p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
938 Commits 30 Branches 0 Tags 47 MiB
Commit Graph

938 Commits

Author SHA1 Message Date
Vakaris f27f5cd919 Improved error handling if firewall does not allow to open http server 2018-08-30 15:42:07 +03:00
Vakaris c8e131d913 Added a space before bracket in report 2018-08-30 14:20:52 +03:00
Vakaris 49904d0cb0 Undone server's closing timeout, even though I think 60 is too much 2018-08-29 22:57:52 +03:00
Vakaris 818aae3a2c Hadoop exploitation tested on windows and linux 2018-08-29 22:57:52 +03:00
Vakaris 568320c298 Refactored, notes fixed but file server still timeouts 2018-08-29 22:57:52 +03:00
Vakaris 02c27584da Refactored according to latest web_rce framework changes 2018-08-29 22:57:30 +03:00
Vakaris 504281dbcb quick-fix 2018-08-29 22:57:30 +03:00
Vakaris 390d94a8c3 Final tests, windows command changed 2018-08-29 22:57:30 +03:00
Vakaris c7952dcbc5 Fixed reporting and upploading bugs 2018-08-29 22:57:30 +03:00
Vakaris 5674bebfa6 Core code written but nothing tested 2018-08-29 22:34:16 +03:00
Vakaris a2bebca4bc spaces removed 2018-08-29 17:20:43 +03:00
Vakaris 477836e1c9 Blank newline added to match source file 2018-08-29 17:19:51 +03:00
Vakaris 304f5bd643 Removed unused commands 2018-08-29 17:14:55 +03:00
Vakaris 4d6472cce1 Ports are now taken from elastic_fingerprint module 2018-08-29 16:55:35 +03:00
Vakaris d4262ef0bd Removed unused constants 2018-08-29 16:55:35 +03:00
Vakaris 56b3190cb5 Refactored elastic according to latest web_rce framework changes. Tested on windows and linux 2018-08-29 16:55:35 +03:00
Vakaris 76523e7379 Refactored elastic for latest framework changes 2018-08-29 16:55:35 +03:00
Vakaris a54eedec11 Commands tested and working on windows. 2018-08-29 16:55:35 +03:00
Vakaris 7e2cc86ab9 Code cleaned and tested on ubuntu 2018-08-29 16:55:35 +03:00
Vakaris 8ddfb03f27 Uploaded and modified standard web_rce code usage.Not working, not tested 2018-08-29 16:55:35 +03:00
Vakaris 3f809403d1 Custom http server class moved to the end of file 2018-08-29 16:55:03 +03:00
Vakaris 57e795573e Documented what's required and other minor changes 2018-08-29 14:43:40 +03:00
Vakaris 307a7c396c Notes fixed and tested 2018-08-29 14:43:39 +03:00
Vakaris 39bb41ed25 Removed unused imports and tested 2018-08-29 14:43:39 +03:00
Vakaris f001403a92 Fixed lock bug and made uploaded monkey names standard 2018-08-29 14:43:39 +03:00
Vakaris 8e8422b3b7 Lock changed from singleton into local variable 2018-08-29 14:43:39 +03:00
Vakaris 8fd42abd5d Refactored according to final web_rce framework changes 2018-08-29 14:43:39 +03:00
Vakaris 10528c313d Webblogic refactored to web RCE framework changes(from static methods into class methods) 2018-08-29 14:43:39 +03:00
Vakaris 66bc852742 Bugfix: http servers thread is stopped if remote target is not vulnerable 2018-08-29 14:43:39 +03:00
Vakaris ab64e78f00 Core functions of Oracle weblogic rce 2018-08-29 14:43:39 +03:00
Vakaris 8af2ab70e7 Removed unused import statement 2018-08-29 14:42:40 +03:00
Vakaris 2295f2c0ab More pythonic and clean way to apply function to url_list 2018-08-29 14:42:40 +03:00
Vakaris 84fb96d0de struts built_potential_url's now use map function to save code 2018-08-29 14:42:40 +03:00
Vakaris b07e70855c Refactored struts2 to overload get_exploit_config 2018-08-29 14:42:40 +03:00
Vakaris 071535fd01 Struts2 refactored to use default_exploit_host function 2018-08-29 14:42:40 +03:00
Vakaris beb8dfed92 Struts2 refactored for framework fixes 2018-08-29 14:42:40 +03:00
Vakaris 8d7221eada Struts2 core functions 2018-08-29 14:42:40 +03:00
Vakaris 87b0afae88 Minor changes in run_backup_commands 2018-08-29 14:41:02 +03:00
Vakaris 592dd27d91 Added functions get_monkey_paths and run_backup_commands 2018-08-28 20:51:25 +03:00
Vakaris bd8423216b Changed constructor to have default paths set to None for convienience 2018-08-23 18:35:30 +03:00
Vakaris 3e7d7425e4 made get_exploit_config non-static for readability 2018-08-22 16:01:16 +03:00
Vakaris e1b1236fb3 Comments and CR notes fixed 2018-08-22 13:41:17 +03:00
Vakaris eae3f3440d Refactored exploit_host and added get_exploit_config 2018-08-22 13:33:36 +03:00
Vakaris 911404ef68 Implemented default_exploit_host method that can implement whole framework's workflow according to some flags/params 2018-08-21 12:34:59 +03:00
Vakaris e3d286dbc0 Minor bugfix for error handling in new custom monkey destination paths feature 2018-08-18 13:14:05 +03:00
Vakaris 5565a80418 Web_RCE framework now supports custom monkey uploading paths( we don't always have permissions to uppload to C:\Windows) 2018-08-17 13:53:09 +03:00
Vakaris b8bda692b9 Notes fixed v.2 2018-08-15 16:01:27 +03:00
Vakaris 0d45a44d6b Final, tested framework fixes 2018-08-10 15:07:56 +03:00
Vakaris 5232d84e06 Almost all notes fixed, but nothing tested. 2018-08-09 16:52:15 +03:00
Vakaris d1a29872c4 Fixed half of the notes and added a small tcp_port_to_service method in network/tools 
no message
 2018-08-09 12:13:44 +03:00