Commit Graph

11409 Commits

Author SHA1 Message Date
Mike Salvatore c4573673ce Agent: Rename timestamp -> execute_agent_timestamp 2022-10-06 12:39:11 -04:00
Ilija Lazoroski ac11d159fe Agent: Revise Powershell publishing of events 2022-10-06 16:03:15 +02:00
Mike Salvatore de9b5601d8
Merge branch 2269-publish-events-from-sshexec-exploiter into develop
PR #2395
2022-10-06 10:00:35 -04:00
Mike Salvatore c980bfd915 Agent: Move timestamp closer to ssh.exec_command() 2022-10-06 09:57:11 -04:00
Mike Salvatore 52380a2513 Agent: Publish exploitation event on unexpected SSH exception 2022-10-06 09:55:53 -04:00
Mike Salvatore 39bada5bb1 Agent: Move assignment outside of try/except 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 3bca02af59 Agent: Fix powershell tests 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 7d535c72d9 Agent: Publish powershell exploitation events 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 3bede2f9d1 Agent: Publish propagation events 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala bb6716df18 Common: Add attack technique T1059 2022-10-06 15:50:46 +02:00
vakarisz 8503e0f499 UT: Remove unused test data structures 2022-10-06 15:02:13 +03:00
Ilija Lazoroski ec617df06a Agent: Fix LocketHTTPServer mypy error in MSSQLExploiter 2022-10-06 13:53:17 +02:00
vakarisz 0d246a0479 Island: Rename add_tcp_connections to upsert_tcp_connections 2022-10-06 14:49:11 +03:00
Ilija Lazoroski 47846628e6 Agent: Modify MSSQL tags to be properties 2022-10-06 13:47:11 +02:00
vakarisz 3bc2e4876f Island: Handle missing node in add_tcp_connections 2022-10-06 14:45:56 +03:00
Kekoa Kaaikala 15974ff21c Agent: Stamp time before running exploit 2022-10-06 13:37:26 +02:00
Kekoa Kaaikala 66f8471f24 Agent: Remove "summary" event 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala e404416363 Agent: Use exploit tag properties 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 5c6b1e3910 Common: Remove unused technique T1071 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 9269c8579c Agent: Remove unneccessary technique 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 8317c03686 Agent: Add tags to MSSQL propagation events 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala aab965bad7 Common: Add attack technique T1071 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala fa8b721abe Common: Add attack technique T1059 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 183bd1145f Agent: Add tags to MSSQL exploitation events 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 33230e85f7 Agent: Use updated publish methods 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 2cd9d0086b Agent: Fix mypy error in http_tools.py 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 8dd196122b Agent: Publish events from MSSQLExploiter 2022-10-06 13:35:18 +02:00
vakarisz b0ec035909 Island: Move tcp_connection addition to node repository 2022-10-06 14:31:12 +03:00
Ilija Lazoroski 0f3f45e92f Agent: Modify Log4Shell tags to be properties 2022-10-06 13:26:48 +02:00
Kekoa Kaaikala 016bf5c795 Agent: Stamp times before the exploit runs 2022-10-06 13:24:03 +02:00
Kekoa Kaaikala 48e6e95271 Agent: Update propagation tags for log4shell 2022-10-06 13:22:38 +02:00
Kekoa Kaaikala ac69064dec Agent: Send failed exploitation event 2022-10-06 13:22:38 +02:00
Kekoa Kaaikala 0c4b90beb5 Agent: Fix typo 2022-10-06 13:22:38 +02:00
Ilija Lazoroski c5d5418af4 Agent: Fix typo in t1203 attack technique in Log4Shell 2022-10-06 13:22:38 +02:00
Ilija Lazoroski ef4a465515 Agent: Add tags to exploitation and propagation events in Log4Shell 2022-10-06 13:22:38 +02:00
Ilija Lazoroski c5506f98e8 Agent: Publish Propagation and Exploitation events from Log4Shell 2022-10-06 13:22:38 +02:00
vakarisz c90044074d Island: Remove storage error when node wasn't modified
Upserting should throw an error when updating or inserting went wrong, not when a node is already up to date.
2022-10-06 14:21:13 +03:00
Ilija Lazoroski 95f1e3cb7b Agent: Modify tags methods to be properties in SSHExploiter 2022-10-06 13:16:49 +02:00
Ilija Lazoroski dcb08b2881 Agent: Convert IPv4Address to str when connecting to socket 2022-10-06 13:15:42 +02:00
Ilija Lazoroski f0112410c9 Agent: Rename stamp to timestamp in SSHExploiter 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala e11bd2c7f2 Agent: Stamp start time prior to running exploit 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala aba886624e Agent: Send propagation events sooner 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala e8f48085a4 Agent: Use the tag properties 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 79f72dda55 Agent: Stop sending PropagationEvent before attempt 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 72378f4e53 Agent: Publish scan event when checking ssh port 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 431d6ae775 Agent: Extract method _get_ssh_port 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 0a1901b9a1 Agent: Use error to propagate failure 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala a2534391a6 Agent: Extract method _propagate 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 1cb88e029a Agent: Extract method _exploit 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala b31eb885f0 Agent: Extract method _get_victim_os 2022-10-06 13:15:42 +02:00