Merge pull request #4 from Ostorlab/agent_core

Agent Metasploit

.github/workflows/pytest.yml

@@ -25,7 +25,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.10"]
+        python-version: ["3.11"]
 
     steps:
       - uses: actions/checkout@v2
@@ -35,13 +35,9 @@ jobs:
           python-version: ${{ matrix.python-version }}
       - name: Install Metasploit.
         run: |
-          sudo apt update
-          sudo apt install curl gpg
-          curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
-          chmod +x msfinstall
-          sudo ./msfinstall
+          sudo snap install metasploit-framework
           msfdb init
-          msfrpcd -P Ostorlab123 -p 55552
+          msfrpcd -P Ostorlab123 -p 55555
       - name: Install dependencies.
         run: |
           python -m pip install --upgrade pip
@@ -51,4 +47,4 @@ jobs:
       - name: Running tests with pytest.
         run: |
           set -o pipefail
-          pytest -m "not docker"
+          pytest -m "not docker" tests/

.mypy.ini

@@ -17,7 +17,12 @@ warn_incomplete_stub = True
 warn_redundant_casts = True
 #warn_unreachable = True
 warn_unused_ignores = True
-disallow_any_unimported = True
+disallow_any_unimported = False
 warn_return_any = True
 exclude = .*_pb2.py
 
+[mypy-pymetasploit3]
+ignore_missing_imports = True
+
+[mypy-timeout_decorator]
+ignore_missing_imports = True

Dockerfile

@@ -1,15 +1,15 @@
-FROM python:3.10-alpine as base
-FROM base as builder
-RUN apk add build-base
-RUN mkdir /install
-WORKDIR /install
+FROM kalilinux/kali-rolling:latest
+RUN apt-get update && apt-get install -y python3.11 \
+                                         python3-pip \
+                                         metasploit-framework \
+                                         procps
 COPY requirement.txt /requirement.txt
-RUN pip install --prefix=/install -r /requirement.txt
-FROM base
-COPY --from=builder /install /usr/local
+RUN python3 -m pip install -r /requirement.txt
+COPY tools /tools
+RUN pip install -e /tools/pymetasploit3
 RUN mkdir -p /app/agent
 ENV PYTHONPATH=/app
 COPY agent /app/agent
 COPY ostorlab.yaml /app/agent/ostorlab.yaml
 WORKDIR /app
-CMD ["python3", "/app/agent/template_agent.py"]
+CMD ["python3", "/app/agent/metasploit_agent.py"]

README.md

@@ -1,36 +1,108 @@
-# Ostorlab Template Agent
+<h1 align="center">Agent Metasploit</h1>
 
-This repo is a template to build an Ostorlab agent in Python. It ships with good best practices like:
+<p align="center">
+<img src="https://img.shields.io/badge/License-Apache_2.0-brightgreen.svg">
+<img src="https://img.shields.io/github/languages/top/ostorlab/agent_metasploit">
+<img src="https://img.shields.io/github/stars/ostorlab/agent_metasploit">
+<img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg">
+</p>
 
-* Github actions workflow
-* Linting checks
-* Static typing checks with Mypy
-* Running unit test with Pytest
-* Compute test coverage
+_Metasploit is a powerful penetration testing framework._
+
+---
+
+<p align="center">
+<img src="https://github.com/Ostorlab/agent_metasploit/blob/main/images/logo.png" alt="agent-metasploit" />
+</p>
+
+This repository is an implementation of [Ostorlab Agent](https://pypi.org/project/ostorlab/) for the [Metasploit Framework](https://github.com/rapid7/metasploit-framework) by Rapid7.
 
 ## Getting Started
+To perform your first scan, simply run the following command:
+```shell
+ostorlab scan run --install --agent agent/ostorlab/metasploit ip 8.8.8.8
+``` 
+
+This command will download and install `agent/ostorlab/metasploit` and target the ip `8.8.8.8`.
+For more information, please refer to the [Ostorlab Documentation](https://github.com/Ostorlab/ostorlab/blob/main/README.md)
+
+
+## Usage
+
+Agent Metasploit can be installed directly from the ostorlab agent store or built from this repository.
+
+ ### Install directly from ostorlab agent store
+
+ ```shell
+ ostorlab agent install agent/ostorlab/metasploit
+ ```
+
+You can then run the agent with the following command:
+```shell
+ostorlab scan run --agent agent/ostorlab/metasploit ip 8.8.8.8
+```
+
+
+### Build directly from the repository
+
+ 1. To build the metasploit agent you need to have [ostorlab](https://pypi.org/project/ostorlab/) installed in your machine.  if you have already installed ostorlab, you can skip this step.
+
+```shell
+pip3 install ostorlab
+```
+
+ 2. Clone this repository.
+
+```shell
+git clone https://github.com/Ostorlab/agent_metasploit.git && cd agent_metasploit
+```
+
+ 3. Build the agent image using ostorlab cli.
+
+ ```shell
+ ostorlab agent build --file=ostorlab.yaml
+ ```
+
+ You can pass the optional flag `--organization` to specify your organisation. The organization is empty by default.
+
+ 4. Run the agent using on of the following commands:
+	 * If you did not specify an organization when building the image:
+    ```shell
+    ostorlab scan run --agent agent//metasploit ip 8.8.8.8
+    ```
+	 * If you specified an organization when building the image:
+    ```shell
+    ostorlab scan run --agent agent/[ORGANIZATION]/metasploit ip 8.8.8.8
+    ```
+
+### Run agent metasploit with module options
+
+- Payload: `auxiliary/scanner/portscan/tcp`
+- Options:
+  - PORTS: `80, 443`
+
+Example `agent_group.yaml` file to trigger the scan:
+
+```yaml
+kind: AgentGroup
+description: Metasploit.
+agents:
+  - key: agent//metasploit
+    args:
+      - name: config
+        type: array
+        value: 
+          - module: 'auxiliary/scanner/portscan/tcp'
+            options:
+              - name: "PORTS"
+                value: "80,443"
+          - module: 'auxiliary/scanner/http/enum_wayback'
+            options:
+              - name: "DOMAIN"
+                value: "www.ostorlab.co"
+```
+
+`ostorlab scan run -g agent_group.yaml domain-name www.ostorlab.co`
 
-Here are links to good resources to get started:
-
-* [Write An Agent](https://docs.ostorlab.co/tutorials/write-an-ostorlab-agent.html)
-* [Use Ostorlab](https://docs.ostorlab.co/tutorials/run-your-first-scan.html)
-* [Debugging and Testing Agents](https://docs.ostorlab.co/tutorials/debugging-agents.html)
-* [Ostorlab Internals](https://docs.ostorlab.co/tutorials/life-of-a-scan.html)
-
-## Ideas for Agents to build
-
-Implementation of popular tools like:
-
-* [semgrep](https://github.com/returntocorp/semgrep) for source code scanning.
-* [nbtscan](http://www.unixwiz.net/tools/nbtscan.html): Scans for open NETBIOS nameservers on your target’s network.
-* [onesixtyone](https://github.com/trailofbits/onesixtyone): Fast scanner to find publicly exposed SNMP services.
-* [Retire.js](http://retirejs.github.io/retire.js/): Scanner detecting the use of JavaScript libraries with known
-  vulnerabilities.
-* [snallygaster](https://github.com/hannob/snallygaster): Finds file leaks and other security problems on HTTP servers.
-* [testssl.sh](https://testssl.sh/): Identify various TLS/SSL weaknesses, including Heartbleed, CRIME and ROBOT.
-* [TruffleHog](https://github.com/trufflesecurity/truffleHog): Searches through git repositories for high entropy
-  strings and secrets, digging deep into commit history.
-* [cve-bin-tool](https://github.com/intel/cve-bin-tool): Scan binaries for vulnerable components.
-* [XSStrike](https://github.com/s0md3v/XSStrike): XSS web vulnerability scanner with generative payload.
-* ~~[Subjack](https://github.com/haccer/subjack): Subdomain takeover scanning tool.~~
-* [DnsReaper](https://github.com/punk-security/dnsReaper): Subdomain takeover scanning tool.
+## License
+[Apache](./LICENSE)