souleyez 2.43.26__py3-none-any.whl → 2.43.34__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of souleyez might be problematic. Click here for more details.
- souleyez/__init__.py +1 -2
- souleyez/ai/__init__.py +21 -15
- souleyez/ai/action_mapper.py +249 -150
- souleyez/ai/chain_advisor.py +116 -100
- souleyez/ai/claude_provider.py +29 -28
- souleyez/ai/context_builder.py +80 -62
- souleyez/ai/executor.py +158 -117
- souleyez/ai/feedback_handler.py +136 -121
- souleyez/ai/llm_factory.py +27 -20
- souleyez/ai/llm_provider.py +4 -2
- souleyez/ai/ollama_provider.py +6 -9
- souleyez/ai/ollama_service.py +44 -37
- souleyez/ai/path_scorer.py +91 -76
- souleyez/ai/recommender.py +176 -144
- souleyez/ai/report_context.py +74 -73
- souleyez/ai/report_service.py +84 -66
- souleyez/ai/result_parser.py +222 -229
- souleyez/ai/safety.py +67 -44
- souleyez/auth/__init__.py +23 -22
- souleyez/auth/audit.py +36 -26
- souleyez/auth/engagement_access.py +65 -48
- souleyez/auth/permissions.py +14 -3
- souleyez/auth/session_manager.py +54 -37
- souleyez/auth/user_manager.py +109 -64
- souleyez/commands/audit.py +40 -43
- souleyez/commands/auth.py +35 -15
- souleyez/commands/deliverables.py +55 -50
- souleyez/commands/engagement.py +47 -28
- souleyez/commands/license.py +32 -23
- souleyez/commands/screenshots.py +36 -32
- souleyez/commands/user.py +82 -36
- souleyez/config.py +52 -44
- souleyez/core/credential_tester.py +87 -81
- souleyez/core/cve_mappings.py +179 -192
- souleyez/core/cve_matcher.py +162 -148
- souleyez/core/msf_auto_mapper.py +100 -83
- souleyez/core/msf_chain_engine.py +294 -256
- souleyez/core/msf_database.py +153 -70
- souleyez/core/msf_integration.py +679 -673
- souleyez/core/msf_rpc_client.py +40 -42
- souleyez/core/msf_rpc_manager.py +77 -79
- souleyez/core/msf_sync_manager.py +241 -181
- souleyez/core/network_utils.py +22 -15
- souleyez/core/parser_handler.py +34 -25
- souleyez/core/pending_chains.py +114 -63
- souleyez/core/templates.py +158 -107
- souleyez/core/tool_chaining.py +9526 -2879
- souleyez/core/version_utils.py +79 -94
- souleyez/core/vuln_correlation.py +136 -89
- souleyez/core/web_utils.py +33 -32
- souleyez/data/wordlists/ad_users.txt +378 -0
- souleyez/data/wordlists/api_endpoints_large.txt +769 -0
- souleyez/data/wordlists/home_dir_sensitive.txt +39 -0
- souleyez/data/wordlists/lfi_payloads.txt +82 -0
- souleyez/data/wordlists/passwords_brute.txt +1548 -0
- souleyez/data/wordlists/passwords_crack.txt +2479 -0
- souleyez/data/wordlists/passwords_spray.txt +386 -0
- souleyez/data/wordlists/subdomains_large.txt +5057 -0
- souleyez/data/wordlists/usernames_common.txt +694 -0
- souleyez/data/wordlists/web_dirs_large.txt +4769 -0
- souleyez/detection/__init__.py +1 -1
- souleyez/detection/attack_signatures.py +12 -17
- souleyez/detection/mitre_mappings.py +61 -55
- souleyez/detection/validator.py +97 -86
- souleyez/devtools.py +23 -10
- souleyez/docs/README.md +4 -4
- souleyez/docs/api-reference/cli-commands.md +2 -2
- souleyez/docs/developer-guide/adding-new-tools.md +562 -0
- souleyez/docs/user-guide/auto-chaining.md +30 -8
- souleyez/docs/user-guide/getting-started.md +1 -1
- souleyez/docs/user-guide/installation.md +26 -3
- souleyez/docs/user-guide/metasploit-integration.md +2 -2
- souleyez/docs/user-guide/rbac.md +1 -1
- souleyez/docs/user-guide/scope-management.md +1 -1
- souleyez/docs/user-guide/siem-integration.md +1 -1
- souleyez/docs/user-guide/tools-reference.md +1 -8
- souleyez/docs/user-guide/worker-management.md +1 -1
- souleyez/engine/background.py +1239 -535
- souleyez/engine/base.py +4 -1
- souleyez/engine/job_status.py +17 -49
- souleyez/engine/log_sanitizer.py +103 -77
- souleyez/engine/manager.py +38 -7
- souleyez/engine/result_handler.py +2200 -1550
- souleyez/engine/worker_manager.py +50 -41
- souleyez/export/evidence_bundle.py +72 -62
- souleyez/feature_flags/features.py +16 -20
- souleyez/feature_flags.py +5 -9
- souleyez/handlers/__init__.py +11 -0
- souleyez/handlers/base.py +188 -0
- souleyez/handlers/bash_handler.py +277 -0
- souleyez/handlers/bloodhound_handler.py +243 -0
- souleyez/handlers/certipy_handler.py +311 -0
- souleyez/handlers/crackmapexec_handler.py +486 -0
- souleyez/handlers/dnsrecon_handler.py +344 -0
- souleyez/handlers/enum4linux_handler.py +400 -0
- souleyez/handlers/evil_winrm_handler.py +493 -0
- souleyez/handlers/ffuf_handler.py +815 -0
- souleyez/handlers/gobuster_handler.py +1114 -0
- souleyez/handlers/gpp_extract_handler.py +334 -0
- souleyez/handlers/hashcat_handler.py +444 -0
- souleyez/handlers/hydra_handler.py +563 -0
- souleyez/handlers/impacket_getuserspns_handler.py +343 -0
- souleyez/handlers/impacket_psexec_handler.py +222 -0
- souleyez/handlers/impacket_secretsdump_handler.py +426 -0
- souleyez/handlers/john_handler.py +286 -0
- souleyez/handlers/katana_handler.py +425 -0
- souleyez/handlers/kerbrute_handler.py +298 -0
- souleyez/handlers/ldapsearch_handler.py +636 -0
- souleyez/handlers/lfi_extract_handler.py +464 -0
- souleyez/handlers/msf_auxiliary_handler.py +408 -0
- souleyez/handlers/msf_exploit_handler.py +380 -0
- souleyez/handlers/nikto_handler.py +413 -0
- souleyez/handlers/nmap_handler.py +821 -0
- souleyez/handlers/nuclei_handler.py +359 -0
- souleyez/handlers/nxc_handler.py +371 -0
- souleyez/handlers/rdp_sec_check_handler.py +353 -0
- souleyez/handlers/registry.py +292 -0
- souleyez/handlers/responder_handler.py +232 -0
- souleyez/handlers/service_explorer_handler.py +434 -0
- souleyez/handlers/smbclient_handler.py +344 -0
- souleyez/handlers/smbmap_handler.py +510 -0
- souleyez/handlers/smbpasswd_handler.py +296 -0
- souleyez/handlers/sqlmap_handler.py +1116 -0
- souleyez/handlers/theharvester_handler.py +601 -0
- souleyez/handlers/web_login_test_handler.py +327 -0
- souleyez/handlers/whois_handler.py +277 -0
- souleyez/handlers/wpscan_handler.py +554 -0
- souleyez/history.py +32 -16
- souleyez/importers/msf_importer.py +106 -75
- souleyez/importers/smart_importer.py +208 -147
- souleyez/integrations/siem/__init__.py +10 -10
- souleyez/integrations/siem/base.py +17 -18
- souleyez/integrations/siem/elastic.py +108 -122
- souleyez/integrations/siem/factory.py +207 -80
- souleyez/integrations/siem/googlesecops.py +146 -154
- souleyez/integrations/siem/rule_mappings/__init__.py +1 -1
- souleyez/integrations/siem/rule_mappings/wazuh_rules.py +8 -5
- souleyez/integrations/siem/sentinel.py +107 -109
- souleyez/integrations/siem/splunk.py +246 -212
- souleyez/integrations/siem/wazuh.py +65 -71
- souleyez/integrations/wazuh/__init__.py +5 -5
- souleyez/integrations/wazuh/client.py +70 -93
- souleyez/integrations/wazuh/config.py +85 -57
- souleyez/integrations/wazuh/host_mapper.py +28 -36
- souleyez/integrations/wazuh/sync.py +78 -68
- souleyez/intelligence/__init__.py +4 -5
- souleyez/intelligence/correlation_analyzer.py +309 -295
- souleyez/intelligence/exploit_knowledge.py +661 -623
- souleyez/intelligence/exploit_suggestions.py +159 -139
- souleyez/intelligence/gap_analyzer.py +132 -97
- souleyez/intelligence/gap_detector.py +251 -214
- souleyez/intelligence/sensitive_tables.py +266 -129
- souleyez/intelligence/service_parser.py +137 -123
- souleyez/intelligence/surface_analyzer.py +407 -268
- souleyez/intelligence/target_parser.py +159 -162
- souleyez/licensing/__init__.py +6 -6
- souleyez/licensing/validator.py +17 -19
- souleyez/log_config.py +79 -54
- souleyez/main.py +1505 -687
- souleyez/migrations/fix_job_counter.py +16 -14
- souleyez/parsers/bloodhound_parser.py +41 -39
- souleyez/parsers/crackmapexec_parser.py +178 -111
- souleyez/parsers/dalfox_parser.py +72 -77
- souleyez/parsers/dnsrecon_parser.py +103 -91
- souleyez/parsers/enum4linux_parser.py +183 -153
- souleyez/parsers/ffuf_parser.py +29 -25
- souleyez/parsers/gobuster_parser.py +301 -41
- souleyez/parsers/hashcat_parser.py +324 -79
- souleyez/parsers/http_fingerprint_parser.py +350 -103
- souleyez/parsers/hydra_parser.py +131 -111
- souleyez/parsers/impacket_parser.py +231 -178
- souleyez/parsers/john_parser.py +98 -86
- souleyez/parsers/katana_parser.py +316 -0
- souleyez/parsers/msf_parser.py +943 -498
- souleyez/parsers/nikto_parser.py +346 -65
- souleyez/parsers/nmap_parser.py +262 -174
- souleyez/parsers/nuclei_parser.py +40 -44
- souleyez/parsers/responder_parser.py +26 -26
- souleyez/parsers/searchsploit_parser.py +74 -74
- souleyez/parsers/service_explorer_parser.py +279 -0
- souleyez/parsers/smbmap_parser.py +180 -124
- souleyez/parsers/sqlmap_parser.py +434 -308
- souleyez/parsers/theharvester_parser.py +75 -57
- souleyez/parsers/whois_parser.py +135 -94
- souleyez/parsers/wpscan_parser.py +278 -190
- souleyez/plugins/afp.py +44 -36
- souleyez/plugins/afp_brute.py +114 -46
- souleyez/plugins/ard.py +48 -37
- souleyez/plugins/bloodhound.py +95 -61
- souleyez/plugins/certipy.py +303 -0
- souleyez/plugins/crackmapexec.py +186 -85
- souleyez/plugins/dalfox.py +120 -59
- souleyez/plugins/dns_hijack.py +146 -41
- souleyez/plugins/dnsrecon.py +97 -61
- souleyez/plugins/enum4linux.py +91 -66
- souleyez/plugins/evil_winrm.py +291 -0
- souleyez/plugins/ffuf.py +166 -90
- souleyez/plugins/firmware_extract.py +133 -29
- souleyez/plugins/gobuster.py +387 -190
- souleyez/plugins/gpp_extract.py +393 -0
- souleyez/plugins/hashcat.py +100 -73
- souleyez/plugins/http_fingerprint.py +854 -267
- souleyez/plugins/hydra.py +566 -200
- souleyez/plugins/impacket_getnpusers.py +117 -69
- souleyez/plugins/impacket_psexec.py +84 -64
- souleyez/plugins/impacket_secretsdump.py +103 -69
- souleyez/plugins/impacket_smbclient.py +89 -75
- souleyez/plugins/john.py +86 -69
- souleyez/plugins/katana.py +313 -0
- souleyez/plugins/kerbrute.py +237 -0
- souleyez/plugins/lfi_extract.py +541 -0
- souleyez/plugins/macos_ssh.py +117 -48
- souleyez/plugins/mdns.py +35 -30
- souleyez/plugins/msf_auxiliary.py +253 -130
- souleyez/plugins/msf_exploit.py +239 -161
- souleyez/plugins/nikto.py +134 -78
- souleyez/plugins/nmap.py +275 -91
- souleyez/plugins/nuclei.py +180 -89
- souleyez/plugins/nxc.py +285 -0
- souleyez/plugins/plugin_base.py +35 -36
- souleyez/plugins/plugin_template.py +13 -5
- souleyez/plugins/rdp_sec_check.py +130 -0
- souleyez/plugins/responder.py +112 -71
- souleyez/plugins/router_http_brute.py +76 -65
- souleyez/plugins/router_ssh_brute.py +118 -41
- souleyez/plugins/router_telnet_brute.py +124 -42
- souleyez/plugins/routersploit.py +91 -59
- souleyez/plugins/routersploit_exploit.py +77 -55
- souleyez/plugins/searchsploit.py +91 -77
- souleyez/plugins/service_explorer.py +1160 -0
- souleyez/plugins/smbmap.py +122 -72
- souleyez/plugins/smbpasswd.py +215 -0
- souleyez/plugins/sqlmap.py +301 -113
- souleyez/plugins/theharvester.py +127 -75
- souleyez/plugins/tr069.py +79 -57
- souleyez/plugins/upnp.py +65 -47
- souleyez/plugins/upnp_abuse.py +73 -55
- souleyez/plugins/vnc_access.py +129 -42
- souleyez/plugins/vnc_brute.py +109 -38
- souleyez/plugins/web_login_test.py +417 -0
- souleyez/plugins/whois.py +77 -58
- souleyez/plugins/wpscan.py +173 -69
- souleyez/reporting/__init__.py +2 -1
- souleyez/reporting/attack_chain.py +411 -346
- souleyez/reporting/charts.py +436 -501
- souleyez/reporting/compliance_mappings.py +334 -201
- souleyez/reporting/detection_report.py +126 -125
- souleyez/reporting/formatters.py +828 -591
- souleyez/reporting/generator.py +386 -302
- souleyez/reporting/metrics.py +72 -75
- souleyez/scanner.py +35 -29
- souleyez/security/__init__.py +37 -11
- souleyez/security/scope_validator.py +175 -106
- souleyez/security/validation.py +223 -149
- souleyez/security.py +22 -6
- souleyez/storage/credentials.py +247 -186
- souleyez/storage/crypto.py +296 -129
- souleyez/storage/database.py +73 -50
- souleyez/storage/db.py +58 -36
- souleyez/storage/deliverable_evidence.py +177 -128
- souleyez/storage/deliverable_exporter.py +282 -246
- souleyez/storage/deliverable_templates.py +134 -116
- souleyez/storage/deliverables.py +135 -130
- souleyez/storage/engagements.py +109 -56
- souleyez/storage/evidence.py +181 -152
- souleyez/storage/execution_log.py +31 -17
- souleyez/storage/exploit_attempts.py +93 -57
- souleyez/storage/exploits.py +67 -36
- souleyez/storage/findings.py +48 -61
- souleyez/storage/hosts.py +176 -144
- souleyez/storage/migrate_to_engagements.py +43 -19
- souleyez/storage/migrations/_001_add_credential_enhancements.py +22 -12
- souleyez/storage/migrations/_002_add_status_tracking.py +10 -7
- souleyez/storage/migrations/_003_add_execution_log.py +14 -8
- souleyez/storage/migrations/_005_screenshots.py +13 -5
- souleyez/storage/migrations/_006_deliverables.py +13 -5
- souleyez/storage/migrations/_007_deliverable_templates.py +12 -7
- souleyez/storage/migrations/_008_add_nuclei_table.py +10 -4
- souleyez/storage/migrations/_010_evidence_linking.py +17 -10
- souleyez/storage/migrations/_011_timeline_tracking.py +20 -13
- souleyez/storage/migrations/_012_team_collaboration.py +34 -21
- souleyez/storage/migrations/_013_add_host_tags.py +12 -6
- souleyez/storage/migrations/_014_exploit_attempts.py +22 -10
- souleyez/storage/migrations/_015_add_mac_os_fields.py +15 -7
- souleyez/storage/migrations/_016_add_domain_field.py +10 -4
- souleyez/storage/migrations/_017_msf_sessions.py +16 -8
- souleyez/storage/migrations/_018_add_osint_target.py +10 -6
- souleyez/storage/migrations/_019_add_engagement_type.py +10 -6
- souleyez/storage/migrations/_020_add_rbac.py +36 -15
- souleyez/storage/migrations/_021_wazuh_integration.py +20 -8
- souleyez/storage/migrations/_022_wazuh_indexer_columns.py +6 -4
- souleyez/storage/migrations/_023_fix_detection_results_fk.py +16 -6
- souleyez/storage/migrations/_024_wazuh_vulnerabilities.py +26 -10
- souleyez/storage/migrations/_025_multi_siem_support.py +3 -5
- souleyez/storage/migrations/_026_add_engagement_scope.py +31 -12
- souleyez/storage/migrations/_027_multi_siem_persistence.py +32 -15
- souleyez/storage/migrations/__init__.py +26 -26
- souleyez/storage/migrations/migration_manager.py +19 -19
- souleyez/storage/msf_sessions.py +100 -65
- souleyez/storage/osint.py +17 -24
- souleyez/storage/recommendation_engine.py +269 -235
- souleyez/storage/screenshots.py +33 -32
- souleyez/storage/smb_shares.py +136 -92
- souleyez/storage/sqlmap_data.py +183 -128
- souleyez/storage/team_collaboration.py +135 -141
- souleyez/storage/timeline_tracker.py +122 -94
- souleyez/storage/wazuh_vulns.py +64 -66
- souleyez/storage/web_paths.py +33 -37
- souleyez/testing/credential_tester.py +221 -205
- souleyez/ui/__init__.py +1 -1
- souleyez/ui/ai_quotes.py +12 -12
- souleyez/ui/attack_surface.py +2439 -1516
- souleyez/ui/chain_rules_view.py +914 -382
- souleyez/ui/correlation_view.py +312 -230
- souleyez/ui/dashboard.py +2382 -1130
- souleyez/ui/deliverables_view.py +148 -62
- souleyez/ui/design_system.py +13 -13
- souleyez/ui/errors.py +49 -49
- souleyez/ui/evidence_linking_view.py +284 -179
- souleyez/ui/evidence_vault.py +393 -285
- souleyez/ui/exploit_suggestions_view.py +555 -349
- souleyez/ui/export_view.py +100 -66
- souleyez/ui/gap_analysis_view.py +315 -171
- souleyez/ui/help_system.py +105 -97
- souleyez/ui/intelligence_view.py +436 -293
- souleyez/ui/interactive.py +23434 -10286
- souleyez/ui/interactive_selector.py +75 -68
- souleyez/ui/log_formatter.py +47 -39
- souleyez/ui/menu_components.py +22 -13
- souleyez/ui/msf_auxiliary_menu.py +184 -133
- souleyez/ui/pending_chains_view.py +336 -172
- souleyez/ui/progress_indicators.py +5 -3
- souleyez/ui/recommendations_view.py +195 -137
- souleyez/ui/rule_builder.py +343 -225
- souleyez/ui/setup_wizard.py +678 -284
- souleyez/ui/shortcuts.py +217 -165
- souleyez/ui/splunk_gap_analysis_view.py +452 -270
- souleyez/ui/splunk_vulns_view.py +139 -86
- souleyez/ui/team_dashboard.py +498 -335
- souleyez/ui/template_selector.py +196 -105
- souleyez/ui/terminal.py +6 -6
- souleyez/ui/timeline_view.py +198 -127
- souleyez/ui/tool_setup.py +264 -164
- souleyez/ui/tutorial.py +202 -72
- souleyez/ui/tutorial_state.py +40 -40
- souleyez/ui/wazuh_vulns_view.py +235 -141
- souleyez/ui/wordlist_browser.py +260 -107
- souleyez/ui.py +464 -312
- souleyez/utils/tool_checker.py +427 -367
- souleyez/utils.py +33 -29
- souleyez/wordlists.py +134 -167
- {souleyez-2.43.26.dist-info → souleyez-2.43.34.dist-info}/METADATA +1 -1
- souleyez-2.43.34.dist-info/RECORD +443 -0
- {souleyez-2.43.26.dist-info → souleyez-2.43.34.dist-info}/WHEEL +1 -1
- souleyez-2.43.26.dist-info/RECORD +0 -379
- {souleyez-2.43.26.dist-info → souleyez-2.43.34.dist-info}/entry_points.txt +0 -0
- {souleyez-2.43.26.dist-info → souleyez-2.43.34.dist-info}/licenses/LICENSE +0 -0
- {souleyez-2.43.26.dist-info → souleyez-2.43.34.dist-info}/top_level.txt +0 -0
|
@@ -0,0 +1,413 @@
|
|
|
1
|
+
#!/usr/bin/env python3
|
|
2
|
+
"""
|
|
3
|
+
Nikto handler.
|
|
4
|
+
|
|
5
|
+
Consolidates parsing and display logic for nikto web scanner jobs.
|
|
6
|
+
"""
|
|
7
|
+
import logging
|
|
8
|
+
import os
|
|
9
|
+
import re
|
|
10
|
+
from typing import Any, Dict, Optional
|
|
11
|
+
from urllib.parse import urlparse
|
|
12
|
+
|
|
13
|
+
import click
|
|
14
|
+
|
|
15
|
+
from souleyez.engine.job_status import STATUS_DONE, STATUS_ERROR, STATUS_NO_RESULTS
|
|
16
|
+
from souleyez.handlers.base import BaseToolHandler
|
|
17
|
+
|
|
18
|
+
logger = logging.getLogger(__name__)
|
|
19
|
+
|
|
20
|
+
|
|
21
|
+
class NiktoHandler(BaseToolHandler):
|
|
22
|
+
"""Handler for nikto web scanner jobs."""
|
|
23
|
+
|
|
24
|
+
tool_name = "nikto"
|
|
25
|
+
display_name = "Nikto"
|
|
26
|
+
|
|
27
|
+
# All handlers enabled
|
|
28
|
+
has_error_handler = True
|
|
29
|
+
has_warning_handler = True
|
|
30
|
+
has_no_results_handler = True
|
|
31
|
+
has_done_handler = True
|
|
32
|
+
|
|
33
|
+
def parse_job(
|
|
34
|
+
self,
|
|
35
|
+
engagement_id: int,
|
|
36
|
+
log_path: str,
|
|
37
|
+
job: Dict[str, Any],
|
|
38
|
+
host_manager: Optional[Any] = None,
|
|
39
|
+
findings_manager: Optional[Any] = None,
|
|
40
|
+
credentials_manager: Optional[Any] = None,
|
|
41
|
+
) -> Dict[str, Any]:
|
|
42
|
+
"""
|
|
43
|
+
Parse nikto job results.
|
|
44
|
+
|
|
45
|
+
Extracts web server issues and stores them as findings.
|
|
46
|
+
"""
|
|
47
|
+
try:
|
|
48
|
+
from souleyez.parsers.nikto_parser import parse_nikto_output
|
|
49
|
+
from souleyez.engine.result_handler import detect_tool_error
|
|
50
|
+
|
|
51
|
+
# Import managers if not provided
|
|
52
|
+
if host_manager is None:
|
|
53
|
+
from souleyez.storage.hosts import HostManager
|
|
54
|
+
|
|
55
|
+
host_manager = HostManager()
|
|
56
|
+
if findings_manager is None:
|
|
57
|
+
from souleyez.storage.findings import FindingsManager
|
|
58
|
+
|
|
59
|
+
findings_manager = FindingsManager()
|
|
60
|
+
|
|
61
|
+
target = job.get("target", "")
|
|
62
|
+
|
|
63
|
+
# Read log file
|
|
64
|
+
with open(log_path, "r", encoding="utf-8", errors="replace") as f:
|
|
65
|
+
output = f.read()
|
|
66
|
+
|
|
67
|
+
parsed = parse_nikto_output(output, target)
|
|
68
|
+
|
|
69
|
+
# Get or create host
|
|
70
|
+
host_id = None
|
|
71
|
+
target_ip = parsed.get("target_ip") or parsed.get("target_hostname")
|
|
72
|
+
if not target_ip:
|
|
73
|
+
parsed_url = urlparse(target)
|
|
74
|
+
target_ip = parsed_url.hostname or target
|
|
75
|
+
|
|
76
|
+
if target_ip:
|
|
77
|
+
host_id = host_manager.add_or_update_host(
|
|
78
|
+
engagement_id,
|
|
79
|
+
{
|
|
80
|
+
"ip": target_ip,
|
|
81
|
+
"hostname": parsed.get("target_hostname", ""),
|
|
82
|
+
"status": "up",
|
|
83
|
+
},
|
|
84
|
+
)
|
|
85
|
+
|
|
86
|
+
# Store findings
|
|
87
|
+
findings_added = 0
|
|
88
|
+
for finding in parsed.get("findings", []):
|
|
89
|
+
findings_added += self._store_finding(
|
|
90
|
+
finding, parsed, engagement_id, host_id, findings_manager
|
|
91
|
+
)
|
|
92
|
+
|
|
93
|
+
# Check for nikto errors
|
|
94
|
+
nikto_error = detect_tool_error(output, "nikto")
|
|
95
|
+
|
|
96
|
+
# Determine status based on results
|
|
97
|
+
if nikto_error:
|
|
98
|
+
status = STATUS_ERROR
|
|
99
|
+
elif findings_added > 0:
|
|
100
|
+
status = STATUS_DONE
|
|
101
|
+
else:
|
|
102
|
+
status = STATUS_NO_RESULTS
|
|
103
|
+
|
|
104
|
+
# Build summary for job queue display
|
|
105
|
+
summary_parts = []
|
|
106
|
+
total_findings = parsed["stats"]["total"]
|
|
107
|
+
if total_findings > 0:
|
|
108
|
+
summary_parts.append(f"{total_findings} finding(s)")
|
|
109
|
+
by_sev = parsed["stats"]["by_severity"]
|
|
110
|
+
high_count = by_sev.get("critical", 0) + by_sev.get("high", 0)
|
|
111
|
+
if high_count > 0:
|
|
112
|
+
summary_parts.append(f"{high_count} high/critical")
|
|
113
|
+
server = parsed.get("server", "")
|
|
114
|
+
if server:
|
|
115
|
+
summary_parts.append(server[:30])
|
|
116
|
+
summary = " | ".join(summary_parts) if summary_parts else "No findings"
|
|
117
|
+
|
|
118
|
+
return {
|
|
119
|
+
"tool": "nikto",
|
|
120
|
+
"status": status,
|
|
121
|
+
"summary": summary,
|
|
122
|
+
"target": target,
|
|
123
|
+
"target_ip": parsed.get("target_ip", ""),
|
|
124
|
+
"server": parsed.get("server", ""),
|
|
125
|
+
"findings_count": parsed["stats"]["total"],
|
|
126
|
+
"findings_added": findings_added,
|
|
127
|
+
"by_severity": parsed["stats"]["by_severity"],
|
|
128
|
+
}
|
|
129
|
+
|
|
130
|
+
except Exception as e:
|
|
131
|
+
logger.error(f"Error parsing nikto job: {e}")
|
|
132
|
+
return {"error": str(e)}
|
|
133
|
+
|
|
134
|
+
def _store_finding(
|
|
135
|
+
self,
|
|
136
|
+
finding: Dict,
|
|
137
|
+
parsed: Dict,
|
|
138
|
+
engagement_id: int,
|
|
139
|
+
host_id: Optional[int],
|
|
140
|
+
findings_manager: Any,
|
|
141
|
+
) -> int:
|
|
142
|
+
"""Store a single nikto finding."""
|
|
143
|
+
severity = finding.get("severity", "info")
|
|
144
|
+
|
|
145
|
+
# Build title from OSVDB or path + description
|
|
146
|
+
osvdb = finding.get("osvdb")
|
|
147
|
+
path = finding.get("path", "/")
|
|
148
|
+
desc = finding.get("description", "")
|
|
149
|
+
|
|
150
|
+
if osvdb:
|
|
151
|
+
title = f"Nikto: {osvdb} - {path}"
|
|
152
|
+
elif path:
|
|
153
|
+
title = f"Nikto: {path} - {desc[:50]}{'...' if len(desc) > 50 else ''}"
|
|
154
|
+
else:
|
|
155
|
+
title = f"Nikto Finding: {desc[:60]}{'...' if len(desc) > 60 else ''}"
|
|
156
|
+
|
|
157
|
+
# Build description with server info
|
|
158
|
+
description = desc
|
|
159
|
+
if parsed.get("server"):
|
|
160
|
+
description += f"\n\nServer: {parsed['server']}"
|
|
161
|
+
if osvdb:
|
|
162
|
+
description += f"\n\nReference: {osvdb}"
|
|
163
|
+
if path:
|
|
164
|
+
description += f"\nPath: {path}"
|
|
165
|
+
|
|
166
|
+
# Build evidence
|
|
167
|
+
evidence = f"Detected by Nikto web scanner"
|
|
168
|
+
if path:
|
|
169
|
+
evidence += f"\nPath: {path}"
|
|
170
|
+
if osvdb:
|
|
171
|
+
evidence += f"\nOSVDB: {osvdb}"
|
|
172
|
+
|
|
173
|
+
findings_manager.add_finding(
|
|
174
|
+
engagement_id=engagement_id,
|
|
175
|
+
host_id=host_id,
|
|
176
|
+
title=title,
|
|
177
|
+
description=description,
|
|
178
|
+
severity=severity,
|
|
179
|
+
finding_type="misconfiguration",
|
|
180
|
+
tool="nikto",
|
|
181
|
+
evidence=evidence,
|
|
182
|
+
)
|
|
183
|
+
return 1
|
|
184
|
+
|
|
185
|
+
def display_done(
|
|
186
|
+
self,
|
|
187
|
+
job: Dict[str, Any],
|
|
188
|
+
log_path: str,
|
|
189
|
+
show_all: bool = False,
|
|
190
|
+
show_passwords: bool = False,
|
|
191
|
+
) -> None:
|
|
192
|
+
"""Display successful nikto scan results."""
|
|
193
|
+
try:
|
|
194
|
+
from souleyez.parsers.nikto_parser import parse_nikto_output
|
|
195
|
+
|
|
196
|
+
if not log_path or not os.path.exists(log_path):
|
|
197
|
+
return
|
|
198
|
+
|
|
199
|
+
with open(log_path, "r", encoding="utf-8", errors="replace") as f:
|
|
200
|
+
log_content = f.read()
|
|
201
|
+
parsed = parse_nikto_output(log_content, job.get("target", ""))
|
|
202
|
+
|
|
203
|
+
findings = parsed.get("findings", [])
|
|
204
|
+
|
|
205
|
+
# Always show header
|
|
206
|
+
click.echo(click.style("=" * 70, fg="cyan"))
|
|
207
|
+
click.echo(click.style("NIKTO SCAN RESULTS", bold=True, fg="cyan"))
|
|
208
|
+
click.echo(click.style("=" * 70, fg="cyan"))
|
|
209
|
+
click.echo()
|
|
210
|
+
|
|
211
|
+
# Target info
|
|
212
|
+
if parsed.get("target_ip"):
|
|
213
|
+
click.echo(click.style(f"Target: {parsed['target_ip']}", bold=True))
|
|
214
|
+
elif job.get("target"):
|
|
215
|
+
click.echo(click.style(f"Target: {job.get('target')}", bold=True))
|
|
216
|
+
if parsed.get("server"):
|
|
217
|
+
click.echo(f"Server: {parsed['server']}")
|
|
218
|
+
if parsed.get("target_port"):
|
|
219
|
+
click.echo(f"Port: {parsed['target_port']}")
|
|
220
|
+
click.echo()
|
|
221
|
+
|
|
222
|
+
if findings:
|
|
223
|
+
# Stats
|
|
224
|
+
stats = parsed.get("stats", {})
|
|
225
|
+
by_severity = stats.get("by_severity", {})
|
|
226
|
+
click.echo(
|
|
227
|
+
click.style(
|
|
228
|
+
f"Findings: {stats.get('total', len(findings))}", bold=True
|
|
229
|
+
)
|
|
230
|
+
)
|
|
231
|
+
severity_parts = []
|
|
232
|
+
if by_severity.get("high", 0) > 0:
|
|
233
|
+
severity_parts.append(
|
|
234
|
+
click.style(f"{by_severity['high']} High", fg="red")
|
|
235
|
+
)
|
|
236
|
+
if by_severity.get("medium", 0) > 0:
|
|
237
|
+
severity_parts.append(
|
|
238
|
+
click.style(f"{by_severity['medium']} Medium", fg="yellow")
|
|
239
|
+
)
|
|
240
|
+
if by_severity.get("low", 0) > 0:
|
|
241
|
+
severity_parts.append(
|
|
242
|
+
click.style(f"{by_severity['low']} Low", fg="cyan")
|
|
243
|
+
)
|
|
244
|
+
if by_severity.get("info", 0) > 0:
|
|
245
|
+
severity_parts.append(f"{by_severity['info']} Info")
|
|
246
|
+
if severity_parts:
|
|
247
|
+
click.echo(" " + " | ".join(severity_parts))
|
|
248
|
+
click.echo()
|
|
249
|
+
|
|
250
|
+
# List findings
|
|
251
|
+
max_findings = None if show_all else 15
|
|
252
|
+
click.echo(click.style("Issues Found:", bold=True))
|
|
253
|
+
display_findings = (
|
|
254
|
+
findings if max_findings is None else findings[:max_findings]
|
|
255
|
+
)
|
|
256
|
+
|
|
257
|
+
for i, finding in enumerate(display_findings, 1):
|
|
258
|
+
severity = finding.get("severity", "info")
|
|
259
|
+
desc = finding.get("description", "")[:60]
|
|
260
|
+
path = finding.get("path", "")
|
|
261
|
+
|
|
262
|
+
# Color by severity
|
|
263
|
+
if severity == "high":
|
|
264
|
+
sev_color = "red"
|
|
265
|
+
elif severity == "medium":
|
|
266
|
+
sev_color = "yellow"
|
|
267
|
+
elif severity == "low":
|
|
268
|
+
sev_color = "cyan"
|
|
269
|
+
else:
|
|
270
|
+
sev_color = "white"
|
|
271
|
+
|
|
272
|
+
sev_badge = click.style(f"[{severity.upper()}]", fg=sev_color)
|
|
273
|
+
if path:
|
|
274
|
+
click.echo(f" {i}. {sev_badge} {path}: {desc}")
|
|
275
|
+
else:
|
|
276
|
+
click.echo(f" {i}. {sev_badge} {desc}")
|
|
277
|
+
|
|
278
|
+
if max_findings and len(findings) > max_findings:
|
|
279
|
+
click.echo(
|
|
280
|
+
f" ... and {len(findings) - max_findings} more findings"
|
|
281
|
+
)
|
|
282
|
+
click.echo()
|
|
283
|
+
|
|
284
|
+
# Display next steps suggestions
|
|
285
|
+
try:
|
|
286
|
+
from souleyez.parsers.nikto_parser import generate_next_steps
|
|
287
|
+
|
|
288
|
+
next_steps = generate_next_steps(parsed, job.get("target", ""))
|
|
289
|
+
if next_steps:
|
|
290
|
+
click.echo(click.style("=" * 70, fg="green"))
|
|
291
|
+
click.echo(
|
|
292
|
+
click.style("SUGGESTED NEXT STEPS", bold=True, fg="green")
|
|
293
|
+
)
|
|
294
|
+
click.echo(click.style("=" * 70, fg="green"))
|
|
295
|
+
click.echo()
|
|
296
|
+
for i, step in enumerate(next_steps[:5], 1):
|
|
297
|
+
click.echo(click.style(f"{i}. {step['title']}", bold=True))
|
|
298
|
+
click.echo(
|
|
299
|
+
click.style(f" Why: {step['reason']}", fg="white")
|
|
300
|
+
)
|
|
301
|
+
for cmd in step.get("commands", [])[:2]:
|
|
302
|
+
click.echo(click.style(f" $ {cmd}", fg="cyan"))
|
|
303
|
+
click.echo()
|
|
304
|
+
if len(next_steps) > 5:
|
|
305
|
+
click.echo(
|
|
306
|
+
f" ... and {len(next_steps) - 5} more suggestions"
|
|
307
|
+
)
|
|
308
|
+
click.echo()
|
|
309
|
+
except Exception as e:
|
|
310
|
+
logger.debug(f"Next steps display failed: {e}")
|
|
311
|
+
else:
|
|
312
|
+
self.display_no_results(job, log_path)
|
|
313
|
+
return
|
|
314
|
+
|
|
315
|
+
click.echo(click.style("=" * 70, fg="cyan"))
|
|
316
|
+
click.echo()
|
|
317
|
+
|
|
318
|
+
except Exception as e:
|
|
319
|
+
logger.debug(f"Error in display_done: {e}")
|
|
320
|
+
|
|
321
|
+
def display_warning(
|
|
322
|
+
self,
|
|
323
|
+
job: Dict[str, Any],
|
|
324
|
+
log_path: str,
|
|
325
|
+
log_content: Optional[str] = None,
|
|
326
|
+
) -> None:
|
|
327
|
+
"""Display warning status for nikto scan."""
|
|
328
|
+
click.echo(click.style("=" * 70, fg="yellow"))
|
|
329
|
+
click.echo(click.style("[WARNING] NIKTO SCAN", bold=True, fg="yellow"))
|
|
330
|
+
click.echo(click.style("=" * 70, fg="yellow"))
|
|
331
|
+
click.echo()
|
|
332
|
+
click.echo(" Scan completed with warnings. Check raw logs for details.")
|
|
333
|
+
click.echo(" Press [r] to view raw logs.")
|
|
334
|
+
click.echo()
|
|
335
|
+
click.echo(click.style("=" * 70, fg="yellow"))
|
|
336
|
+
click.echo()
|
|
337
|
+
|
|
338
|
+
def display_error(
|
|
339
|
+
self,
|
|
340
|
+
job: Dict[str, Any],
|
|
341
|
+
log_path: str,
|
|
342
|
+
log_content: Optional[str] = None,
|
|
343
|
+
) -> None:
|
|
344
|
+
"""Display error status for nikto scan."""
|
|
345
|
+
# Read log if not provided
|
|
346
|
+
if log_content is None and log_path and os.path.exists(log_path):
|
|
347
|
+
try:
|
|
348
|
+
with open(log_path, "r", encoding="utf-8", errors="replace") as f:
|
|
349
|
+
log_content = f.read()
|
|
350
|
+
except Exception:
|
|
351
|
+
log_content = ""
|
|
352
|
+
|
|
353
|
+
click.echo(click.style("=" * 70, fg="red"))
|
|
354
|
+
click.echo(click.style("[ERROR] NIKTO SCAN FAILED", bold=True, fg="red"))
|
|
355
|
+
click.echo(click.style("=" * 70, fg="red"))
|
|
356
|
+
click.echo()
|
|
357
|
+
|
|
358
|
+
# Check for common nikto errors
|
|
359
|
+
error_msg = None
|
|
360
|
+
if log_content:
|
|
361
|
+
if (
|
|
362
|
+
"Unable to connect" in log_content
|
|
363
|
+
or "Connection refused" in log_content
|
|
364
|
+
):
|
|
365
|
+
error_msg = (
|
|
366
|
+
"Unable to connect to target - check if web server is running"
|
|
367
|
+
)
|
|
368
|
+
elif "timed out" in log_content.lower() or "timeout" in log_content.lower():
|
|
369
|
+
error_msg = "Connection timed out - target may be slow or filtering"
|
|
370
|
+
elif "No web server found" in log_content:
|
|
371
|
+
error_msg = "No web server found on target port"
|
|
372
|
+
elif "ssl handshake" in log_content.lower():
|
|
373
|
+
error_msg = "SSL handshake failed - try with/without -ssl flag"
|
|
374
|
+
elif "ERROR:" in log_content:
|
|
375
|
+
match = re.search(r"ERROR:\s*(.+?)(?:\n|$)", log_content)
|
|
376
|
+
if match:
|
|
377
|
+
error_msg = match.group(1).strip()[:100]
|
|
378
|
+
|
|
379
|
+
if error_msg:
|
|
380
|
+
click.echo(f" {error_msg}")
|
|
381
|
+
else:
|
|
382
|
+
click.echo(" Scan failed - see raw logs for details (press 'r')")
|
|
383
|
+
|
|
384
|
+
click.echo()
|
|
385
|
+
click.echo(click.style("=" * 70, fg="red"))
|
|
386
|
+
click.echo()
|
|
387
|
+
|
|
388
|
+
def display_no_results(
|
|
389
|
+
self,
|
|
390
|
+
job: Dict[str, Any],
|
|
391
|
+
log_path: str,
|
|
392
|
+
) -> None:
|
|
393
|
+
"""Display no_results status for nikto scan."""
|
|
394
|
+
click.echo(click.style("=" * 70, fg="cyan"))
|
|
395
|
+
click.echo(click.style("NIKTO SCAN RESULTS", bold=True, fg="cyan"))
|
|
396
|
+
click.echo(click.style("=" * 70, fg="cyan"))
|
|
397
|
+
click.echo()
|
|
398
|
+
|
|
399
|
+
if job.get("target"):
|
|
400
|
+
click.echo(click.style(f"Target: {job.get('target')}", bold=True))
|
|
401
|
+
click.echo()
|
|
402
|
+
|
|
403
|
+
click.echo(click.style("Result: No issues detected", fg="green", bold=True))
|
|
404
|
+
click.echo()
|
|
405
|
+
click.echo(" The scan completed without finding any web server issues.")
|
|
406
|
+
click.echo()
|
|
407
|
+
click.echo(click.style("Tips:", dim=True))
|
|
408
|
+
click.echo(" - Try with different tuning: -T 1-9 for specific test types")
|
|
409
|
+
click.echo(" - Check if the target web server is running")
|
|
410
|
+
click.echo(" - Use -Cgidirs to specify CGI directories")
|
|
411
|
+
click.echo()
|
|
412
|
+
click.echo(click.style("=" * 70, fg="cyan"))
|
|
413
|
+
click.echo()
|