ShellExploiter 2022-03-21 11:46:55 -04:00
vakaris_zilius 41278c8044 Agent: Make log4shell interruptable 2022-03-21 15:04:24 +00:00
Mike Salvatore b1716e9457
Merge pull request #1791 from guardicore/1611-interruptable-powershell
1611 Make powershell exploiter interruptable
2022-03-21 10:27:01 -04:00
Mike Salvatore cda113d291 Agent: Check _signal_handler before resetting on Windows
We don't need to call win32api.SetConsoleCtrlHandler if _signal_handler
is None (i.e. was never set).
2022-03-21 10:21:10 -04:00
Mike Salvatore a2ac2658ed Agent: Initialize self._master = None 2022-03-21 10:19:54 -04:00
Mike Salvatore 7a1fcced2f Agent: Extract method _set_interrupted() from is_interrupted() 2022-03-21 09:09:15 -04:00
Mike Salvatore b0f03179c1 Agent: Add `interrupted` boolean to ExploiterResultData
Setting an interrupted flag on the ExploiterResultData is a more useful
way to present the information to anything that uses it. If decisions
need to be made based on whether or not something was interrupted, a
flag can be checked instead of parsing an error message.
2022-03-21 09:00:43 -04:00
Mike Salvatore 83b18debc0 Agent: Remove InterruptError and use `if` instead 2022-03-21 09:00:43 -04:00
vakaris_zilius f50f4cf71c Agent: Add interrupt error message to powershell results 2022-03-21 09:00:43 -04:00
vakaris_zilius 02154e38fd Agent: Make powershell exploiter interruptable 2022-03-21 09:00:43 -04:00
Mike Salvatore 61344f9861
Merge pull request #1792 from guardicore/1741-add-smb-to-puppet
1741 add smb to puppet
2022-03-21 08:16:24 -04:00
Mike Salvatore 75ea2c8c3a Docs: Remove reference to example.conf 2022-03-21 08:15:25 -04:00
Mike Salvatore 896a9171ac Agent: Add missing 'f' to f-string 2022-03-21 08:14:01 -04:00
Mike Salvatore cadc23d8a5 Agent: Only start/stop tunnel if the agent is able to propagate
Starting and stopping the tunnel is slow, and only necessary if the
agent plans to propagate. If depth < 1, propagation will not occur, so
there's no point in having a tunnel open. If a `-d` parameter is not
supplied to the agent, the tunnel will be started.
2022-03-21 08:11:19 -04:00
Mike Salvatore 7e4ec00454 Agent: Add error message to exploit_result when SMB exploiter gives up 2022-03-21 07:21:05 -04:00
Mike Salvatore 9ca8bc1a60 Agent: Remove example.conf
This file is out of date and an unnecessary maintenance burden.
2022-03-21 07:16:22 -04:00
Mike Salvatore 89bda5ae87 Agent: Improve logging in SMBExploiter 2022-03-21 07:15:47 -04:00
VakarisZ fe7c7d5d9c
Merge pull request #1793 from guardicore/agent-log-timestamp-ordering
Agent log timestamp ordering
2022-03-21 07:46:04 +00:00
Mike Salvatore 96c8072c21 Docs: Update agent log naming scheme to put timestamp before random 2022-03-20 20:40:43 -04:00
Mike Salvatore 753f00de65 Agent: Put timestamp before random string in log names
Putting the timestamp before the random string in the agent and dropper
log names allows them to be sorted by time.
2022-03-20 20:40:35 -04:00
Mike Salvatore 9b66b98428 Island: Move smb_service into exploit.properties.smb_service 2022-03-20 19:39:39 -04:00
Mike Salvatore 9532aba033 Agent: Improve logging around SCM connection attempts 2022-03-18 13:38:02 -04:00
Mike Salvatore 75dd26b3df Agent: Handle case where SMB service already exists in SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore abb05730b8 Agent: Remove unnecessary __init__() from SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore c3ffd91990 Agent: Load SMBExploiter into the puppet 2022-03-18 13:38:02 -04:00
Mike Salvatore d56a6e23db Agent: Remove disused {try,}get_target_monkey() 2022-03-18 13:38:02 -04:00
Mike Salvatore f3d4f972a0 Agent: Remove disused MonkeyHTTPServer 2022-03-18 13:38:02 -04:00
Mike Salvatore 732568b34f Agent: Remove disused get_monkey_depth() 2022-03-18 13:38:02 -04:00
Mike Salvatore 8eace7c736 Agent: Return ExploitResultData from SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore eddb9d527f Agent: Remove dependency on SMBFingerprinter from SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore df24d4ab6a Agent: Use self.telemetry_messenger in SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore 4a10882bcc Agent: Remove disused methods and attributes from WormConfiguration 2022-03-18 13:38:02 -04:00
Mike Salvatore 32491d5998 Agent: Remove logging of sensitive data from SmbTools 2022-03-18 13:38:02 -04:00
Mike Salvatore 396dd0fca6 Agent: Rename SmbExploiter SMBExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore 6fda2691e5 Agent: Remove dependency on WormConfig from SmbExploiter 2022-03-18 13:38:02 -04:00
Mike Salvatore 415f3e6468 Agent: Remove smb_service_name configuration option
This option is never changed and can be more easily stored as a
constant.
2022-03-18 13:38:02 -04:00
VakarisZ 6c1a4faf3a
Merge pull request #1790 from guardicore/1611-interruptible-mssql
1611 interruptible mssql
2022-03-18 14:33:13 +00:00
Mike Salvatore a247fa954c Agent: Use LONG_REQUEST_TIMEOUT for LOGIN_TIMEOUT in MSSQLExploiter 2022-03-18 10:12:34 -04:00
Mike Salvatore df5a0fe119 Agent: Make MSSQLExploiter interruptible 2022-03-18 08:29:44 -04:00
Mike Salvatore 0ffe023a9f Agent: Add a query timeout to pymssql.connect() 2022-03-18 08:29:44 -04:00