Merge pull request BinaryDefense#91 from corelan/master

don't start certain services if not running posix

artillery.py

@@ -25,6 +25,7 @@
 #
 # Tested on win 7/8/10 also on kali rolling. left this here for when someone tries to launch this directly before using setup.
 
+#
 init_globals()
 
 if not os.path.isfile(src.globals.g_appfile):
@@ -90,7 +91,7 @@
         thread.start_new_thread(update, ())
 
     # import base monitoring of fs
-    if is_config_enabled("MONITOR"):
+    if is_config_enabled("MONITOR") and is_posix():
         from src.monitor import *
 
     # port ranges to spawn
@@ -103,31 +104,33 @@
         write_console("Creating iptables entries, hold on.")
         create_iptables_subset()
         write_console("iptables entries created.")
-        write_console("Activating anti DoS.")
-        # start anti_dos
-        import src.anti_dos
+        if is_config_enabled("ANTI_DOS"):
+            write_console("Activating anti DoS.")
+            # start anti_dos
+            import src.anti_dos
 
     # spawn honeypot
     write_console("Launching honeypot.") 
     import src.honeypot
 
     # spawn ssh monitor
-    if is_config_enabled("SSH_BRUTE_MONITOR"):
+    if is_config_enabled("SSH_BRUTE_MONITOR") and is_posix():
         write_console("Launching SSH Bruteforce monitor.")
         import src.ssh_monitor
 
     # spawn ftp monitor
-    if is_config_enabled("FTP_BRUTE_MONITOR"):
+    if is_config_enabled("FTP_BRUTE_MONITOR") and is_posix():
         write_console("Launching FTP Bruteforce monitor.")
         import src.ftp_monitor
 
     # start monitor engine
-    write_console("Launching monitor engines.")
-    import src.monitor
-
-    # check hardening
-    write_console("Check system hardening.")
-    import src.harden
+    if is_config_enabled("MONITOR") and is_posix():
+        write_console("Launching monitor engines.")
+        import src.monitor
+    if is_config_enabled("SYSTEM_HARDENING") and is_posix():
+        # check hardening
+        write_console("Check system hardening.")
+        import src.harden
 
     # start the email handler
     write_console("Launching email handler.")

src/config.py

@@ -6,7 +6,7 @@
 
 import os
 import platform
-import globals
+from . import globals
 
 if platform.system() == "Windows":
     import ntpath

src/core.py

@@ -45,7 +45,8 @@
 import socket
 import traceback
 
-import globals
+from . import globals
+
 
 # initialize global vars 
 def init_globals():
@@ -110,6 +111,7 @@ def check_config():
     configdefaults["MONITOR"] = ["ON", "DETERMINE IF YOU WANT TO MONITOR OR NOT"]
     configdefaults["MONITOR_FOLDERS"] = ["\"/var/www\",\"/etc/\"",  "THESE ARE THE FOLDERS TO MONITOR, TO ADD MORE, JUST DO \"/root\",\"/var/\", etc."]
     configdefaults["MONITOR_FREQUENCY"] = ["60", "BASED ON SECONDS, 2 = 2 seconds."]
+    configdefaults["SYSTEM_HARDENING"] = ["ON", "PERFORM CERTAIN SYSTEM HARDENING CHECKS"]
     configdefaults["SSH_DEFAULT_PORT_CHECK"] = ["ON", "CHECK/WARN IF SSH IS RUNNING ON PORT 22"]
     configdefaults["EXCLUDE"] = ["","EXCLUDE CERTAIN DIRECTORIES OR FILES. USE FOR EXAMPLE: /etc/passwd,/etc/hosts.allow"]
     configdefaults["HONEYPOT_BAN"] = ["OFF", "DO YOU WANT TO AUTOMATICALLY BAN ON THE HONEYPOT"]
@@ -161,6 +163,7 @@ def check_config():
     keyorder.append("MONITOR")
     keyorder.append("MONITOR_FOLDERS")
     keyorder.append("MONITOR_FREQUENCY")
+    keyorder.append("SYSTEM_HARDENING")
     keyorder.append("SSH_DEFAULT_PORT_CHECK")
     keyorder.append("EXCLUDE")
     keyorder.append("HONEYPOT_BAN")

src/ftp_monitor.py

@@ -20,7 +20,7 @@
 ftp_attempts = read_config("FTP_BRUTE_ATTEMPTS")
 # check for whitelist
 
-import globals
+from . import globals
 
 def ftp_monitor(monitor_time):
     while 1:

src/ssh_monitor.py

@@ -9,7 +9,7 @@
 except ImportError: import _thread as thread
 from src.core import *
 
-import globals
+from . import globals
 
 monitor_frequency = int(read_config("MONITOR_FREQUENCY"))
 ssh_attempts = read_config("SSH_BRUTE_ATTEMPTS")