p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,953 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

7953 Commits

Author SHA1 Message Date
Shreya Malviya 501d32b171 Agent: Modify master to pass PostBreachData to PostBreachTelem 2022-03-30 13:44:38 +05:30
Shreya Malviya 9f8463f707 Agent: Modify PBA base class to accept options in its run method 2022-03-30 13:42:58 +05:30
Shreya Malviya 0be6af2d5c Agent: Modify clear command history PBA to return pba_data and not None 2022-03-30 13:42:17 +05:30
Shreya Malviya 40b1ae0058 Agent: Modify puppet to run PBAs instead of using the mock puppet 2022-03-30 13:37:47 +05:30
Shreya Malviya 296a91a458 Agent: Remove unused file post_breach_handler.py 2022-03-30 12:29:35 +05:30
Shreya Malviya 99b621f2c8 Project: Add config's post_breach_actions to Vulture's allowlist 2022-03-30 12:29:27 +05:30
Shreya Malviya 31d9f04fe7 Agent: Remove leftover WormConfiguration code from HostExploiter 2022-03-30 12:28:29 +05:30
Mike Salvatore 394088e39d BB: Reduce DELAY_BETWEEN_ANALYSIS 2022-03-29 16:10:20 -04:00
Mike Salvatore d596e8c593 Agent: Rename typing to custom_types 
Naming the module "typing" and then importing from "typing" within the
module itself caused some confusion for python and resulted in failed
builds.
 2022-03-29 14:28:16 -04:00
Mike Salvatore 8733d3f6c4 Swimm: update exercise Implement a new PBA — VW4rf3AxRslfT7lwaug7 2022-03-29 14:28:12 -04:00
Mike Salvatore 52ff1e894a Swimm: update exercise Add a new Post Breach Action (PBA) afMu3y3ny5lnrYFWl3EI 2022-03-29 14:28:07 -04:00
Mike Salvatore 2992d91f16
Merge pull request #1817 from guardicore/1801-credentials-store 
1801 credentials store
 2022-03-29 13:54:32 -04:00
Ilija Lazoroski 6ab7bd2f45 Agent, UT: Remove leftover that cause overwrite in CredentialsStore 
* Use `add` instead of `update` - `add` doesn't let to have duplicates
* Move TestTelem to conftest in UT telemetry messenger
 2022-03-29 19:53:39 +02:00
Mike Salvatore 7e476fb649 UT: Fix failing telemetry/pba tests 2022-03-29 13:38:18 -04:00
Mike Salvatore 2ecfdcfe46 Agent: Remove stale TODO in ZerologonExploiter 2022-03-29 13:02:26 -04:00
Mike Salvatore 9ded75d05d Agent: Update TODO in bit_manipulators.py 2022-03-29 12:57:31 -04:00
Mike Salvatore baa9de4087 Agent: Remove stale TODO in AutomatedMaster 2022-03-29 12:44:41 -04:00
Mike Salvatore a3c5d9dd7a Agent: Remove stale TODO in monkey.py 2022-03-29 12:40:20 -04:00
Mike Salvatore 763cf578c7 Agent: Move credentials request caching to AggregatingCredentialsStore 
The ControlChannel shouldn't be concerned with caching. It's mission
should be to service requests. The caching is more appropriately placed
in the AggregatingCredentialsStore.
 2022-03-29 12:00:57 -04:00
Ilija Lazoroski b49d9d9b9a Agent, UT: Update credentials store using `setdefault().update` 
* get_credentials use PropgationCredentials type
* private stored credentials in Aggregating Credentials Store
* initial values in credentials store constructor
* build_puppet accepts ICredentialsStore
* private telemetry_messenger in monkey
 2022-03-29 17:56:39 +02:00
Mike Salvatore def62940af Agent: Add PropagationCredentials type 2022-03-29 17:36:48 +02:00
Ilija Lazoroski e844ecf4e4 Agent: Create credentials store before building the puppet 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 638658178b Agent: Create credential attribute even if we don't have credentials 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 0a5fc84b4e Agent: Fix timeout in ZeroLogon 
Timeout should be on DCERPC transport factory.
 2022-03-29 17:36:48 +02:00
Ilija Lazoroski e7e6201d75 Agent: Use credential intercepting messenger in Zerologon 2022-03-29 17:36:48 +02:00
Ilija Lazoroski b8a72a9719 UT: Add credentials intercepting telemetry messenger tests 
Add __test__ to False to discard pytest warning about __init__
constructors of TestTelem classes
 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 06773ba9d9 UT: Fix AutomatedMaster unit test to include Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 1b9bbfe752 Agent: Fix ssh string to include proper user and ip 2022-03-29 17:36:48 +02:00
Ilija Lazoroski ccb0337aef Agent: Add return to get credentials method in Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski d434c20bcb Agent: Inject credentials store to Automated Master 
Intercept credentials and update the credentials store using
credentials intercepting telemetry messenger
 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 4de90584c9 Agent: Add Credentials intercepting telemetry messenger 2022-03-29 17:36:48 +02:00
Mike Salvatore eb6342e2f8 Agent: Add public credentials property to CredentialsTelem 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 5060ddb5d1 Agent: Fix logic in concrete Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski 162dd0a920 UT: Add Credentials Store tests 2022-03-29 17:36:48 +02:00
Ilija Lazoroski b5d2d1d641 Agent: Implement concrete Credentials Store 2022-03-29 17:36:48 +02:00
Ilija Lazoroski cafbe97880 Agent: Add interface for Credentials Store 2022-03-29 17:36:48 +02:00
Mike Salvatore cf211bc46f
Merge pull request #1824 from guardicore/1604-itelemetrymessenger-in-pbas 
Telemetry messenger in PBAs
 2022-03-29 11:31:42 -04:00
vakarisz dbbdb508e3 Agent: Change PBA constructor to accept telemetry messenger 
This change allows to run different PBA's with different telemetry messengers
 2022-03-29 17:04:48 +03:00
Mike Salvatore 6937b1a5c5
Merge pull request #1825 from guardicore/check-supported-os-for-exploiters 
Check supported os for exploiters
 2022-03-29 09:57:24 -04:00
Mike Salvatore a2e283e824 UT: Update automated_master_config.json 2022-03-29 09:49:43 -04:00
Mike Salvatore 8737a3df89 Agent: Remove disused HostExploiter._TARGET_OS_TYPE 2022-03-29 09:49:43 -04:00
Mike Salvatore ddbe5b463f Agent: Skip exploiter if victim OS is not supported 2022-03-29 09:49:41 -04:00
Shreya Malviya 1c24411b26 Agent: Pass telemetry messenger to PBAs for sending ATT&CK telem 2022-03-29 16:29:24 +03:00
Shreya Malviya 8d4c29fc06 Agent: Fix return types for run_pba in puppets and master 2022-03-29 18:38:25 +05:30
Shreya Malviya 314bc49d1c
Merge pull request #1822 from guardicore/1604-modify-pbas-to-return-postbreachdata 
Modify PBAs to return PostBreachData
 2022-03-29 18:23:50 +05:30
Shreya Malviya 246a72c940 Agent: Modify comment in shell startup PBA to make more sense 2022-03-29 17:16:17 +05:30
Shreya Malviya 70186a40f6 Agent: Remove comment from function in backdoor user PBA since the code is self-explanatory 2022-03-29 17:13:44 +05:30
vakarisz ba49e4d23e Agent: Small style improvements in PBA code 2022-03-29 14:20:29 +03:00
Shreya Malviya 1f2867a70a Project: Add ProcessListCollection to Vulture's allowlist 2022-03-29 14:20:29 +03:00
Shreya Malviya 61ff95b568 Agent: Modify PBAs to return Iterable[PostBreachData] 2022-03-29 14:20:29 +03:00