Mike Salvatore
33e3a31030
Agent: Move ransomware/ to payload/ransomware/
2021-12-17 09:02:04 -05:00
Mike Salvatore
09a1297f47
Agent: User relative imports within ransomware package
2021-12-17 09:00:56 -05:00
Mike Salvatore
c18af3c3fb
Agent: Change return type of IPuppet.run_payload() to None
...
At the moment, we don't expect payloads to return any values. This may
be reevaluated as development proceeds or when telemetry is refactored.
2021-12-17 09:00:54 -05:00
Mike Salvatore
3adb1d5b07
Agent: Add IPayload interface
2021-12-17 08:12:37 -05:00
Mike Salvatore
8e0efb1993
Island: Replace deprecated logging.warn() with logging.warning()
2021-12-16 14:38:54 -05:00
Mike Salvatore
dc3adc9d8b
UT: Fix annoying pytest warning regarting TestAuthenticationError
2021-12-16 14:37:39 -05:00
Mike Salvatore
e60297dff1
UT: Fix broken mock in test_stop_if_cant_get_stop_signal_from_island
2021-12-16 14:36:33 -05:00
Mike Salvatore
fd29393ce4
Merge pull request #1659 from guardicore/1597-implement-scan-target-generator
...
1597 implement scan target generator
2021-12-16 09:11:23 -05:00
Mike Salvatore
ed16826b87
Agent: Sort scan targets by IP
2021-12-16 09:08:39 -05:00
Mike Salvatore
c8469f5521
Agent: Move _filter_invalid_ranges to NetworkRanges
2021-12-16 08:56:35 -05:00
Mike Salvatore
bfed27301a
Agent: Change `not ==` to `!=` in _remove_blocklisted_ips()
2021-12-16 08:47:29 -05:00
Mike Salvatore
db246d6740
UT: Fix imports in test_scan_target_generator
2021-12-16 08:33:38 -05:00
Mike Salvatore
7c786b0883
Agent: Improve performance of _remove_ips_from_scan_targets()
2021-12-16 08:33:09 -05:00
Mike Salvatore
ec9aaf6b38
Agent: Clarify some names in scan_target_generator
2021-12-16 08:32:50 -05:00
vakarisz
549eb5d389
Agent, UT: Implement domain names in scan_target_generator.py
...
Change the ip strings to NetworkAddress named tuple that has ip and domain name. This tuple better describes the target and is necessary because VictimHost uses domain names
2021-12-16 12:03:40 +02:00
Mike Salvatore
9f3bd9bfd0
Merge pull request #1658 from guardicore/1597-handle-control-exceptions
...
Handle ControlClient exceptions in AutomatedMaster
2021-12-15 13:14:09 -05:00
Mike Salvatore
fdaa454c59
Agent: Add unit tests for AutomatedMaster island comms retry
2021-12-15 13:12:20 -05:00
Mike Salvatore
94a42a1469
UT: Make monkey configs available to Island and Agent
2021-12-15 12:59:04 -05:00
Mike Salvatore
baeee8b90a
Agent: Rename _should_retry_task() -> _try_communicate_with_island()
2021-12-15 11:19:29 -05:00
Mike Salvatore
b262be8d1d
Agent: Change log level of "stop signal" message to info
2021-12-15 11:16:14 -05:00
Ilija Lazoroski
8ec580e19c
Agent: Implement should retry task in automated master
...
Add handling of known requests exceptions in ControlClient.
Moved IslandCommunicationError to IControlChannel
2021-12-15 16:57:39 +01:00
Ilija Lazoroski
b53fae038d
Agent: Implement should retry task in automated master
...
Add handling of known requests exceptions in ControlClient.
2021-12-15 16:57:39 +01:00
Ilija Lazoroski
72a5e94111
Agent: Raise custom control client exception
...
Move stop agent timeout to a constant, make custom control
client exception and raise it, reset failed stop after successfull
connection.
2021-12-15 16:55:42 +01:00
Ilija Lazoroski
f299e61b20
Agent: Handle ControlClient exceptions in AutomatedMaster
2021-12-15 16:53:50 +01:00
Mike Salvatore
c1dd9f6bac
Merge pull request #1661 from guardicore/1597-signal-handling
...
1597 signal handling
2021-12-15 10:41:37 -05:00
Mike Salvatore
f26ff86e2a
Agent: Remove disused PlannedShutdownError
2021-12-15 10:30:22 -05:00
Mike Salvatore
3f9bd24228
Agent: Wait for master to terminate on windows CTRL_CLOSE_EVENT
2021-12-15 10:12:10 -05:00
Mike Salvatore
f46bb60da5
Agent: Add block parameter to IMaster.terminate()
...
This allows the caller to decide whether or not they're willing to wait
for the master to finish shutting down.
2021-12-15 10:12:10 -05:00
Mike Salvatore
a051759764
Agent: Get only the config from the get_config() response
2021-12-15 10:11:32 -05:00
Mike Salvatore
0f149f7eee
Agent: Handle error messages from exploit_host() in MockMaster
2021-12-15 09:44:22 -05:00
Mike Salvatore
ba5d755dfa
Merge pull request #1657 from guardicore/1597-implement-exploitation
...
1597 implement exploitation
2021-12-15 09:11:17 -05:00
Mike Salvatore
a6bb81e473
Agent: Fix order of Exploiter Callback type hint arguments
2021-12-15 08:34:21 -05:00
Mike Salvatore
f1b55b70c2
Agent: Remove redundant check for stop in Exploiter
2021-12-15 08:10:00 -05:00
Ilija Lazoroski
20890e51ec
Agent: Remove ransomware cleanup function
2021-12-15 07:11:14 -05:00
Mike Salvatore
fc767e2074
Agent: Add missing "f" to f-string
...
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
2021-12-15 06:48:30 -05:00
vakarisz
cabadeb7d1
Agent, UT: Implement scan target validation
...
This changes validate scan target inputs and skip invalid ones. If an invalid blocked IP is specified, then an unhandled exception is raised.
2021-12-15 13:17:30 +02:00
Mike Salvatore
4b3984dbd7
Agent: Add default return value in MockPuppet.exploit_host()
2021-12-14 15:38:15 -05:00
Mike Salvatore
6c1caa1af4
Agent: Improve log message for failed propagation
2021-12-14 15:38:15 -05:00
Mike Salvatore
da61451947
Agent: Fix order of arguments to Exploiter.exploit_hosts()
2021-12-14 15:38:15 -05:00
Mike Salvatore
b466a17f76
Agent: Remove scan_thread from Propagator._exploit_hosts() arguments
2021-12-14 15:38:15 -05:00
Mike Salvatore
bda192eba9
Agent: Extract run_worker_threads() from IPScanner and Exploiter
2021-12-14 15:38:15 -05:00
Mike Salvatore
3394629cb2
Agent: Run exploiters from AutomatedMaster
2021-12-14 15:38:15 -05:00
Mike Salvatore
1e02286b2a
Agent: Add "error_message" to ExploiterResultData
2021-12-14 15:38:08 -05:00
Mike Salvatore
eb7612d80d
Agent: Rename result -> success in ExploiterResultData
2021-12-14 15:37:18 -05:00
Mike Salvatore
09305bca4c
Island: Reformat "exploiter" config options before sending to Agent
2021-12-14 15:36:52 -05:00
Mike Salvatore
93d0bb6cd2
Agent: Add a placeholder VictimHostFactory
...
The AutomatedMaster will need access to the monkey's tunnel, IP
addresses, and default server in order to properly configure the victim
host. The VictimHostFactory can abstract these dependencies away and
handle these details on behalf of the AutomatedMaster.
2021-12-14 15:36:52 -05:00
Mike Salvatore
8423a064bb
Merge pull request #1656 from guardicore/1598-concrete-puppet
...
Add `load_plugin` functions and create a concrete puppet class
2021-12-14 10:55:32 -05:00
Shreya Malviya
ffb2da02a3
Agent: Create a concrete puppet class
2021-12-14 10:54:24 -05:00
vakarisz
59ff3d39ce
UT: small readability improvement in test_scan
2021-12-14 17:52:43 +02:00
vakarisz
58da5b85a0
Island, UT: fix target generator bug when big ip is specified first
...
192.168.56.2-192.168.56.1 is now a valid range, will return both of these addresses
2021-12-14 17:52:43 +02:00