souleyez 3.0.0__py3-none-any.whl → 3.0.7__py3-none-any.whl

souleyez/handlers/crackmapexec_handler.py

@@ -105,24 +105,8 @@ class CrackMapExecHandler(BaseToolHandler):
             vulns_found = len(parsed.get("findings", {}).get("vulnerabilities", []))
             pw_must_change = parsed.get("password_must_change", [])
 
-            # Check for transient errors that should trigger retry
-            transient_errors = [
-                "NETBIOS connection with the remote host timed out",
-                "Connection reset by peer",
-                "Connection timed out",
-                "Error enumerating shares",
-            ]
-            log_content = ""
-            try:
-                with open(log_path, "r", encoding="utf-8", errors="replace") as f:
-                    log_content = f.read()
-            except Exception:
-                pass
-
-            has_transient_error = any(
-                err.lower() in log_content.lower() for err in transient_errors
-            )
-
+            # Determine status based on results found
+            # Retry logic is handled by background.py before parsing
             if (
                 hosts_found > 0
                 or shares_found > 0
@@ -132,8 +116,6 @@ class CrackMapExecHandler(BaseToolHandler):
                 or len(pw_must_change) > 0
             ):
                 status = STATUS_DONE
-            elif has_transient_error:
-                status = STATUS_WARNING  # Transient error - may be retried
             else:
                 status = STATUS_NO_RESULTS
 

souleyez/handlers/dnsrecon_handler.py

@@ -4,6 +4,7 @@ DNSRecon handler.
 
 Consolidates parsing and display logic for DNSRecon DNS enumeration jobs.
 """
+
 import logging
 import os
 import re
@@ -44,9 +45,9 @@ class DNSReconHandler(BaseToolHandler):
         Extracts DNS records and stores them as OSINT data.
         """
         try:
+            from souleyez.engine.result_handler import detect_tool_error
             from souleyez.parsers.dnsrecon_parser import parse_dnsrecon_output
             from souleyez.storage.osint import OsintManager
-            from souleyez.engine.result_handler import detect_tool_error
 
             # Import managers if not provided
             if host_manager is None:

souleyez/handlers/enum4linux_handler.py

@@ -4,6 +4,7 @@ enum4linux handler.
 
 Consolidates parsing and display logic for enum4linux SMB/Samba enumeration jobs.
 """
+
 import logging
 import os
 import re
@@ -11,7 +12,7 @@ from typing import Any, Dict, Optional
 
 import click
 
-from souleyez.engine.job_status import STATUS_DONE, STATUS_WARNING, STATUS_NO_RESULTS
+from souleyez.engine.job_status import STATUS_DONE, STATUS_NO_RESULTS, STATUS_WARNING
 from souleyez.handlers.base import BaseToolHandler
 
 logger = logging.getLogger(__name__)
@@ -44,12 +45,12 @@ class Enum4LinuxHandler(BaseToolHandler):
         Extracts SMB users, groups, shares and stores them.
         """
         try:
+            from souleyez.engine.result_handler import detect_tool_error
             from souleyez.parsers.enum4linux_parser import (
-                parse_enum4linux_output,
-                get_smb_stats,
                 categorize_share,
+                get_smb_stats,
+                parse_enum4linux_output,
             )
-            from souleyez.engine.result_handler import detect_tool_error
 
             # Import managers if not provided
             if host_manager is None:
@@ -103,46 +104,71 @@ class Enum4LinuxHandler(BaseToolHandler):
                 )
                 credentials_added += 1
 
-            # Store shares as findings
+            # Store shares in smb_shares table (proper storage)
+            from souleyez.storage.smb_shares import SMBSharesManager
+
+            smb_mgr = SMBSharesManager()
+            shares_added = 0
             findings_added = 0
+
             for share in parsed.get("shares", []):
                 category = categorize_share(share)
-                if category == "open":
-                    severity = "high"
-                elif category == "readable":
-                    severity = "medium"
-                elif category == "restricted":
-                    severity = "low"
-                else:
-                    severity = "info"
-
                 share_name = share["name"]
                 share_type = share.get("type", "Unknown")
                 mapping = share.get("mapping", "N/A")
-
-                if mapping == "OK":
-                    listing = share.get("listing", "N/A")
-                    writing = share.get("writing", "N/A")
-                    access_desc = (
-                        f"Mapping={mapping}, Listing={listing}, Writing={writing}"
+                listing = share.get("listing", "N/A")
+                writing = share.get("writing", "N/A")
+
+                # Determine readable/writable status
+                readable = mapping == "OK" and listing in ("OK", "N/A")
+                writable = mapping == "OK" and writing == "OK"
+
+                # Store in smb_shares table
+                if host_id:
+                    try:
+                        smb_mgr.add_share(
+                            host_id=host_id,
+                            share_data={
+                                "name": share_name,
+                                "type": share_type,
+                                "permissions": f"{mapping}/{listing}/{writing}",
+                                "comment": share.get("comment", ""),
+                                "readable": readable,
+                                "writable": writable,
+                            },
+                        )
+                        shares_added += 1
+                    except Exception as e:
+                        logger.debug(f"Could not store share in smb_shares: {e}")
+
+                # Also add a finding for high-risk shares (writable or open)
+                if category == "open" or writable:
+                    if category == "open":
+                        severity = "high"
+                    elif writable:
+                        severity = "medium"
+                    else:
+                        severity = "low"
+
+                    title = f"Writable SMB Share: {share_name}"
+                    description = (
+                        f"Share: {share_name}\n"
+                        f"Type: {share_type}\n"
+                        f"Comment: {share.get('comment', 'N/A')}\n"
+                        f"Readable: {readable}, Writable: {writable}"
                     )
-                else:
-                    access_desc = f"Access denied (Mapping={mapping})"
 
-                title = f"SMB Share: {share_name} ({share_type})"
-                description = f"Share: {share_name}\nType: {share_type}\nComment: {share.get('comment', 'N/A')}\nAccess: {access_desc}"
-
-                findings_manager.add_finding(
-                    engagement_id=engagement_id,
-                    host_id=host_id,
-                    title=title,
-                    finding_type="smb_share",
-                    severity=severity,
-                    description=description,
-                    tool="enum4linux",
-                    port=445,
-                )
-                findings_added += 1
+                    findings_manager.add_finding(
+                        engagement_id=engagement_id,
+                        host_id=host_id,
+                        title=title,
+                        finding_type="smb_share",
+                        severity=severity,
+                        description=description,
+                        tool="enum4linux",
+                        port=445,
+                    )
+                    findings_added += 1
 
             stats = get_smb_stats(parsed)
 
@@ -158,7 +184,8 @@ class Enum4LinuxHandler(BaseToolHandler):
 
             # Determine status
             has_results = (
-                findings_added > 0
+                shares_added > 0
+                or findings_added > 0
                 or credentials_added > 0
                 or len(parsed.get("users", [])) > 0
                 or stats["total_shares"] > 0
@@ -177,6 +204,7 @@ class Enum4LinuxHandler(BaseToolHandler):
             return {
                 "tool": "enum4linux",
                 "status": status,
+                "shares_added": shares_added,
                 "findings_added": findings_added,
                 "credentials_added": credentials_added,
                 "users_found": len(parsed.get("users", [])),

souleyez/handlers/evil_winrm_handler.py

@@ -4,6 +4,7 @@ Evil-WinRM handler.
 
 Consolidates parsing and display logic for Evil-WinRM jobs.
 """
+
 import logging
 import os
 import re

souleyez/handlers/ffuf_handler.py

@@ -4,6 +4,7 @@ Ffuf handler.
 
 Consolidates parsing and display logic for ffuf fuzzing jobs.
 """
+
 import logging
 import os
 import re
@@ -186,8 +187,8 @@ class FfufHandler(BaseToolHandler):
         Extracts discovered paths and stores them in the database.
         """
         try:
-            from souleyez.parsers.ffuf_parser import parse_ffuf
             from souleyez.engine.result_handler import detect_tool_error
+            from souleyez.parsers.ffuf_parser import parse_ffuf
 
             # Import managers if not provided
             if host_manager is None:
@@ -344,6 +345,7 @@ class FfufHandler(BaseToolHandler):
         decode the base64, and parse for credentials.
         """
         import base64
+
         import requests
 
         extracted_creds = []

souleyez/handlers/gobuster_handler.py

@@ -4,18 +4,19 @@ Gobuster handler.
 
 Consolidates parsing and display logic for Gobuster directory enumeration jobs.
 """
+
 import logging
 import os
 import re
-import ssl
 import socket
-import urllib.request
+import ssl
 import urllib.error
+import urllib.request
 from typing import Any, Dict, List, Optional
-from urllib.parse import urlparse, urljoin
-import defusedxml.ElementTree as ElementTree  # Safe XML parsing
+from urllib.parse import urljoin, urlparse
 
 import click
+import defusedxml.ElementTree as ElementTree  # Safe XML parsing
 
 from souleyez.engine.job_status import (
     STATUS_DONE,
@@ -201,11 +202,11 @@ class GobusterHandler(BaseToolHandler):
         Extracts discovered paths and stores them in the database.
         """
         try:
+            from souleyez.engine.result_handler import detect_tool_error
             from souleyez.parsers.gobuster_parser import (
-                parse_gobuster_output,
                 get_paths_stats,
+                parse_gobuster_output,
             )
-            from souleyez.engine.result_handler import detect_tool_error
 
             # Import managers if not provided
             if host_manager is None:

souleyez/handlers/gpp_extract_handler.py

@@ -4,6 +4,7 @@ GPP Extract handler.
 
 Handles parsing and credential storage for GPP (Group Policy Preferences) extraction jobs.
 """
+
 import logging
 import os
 import re

souleyez/handlers/hashcat_handler.py

@@ -4,6 +4,7 @@ Hashcat handler.
 
 Consolidates parsing and display logic for Hashcat password cracking jobs.
 """
+
 import logging
 import os
 from typing import Any, Dict, Optional

souleyez/handlers/hydra_handler.py

@@ -4,6 +4,7 @@ Hydra handler.
 
 Consolidates parsing and display logic for Hydra brute-force jobs.
 """
+
 import logging
 import os
 import re
@@ -58,8 +59,8 @@ class HydraHandler(BaseToolHandler):
         Extracts credentials and usernames from the output.
         """
         try:
-            from souleyez.parsers.hydra_parser import parse_hydra_output
             from souleyez.engine.result_handler import detect_tool_error
+            from souleyez.parsers.hydra_parser import parse_hydra_output
 
             # Import managers if not provided
             if host_manager is None:
@@ -261,7 +262,9 @@ class HydraHandler(BaseToolHandler):
                 "port": parsed.get("port"),
                 "credentials_found": len(parsed.get("credentials", [])),
                 "credentials_added": creds_added,
-                "credentials": parsed.get("credentials", []),  # Include actual creds for smart chains
+                "credentials": parsed.get(
+                    "credentials", []
+                ),  # Include actual creds for smart chains
                 "usernames_found": len(parsed.get("usernames", [])),
                 "usernames": parsed.get("usernames", []),
                 "usernames_added": usernames_added,

souleyez/handlers/impacket_getuserspns_handler.py

@@ -4,6 +4,7 @@ Impacket GetUserSPNs handler.
 
 Handles parsing and display for Kerberoasting results.
 """
+
 import logging
 import os
 import re

souleyez/handlers/impacket_psexec_handler.py

@@ -4,6 +4,7 @@ Impacket psexec handler.
 
 Consolidates parsing and display logic for Impacket psexec remote execution jobs.
 """
+
 import logging
 import os
 import re

souleyez/handlers/impacket_secretsdump_handler.py

@@ -4,6 +4,7 @@ Impacket secretsdump handler.
 
 Consolidates parsing and display logic for Impacket secretsdump credential extraction jobs.
 """
+
 import logging
 import os
 import re

souleyez/handlers/john_handler.py

@@ -4,6 +4,7 @@ John the Ripper handler.
 
 Consolidates parsing and display logic for John the Ripper password cracking jobs.
 """
+
 import logging
 import os
 from typing import Any, Dict, Optional

souleyez/handlers/katana_handler.py

@@ -4,6 +4,7 @@ Katana handler.
 
 Consolidates parsing and display logic for katana web crawling jobs.
 """
+
 import logging
 import os
 from typing import Any, Dict, List, Optional
@@ -49,11 +50,11 @@ class KatanaHandler(BaseToolHandler):
         Extracts discovered URLs, parameters, forms, and JS endpoints.
         """
         try:
+            from souleyez.engine.result_handler import detect_tool_error
             from souleyez.parsers.katana_parser import (
-                parse_katana_output,
                 extract_injectable_urls,
+                parse_katana_output,
             )
-            from souleyez.engine.result_handler import detect_tool_error
 
             # Import managers if not provided
             if host_manager is None:
@@ -134,6 +135,42 @@ class KatanaHandler(BaseToolHandler):
 
             lfi_urls = extract_lfi_urls(parsed)
 
+            # ARM64/headless workaround: If we have JS files but few parameterized URLs,
+            # extract endpoints directly from JavaScript source code
+            js_files = [u for u in parsed.get("urls", []) if u.endswith(".js")]
+            urls_with_params_list = parsed.get("urls_with_params", [])
+            sqli_candidates = parsed.get("sqli_candidate_urls", [])
+
+            if js_files and len(urls_with_params_list) < 10:
+                try:
+                    from souleyez.parsers.katana_parser import (
+                        fetch_and_extract_js_endpoints,
+                    )
+
+                    logger.info(
+                        f"Extracting endpoints from {len(js_files)} JavaScript files..."
+                    )
+                    js_endpoints = fetch_and_extract_js_endpoints(target, js_files)
+
+                    if js_endpoints:
+                        logger.info(
+                            f"Found {len(js_endpoints)} additional endpoints from JavaScript"
+                        )
+                        # Add to parsed results
+                        for ep in js_endpoints:
+                            if ep not in urls_with_params_list:
+                                urls_with_params_list.append(ep)
+                            if ep not in sqli_candidates:
+                                sqli_candidates.append(ep)
+                            if ep not in injectable_urls:
+                                injectable_urls.append(ep)
+
+                        # Update parsed dict for display
+                        parsed["urls_with_params"] = urls_with_params_list
+                        parsed["sqli_candidate_urls"] = sqli_candidates
+                except Exception as e:
+                    logger.warning(f"JavaScript endpoint extraction failed: {e}")
+
             # Determine status
             urls_list = parsed.get("urls", [])
             urls_with_params_list = parsed.get("urls_with_params", [])

souleyez/handlers/kerbrute_handler.py

@@ -2,6 +2,7 @@
 """
 Handler for kerbrute Kerberos enumeration tool.
 """
+
 import logging
 import os
 import re

souleyez/handlers/ldapsearch_handler.py

@@ -2,6 +2,7 @@
 """
 Handler for ldapsearch LDAP enumeration tool.
 """
+
 import logging
 import os
 import re
@@ -177,8 +178,8 @@ class LdapsearchHandler(BaseToolHandler):
                                 f"{user.get('sAMAccountName')} - check description field"
                             )
 
-                # Store credentials if found
-                if credentials_found and credentials_manager:
+                # Store credentials if found AND store enumerated users
+                if (credentials_found or usernames) and credentials_manager:
                     if host_manager is None:
                         from souleyez.storage.hosts import HostManager
 
@@ -186,6 +187,7 @@ class LdapsearchHandler(BaseToolHandler):
 
                     host = host_manager.get_host_by_ip(engagement_id, target)
                     if host:
+                        # Store passwords found in descriptions
                         for cred in credentials_found:
                             credentials_manager.add_credential(
                                 engagement_id=engagement_id,
@@ -199,6 +201,31 @@ class LdapsearchHandler(BaseToolHandler):
                                 notes="Found in LDAP user description field",
                             )
 
+                        # Store enumerated usernames (without passwords)
+                        usernames_stored = 0
+                        for username in usernames:
+                            # Skip if already stored with a password
+                            already_has_cred = any(
+                                c["username"] == username for c in credentials_found
+                            )
+                            if not already_has_cred:
+                                credentials_manager.add_credential(
+                                    engagement_id=engagement_id,
+                                    host_id=host["id"],
+                                    username=username,
+                                    password="",
+                                    service="ldap",
+                                    credential_type="ldap_user",
+                                    tool="ldapsearch",
+                                    status="enumerated",
+                                    notes="Enumerated via LDAP",
+                                )
+                                usernames_stored += 1
+                        if usernames_stored > 0:
+                            logger.info(
+                                f"Stored {usernames_stored} enumerated LDAP usernames"
+                            )
+
                 logger.info(
                     f"ldapsearch parse complete: {len(naming_contexts)} naming contexts, "
                     f"{len(domains)} domains, {len(users)} users, {len(credentials_found)} creds, base_dn={base_dn}"
@@ -420,8 +447,11 @@ class LdapsearchHandler(BaseToolHandler):
 
             # New entry starts with "dn:"
             if line.startswith("dn:"):
+                # Save previous entry if it's not explicitly a group
+                # Default to including (is_group=False) if no objectClass info
                 if current_user and current_user.get("sAMAccountName"):
-                    users.append(current_user)
+                    if not current_user.get("is_group", False):
+                        users.append(current_user)
                 current_user = {}
                 # Extract OU from DN
                 ou_match = re.search(r"OU=([^,]+)", line, re.IGNORECASE)
@@ -448,12 +478,43 @@ class LdapsearchHandler(BaseToolHandler):
                             "key ",
                             "dns",
                             "ras ",
+                            "cloneable ",
                         )
                     ):
                         current_user["cn_username"] = cn_name.replace(" ", ".")
 
+            elif line.startswith("objectClass:"):
+                obj_class = line.split(":", 1)[1].strip().lower()
+                # Mark as group if objectClass is group (blacklist approach)
+                if obj_class == "group":
+                    current_user["is_group"] = True
+
             elif line.startswith("sAMAccountName:"):
-                current_user["sAMAccountName"] = line.split(":", 1)[1].strip()
+                sam = line.split(":", 1)[1].strip()
+                current_user["sAMAccountName"] = sam
+                # Filter out obvious group names by sAMAccountName pattern
+                sam_lower = sam.lower()
+                if sam_lower in (
+                    "guest",
+                    "domain users",
+                    "domain computers",
+                    "domain guests",
+                    "domain admins",
+                    "enterprise admins",
+                    "schema admins",
+                    "cert publishers",
+                    "group policy creator owners",
+                    "ras and ias servers",
+                    "allowed rodc password replication group",
+                    "denied rodc password replication group",
+                    "read-only domain controllers",
+                    "enterprise read-only domain controllers",
+                    "cloneable domain controllers",
+                    "protected users",
+                    "dnsadmins",
+                    "dnsupdateproxy",
+                ):
+                    current_user["is_group"] = True
 
             elif line.startswith("description:"):
                 current_user["description"] = line.split(":", 1)[1].strip()
@@ -466,9 +527,10 @@ class LdapsearchHandler(BaseToolHandler):
                 if cn_match:
                     current_user["memberOf"].append(cn_match.group(1))
 
-        # Don't forget last user
+        # Don't forget last user - only if it's not a group
         if current_user and current_user.get("sAMAccountName"):
-            users.append(current_user)
+            if not current_user.get("is_group", False):
+                users.append(current_user)
 
         # Second pass: add users found only via CN (no sAMAccountName returned)
         # This catches users from broader queries like (objectClass=*)
@@ -476,9 +538,11 @@ class LdapsearchHandler(BaseToolHandler):
         for line in log_content.split("\n"):
             line = line.strip()
             if line.startswith("dn:"):
-                if current_user.get("cn_username") and not current_user.get(
-                    "sAMAccountName"
-                ):
+                if (
+                    current_user.get("cn_username")
+                    and not current_user.get("sAMAccountName")
+                    and not current_user.get("is_group", False)
+                ):  # Default to user if no objectClass
                     # Check if we already have this user
                     existing = [
                         u
@@ -507,24 +571,33 @@ class LdapsearchHandler(BaseToolHandler):
                             "key ",
                             "dns",
                             "ras ",
+                            "cloneable ",
                         )
                     ):
                         current_user["cn_username"] = cn_name.replace(" ", ".")
                 if ou_match:
                     current_user["ou"] = ou_match.group(1)
+            elif line.startswith("objectClass:"):
+                obj_class = line.split(":", 1)[1].strip().lower()
+                # Blacklist groups - mark as group if objectClass is group
+                if obj_class == "group":
+                    current_user["is_group"] = True
             elif line.startswith("sAMAccountName:"):
                 current_user["sAMAccountName"] = line.split(":", 1)[1].strip()
 
         # Last entry from second pass
         if current_user.get("cn_username") and not current_user.get("sAMAccountName"):
-            existing = [
-                u
-                for u in users
-                if u.get("sAMAccountName") == current_user.get("cn_username")
-            ]
-            if not existing:
-                current_user["sAMAccountName"] = current_user["cn_username"]
-                users.append(current_user)
+            if not current_user.get(
+                "is_group", False
+            ):  # Default to user if no objectClass
+                existing = [
+                    u
+                    for u in users
+                    if u.get("sAMAccountName") == current_user.get("cn_username")
+                ]
+                if not existing:
+                    current_user["sAMAccountName"] = current_user["cn_username"]
+                    users.append(current_user)
 
         return users
 

souleyez/handlers/lfi_extract_handler.py

@@ -4,6 +4,7 @@ souleyez.handlers.lfi_extract_handler - Handler for LFI credential extraction
 
 Parses LFI extract results and stores discovered credentials in the database.
 """
+
 import json
 import logging
 import os

souleyez/handlers/msf_auxiliary_handler.py

@@ -4,6 +4,7 @@ Metasploit auxiliary handler.
 
 Consolidates parsing and display logic for msf_auxiliary jobs.
 """
+
 import logging
 import os
 import re

souleyez/handlers/msf_exploit_handler.py

@@ -4,6 +4,7 @@ Metasploit exploit handler.
 
 Consolidates parsing and display logic for msf_exploit jobs.
 """
+
 import logging
 import os
 import re