Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modify exploiters to use OTP in commands #3118

Merged
merged 28 commits into from
Mar 28, 2023
Merged

Modify exploiters to use OTP in commands #3118

merged 28 commits into from
Mar 28, 2023

Conversation

shreyamalviya
Copy link
Contributor

@shreyamalviya shreyamalviya commented Mar 16, 2023
edited by mssalvatore
Loading

What does this PR do?

Fixes #3077

PR Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Is the TravisCI build passing?
  • Was the CHANGELOG.md updated to reflect the changes?
  • Was the documentation framework updated to reflect the changes?
  • Have you checked that you haven't introduced any duplicate code?

Testing Checklist

  • Added relevant unit tests?
  • Do all unit tests pass?
  • Do all end-to-end tests pass?
  • Any other testing performed?

    Tested in the zoo

  • If applicable, add screenshots or log transcripts of the feature working

@shreyamalviya shreyamalviya changed the base branch from develop to 3077-agent-OTPs March 16, 2023 08:16
@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch from 1bc19ba to 7b3381f Compare March 16, 2023 08:17
@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch from 1f20bc8 to c4dbea9 Compare March 16, 2023 13:30
@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch from 00f29ca to 9ee3fd2 Compare March 16, 2023 14:33
@mssalvatore
Copy link
Collaborator

Consider rebasing this on 3077-get-otp-from-env. We should use feature flags instead of a long-lived branch to do this work.

@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch from 9ee3fd2 to b88cd0b Compare March 17, 2023 06:59
@shreyamalviya shreyamalviya changed the base branch from 3077-agent-OTPs to 3077-get-otp-from-env March 17, 2023 06:59
Base automatically changed from 3077-get-otp-from-env to develop March 17, 2023 10:55
@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch from d9ff803 to f11b93e Compare March 17, 2023 11:17
VakarisZ
VakarisZ reviewed Mar 17, 2023
View reviewed changes
Copy link
Contributor

@VakarisZ VakarisZ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OTP is an essential part of the agent command line, it's not exploiter specific option. I think we should've modified build_monkey_commandline and build_monkey_commandline_explicitly

@shreyamalviya
Copy link
Contributor Author

OTP is an essential part of the agent command line, it's not exploiter specific option. I think we should've modified build_monkey_commandline and build_monkey_commandline_explicitly

Both of these build and return the arguments that are passed to the Agent binary when it's run. We need to set the OTP as an environment variable on the machine before the binary is run.

@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch from 0930389 to f9e27fc Compare March 20, 2023 06:18
@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch 4 times, most recently from a262521 to 595eeeb Compare March 23, 2023 14:32
@ilija-lazoroski ilija-lazoroski marked this pull request as ready for review March 24, 2023 06:28
@shreyamalviya shreyamalviya marked this pull request as draft March 24, 2023 08:02
@VakarisZ VakarisZ force-pushed the 3077-modify-exploiters-to-use-otp branch from 1bf6fa7 to f02bd83 Compare March 24, 2023 11:01
@shreyamalviya shreyamalviya force-pushed the 3077-modify-exploiters-to-use-otp branch 3 times, most recently from b0becc3 to b394e1e Compare March 27, 2023 05:57
shreyamalviya and others added 27 commits March 28, 2023 11:35
@shreyamalviya @mssalvatore
Agent: Modify Log4Shell exploiter's commands to set OTP in env var
be2f050
@shreyamalviya @mssalvatore
Agent: Modify MSSQL exploiter to set OTP in env var
44dfced
@shreyamalviya @mssalvatore
Agent: Modify PowerShell exploiter to set OTP in env var
c0a106b
@shreyamalviya @mssalvatore
Agent: Modify SSH exploiter to set OTP in env var
c6e6e62
@shreyamalviya @mssalvatore
Agent: Modify WMI exploiter to set OTP in env var
655d3f4
@shreyamalviya @mssalvatore
Hadoop: Pass OTP to Hadoop's command builder instead of passing the O…
8beeb2b 
…TP provider
@shreyamalviya @mssalvatore
Agent: Modify how MSSQL exploiter sets the Agent OTP env var
10ad36a
@shreyamalviya @mssalvatore
Hadoop: Change order of operations in exploitation command
f3f5ab2
@shreyamalviya @mssalvatore
Agent: Modify Windows exploiters' OTP setting commands
5ea911b
@shreyamalviya @mssalvatore
Hadoop: Modify Windows OTP setting command
466dccd
@shreyamalviya @mssalvatore
Agent: Add space in exception message in monkey.py
69b6b4f
@shreyamalviya @mssalvatore
Agent: Modify windows cmdline constants for running the Agent to incl…
24f0344 
…ude setting OTP
@shreyamalviya @mssalvatore
Agent: Modify WMI exploiter commands for running Agent
a713b2d
@shreyamalviya @mssalvatore
Agent: Modify PowerShell exploiter command for running Agent
a4f41a2
@shreyamalviya @mssalvatore
Agent: Modify Log4Shell exploiter windows command for running Agent
2fe6548
@shreyamalviya @mssalvatore
Hadoop: Modify windows command for running Agent
db02ec7
@shreyamalviya @mssalvatore
Agent: Use SET_OTP_WINDOWS constant in MSSQL exploiter
da7b7e4
@shreyamalviya @mssalvatore
Agent: Remove extra '&&' in PowerShell exploiter command
d0b06a8
@shreyamalviya @mssalvatore
Hadoop: Escape '$' in exploiter command
5dbfbfe
@shreyamalviya @mssalvatore
Agent: Escape '$' in Log4Shell exploiter windows command
05e2088
@shreyamalviya @mssalvatore
Hadoop: Add double quotes for OTP in exploit command
f4c1087
@VakarisZ @mssalvatore
Agent: Fix OTP in log4shell windows command
2a01dfa
@cakekoa @mssalvatore
Hadoop: Fix hadoop windows command
222e1c5
@shreyamalviya @mssalvatore
UT: Fix Hadoop tests
0231716
@shreyamalviya @mssalvatore
Common: Update Agent OTP environment variable name
e43fd56
@mssalvatore
Agent: Remove "export" from Linux command
9ec2520 
Using `export` in agent run commands is unnecessary and undesirable. It
will add the environment variable to the parent process's environment,
not just the environment of the agent process. This will expose the OTP
more than necessary, violating the principle of least privilege. It will
also make it difficult (impossible?) for the agent to properly clean up
all traces of the OTP.
@mssalvatore
Hadoop: Remove "export" from Linux command
8d98ef8 
Using `export` in agent run commands is unnecessary and undesirable. It
will add the environment variable to the parent process's environment,
not just the environment of the agent process. This will expose the OTP
more than necessary, violating the principle of least privilege. It will
also make it difficult (impossible?) for the agent to properly clean up
all traces of the OTP.
@mssalvatore mssalvatore force-pushed the 3077-modify-exploiters-to-use-otp branch from 7b7cbc3 to 8d98ef8 Compare March 28, 2023 15:36
@mssalvatore mssalvatore merged commit 780b940 into develop Mar 28, 2023
@mssalvatore mssalvatore deleted the 3077-modify-exploiters-to-use-otp branch March 28, 2023 15:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VakarisZ VakarisZ VakarisZ approved these changes

@mssalvatore mssalvatore mssalvatore requested changes

@ilija-lazoroski ilija-lazoroski ilija-lazoroski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement OTP compliance on the Agent
5 participants
@shreyamalviya @mssalvatore @ilija-lazoroski @VakarisZ @cakekoa