From 617753213351b801ab1cc22c36608fb54a5af6a1 Mon Sep 17 00:00:00 2001 From: Thorsten Sick Date: Thu, 14 Oct 2021 09:55:08 +0200 Subject: [PATCH] Some PEP8 cleanup --- app/calderacontrol.py | 3 +- app/config.py | 2 +- app/doc_generator.py | 2 +- app/experimentcontrol.py | 47 +++++++++---------- app/pluginmanager.py | 2 +- doc_generator.py | 6 +-- plugins/base/attack.py | 12 ++--- .../base/{caldera.py => caldera.py.removed} | 2 +- plugins/base/machinery.py | 2 +- plugins/base/plugin_base.py | 4 +- plugins/base/sensor.py | 3 +- plugins/base/vulnerability_plugin.py | 2 +- .../FIN7/fin7_section1.py | 2 +- .../metasploit_arp_t1016/metasploit_arp.py | 1 - .../metasploit_clearev_t1070.py | 1 - .../metasploit_getsystem.py | 1 - .../metasploit_keylogging.py | 10 ++-- .../metasploit_kiwi_t1003.py | 2 - .../metasploit_migrate.py | 15 +++--- .../metasploit_ps_t1057/metasploit_ps.py | 9 ++-- .../metasploit_screengrab.py | 1 - .../metasploit_sysinfo.py | 1 - 22 files changed, 60 insertions(+), 70 deletions(-) rename plugins/base/{caldera.py => caldera.py.removed} (100%) diff --git a/app/calderacontrol.py b/app/calderacontrol.py index 5094845..6b6eb96 100644 --- a/app/calderacontrol.py +++ b/app/calderacontrol.py @@ -7,13 +7,14 @@ import os import time from pprint import pprint, pformat +from typing import Optional import requests import simplejson from app.exceptions import CalderaError from app.interface_sfx import CommandlineColors -from typing import Optional + # TODO: Ability deserves an own class. diff --git a/app/config.py b/app/config.py index 011d80c..9e95ca8 100644 --- a/app/config.py +++ b/app/config.py @@ -2,10 +2,10 @@ """ Configuration loader for PurpleDome """ +from typing import Optional import yaml from app.exceptions import ConfigurationError -from typing import Optional # So the config being read is distributed into several files and they will have different formats (yaml, CACAO) diff --git a/app/doc_generator.py b/app/doc_generator.py index 0ca2193..73a59cc 100644 --- a/app/doc_generator.py +++ b/app/doc_generator.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 -# A document generator module. +""" Generate human readable document describing the attack based on an attack log """ import json import os diff --git a/app/experimentcontrol.py b/app/experimentcontrol.py index dfb406f..571c2d5 100644 --- a/app/experimentcontrol.py +++ b/app/experimentcontrol.py @@ -115,14 +115,14 @@ class Experiment(): self.attack_logger.vprint(f"Connecting to caldera {caldera_url}, running agents are: {running_agents}", 3) self.attack_logger.vprint(f"Missing agent: {target_1.get_paw()} ...", 3) target_1.start_caldera_client() - self.attack_logger.vprint(f"Restarted caldera agent: {target_1.get_paw()} ...", ) + self.attack_logger.vprint(f"Restarted caldera agent: {target_1.get_paw()} ...", 3) time.sleep(120) # Was 30, but maybe there are timing issues running_agents = self.caldera_control.list_paws_of_running_agents() self.attack_logger.vprint(f"{CommandlineColors.OKGREEN}Caldera agents reached{CommandlineColors.ENDC}", 1) # Add running machines to log - for t in self.targets: - i = t.get_machine_info() + for target in self.targets: + i = target.get_machine_info() i["role"] = "target" self.attack_logger.add_machine_info(i) @@ -217,10 +217,10 @@ class Experiment(): self.attack_logger.post_process() attack_log_file_path = os.path.join(self.lootdir, "attack.json") self.attack_logger.write_json(attack_log_file_path) - dg = DocGenerator() - dg.generate(attack_log_file_path) - dg.compile_documentation() - zip_this += dg.get_outfile_paths() + document_generator = DocGenerator() + document_generator.generate(attack_log_file_path) + document_generator.compile_documentation() + zip_this += document_generator.get_outfile_paths() self.zip_loot(zip_this) def machine_needs_caldera(self, target, caldera_conf): @@ -237,7 +237,6 @@ class Experiment(): return c_cmdline + c_conffile + c_plugins - def attack(self, target, attack): """ Pick an attack and run it @@ -293,29 +292,29 @@ class Experiment(): if os.path.exists(a_file): yield a_file - def __clean_result_files(self, root): - """ Deletes result files + # def __clean_result_files(self, root): + # """ Deletes result files - @param root: Root dir of the machine to collect data from - """ + # @param root: Root dir of the machine to collect data from + # """ # TODO: Properly implement. Get proper root parameter - for a_file in self.__get_results_files(root): - os.remove(a_file) + # for a_file in self.__get_results_files(root): + # os.remove(a_file) - def __collect_loot(self, root): - """ Collect results into loot dir + # def __collect_loot(self, root): + # """ Collect results into loot dir - @param root: Root dir of the machine to collect data from - """ + # @param root: Root dir of the machine to collect data from + # """ - try: - os.makedirs(os.path.abspath(self.experiment_config.loot_dir())) - except FileExistsError: - pass - for a_file in self.__get_results_files(root): - self.attack_logger.vprint("Copy {} {}".format(a_file, os.path.abspath(self.experiment_config.loot_dir())), 3) + # try: + # os.makedirs(os.path.abspath(self.experiment_config.loot_dir())) + # except FileExistsError: + # pass + # for a_file in self.__get_results_files(root): + # self.attack_logger.vprint("Copy {} {}".format(a_file, os.path.abspath(self.experiment_config.loot_dir())), 3) def __start_attacker(self): """ Start the attacking VM """ diff --git a/app/pluginmanager.py b/app/pluginmanager.py index 00209ab..8a75124 100644 --- a/app/pluginmanager.py +++ b/app/pluginmanager.py @@ -3,13 +3,13 @@ from glob import glob import os +import straight.plugin # type: ignore from plugins.base.plugin_base import BasePlugin from plugins.base.attack import AttackPlugin from plugins.base.machinery import MachineryPlugin from plugins.base.sensor import SensorPlugin from plugins.base.vulnerability_plugin import VulnerabilityPlugin -import straight.plugin # type: ignore from app.interface_sfx import CommandlineColors from app.attack_log import AttackLog diff --git a/doc_generator.py b/doc_generator.py index c164c9f..6415a34 100755 --- a/doc_generator.py +++ b/doc_generator.py @@ -1,18 +1,18 @@ #!/usr/bin/env python3 -# A standalone document generator. Takes an attack log and generates a doc using templates. Functionality will later be merged into PurpleDome +""" Generate human readable document describing the attack based on an attack log """ import argparse from app.doc_generator import DocGenerator -default_attack_log = "removeme/loot/2021_09_08___07_41_35/attack.json" # FIN 7 first run on environment +DEFAULT_ATTACK_LOG = "removeme/loot/2021_09_08___07_41_35/attack.json" # FIN 7 first run on environment def create_parser(): """ Creates the parser for the command line arguments""" parser = argparse.ArgumentParser("Controls an experiment on the configured systems") - parser.add_argument("--attack_log", default=default_attack_log, help="The attack log the document is based on") + parser.add_argument("--attack_log", default=DEFAULT_ATTACK_LOG, help="The attack log the document is based on") parser.add_argument("--outfile", default="tools/human_readable_documentation/source/contents.rst", help="The default output file") return parser diff --git a/plugins/base/attack.py b/plugins/base/attack.py index 0533a12..f8b21de 100644 --- a/plugins/base/attack.py +++ b/plugins/base/attack.py @@ -1,15 +1,15 @@ #!/usr/bin/env python3 """ Base class for Kali plugins """ +from enum import Enum import os -from plugins.base.plugin_base import BasePlugin -from app.exceptions import PluginError, ConfigurationError, RequirementError -from app.calderacontrol import CalderaControl -# from app.metasploit import MSFVenom, Metasploit from typing import Optional -from plugins.base.machinery import MachineryPlugin + +from app.calderacontrol import CalderaControl +from app.exceptions import PluginError, ConfigurationError, RequirementError from app.metasploit import MetasploitInstant -from enum import Enum +from plugins.base.machinery import MachineryPlugin +from plugins.base.plugin_base import BasePlugin class Requirement(Enum): diff --git a/plugins/base/caldera.py b/plugins/base/caldera.py.removed similarity index 100% rename from plugins/base/caldera.py rename to plugins/base/caldera.py.removed index 96f0f97..80c0e0d 100644 --- a/plugins/base/caldera.py +++ b/plugins/base/caldera.py.removed @@ -5,8 +5,8 @@ Special for this plugin class: If there is no plugin matching a specified attack You only gotta write a plugin if you want some special features """ -from plugins.base.plugin_base import BasePlugin from typing import Optional +from plugins.base.plugin_base import BasePlugin class CalderaPlugin(BasePlugin): diff --git a/plugins/base/machinery.py b/plugins/base/machinery.py index 511ba58..301f616 100644 --- a/plugins/base/machinery.py +++ b/plugins/base/machinery.py @@ -4,10 +4,10 @@ from enum import Enum import os +from typing import Optional from app.config import MachineConfig from app.interface_sfx import CommandlineColors from plugins.base.plugin_base import BasePlugin -from typing import Optional class MachineStates(Enum): diff --git a/plugins/base/plugin_base.py b/plugins/base/plugin_base.py index 52ddefd..75c9f27 100644 --- a/plugins/base/plugin_base.py +++ b/plugins/base/plugin_base.py @@ -2,11 +2,11 @@ """ Base class for all plugin types """ import os +from typing import Optional import yaml -# from shutil import copy from app.exceptions import PluginError # type: ignore import app.exceptions # type: ignore -from typing import Optional + class BasePlugin(): diff --git a/plugins/base/sensor.py b/plugins/base/sensor.py index 3df2b00..684ae61 100644 --- a/plugins/base/sensor.py +++ b/plugins/base/sensor.py @@ -2,8 +2,9 @@ """ A base plugin class for sensors. Anything installed on the target to collect system information and identify the attack """ import os -from plugins.base.plugin_base import BasePlugin from typing import Optional +from plugins.base.plugin_base import BasePlugin + class SensorPlugin(BasePlugin): diff --git a/plugins/base/vulnerability_plugin.py b/plugins/base/vulnerability_plugin.py index 5cf724f..67346d5 100644 --- a/plugins/base/vulnerability_plugin.py +++ b/plugins/base/vulnerability_plugin.py @@ -2,8 +2,8 @@ """ This is a specific plugin type that installs a vulnerability into a VM. This can be a vulnerable application or a configuration setting """ -from plugins.base.plugin_base import BasePlugin from typing import Optional +from plugins.base.plugin_base import BasePlugin class VulnerabilityPlugin(BasePlugin): diff --git a/plugins/default/adversary_emulations/FIN7/fin7_section1.py b/plugins/default/adversary_emulations/FIN7/fin7_section1.py index cd6f845..3feb14a 100644 --- a/plugins/default/adversary_emulations/FIN7/fin7_section1.py +++ b/plugins/default/adversary_emulations/FIN7/fin7_section1.py @@ -5,7 +5,7 @@ import socket from plugins.base.attack import AttackPlugin, Requirement from app.interface_sfx import CommandlineColors -from app.metasploit import MSFVenom, MetasploitInstant +from app.metasploit import MSFVenom import os import time diff --git a/plugins/default/metasploit_attacks/metasploit_arp_t1016/metasploit_arp.py b/plugins/default/metasploit_attacks/metasploit_arp_t1016/metasploit_arp.py index 3a6e8ae..781f30d 100644 --- a/plugins/default/metasploit_attacks/metasploit_arp_t1016/metasploit_arp.py +++ b/plugins/default/metasploit_attacks/metasploit_arp_t1016/metasploit_arp.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -# from app.metasploit import MetasploitInstant class MetasploitArpPlugin(AttackPlugin): diff --git a/plugins/default/metasploit_attacks/metasploit_clearev_t1070/metasploit_clearev_t1070.py b/plugins/default/metasploit_attacks/metasploit_clearev_t1070/metasploit_clearev_t1070.py index f9e1808..c5b87be 100644 --- a/plugins/default/metasploit_attacks/metasploit_clearev_t1070/metasploit_clearev_t1070.py +++ b/plugins/default/metasploit_attacks/metasploit_clearev_t1070/metasploit_clearev_t1070.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant class MetasploitClearevPlugin(AttackPlugin): diff --git a/plugins/default/metasploit_attacks/metasploit_getsystem/metasploit_getsystem.py b/plugins/default/metasploit_attacks/metasploit_getsystem/metasploit_getsystem.py index b5de21a..c7621c2 100644 --- a/plugins/default/metasploit_attacks/metasploit_getsystem/metasploit_getsystem.py +++ b/plugins/default/metasploit_attacks/metasploit_getsystem/metasploit_getsystem.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant import socket diff --git a/plugins/default/metasploit_attacks/metasploit_keylogging_T1056/metasploit_keylogging.py b/plugins/default/metasploit_attacks/metasploit_keylogging_T1056/metasploit_keylogging.py index 2d43011..8e90437 100644 --- a/plugins/default/metasploit_attacks/metasploit_keylogging_T1056/metasploit_keylogging.py +++ b/plugins/default/metasploit_attacks/metasploit_keylogging_T1056/metasploit_keylogging.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant class MetasploitKeyloggingPlugin(AttackPlugin): @@ -33,12 +32,11 @@ class MetasploitKeyloggingPlugin(AttackPlugin): payload_name = "babymetal.exe" target = self.targets[0] - self.metasploit.smart_infect(target, - payload=payload_type, - outfile=payload_name, - format="exe", - architecture="x64") + payload=payload_type, + outfile=payload_name, + format="exe", + architecture="x64") self.metasploit.migrate(target, name="winlogon.exe") diff --git a/plugins/default/metasploit_attacks/metasploit_kiwi_t1003/metasploit_kiwi_t1003.py b/plugins/default/metasploit_attacks/metasploit_kiwi_t1003/metasploit_kiwi_t1003.py index ae15136..1c3793d 100644 --- a/plugins/default/metasploit_attacks/metasploit_kiwi_t1003/metasploit_kiwi_t1003.py +++ b/plugins/default/metasploit_attacks/metasploit_kiwi_t1003/metasploit_kiwi_t1003.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant import socket @@ -35,7 +34,6 @@ class MetasploitKiwiPlugin(AttackPlugin): payload_name = "babymetal.exe" target = self.targets[0] - ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip()) self.metasploit.smart_infect(target, diff --git a/plugins/default/metasploit_attacks/metasploit_migrate_t1055/metasploit_migrate.py b/plugins/default/metasploit_attacks/metasploit_migrate_t1055/metasploit_migrate.py index 3e8ea5b..d908c87 100644 --- a/plugins/default/metasploit_attacks/metasploit_migrate_t1055/metasploit_migrate.py +++ b/plugins/default/metasploit_attacks/metasploit_migrate_t1055/metasploit_migrate.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant import socket @@ -37,13 +36,13 @@ class MetasploitMigratePlugin(AttackPlugin): ip = socket.gethostbyname(self.attacker_machine_plugin.get_ip()) self.metasploit.smart_infect(target, - payload=payload_type, - architecture="x64", - platform="windows", - lhost=ip, - format="exe", - outfile=payload_name - ) + payload=payload_type, + architecture="x64", + platform="windows", + lhost=ip, + format="exe", + outfile=payload_name + ) self.metasploit.migrate(target, user="NT AUTHORITY\\SYSTEM", name="svchost.exe", arch="x64") diff --git a/plugins/default/metasploit_attacks/metasploit_ps_t1057/metasploit_ps.py b/plugins/default/metasploit_attacks/metasploit_ps_t1057/metasploit_ps.py index 4c4ae46..f1bbf69 100644 --- a/plugins/default/metasploit_attacks/metasploit_ps_t1057/metasploit_ps.py +++ b/plugins/default/metasploit_attacks/metasploit_ps_t1057/metasploit_ps.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant class MetasploitPsPlugin(AttackPlugin): @@ -34,10 +33,10 @@ class MetasploitPsPlugin(AttackPlugin): target = self.targets[0] self.metasploit.smart_infect(target, - payload=payload_type, - outfile=payload_name, - format="exe", - architecture="x64") + payload=payload_type, + outfile=payload_name, + format="exe", + architecture="x64") self.metasploit.ps_process_discovery(target) diff --git a/plugins/default/metasploit_attacks/metasploit_screengrab_t1113/metasploit_screengrab.py b/plugins/default/metasploit_attacks/metasploit_screengrab_t1113/metasploit_screengrab.py index 8344a21..f74b6ae 100644 --- a/plugins/default/metasploit_attacks/metasploit_screengrab_t1113/metasploit_screengrab.py +++ b/plugins/default/metasploit_attacks/metasploit_screengrab_t1113/metasploit_screengrab.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant class MetasploitScreengrabPlugin(AttackPlugin): diff --git a/plugins/default/metasploit_attacks/metasploit_sysinfo_t1082/metasploit_sysinfo.py b/plugins/default/metasploit_attacks/metasploit_sysinfo_t1082/metasploit_sysinfo.py index 4a00ab8..12b193d 100644 --- a/plugins/default/metasploit_attacks/metasploit_sysinfo_t1082/metasploit_sysinfo.py +++ b/plugins/default/metasploit_attacks/metasploit_sysinfo_t1082/metasploit_sysinfo.py @@ -3,7 +3,6 @@ # A plugin to nmap targets slow motion, to evade sensors from plugins.base.attack import AttackPlugin, Requirement -from app.metasploit import MetasploitInstant class MetasploitSysinfoPlugin(AttackPlugin):