Commit Graph

6929 Commits

Author SHA1 Message Date
Mike Salvatore 33e3a31030 Agent: Move ransomware/ to payload/ransomware/ 2021-12-17 09:02:04 -05:00
Mike Salvatore 09a1297f47 Agent: User relative imports within ransomware package 2021-12-17 09:00:56 -05:00
Mike Salvatore c18af3c3fb Agent: Change return type of IPuppet.run_payload() to None
At the moment, we don't expect payloads to return any values. This may
be reevaluated as development proceeds or when telemetry is refactored.
2021-12-17 09:00:54 -05:00
Mike Salvatore 3adb1d5b07 Agent: Add IPayload interface 2021-12-17 08:12:37 -05:00
Mike Salvatore 8e0efb1993 Island: Replace deprecated logging.warn() with logging.warning() 2021-12-16 14:38:54 -05:00
Mike Salvatore dc3adc9d8b UT: Fix annoying pytest warning regarting TestAuthenticationError 2021-12-16 14:37:39 -05:00
Mike Salvatore e60297dff1 UT: Fix broken mock in test_stop_if_cant_get_stop_signal_from_island 2021-12-16 14:36:33 -05:00
Mike Salvatore fd29393ce4
Merge pull request #1659 from guardicore/1597-implement-scan-target-generator
1597 implement scan target generator
2021-12-16 09:11:23 -05:00
Mike Salvatore ed16826b87 Agent: Sort scan targets by IP 2021-12-16 09:08:39 -05:00
Mike Salvatore c8469f5521 Agent: Move _filter_invalid_ranges to NetworkRanges 2021-12-16 08:56:35 -05:00
Mike Salvatore bfed27301a Agent: Change `not ==` to `!=` in _remove_blocklisted_ips() 2021-12-16 08:47:29 -05:00
Mike Salvatore db246d6740 UT: Fix imports in test_scan_target_generator 2021-12-16 08:33:38 -05:00
Mike Salvatore 7c786b0883 Agent: Improve performance of _remove_ips_from_scan_targets() 2021-12-16 08:33:09 -05:00
Mike Salvatore ec9aaf6b38 Agent: Clarify some names in scan_target_generator 2021-12-16 08:32:50 -05:00
vakarisz 549eb5d389 Agent, UT: Implement domain names in scan_target_generator.py
Change the ip strings to NetworkAddress named tuple that has ip and domain name. This tuple better describes the target and is necessary because VictimHost uses domain names
2021-12-16 12:03:40 +02:00
Mike Salvatore 9f3bd9bfd0
Merge pull request #1658 from guardicore/1597-handle-control-exceptions
Handle ControlClient exceptions in AutomatedMaster
2021-12-15 13:14:09 -05:00
Mike Salvatore fdaa454c59 Agent: Add unit tests for AutomatedMaster island comms retry 2021-12-15 13:12:20 -05:00
Mike Salvatore 94a42a1469 UT: Make monkey configs available to Island and Agent 2021-12-15 12:59:04 -05:00
Mike Salvatore baeee8b90a Agent: Rename _should_retry_task() -> _try_communicate_with_island() 2021-12-15 11:19:29 -05:00
Mike Salvatore b262be8d1d Agent: Change log level of "stop signal" message to info 2021-12-15 11:16:14 -05:00
Ilija Lazoroski 8ec580e19c Agent: Implement should retry task in automated master
Add handling of known requests exceptions in ControlClient.
Moved IslandCommunicationError to IControlChannel
2021-12-15 16:57:39 +01:00
Ilija Lazoroski b53fae038d Agent: Implement should retry task in automated master
Add handling of known requests exceptions in ControlClient.
2021-12-15 16:57:39 +01:00
Ilija Lazoroski 72a5e94111 Agent: Raise custom control client exception
Move stop agent timeout to a constant, make custom control
client exception and raise it, reset failed stop after successfull
connection.
2021-12-15 16:55:42 +01:00
Ilija Lazoroski f299e61b20 Agent: Handle ControlClient exceptions in AutomatedMaster 2021-12-15 16:53:50 +01:00
Mike Salvatore c1dd9f6bac
Merge pull request #1661 from guardicore/1597-signal-handling
1597 signal handling
2021-12-15 10:41:37 -05:00
Mike Salvatore f26ff86e2a Agent: Remove disused PlannedShutdownError 2021-12-15 10:30:22 -05:00
Mike Salvatore 3f9bd24228 Agent: Wait for master to terminate on windows CTRL_CLOSE_EVENT 2021-12-15 10:12:10 -05:00
Mike Salvatore f46bb60da5 Agent: Add block parameter to IMaster.terminate()
This allows the caller to decide whether or not they're willing to wait
for the master to finish shutting down.
2021-12-15 10:12:10 -05:00
Mike Salvatore a051759764 Agent: Get only the config from the get_config() response 2021-12-15 10:11:32 -05:00
Mike Salvatore 0f149f7eee Agent: Handle error messages from exploit_host() in MockMaster 2021-12-15 09:44:22 -05:00
Mike Salvatore ba5d755dfa
Merge pull request #1657 from guardicore/1597-implement-exploitation
1597 implement exploitation
2021-12-15 09:11:17 -05:00
Mike Salvatore a6bb81e473 Agent: Fix order of Exploiter Callback type hint arguments 2021-12-15 08:34:21 -05:00
Mike Salvatore f1b55b70c2 Agent: Remove redundant check for stop in Exploiter 2021-12-15 08:10:00 -05:00
Ilija Lazoroski 20890e51ec Agent: Remove ransomware cleanup function 2021-12-15 07:11:14 -05:00
Mike Salvatore fc767e2074
Agent: Add missing "f" to f-string
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
2021-12-15 06:48:30 -05:00
vakarisz cabadeb7d1 Agent, UT: Implement scan target validation
This changes validate scan target inputs and skip invalid ones. If an invalid blocked IP is specified, then an unhandled exception is raised.
2021-12-15 13:17:30 +02:00
Mike Salvatore 4b3984dbd7 Agent: Add default return value in MockPuppet.exploit_host() 2021-12-14 15:38:15 -05:00
Mike Salvatore 6c1caa1af4 Agent: Improve log message for failed propagation 2021-12-14 15:38:15 -05:00
Mike Salvatore da61451947 Agent: Fix order of arguments to Exploiter.exploit_hosts() 2021-12-14 15:38:15 -05:00
Mike Salvatore b466a17f76 Agent: Remove scan_thread from Propagator._exploit_hosts() arguments 2021-12-14 15:38:15 -05:00
Mike Salvatore bda192eba9 Agent: Extract run_worker_threads() from IPScanner and Exploiter 2021-12-14 15:38:15 -05:00
Mike Salvatore 3394629cb2 Agent: Run exploiters from AutomatedMaster 2021-12-14 15:38:15 -05:00
Mike Salvatore 1e02286b2a Agent: Add "error_message" to ExploiterResultData 2021-12-14 15:38:08 -05:00
Mike Salvatore eb7612d80d Agent: Rename result -> success in ExploiterResultData 2021-12-14 15:37:18 -05:00
Mike Salvatore 09305bca4c Island: Reformat "exploiter" config options before sending to Agent 2021-12-14 15:36:52 -05:00
Mike Salvatore 93d0bb6cd2 Agent: Add a placeholder VictimHostFactory
The AutomatedMaster will need access to the monkey's tunnel, IP
addresses, and default server in order to properly configure the victim
host. The VictimHostFactory can abstract these dependencies away and
handle these details on behalf of the AutomatedMaster.
2021-12-14 15:36:52 -05:00
Mike Salvatore 8423a064bb
Merge pull request #1656 from guardicore/1598-concrete-puppet
Add `load_plugin` functions and create a concrete puppet class
2021-12-14 10:55:32 -05:00
Shreya Malviya ffb2da02a3 Agent: Create a concrete puppet class 2021-12-14 10:54:24 -05:00
vakarisz 59ff3d39ce UT: small readability improvement in test_scan 2021-12-14 17:52:43 +02:00
vakarisz 58da5b85a0 Island, UT: fix target generator bug when big ip is specified first
192.168.56.2-192.168.56.1 is now a valid range, will return both of these addresses
2021-12-14 17:52:43 +02:00