souleyez 2.43.29__py3-none-any.whl → 2.43.34__py3-none-any.whl

souleyez/core/network_utils.py

@@ -4,6 +4,7 @@ Network utilities for security validation.
 Provides functions for detecting VM host (gateway) and validating
 that Ollama connections only go to trusted destinations.
 """
+
 import socket
 import subprocess
 import re
@@ -23,14 +24,14 @@ def get_default_gateway() -> Optional[str]:
     try:
         # Try using 'ip route' (Linux)
         result = subprocess.run(
-            ['ip', 'route', 'show', 'default'],
+            ["ip", "route", "show", "default"],
             capture_output=True,
             text=True,
-            timeout=5
+            timeout=5,
         )
         if result.returncode == 0:
             # Parse: "default via 10.0.0.1 dev eth0 ..."
-            match = re.search(r'default via (\d+\.\d+\.\d+\.\d+)', result.stdout)
+            match = re.search(r"default via (\d+\.\d+\.\d+\.\d+)", result.stdout)
             if match:
                 return match.group(1)
     except (subprocess.TimeoutExpired, FileNotFoundError):
@@ -39,14 +40,13 @@ def get_default_gateway() -> Optional[str]:
     try:
         # Fallback: 'route -n' (older Linux)
         result = subprocess.run(
-            ['route', '-n'],
-            capture_output=True,
-            text=True,
-            timeout=5
+            ["route", "-n"], capture_output=True, text=True, timeout=5
         )
         if result.returncode == 0:
-            for line in result.stdout.split('\n'):
-                if line.startswith('0.0.0.0'):  # nosec B104 - parsing route output, not binding
+            for line in result.stdout.split("\n"):
+                if line.startswith(
+                    "0.0.0.0"
+                ):  # nosec B104 - parsing route output, not binding
                     parts = line.split()
                     if len(parts) >= 2:
                         return parts[1]
@@ -56,8 +56,9 @@ def get_default_gateway() -> Optional[str]:
     try:
         # Fallback: netifaces if available
         import netifaces
+
         gateways = netifaces.gateways()
-        default = gateways.get('default', {})
+        default = gateways.get("default", {})
         if netifaces.AF_INET in default:
             return default[netifaces.AF_INET][0]
     except ImportError:
@@ -87,7 +88,7 @@ def is_localhost(host: str) -> bool:
     """Check if host is localhost."""
     if not host:
         return False
-    return host in ('localhost', '127.0.0.1', '::1')
+    return host in ("localhost", "127.0.0.1", "::1")
 
 
 def is_private_ip(ip: str) -> bool:
@@ -109,7 +110,7 @@ def is_private_ip(ip: str) -> bool:
         return False
 
     try:
-        parts = ip.split('.')
+        parts = ip.split(".")
         if len(parts) != 4:
             return False
 
@@ -173,7 +174,13 @@ def get_ollama_host_info() -> dict:
         Dict with allowed host info
     """
     return {
-        'allowed_hosts': ['localhost', '127.0.0.1', '10.x.x.x', '172.16-31.x.x', '192.168.x.x'],
-        'description': 'Localhost and private network IPs (RFC 1918)',
-        'blocked': 'Public internet IPs and hostnames'
+        "allowed_hosts": [
+            "localhost",
+            "127.0.0.1",
+            "10.x.x.x",
+            "172.16-31.x.x",
+            "192.168.x.x",
+        ],
+        "description": "Localhost and private network IPs (RFC 1918)",
+        "blocked": "Public internet IPs and hostnames",
     }

souleyez/core/parser_handler.py

@@ -33,37 +33,40 @@ class ParserHandler:
     def _register_parsers(self):
         """Register all available parsers."""
         parser_modules = {
-            'nmap': 'souleyez.parsers.nmap_parser',
-            'enum4linux': 'souleyez.parsers.enum4linux_parser',
-            'gobuster': 'souleyez.parsers.gobuster_parser',
-            'sqlmap': 'souleyez.parsers.sqlmap_parser',
-            'smbmap': 'souleyez.parsers.smbmap_parser',
-            'theharvester': 'souleyez.parsers.theharvester_parser',
-            'msf': 'souleyez.parsers.msf_parser',
-            'whois': 'souleyez.parsers.whois_parser',
-
-            'wpscan': 'souleyez.parsers.wpscan_parser',
-            'hydra': 'souleyez.parsers.hydra_parser',
-            'dnsrecon': 'souleyez.parsers.dnsrecon_parser',
-            'nikto': 'souleyez.parsers.nikto_parser',
-            'dalfox': 'souleyez.parsers.dalfox_parser',
+            "nmap": "souleyez.parsers.nmap_parser",
+            "enum4linux": "souleyez.parsers.enum4linux_parser",
+            "gobuster": "souleyez.parsers.gobuster_parser",
+            "sqlmap": "souleyez.parsers.sqlmap_parser",
+            "smbmap": "souleyez.parsers.smbmap_parser",
+            "theharvester": "souleyez.parsers.theharvester_parser",
+            "msf": "souleyez.parsers.msf_parser",
+            "whois": "souleyez.parsers.whois_parser",
+            "wpscan": "souleyez.parsers.wpscan_parser",
+            "hydra": "souleyez.parsers.hydra_parser",
+            "dnsrecon": "souleyez.parsers.dnsrecon_parser",
+            "nikto": "souleyez.parsers.nikto_parser",
+            "dalfox": "souleyez.parsers.dalfox_parser",
         }
 
         for tool, module_path in parser_modules.items():
             try:
-                module = __import__(module_path, fromlist=[''])
+                module = __import__(module_path, fromlist=[""])
                 parse_func_name = f"parse_{tool}_output"
                 if hasattr(module, parse_func_name):
                     self.parsers[tool] = getattr(module, parse_func_name)
                     logger.debug(f"Registered parser for {tool}")
                 else:
-                    logger.warning(f"Parser module {module_path} missing {parse_func_name}")
+                    logger.warning(
+                        f"Parser module {module_path} missing {parse_func_name}"
+                    )
             except ImportError as e:
                 logger.warning(f"Could not import parser for {tool}: {e}")
             except Exception as e:
                 logger.error(f"Error registering parser for {tool}: {e}")
 
-    def parse(self, tool: str, output: str, target: str = "", **kwargs) -> Optional[Dict[str, Any]]:
+    def parse(
+        self, tool: str, output: str, target: str = "", **kwargs
+    ) -> Optional[Dict[str, Any]]:
         """
         Parse tool output with error handling.
 
@@ -92,13 +95,15 @@ class ParserHandler:
             logger.error(f"Parser error for {tool}: {e}", exc_info=True)
             # Return basic structure with error information
             return {
-                'error': str(e),
-                'tool': tool,
-                'target': target,
-                'raw_output': output[:500]  # First 500 chars for debugging
+                "error": str(e),
+                "tool": tool,
+                "target": target,
+                "raw_output": output[:500],  # First 500 chars for debugging
             }
 
-    def parse_file(self, tool: str, log_path: str, target: str = "", **kwargs) -> Optional[Dict[str, Any]]:
+    def parse_file(
+        self, tool: str, log_path: str, target: str = "", **kwargs
+    ) -> Optional[Dict[str, Any]]:
         """
         Parse tool output from file with error handling.
 
@@ -117,7 +122,7 @@ class ParserHandler:
                 logger.error(f"Log file does not exist: {log_path}")
                 return None
 
-            with open(log_path, 'r', encoding='utf-8', errors='replace') as f:
+            with open(log_path, "r", encoding="utf-8", errors="replace") as f:
                 output = f.read()
 
             return self.parse(tool, output, target, **kwargs)
@@ -148,13 +153,17 @@ def get_parser_handler() -> ParserHandler:
 
 
 # Convenience functions
-def parse_output(tool: str, output: str, target: str = "", **kwargs) -> Optional[Dict[str, Any]]:
+def parse_output(
+    tool: str, output: str, target: str = "", **kwargs
+) -> Optional[Dict[str, Any]]:
     """Parse tool output using the global parser handler."""
     handler = get_parser_handler()
     return handler.parse(tool, output, target, **kwargs)
 
 
-def parse_file(tool: str, log_path: str, target: str = "", **kwargs) -> Optional[Dict[str, Any]]:
+def parse_file(
+    tool: str, log_path: str, target: str = "", **kwargs
+) -> Optional[Dict[str, Any]]:
     """Parse tool output file using the global parser handler."""
     handler = get_parser_handler()
     return handler.parse_file(tool, log_path, target, **kwargs)

souleyez/core/pending_chains.py

@@ -22,10 +22,10 @@ _lock = threading.RLock()
 
 
 # Chain status constants
-CHAIN_PENDING = 'pending'      # Awaiting user decision
-CHAIN_APPROVED = 'approved'    # User approved, ready to execute
-CHAIN_REJECTED = 'rejected'    # User rejected, will not execute
-CHAIN_EXECUTED = 'executed'    # Approved and job created
+CHAIN_PENDING = "pending"  # Awaiting user decision
+CHAIN_APPROVED = "approved"  # User approved, ready to execute
+CHAIN_REJECTED = "rejected"  # User rejected, will not execute
+CHAIN_EXECUTED = "executed"  # Approved and job created
 
 
 def _ensure_dirs():
@@ -48,7 +48,9 @@ def _read_chains() -> List[Dict[str, Any]]:
 def _write_chains(chains: List[Dict[str, Any]]):
     """Write chains to storage atomically."""
     _ensure_dirs()
-    tmp = tempfile.NamedTemporaryFile("w", delete=False, dir=CHAINS_DIR, encoding="utf-8")
+    tmp = tempfile.NamedTemporaryFile(
+        "w", delete=False, dir=CHAINS_DIR, encoding="utf-8"
+    )
     try:
         json.dump(chains, tmp, indent=2, ensure_ascii=False)
         tmp.flush()
@@ -69,7 +71,7 @@ def _next_chain_id(chains: List[Dict[str, Any]]) -> int:
 
     try:
         if os.path.exists(counter_file):
-            with open(counter_file, 'r') as f:
+            with open(counter_file, "r") as f:
                 next_id = int(f.read().strip())
         else:
             maxid = 0
@@ -78,7 +80,7 @@ def _next_chain_id(chains: List[Dict[str, Any]]) -> int:
                     maxid = c["id"]
             next_id = maxid + 1
 
-        with open(counter_file, 'w') as f:
+        with open(counter_file, "w") as f:
             f.write(str(next_id + 1))
 
         return next_id
@@ -98,7 +100,7 @@ def add_pending_chain(
     args: List[str],
     priority: int,
     engagement_id: Optional[int] = None,
-    metadata: Optional[Dict[str, Any]] = None
+    metadata: Optional[Dict[str, Any]] = None,
 ) -> int:
     """
     Add a chain to the pending approval queue.
@@ -122,20 +124,20 @@ def add_pending_chain(
         now = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
 
         chain = {
-            'id': chain_id,
-            'parent_job_id': parent_job_id,
-            'rule_description': rule_description,
-            'tool': tool,
-            'target': target,
-            'args': args or [],
-            'priority': priority,
-            'status': CHAIN_PENDING,
-            'created_at': now,
-            'decided_at': None,
-            'executed_at': None,
-            'job_id': None,  # Set when executed
-            'engagement_id': engagement_id,
-            'metadata': metadata or {}
+            "id": chain_id,
+            "parent_job_id": parent_job_id,
+            "rule_description": rule_description,
+            "tool": tool,
+            "target": target,
+            "args": args or [],
+            "priority": priority,
+            "status": CHAIN_PENDING,
+            "created_at": now,
+            "decided_at": None,
+            "executed_at": None,
+            "job_id": None,  # Set when executed
+            "engagement_id": engagement_id,
+            "metadata": metadata or {},
         }
 
         chains.append(chain)
@@ -148,7 +150,7 @@ def list_pending_chains(
     status: Optional[str] = None,
     engagement_id: Optional[int] = None,
     limit: int = 100,
-    offset: int = 0
+    offset: int = 0,
 ) -> List[Dict[str, Any]]:
     """
     List chains, optionally filtered by status and engagement.
@@ -166,21 +168,21 @@ def list_pending_chains(
 
     # Apply filters
     if status:
-        chains = [c for c in chains if c.get('status') == status]
+        chains = [c for c in chains if c.get("status") == status]
     if engagement_id is not None:
-        chains = [c for c in chains if c.get('engagement_id') == engagement_id]
+        chains = [c for c in chains if c.get("engagement_id") == engagement_id]
 
     # Sort by priority (desc) then created_at (asc)
-    chains.sort(key=lambda c: (-c.get('priority', 5), c.get('created_at', '')))
+    chains.sort(key=lambda c: (-c.get("priority", 5), c.get("created_at", "")))
 
-    return chains[offset:offset + limit]
+    return chains[offset : offset + limit]
 
 
 def get_pending_chain(chain_id: int) -> Optional[Dict[str, Any]]:
     """Get a specific chain by ID."""
     chains = _read_chains()
     for c in chains:
-        if c.get('id') == chain_id:
+        if c.get("id") == chain_id:
             return c
     return None
 
@@ -195,11 +197,11 @@ def approve_chain(chain_id: int) -> bool:
     with _lock:
         chains = _read_chains()
         for c in chains:
-            if c.get('id') == chain_id:
-                if c.get('status') != CHAIN_PENDING:
+            if c.get("id") == chain_id:
+                if c.get("status") != CHAIN_PENDING:
                     return False  # Already decided
-                c['status'] = CHAIN_APPROVED
-                c['decided_at'] = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
+                c["status"] = CHAIN_APPROVED
+                c["decided_at"] = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
                 _write_chains(chains)
                 return True
     return False
@@ -215,11 +217,11 @@ def reject_chain(chain_id: int) -> bool:
     with _lock:
         chains = _read_chains()
         for c in chains:
-            if c.get('id') == chain_id:
-                if c.get('status') != CHAIN_PENDING:
+            if c.get("id") == chain_id:
+                if c.get("status") != CHAIN_PENDING:
                     return False
-                c['status'] = CHAIN_REJECTED
-                c['decided_at'] = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
+                c["status"] = CHAIN_REJECTED
+                c["decided_at"] = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
                 _write_chains(chains)
                 return True
     return False
@@ -241,10 +243,10 @@ def approve_all_pending(engagement_id: Optional[int] = None) -> int:
         approved = 0
 
         for c in chains:
-            if c.get('status') == CHAIN_PENDING:
-                if engagement_id is None or c.get('engagement_id') == engagement_id:
-                    c['status'] = CHAIN_APPROVED
-                    c['decided_at'] = now
+            if c.get("status") == CHAIN_PENDING:
+                if engagement_id is None or c.get("engagement_id") == engagement_id:
+                    c["status"] = CHAIN_APPROVED
+                    c["decided_at"] = now
                     approved += 1
 
         if approved > 0:
@@ -269,10 +271,10 @@ def reject_all_pending(engagement_id: Optional[int] = None) -> int:
         rejected = 0
 
         for c in chains:
-            if c.get('status') == CHAIN_PENDING:
-                if engagement_id is None or c.get('engagement_id') == engagement_id:
-                    c['status'] = CHAIN_REJECTED
-                    c['decided_at'] = now
+            if c.get("status") == CHAIN_PENDING:
+                if engagement_id is None or c.get("engagement_id") == engagement_id:
+                    c["status"] = CHAIN_REJECTED
+                    c["decided_at"] = now
                     rejected += 1
 
         if rejected > 0:
@@ -295,16 +297,18 @@ def mark_chain_executed(chain_id: int, job_id: int) -> bool:
     with _lock:
         chains = _read_chains()
         for c in chains:
-            if c.get('id') == chain_id:
-                c['status'] = CHAIN_EXECUTED
-                c['executed_at'] = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
-                c['job_id'] = job_id
+            if c.get("id") == chain_id:
+                c["status"] = CHAIN_EXECUTED
+                c["executed_at"] = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime())
+                c["job_id"] = job_id
                 _write_chains(chains)
                 return True
     return False
 
 
-def get_approved_chains(engagement_id: Optional[int] = None, limit: int = 50) -> List[Dict[str, Any]]:
+def get_approved_chains(
+    engagement_id: Optional[int] = None, limit: int = 50
+) -> List[Dict[str, Any]]:
     """
     Get approved chains ready for execution.
 
@@ -315,7 +319,9 @@ def get_approved_chains(engagement_id: Optional[int] = None, limit: int = 50) ->
     Returns:
         List of approved chains, sorted by priority
     """
-    return list_pending_chains(status=CHAIN_APPROVED, engagement_id=engagement_id, limit=limit)
+    return list_pending_chains(
+        status=CHAIN_APPROVED, engagement_id=engagement_id, limit=limit
+    )
 
 
 def purge_old_chains(days: int = 7) -> int:
@@ -337,10 +343,11 @@ def purge_old_chains(days: int = 7) -> int:
 
         original_count = len(chains)
         chains = [
-            c for c in chains
-            if c.get('status') == CHAIN_PENDING or  # Keep pending
-               c.get('status') == CHAIN_APPROVED or  # Keep approved (not yet executed)
-               c.get('created_at', '') > cutoff_str  # Keep recent
+            c
+            for c in chains
+            if c.get("status") == CHAIN_PENDING  # Keep pending
+            or c.get("status") == CHAIN_APPROVED  # Keep approved (not yet executed)
+            or c.get("created_at", "") > cutoff_str  # Keep recent
         ]
 
         purged = original_count - len(chains)
@@ -353,9 +360,9 @@ def purge_old_chains(days: int = 7) -> int:
 def get_pending_count(engagement_id: Optional[int] = None) -> int:
     """Get count of pending chains awaiting approval."""
     chains = _read_chains()
-    pending = [c for c in chains if c.get('status') == CHAIN_PENDING]
+    pending = [c for c in chains if c.get("status") == CHAIN_PENDING]
     if engagement_id is not None:
-        pending = [c for c in pending if c.get('engagement_id') == engagement_id]
+        pending = [c for c in pending if c.get("engagement_id") == engagement_id]
     return len(pending)
 
 
@@ -369,19 +376,63 @@ def get_chain_stats(engagement_id: Optional[int] = None) -> Dict[str, int]:
     chains = _read_chains()
 
     if engagement_id is not None:
-        chains = [c for c in chains if c.get('engagement_id') == engagement_id]
+        chains = [c for c in chains if c.get("engagement_id") == engagement_id]
 
     stats = {
-        'pending': 0,
-        'approved': 0,
-        'rejected': 0,
-        'executed': 0,
-        'total': len(chains)
+        "pending": 0,
+        "approved": 0,
+        "rejected": 0,
+        "executed": 0,
+        "total": len(chains),
     }
 
     for c in chains:
-        status = c.get('status', '')
+        status = c.get("status", "")
         if status in stats:
             stats[status] += 1
 
     return stats
+
+
+def purge_orphaned_chains() -> int:
+    """
+    Remove chains that reference non-existent engagements.
+
+    This can happen when engagements are deleted but their pending
+    chains weren't cleaned up. Orphaned chains waste resources and
+    will never be processed.
+
+    Returns:
+        Number of orphaned chains removed
+    """
+    import sqlite3
+
+    with _lock:
+        chains = _read_chains()
+        if not chains:
+            return 0
+
+        # Get all valid engagement IDs from database
+        try:
+            db_path = os.path.join(os.path.expanduser("~"), ".souleyez", "souleyez.db")
+            conn = sqlite3.connect(db_path)
+            cursor = conn.execute("SELECT id FROM engagements")
+            valid_ids = {row[0] for row in cursor.fetchall()}
+            conn.close()
+        except Exception:
+            return 0  # Can't verify, don't purge
+
+        original_count = len(chains)
+
+        # Keep only chains with valid engagement IDs (or None)
+        chains = [
+            c
+            for c in chains
+            if c.get("engagement_id") is None or c.get("engagement_id") in valid_ids
+        ]
+
+        purged = original_count - len(chains)
+        if purged > 0:
+            _write_chains(chains)
+
+        return purged