Skip to content

Replaced ping with curl/wget and Invoke-WebRequest #517

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Dec 25, 2019
Merged

Replaced ping with curl/wget and Invoke-WebRequest #517

merged 3 commits into from
Dec 25, 2019

Conversation

ShayNehmad
Copy link
Contributor

@ShayNehmad ShayNehmad commented Dec 23, 2019
edited
Loading

What is this?

Fixes #515: Use HTTP instead of ICMP for the Zero Trust people test.

Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Have you successfully tested your changes locally?
    • Windows - works
    • Windows - fails
    • Linux - works with curl x wget
    • Linux - fails with curl x wget
    • Linux - fails - one or both missing
  • Is the TravisCI build passing?

Proof that it works

Windows: fails

2019-12-24 19:09:28,876 [25444:22012:DEBUG] base_telem.send.25: Sending post_breach telemetry. Data: {"command": "", "result": ["Created process 'powershell.exe -command \"Invoke-WebRequest https://infectiokjl;adfkjl;dsfjklsdfkj;ladfjkl;adfsjkldsfnmonkey.com/\" -UseBasicParsing' as user 'somenewuservfulk', but the process failed (exit status 1:0x1).", false], "name": "Communicate as new user", "hostname": "gc-pc-169", "ip": "10.15.1.75"}

Windows: works

2019-12-24 19:11:28,905 [30116:12880:DEBUG] base_telem.send.25: Sending post_breach telemetry. Data: {"command": "", "result": ["Created process 'powershell.exe -command \"Invoke-WebRequest https://infectionmonkey.com/\" -UseBasicParsing' as user 'somenewuserbdfjo' and the process succeeded.", true], "name": "Communicate as new user", "hostname": "gc-pc-169", "ip": "10.15.1.75"}

Changes

Are the commit messages enough? If not, elaborate.

@ShayNehmad ShayNehmad added Monkey Feature Issue that describes a new feature to be implemented. labels Dec 23, 2019
@ShayNehmad ShayNehmad added this to the 1.8.0 milestone Dec 23, 2019
@ShayNehmad ShayNehmad self-assigned this Dec 23, 2019
@ShayNehmad
Replaced CreateProcessAsUser with CreateProcessWithLogonW to get over…
ab57b58 
… the "0xc0000142" error code and added -UseBasicParsing to get over the IE Engine inconfigured error

This will be heavily documented in a tweet sometime
@ShayNehmad
We chose HTTPS
6e9ee41
@ShayNehmad ShayNehmad merged commit 52eced3 into develop Dec 25, 2019
@ShayNehmad ShayNehmad deleted the feature/515-add-curl-pba branch December 25, 2019 10:53
@snyk-bot snyk-bot mentioned this pull request Jul 15, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@danielguardicore danielguardicore danielguardicore approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@ShayNehmad ShayNehmad

Labels
Feature Issue that describes a new feature to be implemented.
Projects
None yet
Milestone
1.8.0
Development

Successfully merging this pull request may close these issues.

Add curl PBA for Users Zero Trust test
2 participants
@ShayNehmad @danielguardicore