def remove_local_system(self, username: str, local_ip: str) -> dict:
if not self.username_exists(username):
return {
'success': False,
'error': "You are not logged in to access this resource."
}
if not APIUtils.validate('ipaddress', local_ip):
return {
'success': False,
'error': "Please provide a valid IP Address."
}
# "Warning"? Issue in pylint: https://github.com/MongoEngine/mongoengine/issues/858
user = User.objects(username=username)[0]
localexists = LocalSystem.objects(userId=user,
localIP=local_ip).count() > 0
if not localexists:
return {
'success': False,
'error':
"A system with this IP does not exists in your IP Pool."
}
localsys: LocalSystem = LocalSystem.objects(userId=user,
localIP=local_ip)
localsys.delete()
return {
'success': True,
'message': "Local System deleted successfully!"
}
def change_local_system_ip(self, username: str, old_local_ip: str, new_local_ip: str) -> dict:
if not self.username_exists(username):
return {'success': False, 'error': "You are not logged in to access this resource."}
if not APIUtils.validate('ipaddress', old_local_ip):
return {'success': False, 'error': "Please provide a valid old Local IP Address."}
if not APIUtils.validate('ipaddress', new_local_ip):
return {'success': False, 'error': "Please provide a valid new Local IP Address."}
# "Warning"? Issue in pylint: https://github.com/MongoEngine/mongoengine/issues/858
user = User.objects(username=username)[0]
oldlocalexists = LocalSystem.objects(
userId=user, localIP=old_local_ip).count() > 0
newlocalexists = LocalSystem.objects(
userId=user, localIP=new_local_ip).count() > 0
if not oldlocalexists:
return {
'success': False,
'error': "A system with this IP does not exists in your IP Pool."
}
if newlocalexists:
return {
'success': False,
'error': "A system with this IP is already exists in your IP Pool."
}
localsys: LocalSystem = LocalSystem.objects(
userId=user, localIP=old_local_ip)[0]
localsys.localIP = new_local_ip
localsys.save()
return {'success': True, 'message': "Local System's IP changed successfully!"}
def get_latest_post_exploitation_data(self, username: str,
localip: str) -> dict:
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
if not validate('ipaddress', localip):
return {'success': False, 'error': 'Invalid IPv4 Address!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user, localIP=localip)
if localsys.count() == 0:
return {
'success': False,
'error': 'This IPv4 does not exists in you IPv4 Pool.'
}
lsystem: LocalSystem = localsys[0]
if lsystem.lastScanTime is None:
return {'success': True, 'data': {}}
scanevents: list = ScanningEvent.objects(systemId=lsystem,
scanTime=lsystem.lastScanTime)
if scanevents.count() == 0:
lsystem.lastScanTime = None
lsystem.save()
return {'success': True, 'data': {}}
scanevent = scanevents[0]
post_exploit_events: list = PostExploitationEvent.objects(
systemId=lsystem, scanId=scanevent, success=True)
events_data = []
for event in post_exploit_events:
event_data = {}
event_data['postexploit'] = event.postExploit
event_data['output'] = event.output
event_data['using'] = event.executedUsing
event_data['timestamp'] = event.timestamp
events_data.append(event_data)
return {'success': True, 'data': events_data}
def get_exploitation_data(self, username: str, localip: str) -> dict:
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
if not validate('ipaddress', localip):
return {'success': False, 'error': 'Invalid IPv4 Address!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user, localIP=localip)
if localsys.count() == 0:
return {
'success': False,
'error': 'This IPv4 does not exists in you IPv4 Pool.'
}
lsystem: LocalSystem = localsys[0]
events = ExploitingEvent.objects(systemId=lsystem)
events_data = []
for event in events:
event_data = {}
event_data['exploit'] = event['exploit']
event_data['payload'] = event['payload']
event_data['port'] = event['port']
event_data['using'] = event.exploitedUsing
event_data['timestamp'] = event.timestamp
events_data.append(event_data)
return {
'success': True,
'data': events_data,
'count': len(events_data)
}
def insert_post_exploitation_log(self, username: str, localip: str,
post_exploit: str, output: str,
using: str, success: bool,
scanningevent: ScanningEvent) -> dict:
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
if not validate('ipaddress', localip):
return {'success': False, 'error': 'Invalid IPv4 Address!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user, localIP=localip)
if localsys.count() == 0:
return {
'success': False,
'error': 'This IPv4 does not exists in you IPv4 Pool.'
}
lsystem: LocalSystem = localsys[0]
event = PostExploitationEvent(systemId=lsystem,
executedUsing=using,
postExploit=post_exploit,
output=output,
success=success,
scanId=scanningevent)
event.save()
return {
'success': True,
'message': "Post Exploitation Event Logged!!",
'event': event
}
def insert_exploitation_log(self, username: str, localip: str,
exploit: str, payload: str, using: str,
port: int, success: bool,
scanningevent: ScanningEvent) -> dict:
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
if not validate('ipaddress', localip):
return {'success': False, 'error': 'Invalid IPv4 Address!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user, localIP=localip)
if localsys.count() == 0:
return {
'success': False,
'error': 'This IPv4 does not exists in you IPv4 Pool.'
}
lsystem: LocalSystem = localsys[0]
# portdata = lsystem.openPorts[str(port)]
# print(scanningevent)
# scanningevent = ScanningEvent(**scanningevent)
event = ExploitingEvent(
systemId=lsystem,
exploitedUsing=using,
exploit=exploit,
payload=payload,
success=success,
port=port,
scanId=scanningevent
) # vulnName=vulnname, vulnDescription=vulndescription, sessionType=sessiontype
event.save()
return {
'success': True,
'message': "Exploitation Event Logged!!",
'event': event
}
def insert_scanning_log(self, openports: dict, username: str, localip: str,
os: str, closed_ports: list) -> dict:
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
if not validate('ipaddress', localip):
return {'success': False, 'error': 'Invalid IPv4 Address!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user, localIP=localip)
if localsys.count() == 0:
return {
'success': False,
'error': 'This IPv4 does not exists in you IPv4 Pool.'
}
lsystem: LocalSystem = localsys[0]
is_up = len(list(openports.items())) > 0
lsystem.systemUp = is_up
lsystem.os = os
lsystem.openPorts = openports
lsystem.closedPorts = closed_ports
lsystem.save()
event = ScanningEvent(systemId=lsystem,
openPorts=openports,
systemUp=is_up,
closedPorts=closed_ports)
event.save()
event.reload()
lsystem.lastScanTime = event.scanTime
lsystem.save()
return {
'success': True,
'message': "Scanning Event Logged!!",
'event': event
}
def add_local_system(self, username: str, local_ip: str) -> dict:
if not self.username_exists(username):
return {
'success': False,
'error': "You are not logged in to access this resource."
}
if not APIUtils.validate('ipaddress', local_ip):
return {
'success': False,
'error': "Please provide a valid IP Address."
}
# "Warning"? Issue in pylint: https://github.com/MongoEngine/mongoengine/issues/858
user = User.objects(username=username)[0]
localexists = LocalSystem.objects(userId=user,
localIP=local_ip).count() > 0
if localexists:
return {
'success': False,
'error':
"A system with this IP is already added to your IP Pool."
}
localsys = LocalSystem()
localsys.userId = user
localsys.localIP = local_ip
localsys.os = "Unknown"
localsys.openPorts = {}
localsys.systemUp = False
localsys.save()
return {'success': True, 'message': "Local System added successfully!"}
def get_local_systems(self, username: str) -> str:
if not self.username_exists(username):
return {'success': False, 'error': "You are not logged in to access this resource."}
# "Warning"? Issue in pylint: https://github.com/MongoEngine/mongoengine/issues/858
user: User = User.objects(username=username)[0]
localsystems = LocalSystem.objects(userId=user)
systems = []
for lsys in localsystems:
systems.append(lsys.localIP)
return {'success': True, 'count': localsystems.count(), 'data': systems}
def get_scanning_events_by_username(self, username: str) -> str:
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user)
data = {}
for lsystem in localsys:
events_list = ScanningEvent.objects(systemId=lsystem)
events = []
for event in events_list:
event_data = {"scanTime": event.scanTime, "systemUp": event.systemUp, "openPorts": event.openPorts}
events.append(event_data)
data[lsystem['localIP']] = events
return {'success': True, 'data': data}
def get_local_system_status(self, username: str, localip: str):
if not self.username_exists(username):
return {'success': False, 'error': 'Invalid Username!'}
if not validate('ipaddress', localip):
return {'success': False, 'error': 'Invalid IPv4 Address!'}
user: User = User.objects(username=username)[0]
localsys: list = LocalSystem.objects(userId=user, localIP=localip)
if localsys.count() == 0:
return {'success': False, 'error': 'This IPv4 does not exists in you IPv4 Pool.'}
lsystem: LocalSystem = localsys[0]
if (lsystem.closedPorts is None):
lsystem.closedPorts = []
data = {
"openPorts": lsystem.openPorts,
"closedPorts": lsystem.closedPorts,
"os": lsystem.os,
"up": lsystem.systemUp,
"lastScanTime": lsystem.lastScanTime
}
return {'success': True, 'data': data}