Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate the ZeroLogon exploiter to a plugin #3164

Closed
13 of 14 tasks
mssalvatore opened this issue Mar 28, 2023 · 0 comments · Fixed by #3295
Closed
13 of 14 tasks

Migrate the ZeroLogon exploiter to a plugin #3164

mssalvatore opened this issue Mar 28, 2023 · 0 comments · Fixed by #3295
Assignees
@cakekoa
Labels
Complexity: High Impact: High Plugins Refactor sp/8
Milestone
v2.2.0

Comments

@mssalvatore
Copy link
Collaborator

mssalvatore commented Mar 28, 2023
edited
Loading

Description

Replace the hard-coded ZeroLogon exploiter with ZeroLogon exploiter plugin.

Use the SMBExploiter and/or HadoopExploiter as templates.

A note on scope

The ZeroLogon exploiter is large and complex. There's lots of room for improvement in its code quality, however, the time it would take to reimplement it is probably not worth the value on such an old vulnerability. We can make small improvements, but should avoid getting sucked into a large refactor of this exploiter. In other words, if we can simply wrap the existing exploiter with a plugin.py, let's do that (as much as is possible).

Tasks

  • options (pydantic) (0d) @cakekoa
    • determine what options ZeroLogon should have
    • create a pydantic model for ZeroLogon options
    • Create plugin manifest
    • Create config schema
  • Create a Pipfile for dependencies (0d) @mssalvatore
  • Add a jenkins job to build the plugin (0.25d) @cakekoa
    • Update the island build jobs on Jenkins to copy the artifacts from the ZeroLogon plugin build job
  • exploiter (0d) @cakekoa
    • Check any preconditions
    • Don't forget to add MITRE tags
  • Update ETE test configurations and run tests (0d) @cakekoa
  • Remove the hard-coded ZeroLogon plugin (0d) @mssalvatore
  • Test and fix bugs (0.5d) @shreyamalviya
@mssalvatore mssalvatore added this to the v2.2.0 milestone Mar 28, 2023
@cakekoa cakekoa self-assigned this May 1, 2023
@cakekoa cakekoa mentioned this issue May 1, 2023
Merged
10 tasks
mssalvatore added a commit that referenced this issue May 1, 2023
@mssalvatore
Merge branch '3164-zerologon-options' into develop
9608766 
Issue #3164
PR #3282
mssalvatore added a commit that referenced this issue May 1, 2023
@mssalvatore
Zerologon: Add a Pipfile and Pipfile.lock
e9e8e65 
Issue #3164
mssalvatore added a commit that referenced this issue May 1, 2023
@mssalvatore
Zerologon: Add a Pipfile and Pipfile.lock
8594a52 
Issue #3164
@cakekoa cakekoa mentioned this issue May 1, 2023
Merged
10 tasks
@mssalvatore mssalvatore mentioned this issue May 1, 2023
Merged
8 tasks
mssalvatore added a commit that referenced this issue May 2, 2023
@mssalvatore
Merge branch '3164-remove-hardcoded-zerologon' into 3164-zerologon-pl…
28f7274 
…ugin

Issue #3164
PR #3284
mssalvatore added a commit that referenced this issue May 2, 2023
@mssalvatore
Merge branch '3164-zerologon-plugin' into develop
9fb0bb2 
Issue #3164
PR #3283
@mssalvatore mssalvatore reopened this May 3, 2023
@shreyamalviya shreyamalviya mentioned this issue May 3, 2023
Merged
10 tasks
mssalvatore added a commit that referenced this issue May 3, 2023
@mssalvatore
Merge branch '3164-fix-ete-tests' into develop
5bfba01 
Issue #3164
PR #3295
mssalvatore added a commit that referenced this issue May 3, 2023
@mssalvatore
Merge branch '3164-fix-ete-tests' into develop
91f0ee1 
Issue #3164
PR #3295
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cakekoa cakekoa

Labels
Complexity: High Impact: High Plugins Refactor sp/8
Projects
None yet
Milestone
v2.2.0
Development

Successfully merging a pull request may close this issue.

Fix Zerologon plugin guardicore/monkey
2 participants
@cakekoa @mssalvatore