Merge pull request #104 from GoVanguard/development

3.5 release

Author: web-flow

.gitignore

@@ -118,3 +118,5 @@ scripts/snmpbrute.py
 scripts/installDeps.sh
 scripts/smtp-user-enum.pl
 scripts/snmpcheck.rb
+
+scripts/CloudFail

CHANGELOG.txt

@@ -1,3 +1,9 @@
+LEGION 0.3.5
+
+* Bug Fixes
+* Copy from tables using double click
+* CVE -> ExploitDB redesign using pyExploitDb and bugfixes
+
 LEGION 0.3.4
 
 * Depnendancy polish

README.md

@@ -16,6 +16,7 @@ Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-exten
 * Modular functionality allows users to easily customize Legion and automatically call their own scripts/tools
 * Highly customizable stage scanning for ninja-like IPS evasion
 * Automatic detection of CPEs (Common Platform Enumeration) and CVEs (Common Vulnerabilities and Exposures)
+* Ties CVEs to Exploits as detailed in Exploit-Database
 * Realtime autosaving of project results and tasks
 
 ### NOTABLE CHANGES FROM SPARTA
@@ -36,6 +37,7 @@ Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-exten
 ![](https://govanguard.io/wp-content/uploads/2019/02/LegionDemo.gif)
 
 ## INSTALLATION
+It is preferable to use the docker image over a traditional installation. This is because of all the dependancy requirements and the complications that occur in environments which differ from a clean, non-default installation.
 
 ### TRADITIONAL METHOD
 Assumes Ubuntu, Kali or Parrot Linux is being used with Python 3.6 installed.

app/auxiliary.py

@@ -199,16 +199,16 @@ def add(self, word):
 class MyQProcess(QProcess):
     sigHydra = QtCore.pyqtSignal(QObject, list, list, name="hydra")     # signal to indicate Hydra found stuff
 
-    def __init__(self, name, tabtitle, hostip, port, protocol, command, starttime, outputfile, textbox):
+    def __init__(self, name, tabTitle, hostIp, port, protocol, command, startTime, outputfile, textbox):
         QProcess.__init__(self)
         self.id = -1
         self.name = name
-        self.tabtitle = tabtitle
-        self.hostip = hostip
+        self.tabTitle = tabTitle
+        self.hostIp = hostIp
         self.port = port
         self.protocol = protocol        
         self.command = command
-        self.starttime = starttime      
+        self.startTime = startTime      
         self.outputfile = outputfile
         self.display = textbox                                          # has its own display widget to be able to display its output in the GUI
         self.elapsed = -1

app/cvemodels.py

@@ -47,7 +47,7 @@ def headerData(self, section, orientation, role):
 
     def data(self, index, role):                                        # this method takes care of how the information is displayed
 
-        if role == QtCore.Qt.DisplayRole:                               # how to display each cell
+        if role == QtCore.Qt.DisplayRole or role == QtCore.Qt.EditRole:                               # how to display each cell
             value = ''
             row = index.row()
             column = index.column()
@@ -63,6 +63,12 @@ def data(self, index, role):                                        # this metho
                 value = self.__cves[row]['url']
             elif column == 5:
                 value = self.__cves[row]['source']
+            elif column == 6:
+                value = self.__cves[row]['exploitId']
+            elif column == 7:
+                value = self.__cves[row]['exploit']
+            elif column == 8:
+                value = self.__cves[row]['exploitUrl']
             return value
 
 
@@ -88,6 +94,15 @@ def sort(self, Ncol, order):
         elif Ncol == 5:
             for i in range(len(self.__cves)):
                 array.append(self.__cves[i]['source'])
+        elif Ncol == 6:
+            for i in range(len(self.__cves)):
+                array.append(self.__cves[i]['exploitId'])
+        elif Ncol == 7:
+            for i in range(len(self.__cves)):
+                array.append(self.__cves[i]['exploit'])
+        elif Ncol == 8:
+            for i in range(len(self.__cves)):
+                array.append(self.__cves[i]['exploitUrl'])
 
         sortArrayWithArray(array, self.__cves)                       # sort the services based on the values in the array
 
@@ -97,12 +112,15 @@ def sort(self, Ncol, order):
         self.layoutChanged.emit()
 
     def flags(self, index):                                             # method that allows views to know how to treat each item, eg: if it should be enabled, editable, selectable etc
-        return QtCore.Qt.ItemIsEnabled | QtCore.Qt.ItemIsSelectable
+        return QtCore.Qt.ItemIsEnabled | QtCore.Qt.ItemIsSelectable | QtCore.Qt.ItemIsEditable
 
     ### getter functions ###
 
     def getCveDBIdForRow(self, row):
         return self.__cves[row]['name']
+
+    def getCveForRow(self, row):
+        return self.__cves[row]
 
     def getRowForDBId(self, id):
         for i in range(len(self.__cves)):

app/hostmodels.py

@@ -46,7 +46,7 @@ def headerData(self, section, orientation, role):
     def data(self, index, role):                                        # this method takes care of how the information is displayed
         if role == QtCore.Qt.DecorationRole:                            # to show the operating system icon instead of text                 
             if index.column() == 1:                                     # if trying to display the operating system
-                os_string = self.__hosts[index.row()]['os_match']               
+                os_string = self.__hosts[index.row()]['osMatch']               
                 if os_string == '':                                     # if there is no OS information, use the question mark icon
                     return QtGui.QIcon("./images/question-icon.png")
 
@@ -78,7 +78,7 @@ def data(self, index, role):                                        # this metho
             if column == 0:
                 value = self.__hosts[row]['id']
             elif column == 2:
-                value = self.__hosts[row]['os_accuracy']
+                value = self.__hosts[row]['osAccuracy']
             elif column == 3:
                 if not self.__hosts[row]['hostname'] == '':
                     value = self.__hosts[row]['ip'] + ' ('+ self.__hosts[row]['hostname'] +')'
@@ -133,7 +133,7 @@ def sort(self, Ncol, order):                                        # sort funct
         elif Ncol == 1:                                                 # if sorting by OS
             for i in range(len(self.__hosts)):
 
-                os_string = self.__hosts[i]['os_match']
+                os_string = self.__hosts[i]['osMatch']
                 if os_string == '':
                     array.append('')