p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
7,166 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

7166 Commits

Author SHA1 Message Date
Ilija Lazoroski 3fc8621e16 Docs: Remove MS08_067 exploiter documentation 2022-01-31 11:11:25 +01:00
Mike Salvatore 678db40e25 Agent: Check for spaces in IP or domain names 
socket.gethostbyname() may return different results on different systems
when provided with an IP address that contains a space. This depends on
python version or other environmental factors. For example:

System 1:
>>> socket.gethostbyname('172.60 .9.109')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known
>>> socket.gethostbyname('172.17 .9.109')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
socket.gaierror: [Errno -2] Name or service not known

System 2:
>>> socket.gethostbyname('172.60 .9.109')
'172.0.0.60'

To remedy this, this commit adds a check to verify that the IP/domain
does not contain a space, as a space is an illegal character in either.
 2022-01-27 12:56:40 -05:00
Mike Salvatore 8371a268ba Island: Change the order of log messages on startup to improve UX 
Some users were confused when the Island started up and thought it had
frozen. I hope to alleviate this confusion by changing the order of the
log messages. If the last message displayed after initialization
gives the user instructions on accessing the island, hopefully users
will no longer be confused.

PR #1684
 2022-01-26 12:09:43 -05:00
Mike Salvatore f478444bb7
Merge pull request #1682 from guardicore/small-code-improvements 
Small code improvements
 2022-01-26 08:31:55 -05:00
Mike Salvatore a888915577 Agent: Add bool return type hint to _can_propagate() 2022-01-26 08:14:04 -05:00
Mike Salvatore 92636da4b2 Agent: Use Iterable instead of List for type hint in run_plugins() 2022-01-26 08:13:35 -05:00
Mike Salvatore 8cf54e7673 Agent: Fix typo plugin -> plugins in _run_plugins() 2022-01-26 08:11:35 -05:00
Mike Salvatore 1ca8c98b86 Island: Use MappingProxyType for default argument in IslandConfigOptions 2022-01-25 19:57:07 -05:00
Mike Salvatore 3450ac93a3 Agent: Extract code from try/except in _leave_readme_in_target_directory 2022-01-25 19:57:07 -05:00
Mike Salvatore fae0c8ded2 Agent: Replace if checks with interruptable_iter() in for loops 2022-01-25 19:57:07 -05:00
Mike Salvatore 0c877833c5 Agent: Move master/threading_utils.py -> utils/threading.py 
Both create_daemon_thread() and interruptable_iter() will need to be
used outside of the master.
 2022-01-25 19:57:07 -05:00
Mike Salvatore df42d0752a Agent: Add interruptable_iter() generator 2022-01-25 19:57:07 -05:00
Mike Salvatore f8ea2e06ac UT: Add test for create_daemon_thread() 2022-01-25 19:57:07 -05:00
Mike Salvatore ce4c0188c2 Agent: Add missing type hints to dir_utils.py 2022-01-25 19:57:07 -05:00
Mike Salvatore 62efeffe90 Agent: Use iter() to improve InPlaceFileEncryptor._encrypt_file() 2022-01-25 19:57:07 -05:00
Mike Salvatore fa59f45d31 Agent: Use filter() to improve loop in _process_tcp_scan_results() 2022-01-25 19:57:07 -05:00
Mike Salvatore ea0ab309d2 Agent: Improve loop code in IPScanner._scan_address() 2022-01-25 19:57:07 -05:00
Mike Salvatore e1cf4fa9c2 Merge branch 'release/1.13.0' into agent-refactor 2022-01-25 13:35:49 -05:00
Mike Salvatore fed7d050be Changelog: Update version and release date for v1.13.0 2022-01-25 09:54:12 -05:00
vakarisz ab290fd732 Docs: clarify that AppImage can only run in WSL 2 on windows 2022-01-25 15:20:33 +02:00
vakarisz 28cf8b55cf BB: modified performance config template to contain log4shell machines 2022-01-25 15:16:32 +02:00
vakarisz 62dc4a4d5c Docs: add version to docker examples 
Based on docs it wasn't clear what user should substitute for "VERSION". By providing specific version like "v1.13.0" we clarify the format of the version string.
 2022-01-25 15:03:06 +02:00
vakarisz 014108e360 Docs: remove outdated documentation about AWS deployment 2022-01-25 14:59:55 +02:00
vakarisz a59c6b59b6 Docs: add hashes of 1.13.0 release binaries 2022-01-24 10:29:44 +02:00
vakarisz 189505a97d Agent: add vulnerable log4shell url's 
Url's are used in mitre report
 2022-01-21 15:35:07 +02:00
Mike Salvatore 75ed119c00 Changelog: Add changelog entries for Log4Shell exploiter 2022-01-21 07:40:42 -05:00
VakarisZ 39a48c2b64
Merge pull request #1670 from guardicore/1663-log4shell-exploit 
Log4Shell exploiter
 2022-01-21 11:52:14 +02:00
Mike Salvatore 4c30118f67 Docs: Increase v1.12.0 -> v1.13.0 2022-01-20 14:38:14 -05:00
Mike Salvatore 5bf82659bd UI: Switch CVE-2021-44228 from href to react-bootstrap Button 
This resolves an eslint error regarding `target="blank"` without
`rel="noopener"` and makes this code more consistent with other code.
 2022-01-20 12:14:52 -05:00
Mike Salvatore d21dd6da13 Agent: Wait for victim to download agent before killing servers 
The Log4Shell exploiter requires the victim to contact a number of
different servers. Wait a reasonable amount of time for the victim to
call home and download the agent before issuing the shutdown command to
the server.
 2022-01-20 10:42:51 -05:00
Mike Salvatore e576136a63 Agent: Skip Log4Shell exploiter if there are no open ports 2022-01-20 08:52:09 -05:00
Mike Salvatore 6d87289bd0 Agent: Minor change to log statement in ExploitClassHTTPServer 2022-01-20 08:17:57 -05:00
Shreya Malviya 83d2a0aac0 Common, UI: Bump version numbers to 1.13.0 2022-01-20 17:49:02 +05:30
Shreya Malviya ce8c178297 BB: Add Log4Shell zoo machines to table of contents, grammar fixes 2022-01-20 17:24:11 +05:30
Mike Salvatore d0e26f770f Agent: Add lock to HTTPHandler.do_GET() to avoid potential race 2022-01-19 19:37:23 -05:00
vakarisz 76d6071f7c Island: add cve link to log4shell report 2022-01-19 15:09:03 +02:00
Mike Salvatore 1840dd54ca Agent: Add class documentation to ExploitClassHTTPServer 2022-01-18 12:33:06 -05:00
Mike Salvatore 63085273a9 Agent: Encapsulate parallelism in ExploitClassHTTPServer 2022-01-18 08:57:05 -05:00
vakarisz 212fb3a653 BB: black format config_generation_script.py 2022-01-18 15:23:59 +02:00
vakarisz a5a4957c29 Agent: small readability and style improvements 2022-01-18 15:01:47 +02:00
vakarisz 03919c3caf Agent: fix struts2 url building 2022-01-18 14:29:57 +02:00
vakarisz 76a32d241c Agent: log4shell readability and style fixes 2022-01-18 12:48:56 +02:00
vakarisz 52ac7dd295 Agent: fix a bug in web_rce url building 
build_potential_urls was made static and takes IP as first parameter, but the users of this method wasn't changed and only passed ports
 2022-01-18 12:22:38 +02:00
vakarisz e3f9312ff9 BB: change log4j exploit depth to 1 (default) 
This change is necessary to make sure that exploitation is successfull from a particular machine being tested.
 2022-01-18 11:44:47 +02:00
vakarisz f667d9203b Agent: update Pipfile.lock to contain pyinstaller changes 
Pyinstaller got changed to not crash ldap server that's running on a spawned process, by continuing if no m0nk3y or dr0pp3r flags are specified
 2022-01-18 11:41:18 +02:00
Ilija Lazoroski 51bf553fb5 Agent, Island: Minor changes to Log4Shell 
Return types, removing logging from solr service
and change Log4j to Log4Shell in Island reporting
 2022-01-17 16:37:03 +01:00
Ilija Lazoroski 311a721880 BB: Fix IP address for Tomcat machines 2022-01-17 16:34:56 +01:00
vakarisz 77eb3ce004 BB: Added log4j configs to the list of manually generatable configs 2022-01-17 11:40:31 +02:00
Mike Salvatore 363d0e14bf UT: Add unit test for Log4Shell LDAPExploitServer 2022-01-14 11:53:50 -05:00
Mike Salvatore c9e59bd266 Agent: Refactor Log4Shell LDAP server to avoid race condition 
A race condition existed between the time when the LDAP server was
instructed to start and the first exploit was sent to the victim.
Sometimes, the first exploit would be sent before the LDAP server
finished starting, resulting in failed exploitation.

To remedy this, the LDAPExploitServer.run() function now blocks until
the server has successfully started. Once the server has started,
LDAPExploitServer.run() returns. This allows the caller to have
confidence that the LDAP server is running after LDAPExploitServer.run()
returns and alleviates the need to sleep in order to avoid the race
condition.
 2022-01-14 09:43:14 -05:00