oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,094 Commits 3 Branches 10 Tags
53433ce7b6bbefb46fdd0d288defd1468a81477b
Commit Graph

737 Commits

Author SHA1 Message Date
Archer Bowen
53433ce7b6 #2689 General improvements. 
1. Abstract TAP now handles .apply_timestep
2. Expanded tests
3. Added pydantic model for c2 configuration.
 2024-08-09 17:53:47 +01:00
Archer Bowen
ab91f993a5 #2689 Initial Implementation of multi-port listeners. 2024-08-09 12:45:15 +01:00
Archer Bowen
0e8e8c5681 Merge remote-tracking branch 'origin/dev' into feature/2689-command-and-control 2024-08-09 12:15:43 +01:00
Archer Bowen
4241118d26 #2689 Adding slight changes to c2_Beacon & terminal that appeared when merging from dev. 2024-08-09 12:14:57 +01:00
Christopher McCarthy
ca2aef7343 Merged PR 503: Enable Multi-Port Listening for Services and Applications 
## Summary
- Added a `listen_on_ports` set in the `IOSoftware` class to enable software listening on ports in addition to the main port they're assigned.
- Also added something I missed in the `CHANGELOG.md` from user login ticket 🙃

## Test process
- Tested listening on ports with a dummy listener software class and counted frames snooped on.
- Also tested that the actual software that the posts being snooped in on still works as expected.

## Checklist
- [X] PR is linked to a **work item**
- [X] **acceptance criteria** of linked ticket are met
- [X] performed **self-review** of the code
- [X] written **tests** for any new functionality added with this PR
- [X] updated the **documentation** if this PR changes or adds functionality
- [X] written/updated **design docs** if this PR implements new functionality
- [X] updated the **change log**
- [X] ran **pre-commit** checks for code style
- [ ] attended to any **TO-DOs** left in the code

Related work items: #2768
 2024-08-09 10:25:33 +00:00
Archer Bowen
507abe46c2 Merge remote-tracking branch 'origin/dev' into feature/2689-command-and-control 2024-08-09 11:12:09 +01:00
Archer Bowen
ddc9acd03a #2689 Fix notebook blue agent actions not functioning correctly. 2024-08-09 11:04:12 +01:00
Archer Bowen
6ec575d18e #2689 Updated actions E2E notebook and other additions 2024-08-09 09:58:44 +01:00
Chris McCarthy
a3a9ca9963 #2768 - Fixed issue causing main port to not be included in list of open ports. documented the configuration of listen_on_ports. added test that tests listen_on_ports configuration from yaml. 2024-08-08 21:20:20 +01:00
Charlie Crane
665c53d880 #2781 - Actioning review comments 2024-08-08 15:48:44 +01:00
Chris McCarthy
a5652ae4b2 Merge branch 'refs/heads/dev' into feature/2768_enable-multi-port-listening-for-services-and-applications 2024-08-08 14:26:35 +01:00
Charlie Crane
116ac725b0 #2718 - making terminal rm _login() and _remote_login() consistent in their RequestResponse 2024-08-08 14:23:10 +01:00
Charlie Crane
5f5ea5e524 #2718 - Updates to Terminal following discussion about implementation with actions. 2024-08-08 14:20:23 +01:00
Charlie Crane
ff054830bc #2781 - Correcting some typos in Terminal notebook and elaborating the data in _remote_login request 2024-08-08 11:57:30 +01:00
Charlie Crane
93ef3076f5 #2781 - user_session_manager._timeout_session() now sends a user_timeout command when closing remote sessions. Corrected source_ip in Terminal.receive() 2024-08-08 11:33:42 +01:00
Archer Bowen
9249447ea6 Merge branch 'dev' into feature/2689-command-and-control 2024-08-07 14:18:40 +01:00
Archer Bowen
b1baf023d6 #2689 Fixed up Pytests and confirmed functionality before merging from dev. 2024-08-07 14:16:50 +01:00
Charlie Crane
9fea34bb43 #2781 - Correcting terminal tests and fixing a typo in base.py 2024-08-07 11:58:17 +01:00
Charlie Crane
1802648436 #2781 - Initial commit with changes to Terminal to integrate with user_session_manager. Login and logout are now talking to the monitored user session 2024-08-07 11:31:51 +01:00
Archer.Bowen
afa4d2b946 #2689 Address a couple of TODOs and other misc changes. 2024-08-07 10:34:30 +01:00
Charlie Crane
bd91b4be1d #2706 - Merge branch 'dev' into feature/2706-Terminal_Sim_Component 2024-08-07 09:08:43 +01:00
Charlie Crane
6d6f21a20a #2706 - Additional assert on new test and a guard clause on LocalTerminalConnection.execute() to check that the Terminal service is running before sending a command 2024-08-06 19:14:53 +01:00
Charlie Crane
d05fd00594 #2706 - Resolving an issue that saw disconnected terminal connections still able to send execute commands that were also then processed by the target node. Created a new class: LocalterminalConnection, for local connection objects to terminal. Calling terminal.show() when there is a local connection will have 'Local Connection' as the IP address. Receive and execute will check that the provided connection uuid is valid before actioning any commands. TerminalClientConnection objects now have an is_active flag similar to DatabaseClientConnection. Added a new test to check that terminals will reject commands from disconnected clientconnection objects. 2024-08-06 19:09:23 +01:00
Archer.Bowen
9c68cd4bd0 #2689 Agent Actions Implemented, E2E Demo notebook started and a couple of general fixes and improvements. 2024-08-06 17:05:00 +01:00
Charlie Crane
df49b3b5bb #2706 - Actioning Review Comments 2024-08-06 14:10:10 +01:00
Charlie Crane
89107f2c4b #2706 - Type-hint changes following review 2024-08-06 10:37:11 +01:00
Charlie Crane
1e64e87798 #2706 - Actioning Review comments 2024-08-06 09:30:27 +01:00
Chris McCarthy
d2011ff327 #2811 - Updated syslog messaging around DatabaseClient and DatabaseService connection request and password authentication 2024-08-05 22:23:54 +01:00
Archer.Bowen
4ae0275dc9 #2689 Implemented initial agent actions and started on documentations. A few TODO's left to do such as validation and expanding unit tests. 2024-08-05 16:53:48 +01:00
Charlie Crane
63a689d94a #2706 - correcting test failures 2024-08-05 16:25:35 +01:00
Charlie Crane
4fe9753fcf #2706 - Updated terminal.receive() to work with SSHPacket class, fixed some tests and updated RemoteTerminalConnection to hold Source_IP for easier reading 2024-08-05 15:44:52 +01:00
Charlie Crane
814663cf2c #2706 - Terminal now installs on a Router 2024-08-05 10:04:23 +01:00
Charlie Crane
22c84d35d7 Merge branch 'dev' into feature/2706-Terminal_Sim_Component 2024-08-05 09:52:53 +01:00
Charlie Crane
4bddf72cd3 #2706 - Initial refactor of Terminal Class following review discussion on Friday. Terminal will now return a TerminalConnection/RemoteTerminalConnection object on login. 
The new connection object can then be used to pass commands to the target node, without needing to form a full payload item.
 2024-08-05 09:29:17 +01:00
Chris McCarthy
322a691e53 #2768 - Added listen_on_ports attribute to IOSoftware. updated software manager so that it sends copies of payloads to listening ports too. Added integration test that installs a listening service to snoop on DB traffic. 2024-08-02 23:21:35 +01:00
Archer.Bowen
1933522e89 #2689 Updated docustrings and general quality improvements. 2024-08-02 16:13:59 +01:00
Christopher McCarthy
e275a9376b Merged PR 496: Implement User, UserManager, and UserSessionManager 
## Summary
*Replace this text with an explanation of what the changes are and how you implemented them. Can this impact any other parts of the codebase that we should keep in mind?*

## Test process
*How have you tested this (if applicable)?*

## Checklist
- [ ] PR is linked to a **work item**
- [ ] **acceptance criteria** of linked ticket are met
- [ ] performed **self-review** of the code
- [ ] written **tests** for any new functionality added with this PR
- [ ] updated the **documentation** if this PR changes or adds functionality
- [ ] written/updated **design docs** if this PR implements new functionality
- [ ] updated the **change log**
- [ ] ran **pre-commit** checks for code style
- [ ] attended to any **TO-DOs** left in the code

Related work items: #2735, #2778
 2024-08-02 14:45:10 +00:00
Marek Wolan
aab47289ac Merged PR 493: Update dev with all 3.2 updates 
Related work items: #2625
 2024-08-02 12:46:12 +00:00
Charlie Crane
d9faa1a5da Merge branch 'dev' into feature/2706-Terminal_Sim_Component 2024-08-02 13:34:00 +01:00
Charlie Crane
e132c52121 #2706 - Removed the LoginValidator. Will be handled by UserSessionManager. Updated some missing variables in method definitions/ 2024-08-02 13:32:34 +01:00
Archer.Bowen
2339dabac1 #2689 Overhauled .receive method. Keep Alive and initial implementation of commands working. (also Updated docustrings + pre-commit) 2024-08-02 13:25:08 +01:00
Chris McCarthy
71d8c6ea63 #2735 - synced with dev and resolved merge conflicts 2024-08-02 12:55:09 +01:00
Chris McCarthy
696236aa61 #2735 - make the disabled/enabled admins/non-admins dynamic properties for simplicity. Added num_of_logins to User. Added additional test for counting user logins. Added all users to the UserManager describe_state function. Refactored model fields with empty dict as default value to have direct instantiation instead of using Field(default_factory=dict) or Field(default_factory=: lambda: {}). 2024-08-02 12:47:02 +01:00
Christopher McCarthy
61c7cc2da3 Apply suggestions from code review 2024-08-02 10:57:51 +00:00
Nick Todd
3ebad7d7e9 Merged PR 448: Global NMNE variables are incorrectly accessed 
## Summary
*Replace this text with an explanation of what the changes are and how you implemented them. Can this impact any other parts of the codebase that we should keep in mind?*

## Test process
*How have you tested this (if applicable)?*

## Checklist
- [X] PR is linked to a **work item**
- [X] **acceptance criteria** of linked ticket are met
- [X] performed **self-review** of the code
- [X] written **tests** for any new functionality added with this PR
- [ ] updated the **documentation** if this PR changes or adds functionality
- [ ] written/updated **design docs** if this PR implements new functionality
- [ ] updated the **change log**
- [X] ran **pre-commit** checks for code style
- [X] attended to any **TO-DOs** left in the code

Related work items: #2676
 2024-08-02 08:28:08 +00:00
Charlie Crane
ab4931463f #2706 - Minor change following the session_id changes as local_login failed to pass a session_id when creating a new TerminalClientConnection object 2024-08-02 09:21:55 +01:00
Charlie Crane
0fe61576c7 #2706 - Removed source and target ip_address attributes from the SSHPacket Class. Terminal now uses session_id to send login outcome. No more network_interface[1].ip_address. 2024-08-02 09:13:31 +01:00
Archer.Bowen
e554a2d224 #2689 Remote connections now successfully establishing however current issues with keep alive inactivity causing the c2 beacon to close even when it does have connection to the c2 server. 2024-08-01 17:18:10 +01:00
Marek Wolan
78ad95fcef #2735 - fix up node request manager and system software 2024-08-01 13:58:35 +01:00
Marek Wolan
a719b24cfc Merge branch 'dev' into feature/2735-usermanager-fixes 2024-08-01 13:23:03 +01:00