souleyez 2.22.0__py3-none-any.whl → 2.27.0__py3-none-any.whl

souleyez/engine/result_handler.py

@@ -44,6 +44,7 @@ def handle_job_result(job: Dict[str, Any]) -> Optional[Dict[str, Any]]:
         return None
 
     if not log_path or not os.path.exists(log_path):
+        logger.error(f"Job {job.get('id')} parse failed: log file missing or does not exist (path={log_path})")
         return None
 
     # Get engagement ID from job or fall back to current engagement
@@ -56,10 +57,12 @@ def handle_job_result(job: Dict[str, Any]) -> Optional[Dict[str, Any]]:
             engagement = em.get_current()
 
             if not engagement:
+                logger.error(f"Job {job.get('id')} parse failed: no engagement_id and no current engagement")
                 return None
 
             engagement_id = engagement['id']
-        except Exception:
+        except Exception as e:
+            logger.error(f"Job {job.get('id')} parse failed: engagement lookup error: {e}")
             return None
 
     # Route to appropriate parser
@@ -108,6 +111,15 @@ def handle_job_result(job: Dict[str, Any]) -> Optional[Dict[str, Any]]:
         parse_result = parse_nikto_job(engagement_id, log_path, job)
     elif tool == 'dalfox':
         parse_result = parse_dalfox_job(engagement_id, log_path, job)
+    elif tool == 'http_fingerprint':
+        parse_result = parse_http_fingerprint_job(engagement_id, log_path, job)
+    elif tool == 'hashcat':
+        parse_result = parse_hashcat_job(engagement_id, log_path, job)
+    elif tool == 'john':
+        parse_result = parse_john_job(engagement_id, log_path, job)
+    else:
+        # No parser for this tool - log it so we know
+        logger.warning(f"Job {job.get('id')} has no parser for tool '{tool}' - results not extracted")
 
     # NOTE: Auto-chaining is now handled in background.py after parsing completes
     # This avoids duplicate job creation and gives better control over timing
@@ -204,6 +216,8 @@ def reparse_job(job_id: int) -> Dict[str, Any]:
             parse_result = parse_nikto_job(engagement_id, log_path, job)
         elif tool == 'dalfox':
             parse_result = parse_dalfox_job(engagement_id, log_path, job)
+        elif tool == 'http_fingerprint':
+            parse_result = parse_http_fingerprint_job(engagement_id, log_path, job)
         else:
             return {'success': False, 'message': f'No parser available for tool: {tool}'}
 
@@ -3068,6 +3082,91 @@ def parse_nikto_job(engagement_id: int, log_path: str, job: Dict[str, Any]) -> D
         return {'error': str(e)}
 
 
+def parse_http_fingerprint_job(engagement_id: int, log_path: str, job: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Parse HTTP fingerprint results.
+
+    Returns fingerprint data for use in auto-chaining context.
+    This enables downstream tools (nikto, nuclei, etc.) to make smarter decisions
+    based on detected WAF, CDN, or managed hosting platform.
+    """
+    try:
+        from souleyez.parsers.http_fingerprint_parser import (
+            parse_http_fingerprint_output,
+            build_fingerprint_context,
+            get_tool_recommendations
+        )
+        from souleyez.storage.hosts import HostManager
+        from urllib.parse import urlparse
+
+        target = job.get('target', '')
+
+        # Read log file
+        with open(log_path, 'r', encoding='utf-8', errors='replace') as f:
+            output = f.read()
+
+        parsed = parse_http_fingerprint_output(output, target)
+
+        # Extract host from target URL
+        parsed_url = urlparse(target)
+        target_host = parsed_url.hostname or target
+
+        # Update host with fingerprint info if we have useful data
+        if target_host and (parsed.get('server') or parsed.get('managed_hosting')):
+            hm = HostManager()
+            host_data = {
+                'ip': target_host,
+                'status': 'up'
+            }
+            # Store server info in notes or a dedicated field
+            # For now, we just ensure the host exists
+            hm.add_or_update_host(engagement_id, host_data)
+
+        # Build fingerprint context for chaining
+        fingerprint_context = build_fingerprint_context(parsed)
+
+        # Get tool recommendations
+        recommendations = get_tool_recommendations(parsed)
+
+        # Determine status
+        if parsed.get('error'):
+            status = STATUS_ERROR
+        elif parsed.get('managed_hosting') or parsed.get('waf') or parsed.get('cdn'):
+            status = STATUS_DONE  # Found useful info
+        elif parsed.get('server'):
+            status = STATUS_DONE
+        else:
+            status = STATUS_NO_RESULTS
+
+        return {
+            'tool': 'http_fingerprint',
+            'status': status,
+            'target': target,
+            'target_host': target_host,
+            # Core fingerprint data
+            'server': parsed.get('server'),
+            'managed_hosting': parsed.get('managed_hosting'),
+            'waf': parsed.get('waf', []),
+            'cdn': parsed.get('cdn', []),
+            'technologies': parsed.get('technologies', []),
+            'status_code': parsed.get('status_code'),
+            # For auto-chaining context
+            'http_fingerprint': fingerprint_context.get('http_fingerprint', {}),
+            'recommendations': recommendations,
+            # Pass through for downstream chains
+            'services': [{
+                'ip': target_host,
+                'port': parsed_url.port or (443 if parsed_url.scheme == 'https' else 80),
+                'service_name': 'https' if parsed_url.scheme == 'https' else 'http',
+                'product': parsed.get('server', ''),
+            }],
+        }
+
+    except Exception as e:
+        logger.error(f"Error parsing http_fingerprint job: {e}")
+        return {'error': str(e)}
+
+
 def parse_dalfox_job(engagement_id: int, log_path: str, job: Dict[str, Any]) -> Dict[str, Any]:
     """Parse Dalfox XSS scanner results."""
     try:
@@ -3156,3 +3255,165 @@ def parse_dalfox_job(engagement_id: int, log_path: str, job: Dict[str, Any]) ->
     except Exception as e:
         logger.error(f"Error parsing dalfox job: {e}")
         return {'error': str(e)}
+
+
+def parse_hashcat_job(engagement_id: int, log_path: str, job: Dict[str, Any]) -> Dict[str, Any]:
+    """Parse hashcat job results and extract cracked passwords."""
+    try:
+        from souleyez.parsers.hashcat_parser import parse_hashcat_output, map_to_credentials
+        from souleyez.storage.credentials import CredentialsManager
+        from souleyez.storage.findings import FindingsManager
+
+        # Read the log file
+        with open(log_path, 'r', encoding='utf-8', errors='replace') as f:
+            log_content = f.read()
+
+        # Parse hashcat output
+        hash_file = job.get('metadata', {}).get('hash_file', '')
+        parsed = parse_hashcat_output(log_content, hash_file)
+
+        # Store credentials
+        cm = CredentialsManager()
+        creds_added = 0
+
+        for cracked in parsed.get('cracked', []):
+            try:
+                cm.add_credential(
+                    engagement_id=engagement_id,
+                    host_id=None,  # Hash cracking typically not tied to a specific host
+                    username='',  # Hashcat doesn't always know the username
+                    password=cracked['password'],
+                    service='cracked_hash',
+                    credential_type='password',
+                    tool='hashcat',
+                    status='cracked',
+                    notes=f"Cracked from hash: {cracked['hash'][:32]}..."
+                )
+                creds_added += 1
+            except Exception:
+                pass  # Skip duplicates
+
+        # Create finding if we cracked passwords
+        fm = FindingsManager()
+        findings_added = 0
+
+        if parsed.get('cracked'):
+            fm.add_finding(
+                engagement_id=engagement_id,
+                title=f"Password Hashes Cracked - {len(parsed['cracked'])} passwords recovered",
+                finding_type='credential',
+                severity='high',
+                description=f"Hashcat successfully cracked {len(parsed['cracked'])} password hash(es).\n\n"
+                           f"Status: {parsed['stats'].get('status', 'unknown')}\n"
+                           f"Cracked: {parsed['stats'].get('cracked_count', len(parsed['cracked']))}",
+                tool='hashcat'
+            )
+            findings_added += 1
+
+        # Determine status
+        if creds_added > 0:
+            status = STATUS_DONE
+        elif parsed['stats'].get('status') == 'exhausted':
+            status = STATUS_NO_RESULTS  # Ran to completion but found nothing
+        else:
+            status = STATUS_NO_RESULTS
+
+        return {
+            'tool': 'hashcat',
+            'status': status,
+            'cracked_count': len(parsed.get('cracked', [])),
+            'credentials_added': creds_added,
+            'findings_added': findings_added,
+            'hashcat_status': parsed['stats'].get('status', 'unknown')
+        }
+
+    except Exception as e:
+        logger.error(f"Error parsing hashcat job: {e}")
+        return {'error': str(e)}
+
+
+def parse_john_job(engagement_id: int, log_path: str, job: Dict[str, Any]) -> Dict[str, Any]:
+    """Parse John the Ripper job results and extract cracked passwords."""
+    try:
+        from souleyez.parsers.john_parser import parse_john_output
+        from souleyez.storage.credentials import CredentialsManager
+        from souleyez.storage.findings import FindingsManager
+
+        # Read the log file
+        with open(log_path, 'r', encoding='utf-8', errors='replace') as f:
+            log_content = f.read()
+
+        # Get hash file from job metadata if available
+        hash_file = job.get('metadata', {}).get('hash_file', None)
+
+        # Parse john output
+        parsed = parse_john_output(log_content, hash_file)
+
+        # Store credentials
+        cm = CredentialsManager()
+        creds_added = 0
+
+        for cred in parsed.get('cracked', []):
+            username = cred.get('username', '')
+            password = cred.get('password', '')
+
+            if password:  # At minimum we need a password
+                try:
+                    cm.add_credential(
+                        engagement_id=engagement_id,
+                        host_id=None,  # Hash cracking typically not tied to a specific host
+                        username=username if username != 'unknown' else '',
+                        password=password,
+                        service='cracked_hash',
+                        credential_type='password',
+                        tool='john',
+                        status='cracked',
+                        notes=f"Cracked by John the Ripper"
+                    )
+                    creds_added += 1
+                except Exception:
+                    pass  # Skip duplicates
+
+        # Create finding if we cracked passwords
+        fm = FindingsManager()
+        findings_added = 0
+
+        if parsed.get('cracked'):
+            usernames = [c.get('username', 'unknown') for c in parsed['cracked'] if c.get('username')]
+            usernames_str = ', '.join(usernames[:10])  # First 10
+            if len(usernames) > 10:
+                usernames_str += f" (+{len(usernames) - 10} more)"
+
+            fm.add_finding(
+                engagement_id=engagement_id,
+                title=f"Password Hashes Cracked - {len(parsed['cracked'])} passwords recovered",
+                finding_type='credential',
+                severity='high',
+                description=f"John the Ripper successfully cracked {len(parsed['cracked'])} password hash(es).\n\n"
+                           f"Usernames: {usernames_str}\n"
+                           f"Session status: {parsed.get('session_status', 'unknown')}",
+                tool='john'
+            )
+            findings_added += 1
+
+        # Determine status
+        if creds_added > 0:
+            status = STATUS_DONE
+        elif parsed.get('session_status') == 'completed':
+            status = STATUS_NO_RESULTS  # Ran to completion but found nothing
+        else:
+            status = STATUS_NO_RESULTS
+
+        return {
+            'tool': 'john',
+            'status': status,
+            'cracked_count': len(parsed.get('cracked', [])),
+            'credentials_added': creds_added,
+            'findings_added': findings_added,
+            'session_status': parsed.get('session_status', 'unknown'),
+            'total_loaded': parsed.get('total_loaded', 0)
+        }
+
+    except Exception as e:
+        logger.error(f"Error parsing john job: {e}")
+        return {'error': str(e)}

souleyez/engine/worker_manager.py

@@ -4,12 +4,13 @@ Worker health check and management utilities
 """
 import psutil
 import time
-from typing import Optional, Tuple
+from typing import Optional, Tuple, Dict, Any
 
 
 def is_worker_running() -> Tuple[bool, Optional[int]]:
     """
-    Check if background worker is running
+    Check if background worker is running.
+
     Returns: (is_running, pid)
     """
     for proc in psutil.process_iter(['pid', 'cmdline']):
@@ -29,6 +30,40 @@ def is_worker_running() -> Tuple[bool, Optional[int]]:
     return False, None
 
 
+def is_worker_healthy() -> Tuple[bool, Optional[int], Optional[str]]:
+    """
+    Check if background worker is running AND healthy (responding).
+
+    Uses heartbeat file to verify worker is actively processing.
+    A worker process may exist but be frozen/hung - heartbeat detects this.
+
+    Returns: (is_healthy, pid, issue)
+        - is_healthy: True if worker is running and heartbeat is fresh
+        - pid: Worker PID if found, None otherwise
+        - issue: Description of issue if not healthy, None otherwise
+    """
+    from souleyez.engine.background import (
+        get_heartbeat_age, HEARTBEAT_STALE_THRESHOLD
+    )
+
+    is_running, pid = is_worker_running()
+
+    if not is_running:
+        return False, None, "Worker process not found"
+
+    # Check heartbeat
+    heartbeat_age = get_heartbeat_age()
+
+    if heartbeat_age is None:
+        # No heartbeat file - worker may have just started
+        return True, pid, "No heartbeat yet (may be starting)"
+
+    if heartbeat_age > HEARTBEAT_STALE_THRESHOLD:
+        return False, pid, f"Heartbeat stale ({int(heartbeat_age)}s old, threshold: {HEARTBEAT_STALE_THRESHOLD}s)"
+
+    return True, pid, None
+
+
 def start_worker_if_needed() -> bool:
     """
     Start worker if not running
@@ -107,3 +142,64 @@ def get_worker_status() -> dict:
             pass
 
     return status
+
+
+def get_worker_health() -> Dict[str, Any]:
+    """
+    Get detailed worker health status including heartbeat info.
+
+    Returns dict with:
+        - running: Whether worker process exists
+        - healthy: Whether worker is running AND responsive
+        - pid: Worker PID if running
+        - uptime: Seconds since worker started
+        - heartbeat_age: Seconds since last heartbeat
+        - heartbeat_stale: Whether heartbeat is stale
+        - issue: Description of any health issue
+        - cpu_percent: CPU usage percentage
+        - memory_mb: Memory usage in MB
+    """
+    from souleyez.engine.background import (
+        get_heartbeat_age, HEARTBEAT_STALE_THRESHOLD
+    )
+
+    is_running, pid = is_worker_running()
+    heartbeat_age = get_heartbeat_age()
+
+    health = {
+        'running': is_running,
+        'healthy': False,
+        'pid': pid,
+        'uptime': None,
+        'heartbeat_age': heartbeat_age,
+        'heartbeat_stale': heartbeat_age is None or heartbeat_age > HEARTBEAT_STALE_THRESHOLD,
+        'issue': None,
+        'cpu_percent': None,
+        'memory_mb': None
+    }
+
+    if not is_running:
+        health['issue'] = "Worker process not found"
+        return health
+
+    # Get process info
+    try:
+        proc = psutil.Process(pid)
+        health['uptime'] = int(time.time() - proc.create_time())
+        health['cpu_percent'] = proc.cpu_percent(interval=0.1)
+        health['memory_mb'] = round(proc.memory_info().rss / 1024 / 1024, 1)
+    except (psutil.NoSuchProcess, psutil.AccessDenied):
+        health['issue'] = "Cannot access worker process"
+        return health
+
+    # Check heartbeat
+    if heartbeat_age is None:
+        health['issue'] = "No heartbeat yet (worker may be starting)"
+        health['healthy'] = True  # Give benefit of doubt for new workers
+    elif heartbeat_age > HEARTBEAT_STALE_THRESHOLD:
+        health['issue'] = f"Worker unresponsive (heartbeat {int(heartbeat_age)}s old)"
+        health['healthy'] = False
+    else:
+        health['healthy'] = True
+
+    return health

souleyez/main.py

@@ -173,7 +173,7 @@ def _check_privileged_tools():
 
 
 @click.group()
-@click.version_option(version='2.22.0')
+@click.version_option(version='2.27.0')
 def cli():
     """SoulEyez - AI-Powered Pentesting Platform by CyberSoul Security"""
     from souleyez.log_config import init_logging
@@ -1388,19 +1388,24 @@ def _run_doctor(fix=False, verbose=False):
     path_dirs = os.environ.get('PATH', '').split(':')
     pipx_bin = str(Path.home() / '.local' / 'bin')
     go_bin = str(Path.home() / 'go' / 'bin')
+
+    # Detect shell config file (zsh for Kali, bash for others)
+    shell = os.environ.get('SHELL', '/bin/bash')
+    shell_rc = '~/.zshrc' if 'zsh' in shell else '~/.bashrc'
+
     if pipx_bin in path_dirs:
         if verbose:
             check_pass("PATH includes ~/.local/bin (pipx)")
     else:
         if Path(pipx_bin).exists() and any(Path(pipx_bin).iterdir()):
-            check_warn("~/.local/bin not in PATH", "Add to ~/.bashrc: export PATH=\"$HOME/.local/bin:$PATH\"")
+            check_warn("~/.local/bin not in PATH", f"Add to {shell_rc}: export PATH=\"$HOME/.local/bin:$PATH\"")
 
     if go_bin in path_dirs:
         if verbose:
             check_pass("PATH includes ~/go/bin")
     else:
         if Path(go_bin).exists() and any(Path(go_bin).iterdir()):
-            check_warn("~/go/bin not in PATH", "Add to ~/.bashrc: export PATH=\"$HOME/go/bin:$PATH\"")
+            check_warn("~/go/bin not in PATH", f"Add to {shell_rc}: export PATH=\"$HOME/go/bin:$PATH\"")
 
     # Check database is writable
     if db_path.exists():
@@ -1430,8 +1435,10 @@ def _run_doctor(fix=False, verbose=False):
     # Section 7: MSF Database (if msfconsole available)
     if shutil.which('msfconsole'):
         click.echo(click.style("Metasploit", bold=True))
+        # Check user config first, then system-wide config (Kali uses system-wide)
         msf_db = Path.home() / '.msf4' / 'database.yml'
-        if msf_db.exists():
+        system_msf_db = Path('/usr/share/metasploit-framework/config/database.yml')
+        if msf_db.exists() or system_msf_db.exists():
             check_pass("MSF database configured")
         else:
             check_fail("MSF database not initialized", "msfdb init")
@@ -1513,6 +1520,98 @@ def tutorial():
     run_tutorial()
 
 
+@cli.command('install-desktop')
+@click.option('--remove', is_flag=True, help='Remove the desktop shortcut')
+def install_desktop(remove):
+    """Install SoulEyez desktop shortcut in Applications menu.
+
+    Creates a .desktop file so SoulEyez appears in your
+    Applications > Security menu with its icon.
+    """
+    import shutil
+    from importlib import resources
+
+    applications_dir = Path.home() / '.local' / 'share' / 'applications'
+    icons_dir = Path.home() / '.local' / 'share' / 'icons'
+    desktop_file = applications_dir / 'souleyez.desktop'
+    icon_dest = icons_dir / 'souleyez.png'
+
+    if remove:
+        # Remove desktop shortcut
+        removed = False
+        if desktop_file.exists():
+            desktop_file.unlink()
+            click.echo(click.style("  Removed desktop shortcut", fg='green'))
+            removed = True
+        if icon_dest.exists():
+            icon_dest.unlink()
+            click.echo(click.style("  Removed icon", fg='green'))
+            removed = True
+        if removed:
+            click.echo(click.style("\nSoulEyez removed from Applications menu.", fg='cyan'))
+        else:
+            click.echo(click.style("No desktop shortcut found.", fg='yellow'))
+        return
+
+    click.echo(click.style("\nInstalling SoulEyez desktop shortcut...\n", fg='cyan', bold=True))
+
+    # Create directories
+    applications_dir.mkdir(parents=True, exist_ok=True)
+    icons_dir.mkdir(parents=True, exist_ok=True)
+
+    # Find and copy icon
+    try:
+        # Try importlib.resources first (Python 3.9+)
+        try:
+            from importlib.resources import files
+            icon_source = files('souleyez.assets').joinpath('souleyez-icon.png')
+            with open(icon_source, 'rb') as src:
+                icon_data = src.read()
+        except (ImportError, TypeError, FileNotFoundError):
+            # Fallback: find icon relative to this file
+            icon_source = Path(__file__).parent / 'assets' / 'souleyez-icon.png'
+            with open(icon_source, 'rb') as src:
+                icon_data = src.read()
+
+        with open(icon_dest, 'wb') as dst:
+            dst.write(icon_data)
+        click.echo(click.style("  Installed icon", fg='green'))
+    except Exception as e:
+        click.echo(click.style(f"  Warning: Could not copy icon: {e}", fg='yellow'))
+        icon_dest = "utilities-terminal"  # Fallback to system icon
+
+    # Create .desktop file
+    desktop_content = f"""[Desktop Entry]
+Name=SoulEyez
+Comment=AI-Powered Penetration Testing Platform
+Exec=souleyez interactive
+Icon={icon_dest}
+Terminal=true
+Type=Application
+Categories=Security;System;Network;
+Keywords=pentest;security;hacking;nmap;metasploit;
+"""
+
+    desktop_file.write_text(desktop_content)
+    click.echo(click.style("  Created desktop entry", fg='green'))
+
+    # Update desktop database (optional, may not be available)
+    try:
+        import subprocess
+        subprocess.run(['update-desktop-database', str(applications_dir)],
+                      capture_output=True, check=False)
+    except Exception:
+        pass  # Not critical if this fails
+
+    click.echo()
+    click.echo(click.style("SoulEyez added to Applications menu!", fg='green', bold=True))
+    click.echo()
+    click.echo("You can find it under:")
+    click.echo(click.style("  Applications > Security > SoulEyez", fg='cyan'))
+    click.echo()
+    click.echo("To remove: souleyez install-desktop --remove")
+
+
 def main():
     """Main entry point."""
     cli()