diff --git a/app/machinecontrol.py b/app/machinecontrol.py index c79100c..572d864 100644 --- a/app/machinecontrol.py +++ b/app/machinecontrol.py @@ -163,9 +163,10 @@ class Machine(): syscon = {"abs_machinepath_internal": self.abs_machinepath_internal, "abs_machinepath_external": self.abs_machinepath_external} plugin.set_sysconf(syscon) + plugin.process_config(config.kali_conf(name)) plugin.set_machine_plugin(self.vm_manager) plugin.__set_logger__(self.attack_logger) - plugin.__execute__([target], config.kali_conf(name)) + plugin.__execute__([target]) def load_machine_plugin(self): """ Loads the matching machine plugin """ diff --git a/plugins/base/kali.py b/plugins/base/kali.py index e23dc39..43ba51a 100644 --- a/plugins/base/kali.py +++ b/plugins/base/kali.py @@ -27,24 +27,22 @@ class KaliPlugin(BasePlugin): """ Cleanup afterwards """ pass # pylint: disable=unnecessary-pass - def run(self, targets, config): + def run(self, targets): """ Run the command @param targets: A list of targets, ip addresses will do - @param config: dict with command specific configuration """ raise NotImplementedError - def __execute__(self, targets, config): + def __execute__(self, targets): """ Execute the plugin. This is called by the code @param targets: A list of targets, ip addresses will do - @param config: dict with command specific configuration """ - self.attack_logger.start_kali_attack(self.machine_plugin.config.vmname(), targets, self.name, ttp=self.get_ttp()) self.setup() - res = self.run(targets, config) + self.attack_logger.start_kali_attack(self.machine_plugin.config.vmname(), targets, self.name, ttp=self.get_ttp()) + res = self.run(targets) self.teardown() self.attack_logger.stop_kali_attack(self.machine_plugin.config.vmname(), targets, self.name, ttp=self.get_ttp()) return res diff --git a/plugins/default/kali/hydra/hydra_plugin.py b/plugins/default/kali/hydra/hydra_plugin.py index cb2dabe..578152a 100644 --- a/plugins/default/kali/hydra/hydra_plugin.py +++ b/plugins/default/kali/hydra/hydra_plugin.py @@ -19,17 +19,13 @@ class HydraPlugin(KaliPlugin): super().__init__() self.plugin_path = __file__ - # print("Init hydra") - - def command(self, targets, config): - """ Generate the command (having a separate step assists on debugging) + def run(self, targets): + """ Run the command @param targets: A list of targets, ip addresses will do - @param config: dict with command specific configuration """ # Set defaults if not present in config - self.process_config(config) playground = self.machine_plugin.get_playground() # Generate command @@ -39,20 +35,6 @@ class HydraPlugin(KaliPlugin): for p in self.conf['protocols']: cmd += f"hydra -L {self.conf['userfile']} -P {self.conf['pwdfile']} {p}://{t};" - return cmd - - def run(self, targets, config): - """ Run the command - - @param targets: A list of targets, ip addresses will do - @param config: dict with command specific configuration - """ - - # print("running hydra as plugin") - cmd = self.command(targets, config) - # res += str(self.run_cmd(cmd).stdout.strip()) res = self.run_cmd(cmd) or "" - # print("hydra done") - return res diff --git a/plugins/default/kali/nmap/nmap_plugin.py b/plugins/default/kali/nmap/nmap_plugin.py index 302ef56..1c3bfa4 100644 --- a/plugins/default/kali/nmap/nmap_plugin.py +++ b/plugins/default/kali/nmap/nmap_plugin.py @@ -61,15 +61,15 @@ class NmapPlugin(KaliPlugin): super().__init__() self.plugin_path = __file__ - def command(self, targets, config): - """ Generate the command (having a separate step assists on debugging) + def run(self, targets): + """ Run the command @param targets: A list of targets, ip addresses will do - @param config: dict with command specific configuration """ + res = "" + # Set defaults if not present in config - self.process_config(config) playground = self.machine_plugin.get_playground() # Generate command @@ -78,19 +78,6 @@ class NmapPlugin(KaliPlugin): for t in targets: cmd += f"nmap {t};" - return cmd - - def run(self, targets, config): - """ Run the command - - @param targets: A list of targets, ip addresses will do - @param config: dict with command specific configuration - """ - - res = "" - - cmd = self.command(targets, config) - res += self.run_cmd(cmd) or "" return res diff --git a/plugins/default/vulnerabilities/weak_user_passwords/default_config.yaml b/plugins/default/vulnerabilities/weak_user_passwords/default_config.yaml index e69de29..ad1b5ab 100644 --- a/plugins/default/vulnerabilities/weak_user_passwords/default_config.yaml +++ b/plugins/default/vulnerabilities/weak_user_passwords/default_config.yaml @@ -0,0 +1,19 @@ +### +# Configuration for Linux +linux: + ### + # a list of usernames and password. On linux passwords are created with mkpasswd -m sha-512 + - name: test + password: $6$bc4k4Tq2.1GW$0ysyuxyfyds2JkfVEf9xHy39MhpS.hhnAo4sBLprNfIHqcpaa9GJseRJJsrq0cSOWwYlOPrdHQNHp10E1ekO81 + - name: password + password: $6$q5PAnDI5K0uv$hMGMJQleeS9F2yLOiHXs2PxZHEmV.ook8jyWILzDGDxSTJmTTZSe.QgLVrnuwiyAl5PFJVARkMsSnPICSndJR1 + +### +# Configuration for Windows +windows: + ### + # a list of usernames and password. + - name: test + password: test + - name: password + password: passw0rd \ No newline at end of file