-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathexploitgraph.py
More file actions
115 lines (99 loc) · 4.12 KB
/
exploitgraph.py
File metadata and controls
115 lines (99 loc) · 4.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/usr/bin/env python3
"""
ExploitGraph - Automated Attack Path Discovery & Exploitation Framework
Entry point. Supports interactive console and non-interactive CLI.
Usage:
python3 exploitgraph.py # Interactive console
python3 exploitgraph.py -t http://target.com # Pre-set target
python3 exploitgraph.py -t http://target.com --auto # Full auto chain
python3 exploitgraph.py -t http://target.com -m cloud/s3_enum
python3 exploitgraph.py --list-modules
"""
from __future__ import annotations
import os
import sys
sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
def main():
import argparse
parser = argparse.ArgumentParser(
prog="exploitgraph",
description="ExploitGraph — Automated Attack Path Discovery & Exploitation Framework",
formatter_class=argparse.RawDescriptionHelpFormatter,
epilog="""
Examples:
python3 exploitgraph.py
python3 exploitgraph.py -t http://192.168.1.10 --auto
python3 exploitgraph.py -t http://target.com -m discovery/http_enum
python3 exploitgraph.py -t http://target.com --mode defensive --auto
python3 exploitgraph.py --list-modules
""",
)
parser.add_argument("-t", "--target", help="Target URL")
parser.add_argument("-m", "--module", help="Run single module (e.g. cloud/s3_enum)")
parser.add_argument("--auto", action="store_true", help="Run full auto attack chain")
parser.add_argument("--mode", choices=["offensive","defensive"], default="offensive")
parser.add_argument("--output-dir", default="reports")
parser.add_argument("--list-modules", action="store_true")
parser.add_argument("--session", help="Resume session by ID")
parser.add_argument("--workspace", help="Workspace name")
parser.add_argument("-q","--quiet", action="store_true")
parser.add_argument("--version", action="version", version="ExploitGraph 1.0.0")
args = parser.parse_args()
from core.logger import log
from core.module_loader import loader
from core.session_manager import session_manager
if not args.quiet:
os.system("clear")
from core.console import print_banner
print_banner()
loader.discover()
if args.list_modules:
for cat, mods in loader.all_modules().items():
if mods:
print(f"\n {cat.upper()}")
for m in mods:
print(f" {m['path']:<38} {m['description'][:48]}")
print(f"\n Total: {loader.count()} modules")
sys.exit(0)
if args.session:
s = session_manager.switch(args.session)
if not s:
log.error(f"Session not found: {args.session}"); sys.exit(1)
log.success(f"Resumed: {args.session}")
elif args.target:
t = args.target if args.target.startswith(("http://","https://")) else "http://"+args.target
s = session_manager.new(t, args.workspace or "session", args.mode)
log.success(f"Session: {s.session_id} | Target: {t} | Mode: {args.mode}")
else:
s = session_manager.new("http://127.0.0.1:5000", "default", args.mode)
if args.module and not args.auto:
mod = loader.instantiate(args.module)
if not mod:
log.error(f"Module not found: {args.module}"); sys.exit(1)
for opt in ("TARGET","MODE"):
if opt in mod.OPTIONS:
mod.set_option(opt, s.target if opt=="TARGET" else args.mode)
ok, err = mod.validate(s)
if not ok:
log.error(err); sys.exit(1)
result = mod.run(s)
sys.exit(0 if result.success else 1)
from core.console import ExploitGraphConsole
console = ExploitGraphConsole()
if args.auto:
console._mode = args.mode
console._run_auto_chain()
sys.exit(0)
if args.target:
log.info("Type 'run auto' to start the full attack chain.")
print()
try:
console.cmdloop()
except KeyboardInterrupt:
print()
try:
console.cmdloop()
except KeyboardInterrupt:
print()
if __name__ == "__main__":
main()