class TestCoreHost(unittest.TestCase):
@patch('core.host.__init__')
def setUp(self, mock_host):
self.host = Host('mock_ip')
self.host._services = MagicMock()
def test_has_web_interface(self):
self.host._open_ports = ['80']
ret = self.host.has_web_interface()
self.assertEquals(ret, True)
self.host._open_ports = ['22']
ret = self.host.has_web_interface()
self.assertEquals(ret, False)
def test_has_auth_surface(self):
self.host._open_ports = ['22']
ret = self.host.has_auth_surface()
self.assertEquals(ret, True)
self.host._open_ports = ['8080']
ret = self.host.has_auth_surface()
self.assertEquals(ret, False)
def run_scans(host: Host, scans_to_run: list, force: bool = False) -> None:
"""
Checks if a host meets prerequisites for scans, and runs them.
"""
# TODO research implementing Threads for this
# TODO add fault tolerance
#
# Iterate over all available tests in the core/scans directory
# Import the module from core.scans, then the class from the module
# and finally initialize the class, passing the host to scan.
for scan in scans_to_run:
module = import_module("core.scans.{}".format(scan))
temp = getattr(module, file_to_class_name(scan))
current_scan = temp(host)
if current_scan.requirements_met() and not force:
current_scan.set_config()
low("Starting {} scan.".format(temp))
current_scan.run_scan()
host.scans = current_scan.process_results()
elif force:
current_scan.set_config()
warning("Forcing {} scan to run.".format(temp))
current_scan.run_scan()
host.scans = current_scan.process_results()
else:
low("Requirements not met for {} scan, skipping.".format(temp))
def prereq_scans(host: Host, scans_to_skip: list) -> None:
"""
PortScan and HydraScan are needed to run first, results from them highly influence
scans that follow after.
"""
low("Getting services for target {}".format(str(host)))
port_scan = PortScan(host)
if port_scan.requirements_met:
port_scan.run_scan()
host.services = port_scan.process_results().results
host.open_ports = [port['id'] for port in host.services['ports']]
else:
low('Prerequisites not met for PortScan.')
return
debug(host.services)
debug("HAS AUTH: {}".format(host.has_auth_surface()))
debug("HAS WEB: {}".format(host.has_web_interface()))
hydra_scan = HydraScan(host)
if hydra_scan.requirements_met() and 'hydra_scan' not in scans_to_skip:
low("Host {} has interface for brute forcing creds, beginning scan.".
format(host))
scans_to_skip.append('hydra_scan')
hydra_scan.set_config()
hydra_scan.run_scan()
creds = hydra_scan.process_results()
host.credentials = {
'user': creds['results'][0]['login'],
'passwd': creds['results'][0]['password']
}
else:
low("Username and password supplied, skipping auth scan.")
def getHostObject(plateform=None, name=None):
""" Open and read data from plateform name passed by user, then create Host Object from data filtered by name.
:return: Host Object created from data read in heimdall/conf/host/plateform.yml.
:rtype: Host Object
..seealso:: heimdall.core.host.Host
"""
from core.host import Host
from core.yml import open_yml
from core.exceptions import HostDoesNotExist
filepath = path.join(__pdir__, plateform + '.yml')
plateform_data = open_yml(path=filepath)
try:
if plateform_data:
for e in plateform_data['environment']:
for h in plateform_data['environment'][e]:
if name == h.get('name'):
h['plateform'] = plateform_data['name']
h['environment'] = e
return Host(**h)
else:
raise HostDoesNotExist(
"Host %s in plateform %s doesnt exists" %
(name, plateform))
except HostDoesNotExist as hde:
print hde
exit(hde.code)
def getAllPlateformObjects():
""" Open and read data from heimdall/conf/host/plateform.yaml, then create Plateform Objects from data.
Host Objects are also created and added to Plateform Objects.
:return: list of all Plateform Objects available.
:rtype: list of Plateform Objects
..seealso:: heimdall.core.plateform.Plateform, heimdall.core.host.Host
"""
from core.plateform import Plateform
from core.host import Host
from core.yml import open_yml
plateform_availables = []
for plateform in __plateformsfiles__:
filepath = path.join(__pdir__, plateform)
plateform_data = open_yml(path=filepath)
if plateform_data:
plateform_data['path'] = filepath
for env, hosts in plateform_data['environment'].iteritems():
environment = []
for h in hosts:
h['environment'] = env
environment.append(Host(**h))
plateform_data['environment'][env] = environment
plateform = Plateform(**plateform_data)
plateform_availables.append(plateform)
return plateform_availables
def handle_args(args: Namespace) -> list:
"""
Parse arguments for scan and configure host objects. The scan arg is more demanding about
the information it requires before it will run tests, and will not attempt to dynamically
figure out information about the target before running a scan.
"""
low("Target supplied: {}".format(args.target))
hosts = [Host(host) for host in args.target]
if args.credentials:
if len(args.credentials.split(':')) != 2:
warning("Credentials should be as supplied <USER>:<PASS>")
low("Defaulting to no credentials")
else:
low("User and Password supplied for scans, {}".format(
args.credentials))
for host in hosts:
host.credentials = {
'user': args.credentials.split(':')[0],
'passwd': args.credentials.split(':')[1]
}
for host in hosts:
host.open_ports = args.ports
return hosts
def get_hosts(subnet: str) -> list:
"""
Perform nmap host scan and return a list of hosts on network to assess
"""
hosts = []
scan_info = xml2json(host_scan(subnet))
found = scan_info['nmaprun']['host']
for device in found:
hosts.append(Host(device['address']['@addr']))
return hosts
def add_host(**kwargs):
""" Create a Host Object from information passed by user, and return a Platform Object who contain the new Host Object.
Keyword Args:
plateform (list of one str): host's plateform (same as plateform yaml file)
environment (list of one str): host's environment
name (list of one str): host's name passed by user
desc (list of one str): host's description passed by user
ip (list of one str): host's ip passed by user
account (list of one str): host's superuser account used for configuration passed by user
distribution (list of one str): host's distribution passed by user
kernel_version (list of one str): host's kernel_version passed by user
:return: updated Plateform Object with the new Host Object
:rtype: Plateform Object
..seealso: heimdall.core.host.Host, heimdall.core.plateform.Plateform, heimdall.conf.hosts.getPlateformObject()
"""
from core.host import Host
from conf.hosts import getPlateformObject
from core.exceptions import EnvironmentDoesNotExist
newhost = dict(
(k, ''.join(v)) for k, v in kwargs.iteritems() if v and len(v) == 1)
host = Host(**newhost)
p = getPlateformObject(host.plateform)
try:
if not p.check_environment(kwargs.get('environment')[0]):
raise EnvironmentDoesNotExist(
'Environment %s in plateform %s does not exists!' %
(kwargs.get('environment')[0], p.name), p.name)
except EnvironmentDoesNotExist as ede:
print ede
exit(ede.code)
host.id = p.get_new_id(host.environment)
p.add_host(host)
return p
def getPlateformObject(name=None):
from core.plateform import Plateform
from core.host import Host
from core.yml import open_yml
filepath = path.join(__pdir__, name + '.yml')
plateform_data = open_yml(path=filepath)
plateform = []
if plateform_data:
plateform_data['path'] = filepath
plateform = Plateform(**plateform_data)
for env, hosts in plateform.environment.iteritems():
environment = []
for h in hosts:
h['environment'] = env
environment.append(Host(**h))
plateform.environment[env] = environment
return plateform
def handle_args(args: Namespace) -> list:
"""
Parse arguments for test and configure host objects.
"""
# If no targets provided, assume were finding them on network.
# Once we have targets, if no test given, port/service scan them.
if not args.target:
low("Target not supplied, running host scan.")
hosts = get_hosts(verify_subnet(args.subnet))
else:
low("Target supplied: {}".format(args.target))
hosts = [Host(host) for host in args.target]
if args.user and args.passwd:
low("Username and Password supplied for tests, {}:{}".format(
args.user, args.passwd))
for host in hosts:
host.credentials = {'user': args.user, 'passwd': args.passwd}
return hosts
def setup(self):
# we first have to create all the link and switch objects for the simulation
# switches are attached to networkx node as attribute "_switch"
# links are attached to networkx edge as attribute "_link"
# hosts are attached to networkx node as attribute "_host"
logger.debug("create toplogy objects")
cnt_switches = 0
cnt_links = 0
cnt_hosts = 0
for idFrom, idTo, opts in self.ctx.topo.graph.edges(data=True):
self.ctx.topo.graph.edges[idFrom, idTo]['_link'] = Link(self.ctx, id=(idFrom, idTo), **opts)
cnt_links += 1
for id, opts in self.ctx.topo.graph.nodes(data=True):
if opts.get("isSwitch"):
logger.debug(".. create switch: %s" % str(opts))
# each switch has a routing/forwarding engine
self.ctx.topo.graph.nodes[id]['_switch'] = Switch(self.ctx, id=id, **opts)
cnt_switches += 1
else:
# nodes that are not labeled as switches are considered end systems
logger.debug(".. create end system %s" % str(opts))
neighbors = list(self.ctx.topo.graph.neighbors(id))
if len(neighbors) == 1:
# end systems are connected via exactly one link
link = self.ctx.topo.graph.edges[id,neighbors[0]]['_link']
self.ctx.topo.graph.nodes[id]['_host'] = Host(self.ctx, link, id=id, **opts)
cnt_hosts += 1
else:
logger.error("graph contains host-node with multiple neighbors; not supported (skipped)")
logger.debug("create toplogy objects done; switches=%d links=%d hosts=%d" % (cnt_switches, cnt_links, cnt_hosts))
# next step is to create the traffic
flowGen = FlowGenerator(self.ctx)
# handle global on_simulation_setup_complete callback registered in ctx
if self.ctx.on_simulation_setup_complete:
self.ctx.on_simulation_setup_complete(self.ctx)
def getAllHostsObjects():
""" Open and read data from heimdall/conf/hosts/plateform.yaml, then create Host Objects from data.
:return: list of all Host Objects available.
:rtype: list of Host Objects
..seealso:: heimdall.core.host.Host
"""
from core.host import Host
from core.yml import open_yml
hosts_availables = []
for plateform in __plateformsfiles__:
filepath = path.join(__pdir__, plateform)
hosts_data = open_yml(path=filepath)
if hosts_data:
for env, hosts in hosts_data['environment'].iteritems():
for h in hosts:
h['environment'] = env
h['plateform'] = hosts_data['name']
hosts_availables.append(Host(**h))
return hosts_availables
def setUp(self, mock_host):
self.host = Host('mock_ip')
self.host._services = MagicMock()