Commit Graph

6282 Commits

Author SHA1 Message Date
Mike Salvatore 19c1d5c1ae Agent: Rename credential_generation -> credential_generators 2021-09-01 12:05:08 -04:00
Mike Salvatore 473fe36ba7
Merge pull request #1438 from guardicore/powershell_http
Adds the capability to exploit powershell remoting via HTTP
2021-09-01 11:59:41 -04:00
VakarisZ 47393b2d55 Fix powershell credential generation tests to use AuthOptions class 2021-09-01 17:33:27 +03:00
VakarisZ aedc666e8f Remove IP address from AuthOptions in powershell 2021-09-01 16:35:27 +03:00
VakarisZ b82f4e157a Add logging to powershell exploiter in the case where powershell remoting seems to be disabled 2021-09-01 16:35:27 +03:00
VakarisZ b2e1b28059 Add the capability to exploit powershell remoting over HTTP and improve the code style 2021-09-01 16:35:27 +03:00
Mike Salvatore b4e861cdd6 Island: Remove disused set_server_config.py 2021-09-01 08:54:54 -04:00
Shreya Malviya f6561fb1ab docs: Modify docs based on changes removing no auth option 2021-09-01 18:14:18 +05:30
Shreya Malviya ffd421bed6 cc: Remove authentication code related to standard environment 2021-09-01 18:14:12 +05:30
Shreya Malviya 8ef07bdca0 CHANGELOG: Update with insecure access removal 2021-09-01 16:52:48 +05:30
Shreya Malviya 30a8fd96a8 cc: Remove CSS for the 'I want... island' button 2021-09-01 16:51:27 +05:30
Shreya Malviya 94878a0196 tests: Remove/modify tests and test data related to standard environment 2021-09-01 16:49:16 +05:30
Shreya Malviya 739a017e91 island: Remove API endpoints for standard environment 2021-09-01 16:19:32 +05:30
Shreya Malviya e4d75e25bd island: Remove standard environment 2021-09-01 16:16:32 +05:30
Shreya Malviya 7fe9d752fa cc: Remove StandardConfig in frontend 2021-09-01 16:06:36 +05:30
Shreya Malviya 6937a6b81a cc: Remove setNoAuth() fron RegisterPage.js 2021-09-01 16:04:05 +05:30
Shreya Malviya 3e453e8b2c cc: Remove 'I want anyone to access the island' button 2021-09-01 16:03:12 +05:30
Shreya Malviya 13b1904cf7
Merge pull request #1427 from guardicore/1246/powershell-documentation
Documentation for PowerShell exploiter
2021-09-01 15:11:39 +05:30
Mike Salvatore c83a0b4668 Docs: Reword PowerShell exploiter documentation 2021-08-31 12:21:08 -04:00
Mike Salvatore b96a0e74d9 Docs: Fix formatting of PowerShell exploit markdown 2021-08-31 11:36:58 -04:00
Shreya Malviya 24b6c751cb
Merge pull request #1436 from guardicore/1410/ut-autowindowsuser
Add unit test for deactivate and delete new auto windows user
2021-08-31 20:23:48 +05:30
Mike Salvatore e133baea09 Test: Skip test_new_user_delete_windows on Linux 2021-08-31 10:41:38 -04:00
Shreya Malviya 2f5e6b516a tests: Modify unit tests for AutoNewWindowsUser based on previous commit
changes
2021-08-31 19:35:06 +05:30
Shreya Malviya 8d14ff6385 agent: Move windows-only imports to the top of the file in
utils/windows/users.py
2021-08-31 19:31:04 +05:30
Mike Salvatore 86fd7351ad Island: Remove unused loggers 2021-08-31 09:57:32 -04:00
Mike Salvatore 96dee616df Agent: Remove unused loggers 2021-08-31 09:57:19 -04:00
VakarisZ d2e5828c3b Replace "LOG" naming convention with "logger" naming convention. 2021-08-31 09:51:34 -04:00
Mike Salvatore 51b5fc601a
Merge pull request #1437 from guardicore/fix-swimm-unit-pba
Add Swimm unit for adding a PBA
2021-08-31 09:44:38 -04:00
Shreya Malviya d118cdf3f5 travis: Update Swimm version 2021-08-31 12:49:57 +05:30
Shreya Malviya cae1206fbd swimm: Update exercise Add a new Post Breach Action (PBA) afMu3y3ny5lnrYFWl3EI 2021-08-31 12:34:40 +05:30
Shreya Malviya fc49ad341b swimm: Create exercise Add a new Post Breach Action (PBA) 2021-08-31 12:34:28 +05:30
Mike Salvatore d22c7813a5 BB: Switch the scanning order in tunneling tests
Because the SMB exploiter deploys the 32-bit agent, which will then
upgrade itself to 64-bit, it takes a long time between when exploitation
is successful and the agent calls home. By switching the order that
hosts are scanned in, this test runs approximately 25 seconds quicker
and allows us to reduce the `keep_tunnel_open_time` setting by 30
seconds.
2021-08-30 13:28:25 -04:00
Ilija Lazoroski 85316bcbb0 UT: Add test for deactive and delete new auto windows user 2021-08-30 16:10:14 +02:00
Mike Salvatore 9c352c1b1f Agent: Reformat long line in CommunicateAsBackdoorUser 2021-08-30 10:08:46 -04:00
VakarisZ 0635169362
Remove unused and broken package gathering feature on windows. (#1431)
Agent: Remove unused and broken package gathering feature on windows.
2021-08-30 09:56:34 -04:00
Mike Salvatore 00ccc3755d Move changelog entries from PR #1433 from v1.11.0 to unreleased 2021-08-30 09:46:24 -04:00
Mike Salvatore 09f14687d3 Fixed minor typos in CHANGELOG.md 2021-08-30 09:44:20 -04:00
Mike Salvatore 318e71bcb4
Merge pull request #1433 from guardicore/1410/remove-backdoor-pba
Remove Backdoor user PBA
2021-08-30 09:43:13 -04:00
Mike Salvatore 1bf3013fc2 Update changelog for PR #1433 2021-08-30 09:41:18 -04:00
Ilija Lazoroski e435894187 docs: Change the docs for PowerShell 2021-08-30 14:34:21 +02:00
Ilija Lazoroski 7aa230e9d0 UT: Renamed Communicate as new user 2021-08-30 14:22:23 +02:00
Ilija Lazoroski 10697934d6 Rename Communicate as new user to Communicate as backdoor user 2021-08-30 14:01:40 +02:00
Mike Salvatore 805ef70db1
Merge pull request #1425 from guardicore/powershell_exploiter
PowerShell Remoting exploiter refactor
2021-08-30 07:54:29 -04:00
Ilija Lazoroski 7e293ac16d Remove Backdoor user PBA 2021-08-30 13:46:07 +02:00
Mike Salvatore 02bd3efd2d
Merge pull request #1434 from guardicore/pba-use-random-pwd
Use random password for CommunicateAsNewUser PBA
2021-08-30 07:17:56 -04:00
Shreya Malviya deb037c617 tests: Add unit tests for communicate as back door user PBA 2021-08-30 16:21:22 +05:30
Shreya Malviya 0f2f39f0a0 CHANGELOG: Update with entry for random password for CommunicateAsNewUser PBA 2021-08-30 16:21:22 +05:30
Shreya Malviya f727e75697 agent: Use random password for CommunicateAsNewUser PBA 2021-08-30 16:21:22 +05:30
Shreya Malviya 54f80df1f4 bb: Remove extra line from end of file 2021-08-30 15:12:35 +05:30
Ilija Lazoroski e9ac64f108 docs: Add better documentation for powershell remoting exploiter 2021-08-27 11:18:16 +02:00