p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,480 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

8480 Commits

Author SHA1 Message Date
Mike Salvatore 9d73252ff5 Common: Add ExploiterConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore 88dbf4feb7 Common: Use Dict instead of dict in PluginConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore bdad41057c Common: Add CustomPBAConfiguration 2022-06-16 20:20:35 -04:00
Mike Salvatore c79f62e682 Common: Add PluginConfiguration 2022-06-16 20:20:35 -04:00
unknown 660c1421c0 Agent: Add marshmallow to dependencies 2022-06-16 20:20:35 -04:00
unknown f9f5861ae3 Island: Add marshmallow to dependencies 2022-06-16 20:20:35 -04:00
Mike Salvatore 1f1c5585f0 Island: Remove HTTP_PORTS from top-level agent configuration 
Resolves #2028
 2022-06-16 20:19:56 -04:00
Mike Salvatore fd36acab3a
Merge pull request #2017 from guardicore/1996-island-worm-config-decouple 
1996 island worm config decouple
 2022-06-16 09:52:35 -04:00
Mike Salvatore 10f069d3cd Changelog: Add issue number to `GET /api/island/ip-addresses` entry 2022-06-16 09:52:05 -04:00
Mike Salvatore b14c0ddb0f Changelog: Modify agent configuration structure entry 2022-06-16 09:51:17 -04:00
vakarisz e29d977d27 Changelog: Extend configuration structure modification entry 2022-06-16 16:49:03 +03:00
vakarisz 2fa7606c23 Changelog: Add entry for added island IP's endpoint 2022-06-16 16:19:19 +03:00
vakarisz c92f6eafe3 Changelog: Add entry for changed config structure 2022-06-16 16:18:25 +03:00
vakarisz 0082cd2193 Island: Style improvements in ip_addresses.py 2022-06-16 15:46:08 +03:00
vakarisz 5fbe01a32e Island: Display tunneling ports in T1065 
Non standard ports attack technique should include ports agent used for tunneling
 2022-06-16 12:11:55 +03:00
Ilija Lazoroski 136747b1c8 Island: Use tunnel or island port in T1065 
* adds get_tunnel_info in monkey model
 2022-06-15 17:45:07 +03:00
Ilija Lazoroski ed3c369eef Island: Rename local-ips resource to ip-addresses 2022-06-15 17:45:07 +03:00
Ilija Lazoroski 8ae6bb8c73 UI: Remove testing from InternalConfig 
* leftover from renaming credential_classes
 2022-06-15 17:45:07 +03:00
Ilija Lazoroski 7b415be883 UT: Fix island config tests 2022-06-15 17:45:07 +03:00
Ilija Lazoroski 8af665c0a8 UI: Use local_ips endpoint to get command_servers 2022-06-15 17:45:07 +03:00
Ilija Lazoroski d76fad9e17 Island: Remove current_server and command_servers from config 
* It removes whole island_server section from internal config
 2022-06-15 17:45:07 +03:00
Ilija Lazoroski 9444f1a9d7 Island: Add local_ips resource 2022-06-15 17:45:07 +03:00
Mike Salvatore ac172dc81f
Merge pull request #2024 from guardicore/2019-mssql-batch-cleanup 
Remove temporary "payload" file in MSSQL exploiter
 2022-06-15 10:25:38 -04:00
Mike Salvatore 353594f505
Merge pull request #2021 from guardicore/mssql-method-improvements 
MSSQL method improvements
 2022-06-15 10:25:10 -04:00
Mike Salvatore 4e71f4b6e4 Agent: Improve MSSQL command logging 2022-06-15 08:45:56 -04:00
Mike Salvatore 95acfc36ad Agent: Remove MSSQL temporary file and directory 
This temporary file was only needed when commands were subject to 128
character limit. Writing commands to a batch file and executing it was a
way to run larger commands. Now that we know single quotes circumvent
this limit, the temporary file and directory are no longer necessary.
 2022-06-15 08:37:54 -04:00
Mike Salvatore f9b3d7f5eb Agent: Move agent server methods within MSSQLExploiter 2022-06-15 08:33:18 -04:00
Mike Salvatore c2170ffc4a Agent: Rename run_agent() -> _run_agent() 2022-06-15 08:32:30 -04:00
Mike Salvatore e73c9307bf Agent: Add missing type hints to MSSQLExploiter 2022-06-15 08:16:32 -04:00
Mike Salvatore 7aca587964 Agent: Replace references to "monkey" with "agent" in MSSQLExploiter 2022-06-15 08:16:26 -04:00
Mike Salvatore 79fbd8b600 Agent: Remove stale comment 2022-06-15 08:15:49 -04:00
Mike Salvatore 339619cc56 Agent: Move _brute_force() 2022-06-15 08:15:49 -04:00
Mike Salvatore 04460e1d44 Agent: Encapsulate "monkey server" details in _upload_monkey() 2022-06-15 08:15:49 -04:00
Mike Salvatore 0204ba6343 Agent: Prefix protected methods in MSSQLExploiter with "_" 2022-06-15 08:15:49 -04:00
Mike Salvatore fd0a197b7f
Merge pull request #2020 from guardicore/2018-mangled-mssql-dropper-command 
2018 mangled mssql dropper command
 2022-06-15 08:15:22 -04:00
Mike Salvatore 62cc401981 Agent: Add a comment about escaping single quotes in SQL 2022-06-15 08:14:29 -04:00
Mike Salvatore ad1928db98
Merge pull request #2016 from guardicore/1996-agent-worm-config-decouple 
1996 agent worm config decouple
 2022-06-14 20:06:25 -04:00
Mike Salvatore 83a2a911e9 CHANGELOG: Add entry for malfomed MSSQL agent launch commands 2022-06-14 14:49:35 -04:00
Mike Salvatore 8d9a2c536f Agent: Reorder methods in MSSQLExploiter 2022-06-14 14:22:43 -04:00
Mike Salvatore 819262ef73 Agent: Remove disused "Payload" classes 2022-06-14 14:22:43 -04:00
Mike Salvatore a54eca96ba Agent: Remove disused MSSQLLimitedSizePayload 2022-06-14 14:22:43 -04:00
Mike Salvatore 0e2a63b6ac Agent: Remove disused run_mssql_commands() 2022-06-14 14:22:43 -04:00
Mike Salvatore ff83f41b4a Agent: Remove disused run_mssql_command() 2022-06-14 14:22:43 -04:00
Mike Salvatore 522e62ad14 Agent: Refactor MSSQL create directory commands 
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
 2022-06-14 14:22:43 -04:00
Mike Salvatore 7b356cf893 Agent: Refactor MSSQL run payload file commands 
Use _run_mssql_command() and remove the dependency on
MSSQLLimitedSizePayload.
 2022-06-14 14:22:43 -04:00
Mike Salvatore f349e1a334 Agent: Refactor MSSQL run agent commands 
Remove the dependency on the MSSQLLimitedSizePayload and use simple
methods like "_write_command_to_batch_file()".
 2022-06-14 14:22:43 -04:00
Mike Salvatore b2aa8333c3 Agent: Refactor MSSQL cleanup commands 
* Simplify!
    * Remove the dependency on MSSQLLimitedSizePayload.
    * Use f-strings
 2022-06-14 14:22:43 -04:00
Mike Salvatore 257c6b0b05 Agent: Refactor MSSQL agent download command 
The first step in exploitation is to instruct the victim to download the
agent. This commit refactors this code to remove the dependency on the
MSSQLLimitedSizePayload. To do this, it introduces
`_write_command_to_batch_file()` which will be reused by the agent
execution command.
 2022-06-14 14:22:43 -04:00
Mike Salvatore 7846a6cac1 Agent: Remove create_empty_payload_file() in MSSQLExploiter 
Since the commands are no longer split up into 128 character chunks,
it's simpler to just overwrite an existing file using `>` than to create
an empty file and append to it.
 2022-06-14 14:22:43 -04:00
Mike Salvatore ea980c4594 Agent: Use PureWindowsPath in MSSQLExploiter 
When using PurePath, Linux agents use the wrong path separator to build
Windows paths. Windows corrects this, so there's no actual issue, but
it's sloppy. Using PureWindowsPath objects creates the paths with the
correct separators

Before: xp_cmdshell "NUL>%temp%\tmp_monkey_dir/tmp_monkey.bat"
After: xp_cmdshell "NUL>%temp%\tmp_monkey_dir\tmp_monkey.bat"
 2022-06-14 14:22:43 -04:00