redeye-framework · sisitrs2 · Jun 26, 2022 · Mar 20, 2022 · Mar 20, 2022 · Mar 20, 2022
diff --git a/.gitignore b/.gitignore
@@ -3,12 +3,15 @@ DB/__pycache__
 *.db
 .vscode/settings.json
 *.xml
-files/Code Injection (1).pptx
-files/data/logs.csv
+files/*
+RedeyeVirtualEnv/*
 *.csv
 *.docx
-*.json
-*.txt
 *.jpg
 *.whl
-*.gz
+*.gz
+*.zip
+zip/*
+vpackages
+resetDB.sh
+pushHub.sh
diff --git a/Dockerfile b/Dockerfile
@@ -1,20 +1,27 @@
-# start by pulling the python image
+# Start by pulling the python image
 FROM python:latest
 
-# copy the requirements file into the image
+# Copy the requirements file into the image
 RUN mkdir -p /redeye
 
-# switch working directory
+# Switch working directory
 WORKDIR /redeye
 COPY . /redeye
 
-# install the dependencies and packages in the requirements file
+# Install the dependencies and packages in the requirements file
 RUN pip install -r requirements.txt
 
+# Install sqlite3
+RUN apt-get update && apt-get install -y sqlite3
+
 # Expose the port
-EXPOSE 5000
+EXPOSE 8443
+
+# Init the DB
+RUN python RedDB/db.py
 
-# configure the container to run in an executed manner
+# Configure the container to run in an executed manner
 ENTRYPOINT [ "python" ]
 
-CMD ["redeye.py" ]
+# Run redeye
+CMD ["redeye.py", "--safe", "--docker", "--port", "8443"]
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2022, Daniel Arad and Elad Pticha
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of the copyright holder nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/Parse/Parse.py b/Parse/Parse.py
@@ -2,6 +2,8 @@
 from RedDB import db
 import xml.etree.ElementTree as ET
 from collections import defaultdict
+from werkzeug.utils import secure_filename
+import graph
 
 """
 Gets path to nmap.xml and returns data
@@ -111,16 +113,38 @@ def get_all_data(path):
 #    pass
 
 
-def parse_users_passwords(exec,file_name,path):
+def parse_users_passwords(dbName,exec,file_name,path, isDockerEnv):
     with open(path,'r') as users_passwords:
         data = users_passwords.readlines()
+
+    importedTypeName = "Imported from " + secure_filename(file_name)
+
+    # Add new user Type
+    typeNameExsist = 0
+    for typeName in db.get_all_users_types(dbName):
+        if typeName[0] == importedTypeName:
+            typeNameExsist = 1
+            break
+
+    # Add new type only if its not already exsists
+    if not typeNameExsist:
+        userTypeId = db.insert_new_user_type(dbName, importedTypeName)
+
+    else:
+        userTypeId = db.get_user_type(dbName, importedTypeName)[0][0]
+
     for line in data:
         try:
             user,password = line.split(":")
+            password.rstrip("\n")
         except:
             continue
-
-        db.insert_new_other_user(5,file_name,user,password,"-",exec)
+
+        user_id = db.insert_new_other_user(dbName,userTypeId,file_name,user,password,"-",exec)
+
+        if isDockerEnv:
+            graph.addUserNode(user_id,user,password,"None")
+
 
 def check_nmap_file(file_path):
     """
@@ -132,16 +156,3 @@ def check_nmap_file(file_path):
         return True
     else:
         return False
-
-
-def init():
-    #get_ip_hostname_vendor(r"C:\Users\Elad\total.xml")
-    #d = get_nmap_data(r"C:\Users\Elad\total.xml")
-    lst_ports = []
-    d = get_nmap_data(r"C:\Users\Elad\total.xml")
-    for ip,data in d.items():
-        print(ip,data[0]["vendor"],data[0]["hostname"],data[1]["ports"])
-
-
-if __name__ == "__main__":
-    init()
diff --git a/Pics/AttackVector.png b/Pics/AttackVector.png
diff --git a/Pics/EditServer.png b/Pics/EditServer.png
diff --git a/Pics/Exploits.png b/Pics/Exploits.png
diff --git a/Pics/Files.png b/Pics/Files.png
diff --git a/Pics/Graph.png b/Pics/Graph.png
diff --git a/Pics/PreReport.png b/Pics/PreReport.png
diff --git a/Pics/Servers.png b/Pics/Servers.png
diff --git a/Pics/Tasks.png b/Pics/Tasks.png
diff --git a/Pics/Users.png b/Pics/Users.png
diff --git a/README.md b/README.md
@@ -1,22 +1,117 @@
 # Redeye
 
-This project was built by pentesters for pentester.
-Redeye is a management tool for creating a workflow while doing a pentest operation. Redeye was made for running while in a differentiated environment and non differentiated likewise. Can be used for a specific operation or as a continuous database for data collected in previous operations.
-## Installation:
+This project was built by pentesters for pentesters.
+Redeye is a tool intended to help you manage your data during a pentest operation in the most efficient and organized way.
 
-The installation process is short and easy.
+## Table of Contents
+- [The Developers](#The-Developers)
+- [Overview](#Overview)
+- [Source Installation](#Source)
+- [Docker Installation](#Docker)
+- [Special Thanks](#Special-Thanks)
+- [Credits](#Credits)
 
-### prerequisites
- - Python3
- - Pip3
- - Cloned redeye project - `$ git clone git@github.com:sisitrs2/Redeye.git --depth=1`
 
-### Source Installation
-`$ cd Redeye`<br>
-`$ chmod +x setup.sh && ./setup.sh`<br>
-`$ python3 redeye.py`<br>
+## The Developers
+Daniel Arad - @dandan_arad && Elad Pticha - @elad_pt
 
-### Docker Installation
+## Overview
 
-`chmod +x buildDocker.sh`<br>
-`./buildDocker.sh`<br>
+The Server panel will display all added server and basic information about the server such as: owned user, open port and if has been pwned.
+
+![servers](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/Servers.png)
+
+After entering the server, An edit panel will appear. We can add new users found on the server, Found vulnerabilities and add relevant attain and files.
+
+![edit-server](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/EditServer.png)
+
+
+Users panel contains all found users from all servers, The users are categorized by permission level and type. Those details can be chaned by hovering on the username.
+
+![Users](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/Users.png)
+
+Files panel will display all the files from the current pentest. A team member can upload and download those files.
+
+![Files](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/Files.png)
+
+Attack vector panel will display all found attack vectors with Severity/Plausibility/Risk graphs.
+
+![AttackVector](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/AttackVector.png)
+
+PreReport panel will contain all the screenshots from the current pentest.  
+
+![Pre-Report](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/PreReport.png)
+
+Graph panel will contain all of the Users and Servers and the relationship between them.
+
+![Graph](https://raw.githubusercontent.com/redeye-framework/Redeye/dev/Pics/Graph.png)
+
+
+## Installation
+
+### Source
+```
+cd Redeye
+sudo apt install python3.8-venv
+python3 -m venv RedeyeVirtualEnv
+source RedeyeVirtualEnv/bin/activate
+pip3 install -r requirements.txt
+python3 RedDB/db.py
+python3 redeye.py --safe
+```
+
+### Docker
+
+Pull from Dockerhub.
+```
+cd Redeye
+docker-compose up -d
+```
+
+Start/Stop the container
+```
+sudo docker-compose start/stop
+```
+
+Save/Load Redeye
+```
+docker save redeyeframework/redeye:latest neo4j:latest > Redeye.tar
+docker load < Redeye.tar
+```
+
+### General
+Redeye will listen on: http://0.0.0.0:8443</br>
+Default Credentials:
+- username: redeye
+- password: redeye
+
+Neo4j will listen on: http://0.0.0.0:7474</br>
+Default Credentials:
+- username: neo4j
+- password: redeye
+
+## Special-Thanks
+- Yoav Danino for mental support and beta testing.
+
+## Credits
+* Sidebar
+    * https://github.com/azouaoui-med/pro-sidebar-template 
+    * https://bootsnipp.com/snippets/Q0dAX
+
+* flowchart
+    * https://www.jqueryscript.net/chart-graph/Drag-drop-Flow-Chart-Plugin-With-jQuery-jQuery-UI-flowchart-js.html
+
+* download.js
+    * http://danml.com/download.html
+
+* dropzone
+    * http://www.dropzonejs.com
+
+* Pictures and Icons
+    * https://www.iconfinder.com
+        * licensed by - https://creativecommons.org/licenses/by/4.0
+    * http://www.freepik.com
+
+
+
+If you own any Code/File in Redeye that is not under MIT License please contact us at: redeye.framework@gmail.com
diff --git a/RedDB/colors.init b/RedDB/colors.init
@@ -0,0 +1,3 @@
+Not Checked:#48baff
+Not Owned:#ff0000
+Owned:#04a11e