forked from Abacus-Group-RTO/legion
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsettings.py
311 lines (261 loc) · 15.3 KB
/
settings.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
#!/usr/bin/env python
"""
LEGION (https://govanguard.com)
Copyright (c) 2020 GoVanguard
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later
version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
details.
You should have received a copy of the GNU General Public License along with this program.
If not, see <http://www.gnu.org/licenses/>.
"""
from app.auxiliary import * # for timestamp
# this class reads and writes application settings
from app.timing import getTimestamp
log = getAppLogger()
class AppSettings():
def __init__(self):
# check if settings file exists and creates it if it doesn't
if not os.path.exists('./legion.conf'):
log.info('Legion config is missing. Please reclone.')
os.exit(1)
else:
log.info('Loading settings file..')
self.actions = QtCore.QSettings('./legion.conf', QtCore.QSettings.NativeFormat)
def getGeneralSettings(self):
return self.getSettingsByGroup("GeneralSettings")
def getBruteSettings(self):
return self.getSettingsByGroup("BruteSettings")
def getStagedNmapSettings(self):
return self.getSettingsByGroup('StagedNmapSettings')
def getToolSettings(self):
return self.getSettingsByGroup('ToolSettings')
def getGUISettings(self):
return self.getSettingsByGroup('GUISettings')
def getHostActions(self):
self.actions.beginGroup('HostActions')
hostactions = []
sortArray = []
keys = self.actions.childKeys()
for k in keys:
hostactions.append([self.actions.value(k)[0], str(k), self.actions.value(k)[1]])
sortArray.append(self.actions.value(k)[0])
self.actions.endGroup()
sortArrayWithArray(sortArray, hostactions) # sort by label so that it appears nicely in the context menu
return hostactions
# this function fetches all the host actions from the settings file
def getPortActions(self):
self.actions.beginGroup('PortActions')
portactions = []
sortArray = []
keys = self.actions.childKeys()
for k in keys:
portactions.append([self.actions.value(k)[0], str(k), self.actions.value(k)[1], self.actions.value(k)[2]])
sortArray.append(self.actions.value(k)[0])
self.actions.endGroup()
sortArrayWithArray(sortArray, portactions) # sort by label so that it appears nicely in the context menu
return portactions
# this function fetches all the port actions from the settings file
def getPortTerminalActions(self):
self.actions.beginGroup('PortTerminalActions')
portactions = []
sortArray = []
keys = self.actions.childKeys()
for k in keys:
portactions.append([self.actions.value(k)[0], str(k), self.actions.value(k)[1], self.actions.value(k)[2]])
sortArray.append(self.actions.value(k)[0])
self.actions.endGroup()
sortArrayWithArray(sortArray, portactions) # sort by label so that it appears nicely in the context menu
return portactions
# this function fetches all the port actions that will be run as terminal commands from the settings file
def getSchedulerSettings(self):
settings = []
self.actions.beginGroup('SchedulerSettings')
keys = self.actions.childKeys()
for k in keys:
settings.append([str(k), self.actions.value(k)[0], self.actions.value(k)[1]])
self.actions.endGroup()
return settings
def getSettingsByGroup(self, name: str) -> dict:
self.actions.beginGroup(name)
settings = dict()
keys = self.actions.childKeys()
for k in keys:
settings.update({str(k): str(self.actions.value(k))})
self.actions.endGroup()
return settings
def backupAndSave(self, newSettings, saveBackup=True):
# Backup and save
if saveBackup:
log.info('Backing up old settings and saving new settings...')
os.rename('./legion.conf', './backup/' + getTimestamp() + '-legion.conf')
else:
log.info('Saving config...')
self.actions = QtCore.QSettings('./legion.conf', QtCore.QSettings.NativeFormat)
self.actions.beginGroup('GeneralSettings')
self.actions.setValue('default-terminal', newSettings.general_default_terminal)
self.actions.setValue('tool-output-black-background', newSettings.general_tool_output_black_background)
self.actions.setValue('screenshooter-timeout', newSettings.general_screenshooter_timeout)
self.actions.setValue('web-services', newSettings.general_web_services)
self.actions.setValue('enable-scheduler', newSettings.general_enable_scheduler)
self.actions.setValue('enable-scheduler-on-import', newSettings.general_enable_scheduler_on_import)
self.actions.setValue('max-fast-processes', newSettings.general_max_fast_processes)
self.actions.setValue('max-slow-processes', newSettings.general_max_slow_processes)
self.actions.endGroup()
self.actions.beginGroup('BruteSettings')
self.actions.setValue('store-cleartext-passwords-on-exit', newSettings.brute_store_cleartext_passwords_on_exit)
self.actions.setValue('username-wordlist-path', newSettings.brute_username_wordlist_path)
self.actions.setValue('password-wordlist-path', newSettings.brute_password_wordlist_path)
self.actions.setValue('default-username', newSettings.brute_default_username)
self.actions.setValue('default-password', newSettings.brute_default_password)
self.actions.setValue('services', newSettings.brute_services)
self.actions.setValue('no-username-services', newSettings.brute_no_username_services)
self.actions.setValue('no-password-services', newSettings.brute_no_password_services)
self.actions.endGroup()
self.actions.beginGroup('ToolSettings')
self.actions.setValue('nmap-path', newSettings.tools_path_nmap)
self.actions.setValue('hydra-path', newSettings.tools_path_hydra)
self.actions.setValue('cutycapt-path', newSettings.tools_path_cutycapt)
self.actions.setValue('texteditor-path', newSettings.tools_path_texteditor)
self.actions.setValue('pyshodan-api-key', newSettings.tools_pyshodan_api_key)
self.actions.endGroup()
self.actions.beginGroup('StagedNmapSettings')
self.actions.setValue('stage1-ports', newSettings.tools_nmap_stage1_ports)
self.actions.setValue('stage2-ports', newSettings.tools_nmap_stage2_ports)
self.actions.setValue('stage3-ports', newSettings.tools_nmap_stage3_ports)
self.actions.setValue('stage4-ports', newSettings.tools_nmap_stage4_ports)
self.actions.setValue('stage5-ports', newSettings.tools_nmap_stage5_ports)
self.actions.setValue('stage6-ports', newSettings.tools_nmap_stage6_ports)
self.actions.endGroup()
self.actions.beginGroup('GUISettings')
self.actions.setValue('process-tab-column-widths', newSettings.gui_process_tab_column_widths)
self.actions.setValue('process-tab-detail', newSettings.gui_process_tab_detail)
self.actions.endGroup()
self.actions.beginGroup('HostActions')
for a in newSettings.hostActions:
self.actions.setValue(a[1], [a[0], a[2]])
self.actions.endGroup()
self.actions.beginGroup('PortActions')
for a in newSettings.portActions:
self.actions.setValue(a[1], [a[0], a[2], a[3]])
self.actions.endGroup()
self.actions.beginGroup('PortTerminalActions')
for a in newSettings.portTerminalActions:
self.actions.setValue(a[1], [a[0], a[2], a[3]])
self.actions.endGroup()
self.actions.beginGroup('SchedulerSettings')
for tool in newSettings.automatedAttacks:
self.actions.setValue(tool[0], [tool[1], tool[2]])
self.actions.endGroup()
self.actions.sync()
# This class first sets all the default settings and
# then overwrites them with the settings found in the configuration file
class Settings():
def __init__(self, appSettings=None):
# general
self.general_default_terminal = "gnome-terminal"
self.general_tool_output_black_background = "False"
self.general_screenshooter_timeout = "15000"
self.general_web_services = "http,https,ssl,soap,http-proxy,http-alt,https-alt"
self.general_enable_scheduler = "True"
self.general_max_fast_processes = "10"
self.general_max_slow_processes = "10"
# brute
self.brute_store_cleartext_passwords_on_exit = "True"
self.brute_username_wordlist_path = "/usr/share/wordlists/"
self.brute_password_wordlist_path = "/usr/share/wordlists/"
self.brute_default_username = "root"
self.brute_default_password = "password"
self.brute_services = "asterisk,afp,cisco,cisco-enable,cvs,firebird,ftp,ftps,http-head,http-get," + \
"https-head,https-get,http-get-form,http-post-form,https-get-form," + \
"https-post-form,http-proxy,http-proxy-urlenum,icq,imap,imaps,irc,ldap2,ldap2s," + \
"ldap3,ldap3s,ldap3-crammd5,ldap3-crammd5s,ldap3-digestmd5,ldap3-digestmd5s," + \
"mssql,mysql,ncp,nntp,oracle-listener,oracle-sid,pcanywhere,pcnfs,pop3,pop3s," + \
"postgres,rdp,rexec,rlogin,rsh,s7-300,sip,smb,smtp,smtps,smtp-enum,snmp,socks5," + \
"ssh,sshkey,svn,teamspeak,telnet,telnets,vmauthd,vnc,xmpp"
self.brute_no_username_services = "cisco,cisco-enable,oracle-listener,s7-300,snmp,vnc"
self.brute_no_password_services = "oracle-sid,rsh,smtp-enum"
# tools
self.tools_nmap_stage1_ports = "T:80,443"
self.tools_nmap_stage2_ports = "T:25,135,137,139,445,1433,3306,5432,U:137,161,162,1434"
self.tools_nmap_stage3_ports = "Vulners,CVE"
self.tools_nmap_stage4_ports = "T:23,21,22,110,111,2049,3389,8080,U:500,5060"
self.tools_nmap_stage5_ports = "T:0-20,24,26-79,81-109,112-134,136,138,140-442,444,446-1432,1434-2048," + \
"2050-3305,3307-3388,3390-5431,5433-8079,8081-29999"
self.tools_nmap_stage6_ports = "T:30000-65535"
self.tools_path_nmap = "/sbin/nmap"
self.tools_path_hydra = "/usr/bin/hydra"
self.tools_path_cutycapt = "/usr/bin/cutycapt"
self.tools_path_texteditor = "/usr/bin/leafpad"
self.tools_pyshodan_api_key = "SNYEkE0gdwNu9BRURVDjWPXePCquXqht"
# GUI settings
self.gui_process_tab_column_widths = "125,0,100,150,100,100,100,100,100,100,100,100,100,100,100,100,100"
self.gui_process_tab_detail = False
self.hostActions = []
self.portActions = []
self.portTerminalActions = []
self.stagedNmapSettings = []
self.automatedAttacks = []
# now that all defaults are set, overwrite with whatever was in the .conf file (stored in appSettings)
if appSettings:
try:
self.generalSettings = appSettings.getGeneralSettings()
self.bruteSettings = appSettings.getBruteSettings()
self.stagedNmapSettings = appSettings.getStagedNmapSettings()
self.toolSettings = appSettings.getToolSettings()
self.guiSettings = appSettings.getGUISettings()
self.hostActions = appSettings.getHostActions()
self.portActions = appSettings.getPortActions()
self.portTerminalActions = appSettings.getPortTerminalActions()
self.automatedAttacks = appSettings.getSchedulerSettings()
# general
self.general_default_terminal = self.generalSettings['default-terminal']
self.general_tool_output_black_background = self.generalSettings['tool-output-black-background']
self.general_screenshooter_timeout = self.generalSettings['screenshooter-timeout']
self.general_web_services = self.generalSettings['web-services']
self.general_enable_scheduler = self.generalSettings['enable-scheduler']
self.general_enable_scheduler_on_import = self.generalSettings['enable-scheduler-on-import']
self.general_max_fast_processes = self.generalSettings['max-fast-processes']
self.general_max_slow_processes = self.generalSettings['max-slow-processes']
# brute
self.brute_store_cleartext_passwords_on_exit = self.bruteSettings['store-cleartext-passwords-on-exit']
self.brute_username_wordlist_path = self.bruteSettings['username-wordlist-path']
self.brute_password_wordlist_path = self.bruteSettings['password-wordlist-path']
self.brute_default_username = self.bruteSettings['default-username']
self.brute_default_password = self.bruteSettings['default-password']
self.brute_services = self.bruteSettings['services']
self.brute_no_username_services = self.bruteSettings['no-username-services']
self.brute_no_password_services = self.bruteSettings['no-password-services']
# tools
self.tools_nmap_stage1_ports = self.stagedNmapSettings['stage1-ports']
self.tools_nmap_stage2_ports = self.stagedNmapSettings['stage2-ports']
self.tools_nmap_stage3_ports = self.stagedNmapSettings['stage3-ports']
self.tools_nmap_stage4_ports = self.stagedNmapSettings['stage4-ports']
self.tools_nmap_stage5_ports = self.stagedNmapSettings['stage5-ports']
self.tools_nmap_stage6_ports = self.stagedNmapSettings['stage6-ports']
self.tools_path_nmap = self.toolSettings['nmap-path']
self.tools_path_hydra = self.toolSettings['hydra-path']
self.tools_path_cutycapt = self.toolSettings['cutycapt-path']
self.tools_path_texteditor = self.toolSettings['texteditor-path']
self.tools_pyshodan_api_key = self.toolSettings['pyshodan-api-key']
# gui
self.gui_process_tab_column_widths = self.guiSettings['process-tab-column-widths']
self.gui_process_tab_detail = self.guiSettings['process-tab-detail']
except KeyError as e:
log.info('Something went wrong while loading the configuration file. Falling back to default ' +
'settings for some settings.')
log.info('Go to the settings menu to fix the issues!')
log.error(str(e))
def __eq__(self, other): # returns false if settings objects are different
if type(other) is type(self):
return self.__dict__ == other.__dict__
return False
if __name__ == "__main__":
settings = AppSettings()
s = Settings(settings)
s2 = Settings(settings)
log.info(s == s2)
s2.general_default_terminal = 'whatever'
log.info(s == s2)