Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed


Artillery version 1.3 released – new features and bug fixes.

Artillery version 1.3 is now released. This version incorporates a number of new features and bug fixes. Most specifically, when it comes to timestamp for events – all events now include timestamp data when logging remote syslog, local syslog, and file formats. This also includes when starting, stopping, or restarting Artillery. An example of this can be found below:

[*] 2014-11-11 15:29:42: Artillery has started successfully.
[!] Insecure configuration detected on filesystem: [!] Issue identified: /etc/ssh/sshd_config allows RootLogin. An attacker can gain root access to the system if password is guessed. Recommendation: Change RootLogin yes to RootLogin no

Additionally, when the honeypot module is enabled with Artillery, it has always failed successfully without logging appropriately. Artillery will now log when it cannot bind to a port on a system where Artillery is installed and the associated port:

Nov 11 15:21:57 kali [!] 2014-11-11 15:21:57: Artillery was unable to bind to port: 135. This could be to an active port in use.
Nov 11 15:21:57 kali [!] 2014-11-11 15:21:57: Artillery was unable to bind to port: 44443. This could be to an active port in use.

A number of other bug fixes have been included which fixes local file logging when config option FILE is specified as well as a number of other enhancements.

Full changelog below:

version 1.3

* added new function for grabbing date and time
* added new function kill_artillery() to kill any running processes of artillery using signal and os.kill
* added timestamp data for when a new instance of artillery is killed and restarted
* removed old kill_artillery() legacy function in setup that did not properly terminate prior versions of artillery
* added a write_log function that will notify when Artillery is unable to bind to a specific port and included timestamp data
* fixed spacing issues inside of syslog on remote and local
* corrected Issue identified spacing into one line in
* added timestamp data to error artillery unable to log to mail server
* fixed an issue that would cause the process to not properly be terminated on certain Linux versions
* added datetime for when artillery successfully started from normal located in /var/artillery
* fixed a bug when using FILE as a designator that would cause an exception for alert not being defined (should have been assigned as variable)

For more information on how to install and deploy Artillery, visit the BDS homepage for Artillery: Artillery Website at BDS