p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,096 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

6096 Commits

Author SHA1 Message Date
Ilija Lazoroski d27194c568 Zoo: Fix powershell bb config for ntlm hash 2021-09-06 13:50:24 +02:00
Mike Salvatore 65c9be90d3 Docs: Add NTLM hash details to PowerShell exploiter docs 2021-09-02 14:29:07 -04:00
Mike Salvatore 71c4e4d8dc Agent: Fix incorrect host arch identification in PowerShellClient 2021-09-02 14:06:36 -04:00
Mike Salvatore 1a1a130716 Agent: Format NT/LM hashes for use with pypsrp in PowerShellClient 2021-09-02 13:26:24 -04:00
Mike Salvatore 9cc488d36a Agent: Remove powershell_utils/utils.py 
Move single function that was previously in
powershell_utils/utils.py to powershell.py
 2021-09-02 13:26:24 -04:00
Mike Salvatore 501fc162b4 Agent: Attempt login with LM and NT hashes in PowerShellExploiter 2021-09-02 13:26:23 -04:00
Mike Salvatore a2e6b0bfbd Agent: Add LM and NT hashes to PowerShell Credentials 
Adds two list parameters to get_credentials() that contain LM and NT
hashes respectively. Adds a "secret_type" field to Credentials so that
the user of the Credentials object can distinguish between using cached
credentials (on windows), passwords, and NT or LM hashes.
 2021-09-02 12:29:49 -04:00
Mike Salvatore 3a6f725cc4 Agent: Rename Credentials.password to Credentials.secret 
The PowerShell Credentials dataclass will hold more than just passwords.
It will also hold NT and LM hashes. "secret" is, therefore, a more
accurate name than "password".
 2021-09-02 12:02:30 -04:00
Mike Salvatore 0ecbfdea38
Merge pull request #1446 from guardicore/powershell-exploiter-refactor 
Powershell exploiter refactor
 2021-09-02 11:58:01 -04:00
Mike Salvatore 023d6a2d04 Tests: Add more tests for PowerShellExploiter 2021-09-02 11:54:22 -04:00
Mike Salvatore 936074605f Agent: Ensure temp file is removed by PowerShellExploiter 2021-09-02 11:53:13 -04:00
VakarisZ be5d354c06
Merge pull request #1447 from guardicore/add-machine-to-powershell-bb 
Zoo: Add new machine for powershell exploiter
 2021-09-02 18:27:17 +03:00
Ilija Lazoroski 18c21513af Zoo: Add new machine for powershell exploiter 2021-09-02 17:06:22 +02:00
Mike Salvatore 8144a3334e Tests: Add HTTP vs HTPS unit tests for PowerShellExploiter 2021-09-02 10:05:08 -04:00
Ilija Lazoroski cd9d5b4c5e Agent: Change trap command signal to TERM 2021-09-02 07:55:47 -04:00
Mike Salvatore a5af16e44e Agent: Extract PowerShellClient from PowerShellExploiter 2021-09-01 19:59:02 -04:00
Mike Salvatore c9e54412c0 Agent: Use dummy username and password when testing PowerShell HTTP 
The exploit_user_list and exploit_password_list are not guaranteed to
have at least one entry. If either list is empty the exploiter will
fail. Use constant strings for the username and password to avoid
potentially crashing the exploiter.
 2021-09-01 13:55:18 -04:00
Mike Salvatore 61c6bf2567 Agent: Reduce code duplication in _try_http(s)() methods 2021-09-01 13:52:55 -04:00
Mike Salvatore d30a8b007a Agent: Add comment explaining user/password == None in PowerShell 2021-09-01 13:48:13 -04:00
Mike Salvatore e6399de860 Agent: Move get_credentials() to credentials.py 2021-09-01 13:39:46 -04:00
Mike Salvatore a060313d09 Agent: Move get_auth_options() to auth_options.py 2021-09-01 13:39:46 -04:00
Mike Salvatore da3475c645 Agent: Move Powershell auth and encryption selection to AuthOptions 2021-09-01 13:39:40 -04:00
Mike Salvatore 892aa83b39 Agent: Separate AuthOptions from Credentials 2021-09-01 13:03:33 -04:00
Mike Salvatore b3436d660f Tests: Move PowerShell get_credentials() tests 
Move the tests for the PowerShell exploiter's get_credentials() function
to test_credential_generators.py, since get_credentials() is now
contained in credential_generators.py
 2021-09-01 12:06:58 -04:00
Mike Salvatore 19c1d5c1ae Agent: Rename credential_generation -> credential_generators 2021-09-01 12:05:08 -04:00
Mike Salvatore 473fe36ba7
Merge pull request #1438 from guardicore/powershell_http 
Adds the capability to exploit powershell remoting via HTTP
 2021-09-01 11:59:41 -04:00
VakarisZ 47393b2d55 Fix powershell credential generation tests to use AuthOptions class 2021-09-01 17:33:27 +03:00
VakarisZ aedc666e8f Remove IP address from AuthOptions in powershell 2021-09-01 16:35:27 +03:00
VakarisZ b82f4e157a Add logging to powershell exploiter in the case where powershell remoting seems to be disabled 2021-09-01 16:35:27 +03:00
VakarisZ b2e1b28059 Add the capability to exploit powershell remoting over HTTP and improve the code style 2021-09-01 16:35:27 +03:00
Mike Salvatore b4e861cdd6 Island: Remove disused set_server_config.py 2021-09-01 08:54:54 -04:00
Shreya Malviya 13b1904cf7
Merge pull request #1427 from guardicore/1246/powershell-documentation 
Documentation for PowerShell exploiter
 2021-09-01 15:11:39 +05:30
Mike Salvatore c83a0b4668 Docs: Reword PowerShell exploiter documentation 2021-08-31 12:21:08 -04:00
Mike Salvatore b96a0e74d9 Docs: Fix formatting of PowerShell exploit markdown 2021-08-31 11:36:58 -04:00
Shreya Malviya 24b6c751cb
Merge pull request #1436 from guardicore/1410/ut-autowindowsuser 
Add unit test for deactivate and delete new auto windows user
 2021-08-31 20:23:48 +05:30
Mike Salvatore e133baea09 Test: Skip test_new_user_delete_windows on Linux 2021-08-31 10:41:38 -04:00
Shreya Malviya 2f5e6b516a tests: Modify unit tests for AutoNewWindowsUser based on previous commit 
changes
 2021-08-31 19:35:06 +05:30
Shreya Malviya 8d14ff6385 agent: Move windows-only imports to the top of the file in 
utils/windows/users.py
 2021-08-31 19:31:04 +05:30
Mike Salvatore 86fd7351ad Island: Remove unused loggers 2021-08-31 09:57:32 -04:00
Mike Salvatore 96dee616df Agent: Remove unused loggers 2021-08-31 09:57:19 -04:00
VakarisZ d2e5828c3b Replace "LOG" naming convention with "logger" naming convention. 2021-08-31 09:51:34 -04:00
Mike Salvatore 51b5fc601a
Merge pull request #1437 from guardicore/fix-swimm-unit-pba 
Add Swimm unit for adding a PBA
 2021-08-31 09:44:38 -04:00
Shreya Malviya d118cdf3f5 travis: Update Swimm version 2021-08-31 12:49:57 +05:30
Shreya Malviya cae1206fbd swimm: Update exercise Add a new Post Breach Action (PBA) afMu3y3ny5lnrYFWl3EI 2021-08-31 12:34:40 +05:30
Shreya Malviya fc49ad341b swimm: Create exercise Add a new Post Breach Action (PBA) 2021-08-31 12:34:28 +05:30
Mike Salvatore d22c7813a5 BB: Switch the scanning order in tunneling tests 
Because the SMB exploiter deploys the 32-bit agent, which will then
upgrade itself to 64-bit, it takes a long time between when exploitation
is successful and the agent calls home. By switching the order that
hosts are scanned in, this test runs approximately 25 seconds quicker
and allows us to reduce the `keep_tunnel_open_time` setting by 30
seconds.
 2021-08-30 13:28:25 -04:00
Ilija Lazoroski 85316bcbb0 UT: Add test for deactive and delete new auto windows user 2021-08-30 16:10:14 +02:00
Mike Salvatore 9c352c1b1f Agent: Reformat long line in CommunicateAsBackdoorUser 2021-08-30 10:08:46 -04:00
VakarisZ 0635169362
Remove unused and broken package gathering feature on windows. (#1431) 
Agent: Remove unused and broken package gathering feature on windows.
 2021-08-30 09:56:34 -04:00
Mike Salvatore 00ccc3755d Move changelog entries from PR #1433 from v1.11.0 to unreleased 2021-08-30 09:46:24 -04:00