Skip to content

v5.0.0 "Magma"

Latest
Compare
Choose a tag to compare
@elegantmoose elegantmoose released this 14 Feb 14:55
· 146 commits to master since this release
9ceb72d

What's Changed

Backwards-Breaking Changes

  • Completely refactored UI/UX VueJS front end. #2874
  • Installation/run commands changed! The first time you run Caldera, you must add the --build flag in order to build the VueJS UI. If you restart the server afterwards, the --build flag is not needed.
  • Dropped support for Python 3.7. #2795

UI

  • Summary dashboard landing page with tiles for agents, operations, adversaries, abilities, and server address. #2874
  • New network and table Operation view. #2874
  • Agent hosts displayed on network view with OS platform icon. #2874
  • Agents are denoted by colored rings around hosts they are beaconing from, with multiple agents marked by multiple rings, and the colors denoting the status of agent. #2874
  • Agents with elevated user execution privileges on their host are denoted by red tinted host OS platform icon. #2874
  • Agent side panel (in network view) that shows key agent/host information. Activated when Agent/host node clicked. #2874
  • Agent actions shortcut on agent side panel. #2874
  • Operation action table. #2874
  • Ability commands now have code syntax highlighting. #2776
  • Fact sources can now be downloaded from Fact Sources view. #2874
  • Added option to rename facts #2811

Plugins

Bug Fixes

  • Fixed encryption key mismatch for backups when booting Caldera locally and then with Docker. #2780
  • Removed operation visibility slider as had no effect on underlying operation. #2806
  • HMAC digest comparison in authorization service is now more resistant to timing attacks. #2823
  • Added manually skipped Abilities to Operation report. #2822
  • Fixed bug selecting the wrong executor for potential links. #2843
  • Moved donut-shellcode python package dependency to Stockpile plugin. Dependency was moved as donut-shellcode package cannot (at this time) be installed on MacOS ARM chip architectures and caused install issues for Caldera core. #2874
  • Fixed Ragdoll agent's timestamp format (thanks to @LwsChlds). mitre/stockpile#571

Other

  • Improved checking of reasons why abilities are skipped in operations. #2623

New Contributors

Full Changelog: 4.2.0...5.0.0