def storeScreenshot(self, ip: str, port: str, filename: str):
p = process(0, "screenshooter", "screenshot (" + str(port) + "/tcp)", str(ip), str(port), "tcp", "",
getTimestamp(True), getTimestamp(True), str(filename), "Finished", [process_output()], 2, 0)
session = self.dbAdapter.session()
session.add(p)
session.commit()
return p.id
def test_getTimestamp_WhenInvokedWithHumanParameter_ReturnsHumanFormattedTimestamp(
self, getLogger):
expectedHumanTimestampFormat = "%d %b %Y %H:%M:%S.%f"
currentTime = datetime.fromtimestamp(time())
self.assertEqual(
getTimestamp(human=True)[:-3],
currentTime.strftime(expectedHumanTimestampFormat)[:-3])
def test_getTimestamp_WhenInvokedWithNoParameters_ReturnsStandardFormattedTimestamp(
self, getLogger):
expectedStandardTimestampFormat = "%Y%m%d%H%M%S%f"
currentTime = datetime.fromtimestamp(time())
self.assertEqual(
getTimestamp()[:-3],
currentTime.strftime(expectedStandardTimestampFormat)[:-3])
def run(self):
while self.processing == True:
self.sleep(1) # effectively a semaphore
self.processing = True
for i in range(0, len(self.urls)):
try:
url = self.urls.pop(0)
outputfile = getTimestamp() + '-screenshot-' + url.replace(
':', '-') + '.png'
ip = url.split(':')[0]
port = url.split(':')[1]
if isHttps(ip, port):
self.save("https://" + url, ip, port, outputfile)
else:
self.save("http://" + url, ip, port, outputfile)
except Exception as e:
self.tsLog('Unable to take the screenshot. Moving on..')
self.tsLog(e)
continue
self.processing = False
if not len(
self.urls
) == 0: # if meanwhile urls were added to the queue, start over unless we are in pause mode
self.run()
self.tsLog('Finished.')
def storeProcessKillStatus(self, processId: str):
session = self.dbAdapter.session()
proc = session.query(process).filter_by(id=processId).first()
if proc and not proc.status == 'Finished':
proc.status = 'Killed'
proc.endTime = getTimestamp(True)
session.add(proc)
self.dbAdapter.commit()
def storeProcessCancelStatus(self, processId: str):
session = self.dbAdapter.session()
proc = session.query(process).filter_by(id=processId).first()
if proc:
proc.status = 'Cancelled'
proc.endTime = getTimestamp(True)
session.add(proc)
self.dbAdapter.commit()
def storeProcessOutput(self, process_id: str, output: str):
session = self.dbAdapter.session()
proc = session.query(process).filter_by(id=process_id).first()
if not proc:
return False
proc_output = session.query(process_output).filter_by(id=process_id).first()
if proc_output:
self.log.info("Storing process output into db: {0}".format(str(proc_output)))
proc_output.output = unicode(output)
session.add(proc_output)
proc.endTime = getTimestamp(True)
if proc.status == "Killed" or proc.status == "Cancelled" or proc.status == "Crashed":
self.dbAdapter.commit()
return True
else:
proc.status = 'Finished'
session.add(proc)
self.dbAdapter.commit()
def buildHydraCommand(self, runningfolder, userlistPath, passlistPath):
self.ip = self.ipTextinput.text()
self.port = self.portTextinput.text()
self.service = str(self.serviceComboBox.currentText())
self.command = "hydra " + str(self.ip) + " -s " + self.port + " -o "
self.outputfile = runningfolder + "/hydra/" + getTimestamp() + "-" + str(self.ip) + "-" + self.port + "-" + \
self.service + ".txt"
self.command += "\"" + self.outputfile + "\""
if 'form' not in str(self.service):
self.warningLabel.hide()
if not self.service in self.settings.brute_no_username_services.split(
","):
if self.singleUserRadio.isChecked():
self.command += " -l " + self.usersTextinput.text()
elif self.foundUsersRadio.isChecked():
self.command += " -L \"" + userlistPath + "\""
else:
self.command += " -L \"" + self.userlistTextinput.text() + "\""
if not self.service in self.settings.brute_no_password_services.split(
","):
if self.singlePassRadio.isChecked():
escaped_password = self.passwordsTextinput.text().replace(
'"', '\"\"\"')
self.command += " -p \"" + escaped_password + "\""
elif self.foundPasswordsRadio.isChecked():
self.command += " -P \"" + passlistPath + "\""
else:
self.command += " -P \"" + self.passlistTextinput.text() + "\""
if self.checkBlankPass.isChecked():
self.command += " -e n"
if self.checkLoginAsPass.isChecked():
self.command += "s"
elif self.checkLoginAsPass.isChecked():
self.command += " -e s"
if self.checkLoopUsers.isChecked():
self.command += " -u"
if self.checkExitOnValid.isChecked():
self.command += " -f"
if self.checkVerbose.isChecked():
self.command += " -V"
self.command += " -t " + str(self.threadsComboBox.currentText())
self.command += " " + self.service
# if self.labelPath.isVisible(): # append the additional field's content, if it was visible
if self.checkAddMoreOptions.isChecked():
self.command += " " + str(
self.labelPath.text()) # TODO: sanitise this?
#command = "echo "+escaped_password+" > /tmp/hydra-sub.txt"
#os.system(unicode(command))
return self.command
def backupAndSave(self, newSettings, saveBackup=True):
# Backup and save
if saveBackup:
log.info('Backing up old settings and saving new settings...')
os.rename('./legion.conf', './backup/' + getTimestamp() + '-legion.conf')
else:
log.info('Saving config...')
self.actions = QtCore.QSettings('./legion.conf', QtCore.QSettings.NativeFormat)
self.actions.beginGroup('GeneralSettings')
self.actions.setValue('default-terminal', newSettings.general_default_terminal)
self.actions.setValue('tool-output-black-background', newSettings.general_tool_output_black_background)
self.actions.setValue('screenshooter-timeout', newSettings.general_screenshooter_timeout)
self.actions.setValue('web-services', newSettings.general_web_services)
self.actions.setValue('enable-scheduler', newSettings.general_enable_scheduler)
self.actions.setValue('enable-scheduler-on-import', newSettings.general_enable_scheduler_on_import)
self.actions.setValue('max-fast-processes', newSettings.general_max_fast_processes)
self.actions.setValue('max-slow-processes', newSettings.general_max_slow_processes)
self.actions.endGroup()
self.actions.beginGroup('BruteSettings')
self.actions.setValue('store-cleartext-passwords-on-exit', newSettings.brute_store_cleartext_passwords_on_exit)
self.actions.setValue('username-wordlist-path', newSettings.brute_username_wordlist_path)
self.actions.setValue('password-wordlist-path', newSettings.brute_password_wordlist_path)
self.actions.setValue('default-username', newSettings.brute_default_username)
self.actions.setValue('default-password', newSettings.brute_default_password)
self.actions.setValue('services', newSettings.brute_services)
self.actions.setValue('no-username-services', newSettings.brute_no_username_services)
self.actions.setValue('no-password-services', newSettings.brute_no_password_services)
self.actions.endGroup()
self.actions.beginGroup('ToolSettings')
self.actions.setValue('nmap-path', newSettings.tools_path_nmap)
self.actions.setValue('hydra-path', newSettings.tools_path_hydra)
self.actions.setValue('cutycapt-path', newSettings.tools_path_cutycapt)
self.actions.setValue('texteditor-path', newSettings.tools_path_texteditor)
self.actions.endGroup()
self.actions.beginGroup('StagedNmapSettings')
self.actions.setValue('stage1-ports', newSettings.tools_nmap_stage1_ports)
self.actions.setValue('stage2-ports', newSettings.tools_nmap_stage2_ports)
self.actions.setValue('stage3-ports', newSettings.tools_nmap_stage3_ports)
self.actions.setValue('stage4-ports', newSettings.tools_nmap_stage4_ports)
self.actions.setValue('stage5-ports', newSettings.tools_nmap_stage5_ports)
self.actions.setValue('stage6-ports', newSettings.tools_nmap_stage6_ports)
self.actions.endGroup()
self.actions.beginGroup('GUISettings')
self.actions.setValue('process-tab-column-widths', newSettings.gui_process_tab_column_widths)
self.actions.setValue('process-tab-detail', newSettings.gui_process_tab_detail)
self.actions.endGroup()
self.actions.beginGroup('HostActions')
for a in newSettings.hostActions:
self.actions.setValue(a[1], [a[0], a[2]])
self.actions.endGroup()
self.actions.beginGroup('PortActions')
for a in newSettings.portActions:
self.actions.setValue(a[1], [a[0], a[2], a[3]])
self.actions.endGroup()
self.actions.beginGroup('PortTerminalActions')
for a in newSettings.portTerminalActions:
self.actions.setValue(a[1], [a[0], a[2], a[3]])
self.actions.endGroup()
self.actions.beginGroup('SchedulerSettings')
for tool in newSettings.automatedAttacks:
self.actions.setValue(tool[0], [tool[1], tool[2]])
self.actions.endGroup()
self.actions.sync()