diff --git a/README.md b/README.md new file mode 100644 index 0000000..c35061e --- /dev/null +++ b/README.md @@ -0,0 +1,18 @@ +# Pwnvasive + +Semi-automatic discovery and lateralization + +## Getting started + +### Documentation + +The official documentation is available : [here](doc/README.md) + +## Installation + +```bash +git clone https://github.com/airbus-seclab/pwnvasive.git +cd pwnvasive +chmod +x bin/pwnvasive +bin/pwnvasive /tmp/db.json +``` diff --git a/bin/pwnvasive b/bin/pwnvasive old mode 100644 new mode 100755 diff --git a/doc/README.md b/doc/README.md new file mode 100644 index 0000000..7035436 --- /dev/null +++ b/doc/README.md @@ -0,0 +1,145 @@ +## Documentation + +### add +Add an instance of an object +``` +add [val=''] +``` + +### auto +Modify the state of a handler to automate tasks. +``` +auto [handler=None] [on='on'] +``` + +### cat +Display the contents of a node file +``` +cat +``` + +### cnx +Create a session with a node +``` +cnx [selector=None] +``` + +### compute_network +Graphically represent our playing area +``` +compute_network +``` + +### config +Add/modify/delete attributes in the database +``` +config [key=None] [op=None] [val=None] +``` + +### del +Delete the instance of an object +``` +del +``` + +### disconnect +End a session +``` +disconnect [selector=None] +``` + +### eval +Evaluate a function +``` +eval +``` + +### exit +Exit the prompt +``` +exit +``` + +### extract_networks +Try to find new networks/new nodes +``` +extract_networks [selector=None] +``` + +### flush +Delete all instances of an object +``` +flush [selector=None] +``` + +### id +Identify the machine's operating system +``` +id [selector=None] +``` + +### info +Display an abstract of a node's information +``` +info +``` + +### ls +List objects and instances of an object +``` +ls [obj=None] [selector=None] +``` + +### monitor +Display the actions that pwnvasive performs internally +``` +monitor [onoff='on'] +``` + +### pdb +Debug pwnvasive +``` +pdb +``` + +### quit +Exit the prompt +``` +quit +``` + +### run +Run a command on a node +``` +run +``` + +### save +Save the database +``` +save [fname=None] +``` + +### service +View / Start / Stop a service +``` +service [svc=None] [startstop='start'] +``` + +### show +Display the details of an object instance +``` +show [selector=None] +``` + +### tasks +View current tasks +``` +tasks +``` + +### update +Modify the variables of an object instance +``` +update +``` \ No newline at end of file diff --git a/pwnvasive/cli.py b/pwnvasive/cli.py index 8c6b435..03239d8 100644 --- a/pwnvasive/cli.py +++ b/pwnvasive/cli.py @@ -13,7 +13,7 @@ from .exceptions import * from .mappings import Mapping from .services import Service -from . import webapi + ### Subclass aiocmd to pass arguments to PromptSession @@ -282,11 +282,11 @@ def _add_completions(self): for k,_ in self.store._objects.items() }) - def do_update(self, obj, selector, val): + def do_update(self, obj, selector, vals): try: - val = self.str2map(val) + vals = self.str2map(vals) except: - print(f"could not parse [{val}]. Should be field=value[,f=v[,...]]") + print(f"could not parse [{vals}]. Should be field=value[,f=v[,...]]") raise objs = self.store.objects[obj].select(selector) @@ -500,7 +500,7 @@ def _extract_ssh_keys_completions(self): def do_decrypt_ssh_keys(self, selector=None): - n = self.store.op.decrypt_ssh_keys(selector) + n = self.op.decrypt_ssh_keys(selector) print(f"Decrypted {n} ssh keys") def do_extract_networks(self, selector=None): diff --git a/pwnvasive/mappings.py b/pwnvasive/mappings.py index 9947ba5..7bc0e77 100644 --- a/pwnvasive/mappings.py +++ b/pwnvasive/mappings.py @@ -282,8 +282,7 @@ async def get_reached(self): async def _test_creds(self, **creds): use_creds = creds.copy() ck = use_creds.pop("client_keys",None) - if ck: - use_creds["client_keys"] = asyncssh.import_private_key(ck) + use_creds["client_keys"] = asyncssh.import_private_key(ck) if ck else None opt = asyncssh.SSHClientConnectionOptions(**use_creds, known_hosts=None) if self.jump_host: jh = await self.store.nodes[self.jump_host].connect()