Closed
Description
Add an exploiter to exploit the new log4j vulnerabilities.
- Identify all related CVEs, choose which ones we'll exploit and which we'll ignore.
- Add test machines in GCP - some windows, some linux, multiple vulnerable application
- Simple POC that allows one agent to remotely launch another agent on the victim and know whether or not exploitation was successful
- Implement a new exploiter
- Add blackbox tests - @ilija-lazoroski @VakarisZ
- Add documentation - @shreyamalviya
- "Adapter was already registered" error - @mssalvatore
- Code review - @shreyamalviya
- Investigate if monkey agent freezes on victim machines
- Re-generate logstash and tomcat images @ilija-lazoroski
- Logstash
- Tomcat
- Recompile Linux and Windows java class templates from source (ensure they don't contain anything malicious) - @mssalvatore/ / @VakarisZ