Commit Graph

8425 Commits

Author SHA1 Message Date
Mike Salvatore 8d9a2c536f Agent: Reorder methods in MSSQLExploiter 2022-06-14 14:22:43 -04:00
Mike Salvatore 819262ef73 Agent: Remove disused "Payload" classes 2022-06-14 14:22:43 -04:00
Mike Salvatore a54eca96ba Agent: Remove disused MSSQLLimitedSizePayload 2022-06-14 14:22:43 -04:00
Mike Salvatore 0e2a63b6ac Agent: Remove disused run_mssql_commands() 2022-06-14 14:22:43 -04:00
Mike Salvatore ff83f41b4a Agent: Remove disused run_mssql_command() 2022-06-14 14:22:43 -04:00
Mike Salvatore 522e62ad14 Agent: Refactor MSSQL create directory commands
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
2022-06-14 14:22:43 -04:00
Mike Salvatore 7b356cf893 Agent: Refactor MSSQL run payload file commands
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
2022-06-14 14:22:43 -04:00
Mike Salvatore f349e1a334 Agent: Refactor MSSQL run agent commands
Remove the dependency on the MSSQLLimitedSizePayload and use simple
methods like "_write_command_to_batch_file()".
2022-06-14 14:22:43 -04:00
Mike Salvatore b2aa8333c3 Agent: Refactor MSSQL cleanup commands
* Simplify!
    * Remove the dependency on MSSQLLimitedSizePayload.
    * Use f-strings
2022-06-14 14:22:43 -04:00
Mike Salvatore 257c6b0b05 Agent: Refactor MSSQL agent download command
The first step in exploitation is to instruct the victim to download the
agent. This commit refactors this code to remove the dependency on the
MSSQLLimitedSizePayload. To do this, it introduces
`_write_command_to_batch_file()` which will be reused by the agent
execution command.
2022-06-14 14:22:43 -04:00
Mike Salvatore 7846a6cac1 Agent: Remove create_empty_payload_file() in MSSQLExploiter
Since the commands are no longer split up into 128 character chunks,
it's simpler to just overwrite an existing file using `>` than to create
an empty file and append to it.
2022-06-14 14:22:43 -04:00
Mike Salvatore ea980c4594 Agent: Use PureWindowsPath in MSSQLExploiter
When using PurePath, Linux agents use the wrong path separator to build
Windows paths. Windows corrects this, so there's no actual issue, but
it's sloppy. Using PureWindowsPath objects creates the paths with the
correct separators

Before: xp_cmdshell "NUL>%temp%\tmp_monkey_dir/tmp_monkey.bat"
After: xp_cmdshell "NUL>%temp%\tmp_monkey_dir\tmp_monkey.bat"
2022-06-14 14:22:43 -04:00
Mike Salvatore ef63f2699b Agent: Use single quotes to avoid 128 character limit
The logic that splits up commands into 128 character chunks in
MSSQLExploiter is flawed, which results in malformed commands being
written to a batch file on the victim. By using single quotes instead of
double quotes, the 128 character limit is circumvented and there's no
longer any need to break up the commands. See #2018 for more details.

Fixes #2018
2022-06-14 14:22:43 -04:00
Mike Salvatore 6db63d3c69 Agent: Add additional debug logging to MSSQLExploiter 2022-06-14 14:22:43 -04:00
Mike Salvatore 133f7f5da1 Island: Add TODO about removing local_ips() 2022-06-13 13:01:57 -04:00
VakarisZ 3598b0d302
Merge pull request #2013 from guardicore/1998-remove-export_monkey_telems
Remove `export_monkey_telems`
2022-06-13 10:46:26 +03:00
Shreya Malviya 4947e540f2 Changelog: Add entry for removal of `export_monkey_telems` config option 2022-06-10 12:13:39 -07:00
Shreya Malviya f989fdff06 Project: Remove `export_monkey_telems` from Vulture's allowlist 2022-06-10 12:10:52 -07:00
Shreya Malviya 324413aee9 UT: Remove `export_monkey_telems` from config in data for tests 2022-06-10 12:10:52 -07:00
Shreya Malviya 2ff32545d3 Island: Remove `export_monkey_telems` from config 2022-06-10 12:10:52 -07:00
Shreya Malviya 0647f6202d Agent: Remove `export_monkey_telems` from config 2022-06-10 12:10:52 -07:00
Shreya Malviya 16bb4b1c8a Common: Remove `EXPORT_MONKEY_TELEMS_PATH` constant 2022-06-10 12:10:44 -07:00
Shreya Malviya 7e766d2c4f Island: Remove `TestTelemStore` and related code 2022-06-10 12:10:35 -07:00
Mike Salvatore 825f559370
Merge pull request #2012 from guardicore/1999-remove-send-config-error
1999 remove send config error
2022-06-10 13:19:21 -04:00
Ilija Lazoroski 153436371b Agent: Remove send_config_error from ControlClient 2022-06-10 14:44:27 +02:00
Ilija Lazoroski 6314ddd71a Island: Remove PATCH method from api/agent
* Remove config_error from monkey document
2022-06-10 13:48:05 +02:00
VakarisZ 3f69b0efd4
Merge pull request #1980 from guardicore/dependabot/npm_and_yarn/monkey/monkey_island/cc/ui/npm-8.11.0
Bump npm from 7.24.2 to 8.11.0 in /monkey/monkey_island/cc/ui
2022-06-10 10:38:42 +03:00
VakarisZ eb7e74cd82
Merge pull request #2009 from guardicore/1997-rename-credential_collector_classes
Rename `credential_collector_classes`
2022-06-10 10:38:06 +03:00
VakarisZ 1f4f573aaa
Merge pull request #2008 from guardicore/1994-remove-unused-aws-config-options
Remove unused AWS config fields
2022-06-10 10:37:43 +03:00
vakarisz 1cef7874d4 Island: Rename credential collector const 2022-06-10 10:24:53 +03:00
VakarisZ 63a772e781
Merge pull request #2010 from guardicore/1995-remove-smb_download_timeout
Remove smb_download_timeout
2022-06-10 10:01:20 +03:00
Shreya Malviya 42df8ee757 UT: Fix tests' `smb_download_timeout` from 300 to 30 2022-06-09 21:00:15 -07:00
Shreya Malviya 4c2e33bc5e UT: Remove `smb_download_timeout` from config in data for tests 2022-06-09 16:38:12 -07:00
Shreya Malviya 8af267248b Island: Create `SMB_DOWNLOAD_TIMEOUT` and pass in exploiter options 2022-06-09 16:37:41 -07:00
Shreya Malviya 5e59160698 Island: Remove `smb_download_timeout` from config schema 2022-06-09 16:35:31 -07:00
Shreya Malviya 0ad5554dfa UT: Rename `credential_collector_classes` to `credential_collectors` 2022-06-09 15:19:07 -07:00
Shreya Malviya 3368153507 Island: Rename `credential_collector_classes` to `credential_collectors` 2022-06-09 15:18:38 -07:00
Shreya Malviya 794ad6e5b0 Agent: Rename `credential_collector_classes` to `credential_collectors` 2022-06-09 15:17:37 -07:00
Shreya Malviya 61e3d71968 UT: Remove AWS config fields from data for tests 2022-06-09 15:03:08 -07:00
Shreya Malviya 000620f874 Common: Remove AWS_KEYS_PATH constant 2022-06-09 15:03:08 -07:00
Shreya Malviya bb7bacc56f Island: Remove AWS config options 2022-06-09 15:03:08 -07:00
Shreya Malviya 7f3304d79a Agent: Remove AWS fields from sensitive fields 2022-06-09 15:02:11 -07:00
dependabot[bot] fb149fd817 Bump npm from 7.24.2 to 8.11.0 in /monkey/monkey_island/cc/ui
Bumps [npm](https://github.com/npm/cli) from 7.24.2 to 8.11.0.
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/compare/v7.24.2...v8.11.0)

---
updated-dependencies:
- dependency-name: npm
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-09 22:26:47 +02:00
Mike Salvatore 8d4e5173f7 Project: Update job post in README 2022-06-09 15:06:42 -04:00
Mike Salvatore 9172b76d27 Project: Add develop and master to list of travis branches to build 2022-06-09 15:02:25 -04:00
Mike Salvatore 59e5823233 Project: Update travis-ci build status badge 2022-06-09 14:59:46 -04:00
Mike Salvatore 9c8b74dc01
Merge pull request #2007 from guardicore/1993-fix-pip-platform-appimage
1993 fix pip platform appimage
2022-06-09 14:57:27 -04:00
Mike Salvatore 542c4265b7
Merge pull request #1981 from guardicore/1961-docs-agent-propagation
Add page about agent propagation to docs
2022-06-09 13:46:30 -04:00
Mike Salvatore f0fbafc01a Docs: Copyedits to running-manually.md 2022-06-09 13:37:52 -04:00
ilija-lazoroski ae2d212253
Merge pull request #2005 from guardicore/1974-refactor-agent-binaries-resource
Island: Refactor agent-binaries resource
2022-06-09 19:30:21 +02:00