def change_factory(self): filename = QFileDialog.getOpenFileName("factories", "Factory (*.py)", self, "Open File", "Load Mutant Factory") filename = str(filename) if len(filename) < 1: return temp = utils.load_factory(filename) self.engine.set_factory(temp) if self.engine.factory == None: self.lcd.display(1) self.firstLine.setMaxValue(0) self.numberLine.setMaxValue(1) else: n = self.engine.factory.count() self.lcd.display(n) self.firstLine.setMaxValue(n - 1) self.numberLine.setMaxValue(n) self.factory_name.setText(self.engine.factory.get_name())
def __init__(self): # reverse arp demon. Used to simulate the virtual host self.arp_demon = None # the exploit currently loaded self.exploit = None # the module containing the current exploit self.exp_module = None # the interface used to generate and receive packets self.interface = 'eth0' # Mutant operators manager self.opmanager = OpManager() # List of alert collectors self.collectors = [] # Mutant factory self.factory = None # True if the alerts must be collected after each mutant execution self.collect_sync = False # True if the log messages must be redirected during the exploit execution self.redirect = True self.virtualhost_mac = 'undefined' self.virtualhost_ip = 'undefined' self.targethost_mac = 'undefined' self.targethost_ip = '127.0.0.1' self.log = logger.main.newSource("ENGINE") # Load the default mutant factory self.set_factory(utils.load_factory("factories/NullFactory.py")) # Load the mutant operators self.opmanager.load_operators() # Scapy configuration scapy.scapy.conf.padding = 0
def parse_options(self, argv=None): parser = OptionParser(version="Sploit mutation engine version %s"%engine.VERSION, usage="%prog [options] attack-cfg") options = None parser.add_option("-r", "--run", action="store", dest="run", metavar="RANGE", help="execute mutants in RANGE (use 'all' to execute all of them") parser.add_option("-i","--info", action="store_true", dest="info", help="print attack and configuration info") parser.add_option("-q", "--quiet", action="store_true", dest="quiet", help="don't print any messages to stdout") parser.add_option("-p", "--port", action="store", dest="port", help="set the first TCP port used to generate packets (use 'random' for random value)") parser.add_option("--sleep", action="store", dest="sleep", type = "int", default=0, help="sleep time (in seconds) between mutant executions") parser.add_option("--noredirect", action="store_false", dest="redirect", default=True, help="prints all the log messages on the sandard output") parser.add_option("--color", action="store_true", dest="color", default=False, help="use colors") parser.add_option("--dest", action="store", dest="dest", metavar="IP", help="Set the target IP") parser.add_option("--nolog", action="store_false", dest="log", default=True, help="Disable logging") parser.add_option("-L","--log", action="store", type="string", dest="log_path", metavar="PATH", default = ".", help="Change the logging directory to PATH") parser.add_option("-F","--factory", action="store", type="string", dest="factory", metavar="FILE", help="Load and set the mutant factory from FILE") parser.add_option("-C","--collector", action="append", type="string", dest="collectors", metavar="FILE", help="Load and set an alert collector") parser.add_option("-v","--verbosity", action="append", type="string", dest="verbosity", default=[], help="set the verbosity level (one of DEBUG, INFO, WARNING, ERROR)") (options, args) = parser.parse_args(argv) if len(args) != 1: parser.error("incorrect number of arguments") self.file = args[0] if options.sleep: self.sleep_time = options.sleep if options.color == True: self.use_color = True for v in options.verbosity: table = { "DEBUG": logger.DEBUG, "INFO": logger.INFO, "WARNING": logger.WARNING, "ERROR": logger.ERROR, "OFF": logger.OFF } if ":" in v: source, level = v.split(":") if table.has_key(level)==False: parser.error("Verbosity can be set to DEBUG, INFO, WARNING, ERROR") if logger.main.setLevel(table[level],source) == False: print "Invalid source %s"%source else: if table.has_key(v)==False: parser.error("Verbosity can be set to DEBUG, INFO, WARNING, ERROR") if logger.main.setLevel(table[v]) == False: print "Error setting the log level" if options.port != None: if options.port=="random": tcp.NEXT_SPORT = random.randint(2000,60000) #print "Source Port Starting from: %d"%tcp.NEXT_SPORT else: tcp.NEXT_SPORT = int(options.port) if self.e.load_configuration(self.file)==False: print self.color("\r\nSploit: Error loading configuration file",RED) return False if options.factory != None: temp = utils.load_factory(options.factory) if temp == None: parser.error("Error reading file"%options.factory) self.e.set_factory(temp) if options.log and options.run and options.redirect: self.logenable = True if os.path.isdir(options.log_path) == False: parser.error("Path %s must be an existing directory"%options.log_path) newdir = time.strftime("%d-%b-%Y_%H.%M.%S") self.log_full = os.path.join(options.log_path,newdir) try: os.mkdir(self.log_full) except: print "Error creating %s: access denied"%self.log_full return False if options.dest: self.e.setTargetHost(options.dest) if options.collectors: for c in options.collectors: self.e.add_collector(utils.load_collector(c)) if options.info: self.exec_info = True if options.run: self.exec_run = True if ":" in options.run: try: start, end = options.run.split(":") self.start = int(start) self.to_be_exec = 1 + (int(end)-self.start) except: parser.error("Execution RANGE must be a number or a windows in the form FIRST:LAST") else: if options.run == "all": self.start = 0 self.to_be_exec = 0 else: try: self.start = int(options.run) self.to_be_exec = 1 except: parser.error("Execution RANGE must be a number or a windows in the form FIRST:LAST") if options.redirect != None and options.redirect==False: self.e.redirect = False return True
if sip == None: self.log.error("Source IP missing with Userland stack enabled!!") if smac == None: self.log.error("Source MAC missing with Userland stack enabled!!") else: self.setVirtualHost(tmac, smac, sip) self.set_userland_socket(True) val = c.get("Network","iface") if val is not None: self.set_iface(val) # Factory settings val = c.get("Factory","script") if val is not None: self.set_factory(utils.load_factory(val)) # Mutant operators ops = c.items("Operators").items() for name, val in ops: op = self.opmanager.get_operator_by_name(name) if op == None: self.log.warning("Operator %s not found"%name) continue if type(value) == list: for line in val: cmd,value = line.split("=",1); cmd = cmd.split() value = value.split() pos = 0