예제 #1
0
def start_server_process():
    """
    Start SecureTea in server mode.
    Args:
        None
    Raises:
        None
    Returns:
        None
    """
    # Collect credentials
    cred = get_credentials()
    # Initialize ServerMode object
    server_mode_obj = server_mode.ServerMode(cred=cred, debug=cred["debug"])
    # Start SecureTea in server mode
    server_mode_obj.start_server_mode()
예제 #2
0
    def __init__(self):
        """Init SecureTea params.

        Args:
            None

        Raises:
            None

        Returns:
            None

        Working:
            Collects the arguments passed and calls the respected module accordingly
            for parsing the arguments. Further, creates object for the demanded
            notification medium and starts SecureTea.
        """
        modulename = 'Core'
        self.cred = {}
        args = get_args()
        argsHelper = ArgsHelper(args)
        args_dict = argsHelper.check_args()
        credentials = configurations.SecureTeaConf()

        self.cred = args_dict['cred']
        self.history_logger = self.cred['history_logger']
        self.cred_provided = args_dict['cred_provided']
        self.twitter_provided = args_dict['twitter_provided']
        self.telegram_provided = args_dict['telegram_provided']
        self.twilio_provided = args_dict['twilio_provided']
        self.whatsapp_provided = args_dict['whatsapp_provided']
        self.social_eng_provided = args_dict['social_eng_provided']
        self.slack_provided = args_dict['slack_provided']
        self.aws_ses_provided = args_dict['aws_ses_provided']
        self.gmail_provided = args_dict['gmail_provided']
        self.firewall_provided = args_dict['firewall_provided']
        self.insecure_headers_provided = args_dict['insecure_headers_provided']
        self.ids_provided = args_dict['ids_provided']
        self.system_log_provided = args_dict['system_log_provided']
        self.server_log_provided = args_dict['server_log_provided']
        self.auto_server_patcher_provided = args_dict['auto_server_patcher_provided']
        self.web_deface_provided = args_dict['web_deface_provided']
        self.antivirus_provided = args_dict['antivirus_provided']
        self.iot_checker_provided = args_dict['iot_checker_provided']
        self.server_mode = args_dict["server_mode"]
        self.system_mode = args_dict["system_mode"]
        self.iot_mode = args_dict["iot_mode"]

        # Initialize logger
        self.logger = logger.SecureTeaLogger(
            modulename,
            self.cred['debug']
        )

        # Setup logger for utils
        setup_logger(debug=self.cred['debug'])

        if self.cred_provided and not self.cred['skip_config_file']:
            credentials.save_creds(self.cred)
        elif not self.cred['skip_config_file']:
            self.cred = credentials.get_creds(args)

            try:
                if self.cred['social_eng']:
                    self.social_eng_provided = True
            except KeyError:
                self.logger.log(
                    "Social Engineering configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['twitter']:
                    self.twitter_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Twitter configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['telegram']:
                    self.telegram_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Telegram configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['twilio']:
                    self.twilio_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Twilio configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['whatsapp']:
                    self.whatsapp_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Whatsapp configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['slack']:
                    self.slack_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Slack configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['aws_ses']:
                    self.aws_ses_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "AWS SES configuration parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['gmail']:
                    self.gmail_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Gmail configuraton parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['firewall']:
                    self.firewall_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Firewall configuraton parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['insecure_headers']:
                    self.insecure_headers_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Insecure headers parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['ids']:
                    self.ids_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Intrusion Detection System (IDS) not set.",
                    logtype="error"
                )

            try:
                if self.cred['server_log']:
                    self.server_log_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Server Log configuraton parameter not set.",
                    logtype="error"
                )

            try:
                if self.cred['auto_server_patcher']:
                    self.auto_server_patcher_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Auto server patcher configuraton not set.",
                    logtype="error"
                )

            try:
                if self.cred['web-deface']:
                    self.web_deface_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "Web Deface Detection configuraton not set.",
                    logtype="eror"
                )

            try:
                if self.cred['antivirus']:
                    self.antivirus_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "AntiVirus configuraton not set.",
                    logtype="error"
                )

            try:
                if self.cred['iot-check']:
                    self.iot_checker_provided = True
                    self.cred_provided = True
            except KeyError:
                self.logger.log(
                    "IoT Checker configuraton not set.",
                    logtype="error"
                )

        if not self.cred:
            self.logger.log(
                "Configuration not found.",
                logtype="error"
            )
            sys.exit(0)

        if not self.cred_provided and not (self.cred['history_logger'] or self.cred['clamav'] or self.cred['yara']):
            self.logger.log(
                "None of the notifications configured. Exiting...",
                logtype="error"
            )
            sys.exit(0)

        self.logger.log(
            "Welcome to SecureTea..!! Initializing System",
            logtype="info"
        )

        # Initialize modes at first (Server, System, IoT)
        # Check for Server mode
        if self.server_mode:
            self.logger.log(
                "Starting SecureTea in server mode",
                logtype="info"
            )
            # Initialize Server Mode object
            self.server_mode_obj = server_mode.ServerMode(cred=self.cred, debug=self.cred["debug"])
            self.server_mode_obj.start_server_mode()
            # Avoid multiple process of the objects created by the server mode, set their credentials to False
            self.firewall_provided = False
            self.server_log_provided = False
            self.antivirus_provided = False
            self.web_deface_provided = False
            self.system_log_provided = False
            self.auto_server_patcher_provided = False
            self.ids_provided = False

        # Check for System mode
        if self.system_mode:
            self.logger.log(
                "Starting SecureTea in system mode",
                logtype="info"
            )
            # Initialize System Mode object
            self.system_mode_obj = system_mode.SystemMode(cred=self.cred, debug=self.cred["debug"])
            self.system_mode_obj.start_system_mode()
            # Avoid multiple process of the objects created by the system mode, set their credentials to False
            self.firewall_provided = False
            self.antivirus_provided = False
            self.system_log_provided = False
            self.ids_provided = False

        # Check for Social Engineering
        if self.social_eng_provided:
            self.logger.log(
                "Starting SecureTea Social Engineering",
                logtype="info"
            )
            self.social_eng_obj = SecureTeaSocialEngineering(debug=self.cred["debug"], email_id=self.cred["social_eng"]["email"])
            self.social_eng_obj.start()

        # Check for History Logger
        if self.history_logger:
            self.logger.log(
                "Starting SecureTea History Logger",
                logtype="info"
            )
            self.history_logger_obj = SecureTeaHistoryLogger(debug=self.cred["debug"])
            self.history_logger_obj.start()

        if self.iot_mode:
            self.logger.log(
                "Starting SecureTea in IoT mode",
                logtype="info"
            )
            # Initialize IoT Mode object
            self.iot_mode_obj = iot_mode.IoTMode(cred=self.cred, debug=self.cred["debug"])
            self.iot_mode_obj.start_iot_mode()
            # Avoid multiple process of the objects created by the IoT mode, set their credentials to False
            self.firewall_provided = False
            self.ids_provided = False
            self.iot_checker_provided = False

        if self.twitter_provided:
            self.twitter = secureTeaTwitter.SecureTeaTwitter(
                self.cred['twitter'],
                self.cred['debug']
            )

            if not self.twitter.enabled:
                self.logger.log(
                    "Twitter notification not configured properly.",
                    logtype="error"
                )
            else:
                self.twitter.notify("Welcome to SecureTea..!! Initializing System")

        if self.telegram_provided:
            self.telegram = SecureTeaTelegram(
                self.cred['telegram'],
                self.cred['debug']
            )

            if not self.telegram.enabled:
                self.logger.log(
                    "Telegram notification not configured properly.",
                    logtype="error"
                )
            else:
                self.telegram.notify("Welcome to SecureTea..!! Initializing System")

        if self.twilio_provided:
            self.twilio = secureTeaTwilio.SecureTeaTwilio(
                self.cred['twilio'],
                self.cred['debug']
            )

            if not self.twilio.enabled:
                self.logger.log(
                    "Twilio not configured properly.",
                    logtype="error"
                )
            else:
                self.twilio.notify("Welcome to SecureTea..!! Initializing System")

        if self.whatsapp_provided:
            self.whatsapp = secureTeaWhatsapp.SecureTeaWhatsapp(
                self.cred['whatsapp'],
                self.cred['debug']
            )

            if not self.whatsapp.enabled:
                self.logger.log(
                    "Whatsapp not configured properly.",
                    logtype="error"
                )
            else:
                self.whatsapp.notify("Welcome to SecureTea..!! Initializing System")

        if self.slack_provided:
            self.slack = secureTeaSlack.SecureTeaSlack(
                self.cred['slack'],
                self.cred['debug']
            )

            if not self.slack.enabled:
                self.logger.log(
                    "Slack not configured properly.",
                    logtype="error"
                )
            else:
                self.slack.notify("Welcome to SecureTea..!! Initializing System")

        if self.aws_ses_provided:
            self.aws_ses = secureTeaAwsSES.SecureTeaAwsSES(
                self.cred['aws_ses'],
                self.cred['debug']
            )

            if not self.aws_ses.enabled:
                self.logger.log(
                    "AWS SES not configured properly.",
                    logtype="error"
                )
            else:
                self.aws_ses.notify("Welcome to SecureTea..!! Initializing System")

        if self.gmail_provided:
            self.gmail_obj = secureTeaGmail.SecureTeaGmail(
                cred=self.cred['gmail'],
                debug=self.cred['debug']
            )

            if not self.gmail_obj.enabled:
                self.logger.log(
                    "Gmail not configured properly.",
                    logtype="error"
                )
            else:
                self.gmail_obj.notify("Welcome to SecureTea..!! Initializing System")

        if self.firewall_provided:
            try:
                if self.cred['firewall']:
                    firewallObj = secureTeaFirewall.SecureTeaFirewall(cred=self.cred,
                                                                      debug=self.cred['debug'])
                    firewallObj.start_firewall()
            except KeyError:
                self.logger.log(
                    "Firewall configuration parameter not configured.",
                    logtype="error"
                )

        if self.insecure_headers_provided:
            try:
                if self.cred['insecure_headers']:
                    url = self.cred['insecure_headers']['url']
                    insecure_headers_obj = secureTeaHeaders.SecureTeaHeaders(url=url,
                                                                             debug=self.cred['debug'])
                    insecure_headers_obj.analyze()
            except KeyError:
                self.logger.log(
                    "Insecure headers parameter not configured.",
                    logtype="error"
                )

        if self.ids_provided:
            try:
                if self.cred['ids']:
                    ids_obj = secureTeaIDS.SecureTeaIDS(cred=self.cred['ids'],
                                                        debug=self.cred['debug'])
                    ids_obj.start_ids()
            except KeyError:
                self.logger.log(
                    "Intrusion Detection System (IDS) parameter not configured.",
                    logtype="error"
                )

        if self.system_log_provided:
            try:
                sys_obj = engine.SystemLogEngine(debug=self.cred['debug'])
                sys_obj.run()
            except Exception as e:
                self.logger.log(
                    "Error occured: " + str(e),
                    logtype="error"
                )

        if self.server_log_provided:
            server_cred = self.cred['server_log']
            try:
                server_obj = SecureTeaServerLog(debug=self.cred['debug'],
                                                log_type=server_cred['log-type'],
                                                log_file=server_cred['log-file'],
                                                window=server_cred['window'],
                                                ip_list=server_cred['ip-list'],
                                                status_code=server_cred['status-code'])
                server_obj.run()
            except KeyError:
                self.logger.log(
                    "Server Log parameters not configured.",
                    logtype="error"
                )
            except Exception as e:
                self.logger.log(
                    "Error occured: " + str(e),
                    logtype="error"
                )

        if self.auto_server_patcher_provided:
            auto_server_patcher_cred = self.cred['auto_server_patcher']
            try:
                patcher_obj = SecureTeaAutoServerPatcher(debug=self.cred['debug'],
                                                         cred=auto_server_patcher_cred)
                patcher_obj.start()
            except KeyError:
                self.logger.log(
                    "Auto Server Patcher parameters not configured.",
                    logtype="error"
                )
            except Exception as e:
                self.logger.log(
                    "Error occured: " + str(e),
                    logtype="error"
                )

        if self.web_deface_provided:
            web_deface = self.cred['web_deface']
            try:
                web_deface_obj = WebDeface(debug=self.cred['debug'],
                                           path=web_deface['path'],
                                           server_name=web_deface['server-name'])
                web_deface_obj.start()
            except KeyError:
                self.logger.log(
                    "Web Deface Detection parameters not configured.",
                    logtype="error"
                )
            except Exception as e:
                self.logger.log(
                    "Error occured: " + str(e),
                    logtype="error"
                )

        if self.antivirus_provided or self.cred['clamav'] or self.cred['yara']:
            if self.cred.get('antivirus',0):
                antivirus = self.cred['antivirus']
            else:
                antivirus = {}
                antivirus['update'] = False
                antivirus['custom-scan'] = False
                antivirus['auto-delete'] = False
                antivirus['monitor-usb'] = False
                antivirus['monitor-file-changes'] = False
                antivirus['virustotal-api-key'] = ''

            try:
                antivirus_obj = SecureTeaAntiVirus(debug=self.cred['debug'], cred=antivirus, use_clamav=self.cred['clamav'], use_yara=self.cred['yara'])
                antivirus_obj.start()
            except KeyError:
                self.logger.log(
                    "AntiVirus parameters not configured.",
                    logtype="error"
                )
            except Exception as e:
                self.logger.log(
                    "Error occured: " + str(e),
                    logtype="error"
                )

        if self.iot_checker_provided:
            try:
                iot_checker_obj = iot_checker.IoTChecker(debug=self.cred['debug'],
                                                         api_key=self.cred['iot-check']['shodan-api-key'],
                                                         ip=self.cred['iot-check']['ip'])
                iot_checker_obj.check_shodan_range()
            except KeyError:
                self.logger.log(
                    "IoT checker parameters not configured.",
                    logtype="error"
                )
            except Exception as e:
                self.logger.log(
                    "Error occured: " + str(e),
                    logtype="error"
                )