pentesting 0.56.5 → 0.56.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/main.js +45 -14
- package/package.json +1 -1
package/dist/main.js
CHANGED
|
@@ -439,7 +439,7 @@ function wrapCommandForTor(command) {
|
|
|
439
439
|
}
|
|
440
440
|
if (/\bnmap\b/.test(command)) {
|
|
441
441
|
let nmapCmd = command;
|
|
442
|
-
nmapCmd = nmapCmd.replace(/\s-s[
|
|
442
|
+
nmapCmd = nmapCmd.replace(/\s-s[SAXFN]\b/g, " -sT");
|
|
443
443
|
if (!/\s-Pn\b/.test(nmapCmd)) {
|
|
444
444
|
nmapCmd = nmapCmd.replace(/\bnmap\b/, "nmap -Pn");
|
|
445
445
|
}
|
|
@@ -711,7 +711,7 @@ var INPUT_PROMPT_PATTERNS = [
|
|
|
711
711
|
|
|
712
712
|
// src/shared/constants/agent.ts
|
|
713
713
|
var APP_NAME = "Pentest AI";
|
|
714
|
-
var APP_VERSION = "0.56.
|
|
714
|
+
var APP_VERSION = "0.56.7";
|
|
715
715
|
var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
|
|
716
716
|
var LLM_ROLES = {
|
|
717
717
|
SYSTEM: "system",
|
|
@@ -4011,6 +4011,17 @@ async function executeCommandOnce(command, options = {}) {
|
|
|
4011
4011
|
const inputHandler = getInputHandler();
|
|
4012
4012
|
const timeout = options.timeout ?? TOOL_TIMEOUTS.DEFAULT_COMMAND;
|
|
4013
4013
|
const safeCommand = injectCurlMaxTime(command, CURL_MAX_TIME_SEC);
|
|
4014
|
+
const torLeak = checkTorLeakRisk(safeCommand);
|
|
4015
|
+
if (!torLeak.safe) {
|
|
4016
|
+
resolve({
|
|
4017
|
+
success: false,
|
|
4018
|
+
output: "",
|
|
4019
|
+
error: `\u{1F6D1} TOR IP LEAK BLOCKED
|
|
4020
|
+
Reason: ${torLeak.reason}
|
|
4021
|
+
Suggestion: ${torLeak.suggestion}`
|
|
4022
|
+
});
|
|
4023
|
+
return;
|
|
4024
|
+
}
|
|
4014
4025
|
eventEmitter?.({
|
|
4015
4026
|
type: COMMAND_EVENT_TYPES.COMMAND_START,
|
|
4016
4027
|
message: `Executing: ${safeCommand.slice(0, DISPLAY_LIMITS.COMMAND_PREVIEW)}${safeCommand.length > DISPLAY_LIMITS.COMMAND_PREVIEW ? "..." : ""}`
|
|
@@ -8982,9 +8993,14 @@ Combine with packet_sniff to capture intercepted traffic.`,
|
|
|
8982
8993
|
} else {
|
|
8983
8994
|
cmd = NETWORK_COMMANDS.ARP_SPOOF.replace("${duration}", duration.toString()).replace("${ifaceFlag}", ifaceFlag).replace("${target}", target).replace("${gateway}", gateway);
|
|
8984
8995
|
}
|
|
8985
|
-
|
|
8986
|
-
|
|
8987
|
-
|
|
8996
|
+
let proc;
|
|
8997
|
+
try {
|
|
8998
|
+
proc = startBackgroundProcess(cmd, {
|
|
8999
|
+
description: `ARP spoof: ${target} <-> ${gateway}`
|
|
9000
|
+
});
|
|
9001
|
+
} catch (err) {
|
|
9002
|
+
return { success: false, output: "", error: `Failed to start ARP spoof: ${err}` };
|
|
9003
|
+
}
|
|
8988
9004
|
await new Promise((r) => setTimeout(r, (duration + NETWORK_CONFIG.WAIT_BUFFER_SECONDS) * 1e3));
|
|
8989
9005
|
const output = getProcessOutput(proc.id);
|
|
8990
9006
|
await stopBackgroundProcess(proc.id);
|
|
@@ -9127,9 +9143,14 @@ ${spoofIp} *.${domain}
|
|
|
9127
9143
|
`);
|
|
9128
9144
|
const ifaceFlag = iface ? `-i ${iface}` : "";
|
|
9129
9145
|
const cmd = NETWORK_COMMANDS.DNS_SPOOF.replace("${duration}", duration.toString()).replace("${ifaceFlag}", ifaceFlag).replace("${hostsFile}", hostsFile);
|
|
9130
|
-
|
|
9131
|
-
|
|
9132
|
-
|
|
9146
|
+
let proc;
|
|
9147
|
+
try {
|
|
9148
|
+
proc = startBackgroundProcess(cmd, {
|
|
9149
|
+
description: `DNS spoof: ${domain} -> ${spoofIp}`
|
|
9150
|
+
});
|
|
9151
|
+
} catch (err) {
|
|
9152
|
+
return { success: false, output: "", error: `Failed to start DNS spoof: ${err}` };
|
|
9153
|
+
}
|
|
9133
9154
|
await new Promise((r) => setTimeout(r, (duration + NETWORK_CONFIG.WAIT_BUFFER_SECONDS) * 1e3));
|
|
9134
9155
|
const output = getProcessOutput(proc.id);
|
|
9135
9156
|
await stopBackgroundProcess(proc.id);
|
|
@@ -9181,9 +9202,14 @@ Combine with arp_spoof for transparent proxying.`,
|
|
|
9181
9202
|
const modeFlag = mode === "transparent" ? "--mode transparent" : "";
|
|
9182
9203
|
const filterFlag = targetHost ? `-f "~d ${targetHost}"` : "";
|
|
9183
9204
|
cmd = NETWORK_COMMANDS.MITM_DUMP.replace("${duration}", duration.toString()).replace("${port}", port.toString()).replace("${outputFile}", outputFile).replace("${sslFlag}", sslFlag).replace("${modeFlag}", modeFlag).replace("${filter}", filterFlag);
|
|
9184
|
-
|
|
9185
|
-
|
|
9186
|
-
|
|
9205
|
+
let proc;
|
|
9206
|
+
try {
|
|
9207
|
+
proc = startBackgroundProcess(cmd, {
|
|
9208
|
+
description: `MitM proxy on port ${port}`
|
|
9209
|
+
});
|
|
9210
|
+
} catch (err) {
|
|
9211
|
+
return { success: false, output: "", error: `Failed to start MitM proxy: ${err}` };
|
|
9212
|
+
}
|
|
9187
9213
|
await new Promise((r) => setTimeout(r, (duration + NETWORK_CONFIG.WAIT_BUFFER_SECONDS) * 1e3));
|
|
9188
9214
|
const procOutput = getProcessOutput(proc.id);
|
|
9189
9215
|
await stopBackgroundProcess(proc.id);
|
|
@@ -9253,9 +9279,14 @@ This is a high-level tool that combines tcpdump capture with protocol analysis.`
|
|
|
9253
9279
|
}
|
|
9254
9280
|
}
|
|
9255
9281
|
const captureCmd = `timeout ${duration}s sudo tcpdump -i ${iface} -w ${outputFile} "${bpfFilter}"`;
|
|
9256
|
-
|
|
9257
|
-
|
|
9258
|
-
|
|
9282
|
+
let proc;
|
|
9283
|
+
try {
|
|
9284
|
+
proc = startBackgroundProcess(captureCmd, {
|
|
9285
|
+
description: `Traffic intercept on ${target}`
|
|
9286
|
+
});
|
|
9287
|
+
} catch (err) {
|
|
9288
|
+
return { success: false, output: "", error: `Failed to start traffic intercept: ${err}` };
|
|
9289
|
+
}
|
|
9259
9290
|
await new Promise((r) => setTimeout(r, (duration + NETWORK_CONFIG.WAIT_BUFFER_SECONDS) * 1e3));
|
|
9260
9291
|
await stopBackgroundProcess(proc.id);
|
|
9261
9292
|
let output = `Traffic Interception Report
|