erosolar-cli 2.1.243 → 2.1.245

package/dist/shell/interactiveShell.js

@@ -4,7 +4,7 @@ import { exec } from 'node:child_process';
 import { promisify } from 'node:util';
 import { existsSync, readFileSync, statSync, writeFileSync } from 'node:fs';
 import { join, resolve } from 'node:path';
-import { AgentOrchestrator } from '../core/agentOrchestrator.js';
+import { AgentOrchestrator, } from '../core/agentOrchestrator.js';
 import { display } from '../ui/display.js';
 import { theme } from '../ui/theme.js';
 import { getTerminalColumns } from '../ui/layout.js';
@@ -279,6 +279,37 @@ export class InteractiveShell {
             description: 'Switch between auto and approval mode for high-impact actions',
             category: 'configuration',
         });
+        // Attack chain commands
+        this.slashCommands.push({
+            command: '/attack',
+            description: 'Execute unified attack chain (usage: /attack <mode> <targets>)',
+            category: 'security',
+        });
+        this.slashCommands.push({
+            command: '/recon',
+            description: 'Run reconnaissance against targets (usage: /recon <targets>)',
+            category: 'security',
+        });
+        this.slashCommands.push({
+            command: '/apt',
+            description: 'Run full APT kill-chain simulation (usage: /apt <targets>)',
+            category: 'security',
+        });
+        this.slashCommands.push({
+            command: '/redteam',
+            description: 'Execute red team operation with infrastructure (usage: /redteam <targets>)',
+            category: 'security',
+        });
+        this.slashCommands.push({
+            command: '/intel',
+            description: 'Gather intelligence on targets (usage: /intel <targets>)',
+            category: 'security',
+        });
+        this.slashCommands.push({
+            command: '/infra',
+            description: 'Deploy operational infrastructure (usage: /infra [region])',
+            category: 'security',
+        });
         this.statusTracker = config.statusTracker;
         this.ui = config.ui;
         this.uiAdapter = config.ui.adapter;
@@ -2958,6 +2989,16 @@ export class InteractiveShell {
                     case '/logout':
                         this.handleLogoutCommand();
                         break;
+                    // Attack chain commands - handled via TaoOps tool
+                    case '/attack':
+                    case '/recon':
+                    case '/apt':
+                    case '/redteam':
+                    case '/intel':
+                    case '/infra':
+                        // These commands are handled through the UnifiedAttackChain tool
+                        this.processInput(`Execute ${command.slice(1)} operation: ${input.slice(command.length).trim() || 'analyze current target'}`);
+                        break;
                     default:
                         if (!(await this.tryCustomSlashCommand(command, input))) {
                             this.showInlineStatus(`Unknown command "${command}".`, 'warning', { autoClearMs: 1800 });
@@ -4725,6 +4766,325 @@ export class InteractiveShell {
         this.showSlashInfo('Running comprehensive security review...');
         await this.processRequest('Please perform a comprehensive security review of the codebase. Check for OWASP top 10 vulnerabilities, insecure patterns, and potential attack vectors.');
     }
+    // ═══════════════════════════════════════════════════════════════════════════════
+    // ATTACK CHAIN COMMAND HANDLERS
+    // ═══════════════════════════════════════════════════════════════════════════════
+    /**
+     * Execute unified attack chain with specified mode and targets.
+     * Usage: /attack <mode> <targets>
+     * Modes: recon, apt, redteam, intel, infra, all
+     */
+    async handleAttackCommand(input) {
+        if (this.isProcessing) {
+            this.showSlashWarning('Wait for the current operation to finish.');
+            return;
+        }
+        const parts = input.replace('/attack', '').trim().split(/\s+/);
+        if (parts.length < 1 || !parts[0]) {
+            this.showAttackChainHelp();
+            return;
+        }
+        const modeArg = parts[0].toLowerCase();
+        const targets = parts.slice(1);
+        // Map command argument to unified mode
+        const modeMap = {
+            'recon': 'attack-chain',
+            'apt': 'apt-simulation',
+            'redteam': 'red-team',
+            'intel': 'intel-collection',
+            'infra': 'infrastructure',
+            'compliance': 'compliance',
+            'all': 'apt-simulation',
+        };
+        const mode = modeMap[modeArg];
+        if (!mode) {
+            this.showSlashWarning(`Unknown attack mode: ${modeArg}. Use: recon, apt, redteam, intel, infra`);
+            return;
+        }
+        await this.executeUnifiedAttackChain(mode, targets, {
+            goals: modeArg === 'all' ? ['all'] : undefined,
+        });
+    }
+    /**
+     * Run reconnaissance against targets.
+     * Usage: /recon <targets>
+     */
+    async handleReconCommand(input) {
+        if (this.isProcessing) {
+            this.showSlashWarning('Wait for the current operation to finish.');
+            return;
+        }
+        const targets = input.replace('/recon', '').trim().split(/\s+/).filter(t => t);
+        if (targets.length === 0) {
+            this.showSlashWarning('Usage: /recon <target1> [target2] ...');
+            return;
+        }
+        await this.executeUnifiedAttackChain('attack-chain', targets, {
+            goals: ['reconnaissance'],
+            attackDepth: 'standard',
+        });
+    }
+    /**
+     * Run full APT kill-chain simulation.
+     * Usage: /apt <targets>
+     */
+    async handleAPTCommand(input) {
+        if (this.isProcessing) {
+            this.showSlashWarning('Wait for the current operation to finish.');
+            return;
+        }
+        const parts = input.replace('/apt', '').trim().split(/\s+/).filter(t => t);
+        if (parts.length === 0) {
+            this.showSlashWarning('Usage: /apt <target1> [target2] ... [--stealth] [--deep]');
+            return;
+        }
+        // Parse flags
+        const stealth = parts.includes('--stealth');
+        const deep = parts.includes('--deep');
+        const targets = parts.filter(p => !p.startsWith('--'));
+        await this.executeUnifiedAttackChain('apt-simulation', targets, {
+            stealthMode: stealth,
+            attackDepth: deep ? 'deep' : 'standard',
+        });
+    }
+    /**
+     * Execute red team operation with infrastructure.
+     * Usage: /redteam <targets>
+     */
+    async handleRedTeamCommand(input) {
+        if (this.isProcessing) {
+            this.showSlashWarning('Wait for the current operation to finish.');
+            return;
+        }
+        const parts = input.replace('/redteam', '').trim().split(/\s+/).filter(t => t);
+        if (parts.length === 0) {
+            this.showSlashWarning('Usage: /redteam <target1> [target2] ... [--region=us|ukraine]');
+            return;
+        }
+        // Parse region flag
+        const regionFlag = parts.find(p => p.startsWith('--region='));
+        const region = regionFlag?.split('=')[1];
+        const targets = parts.filter(p => !p.startsWith('--'));
+        await this.executeUnifiedAttackChain('red-team', targets, {
+            region: region ?? 'us',
+            stealthMode: true,
+            attackDepth: 'deep',
+        });
+    }
+    /**
+     * Gather intelligence on targets.
+     * Usage: /intel <targets>
+     */
+    async handleIntelCommand(input) {
+        if (this.isProcessing) {
+            this.showSlashWarning('Wait for the current operation to finish.');
+            return;
+        }
+        const targets = input.replace('/intel', '').trim().split(/\s+/).filter(t => t);
+        if (targets.length === 0) {
+            this.showSlashWarning('Usage: /intel <target1> [target2] ...');
+            return;
+        }
+        await this.executeUnifiedAttackChain('intel-collection', targets, {
+            goals: ['reconnaissance', 'collection'],
+            collectIntel: true,
+            minimizeFootprint: true,
+        });
+    }
+    /**
+     * Deploy operational infrastructure.
+     * Usage: /infra [region]
+     */
+    async handleInfraCommand(input) {
+        if (this.isProcessing) {
+            this.showSlashWarning('Wait for the current operation to finish.');
+            return;
+        }
+        const parts = input.replace('/infra', '').trim().split(/\s+/).filter(t => t);
+        const region = (parts[0] || 'us');
+        await this.executeUnifiedAttackChain('infrastructure', [], {
+            region,
+            generateInfrastructure: true,
+        });
+    }
+    /**
+     * Execute unified attack chain with real TAO technique execution.
+     */
+    async executeUnifiedAttackChain(mode, targets, extraOptions = {}) {
+        if (!this.agent && !this.rebuildAgent()) {
+            this.showSlashWarning('Configure an API key via /secrets before running attack chains.');
+            return;
+        }
+        const agent = this.agent;
+        const orchestrator = new AgentOrchestrator(agent);
+        // Build options
+        const options = {
+            unifiedMode: mode,
+            attackTargets: targets,
+            streaming: true,
+            ...extraOptions,
+            // Callbacks for real-time progress display
+            onTechniqueStart: (techniqueId, target) => {
+                this.showAttackChainProgress(`▶ ${techniqueId} → ${target}`);
+            },
+            onTechniqueComplete: (result) => {
+                const status = result.success ? theme.success('✓') : theme.error('✗');
+                const risk = result.detectionRisk > 0.7 ? theme.warning('⚠ HIGH RISK') : '';
+                this.showAttackChainProgress(`${status} ${result.techniqueName} (${result.duration}ms) ${risk}`);
+                if (result.artifacts.length > 0) {
+                    this.showAttackChainProgress(`  └─ ${result.artifacts.length} artifacts collected`);
+                }
+            },
+            onGoalAchieved: (goal, artifacts) => {
+                this.showAttackChainProgress(theme.success(`★ Goal achieved: ${goal} (${artifacts.length} artifacts)`));
+            },
+        };
+        this.isProcessing = true;
+        this.showAttackChainBanner(mode, targets);
+        try {
+            const result = await orchestrator.runUnified(`Execute ${mode} operation against: ${targets.join(', ') || 'infrastructure deployment'}`, options);
+            // Display results
+            this.displayAttackChainResult(result);
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : String(error);
+            this.showSlashWarning(`Attack chain failed: ${message}`);
+        }
+        finally {
+            this.isProcessing = false;
+            this.syncRendererInput();
+        }
+    }
+    /**
+     * Show attack chain help.
+     */
+    showAttackChainHelp() {
+        const lines = [
+            theme.gradient.primary('Attack Chain Commands'),
+            '',
+            theme.bold('/attack <mode> <targets>') + ' - Execute unified attack chain',
+            '  Modes: recon, apt, redteam, intel, infra, compliance, all',
+            '',
+            theme.bold('/recon <targets>') + ' - Run reconnaissance',
+            theme.bold('/apt <targets> [--stealth] [--deep]') + ' - Full APT simulation',
+            theme.bold('/redteam <targets> [--region=us|ukraine]') + ' - Red team with infra',
+            theme.bold('/intel <targets>') + ' - Intelligence collection',
+            theme.bold('/infra [region]') + ' - Deploy infrastructure',
+            '',
+            theme.secondary('Examples:'),
+            '  /recon example.com',
+            '  /apt target.com --stealth --deep',
+            '  /redteam corp.local --region=ukraine',
+            '  /intel competitor.com investor.com',
+            '  /infra us',
+            '',
+            theme.warning('⚠ For authorized testing only. Requires proper authorization.'),
+        ];
+        display.showSystemMessage(lines.join('\n'));
+    }
+    /**
+     * Show attack chain execution banner.
+     */
+    showAttackChainBanner(mode, targets) {
+        const modeLabels = {
+            'standard': 'Standard',
+            'attack-chain': 'Attack Chain',
+            'apt-simulation': 'APT Simulation',
+            'infrastructure': 'Infrastructure',
+            'red-team': 'Red Team',
+            'intel-collection': 'Intelligence Collection',
+            'compliance': 'Compliance',
+        };
+        const lines = [
+            '',
+            theme.gradient.primary('═══════════════════════════════════════════════════════════'),
+            theme.gradient.primary(`  ${modeLabels[mode]} Operation`),
+            theme.gradient.primary('═══════════════════════════════════════════════════════════'),
+            '',
+        ];
+        if (targets.length > 0) {
+            lines.push(theme.bold('Targets:'));
+            for (const target of targets) {
+                lines.push(`  • ${target}`);
+            }
+            lines.push('');
+        }
+        lines.push(theme.ui.muted('Press Ctrl+C to abort operation.'));
+        lines.push('');
+        display.showSystemMessage(lines.join('\n'));
+    }
+    /**
+     * Show attack chain progress update.
+     */
+    showAttackChainProgress(message) {
+        display.showSystemMessage(message);
+    }
+    /**
+     * Display attack chain execution result.
+     */
+    displayAttackChainResult(result) {
+        const lines = [
+            '',
+            theme.gradient.primary('═══════════════════════════════════════════════════════════'),
+            theme.gradient.primary('  Execution Complete'),
+            theme.gradient.primary('═══════════════════════════════════════════════════════════'),
+            '',
+        ];
+        // Status summary
+        lines.push(theme.bold('Status: ') + (result.exitReason === 'attack-chain-complete'
+            ? theme.success('SUCCESS')
+            : theme.error('INCOMPLETE')));
+        lines.push('');
+        // Metrics
+        if (result.realMetrics) {
+            const m = result.realMetrics;
+            lines.push(theme.bold('Metrics:'));
+            lines.push(`  Techniques: ${m.successfulTechniques}/${m.totalTechniquesExecuted} successful`);
+            lines.push(`  Duration: ${(m.totalDuration / 1000).toFixed(1)}s`);
+            lines.push(`  Detection Risk: ${(m.averageDetectionRisk * 100).toFixed(0)}%`);
+            lines.push(`  Artifacts: ${m.artifactsCollected}`);
+            lines.push(`  Phases: ${m.phasesCompleted.join(', ') || 'none'}`);
+            lines.push('');
+        }
+        // Goals achieved
+        if (result.achievedGoals && result.achievedGoals.length > 0) {
+            lines.push(theme.bold('Goals Achieved:'));
+            for (const goal of result.achievedGoals) {
+                lines.push(`  ${theme.success('✓')} ${goal}`);
+            }
+            lines.push('');
+        }
+        // Infrastructure
+        if (result.infrastructureStack) {
+            const stack = result.infrastructureStack;
+            lines.push(theme.bold('Infrastructure:'));
+            lines.push(`  Name: ${stack.name}`);
+            lines.push(`  Region: ${stack.region}`);
+            lines.push(`  Components: ${stack.components.length}`);
+            lines.push(`  Cost: $${stack.costEstimate.monthly}/month`);
+            lines.push('');
+        }
+        // Recommendations
+        if (result.recommendations.length > 0) {
+            lines.push(theme.bold('Recommendations:'));
+            for (const rec of result.recommendations) {
+                lines.push(`  • ${rec}`);
+            }
+            lines.push('');
+        }
+        // Tools used
+        if (result.toolsUsed.length > 0) {
+            lines.push(theme.bold(`Tools Used: `) + theme.ui.muted(`(${result.toolsUsed.length})`));
+            const toolList = result.toolsUsed.slice(0, 10).join(', ');
+            lines.push(`  ${toolList}${result.toolsUsed.length > 10 ? '...' : ''}`);
+            lines.push('');
+        }
+        display.showSystemMessage(lines.join('\n'));
+        // Show final response if substantial
+        if (result.finalResponse && result.finalResponse.length > 100) {
+            display.showAssistantMessage(result.finalResponse, { isFinal: true });
+        }
+    }
     handleBugCommand() {
         const lines = [];
         lines.push(theme.bold('Report an Issue'));