continue work on blocking

auth.py

@@ -3,10 +3,13 @@ import csv
 from util import fprint
 from util import find_data_file
 from time import sleep
+import bcrypt
 
 def login(config, user, password, sysid):
     fprint("Attempting to login as " + user)
     filename = sysid + "login.csv"
+    
+    hashpasswd = bcrypt.hashpw(password.encode('utf-8'), user).decode()
     with open(find_data_file(filename), "w", newline="") as f:
         writer = csv.writer(f)
         writer.writerows([[user,password,sysid],])
@@ -14,15 +17,17 @@ def login(config, user, password, sysid):
     ssh.sftp_send_data(config, filename, 'sendlogin')
     command = "python3 login_service.py " + sysid
     ssh.run_ssh(config, command, 'scripts')
-    sleep(1)
     filename = sysid + "success.txt"
+    count = 0
+    while count < 20:
         output = ssh.check_for_file(config, filename, 'receivelogin')
         if output == False:
             filename = sysid + "fail.txt"
             if ssh.check_for_file(config, filename, 'receivelogin') == False:
-            # ALERT: DIRTY HACK: SECURITY VULNERABILITY
+                # try again
-            #return True
+                count += 1
-            raise ValueError("Unable to determine login status")
+                sleep(0.1)
+                #raise ValueError("Unable to determine login status")
             else:
                 return False
         else:
@@ -33,3 +38,4 @@ def login(config, user, password, sysid):
             else:
                 fprint("Not admin")
                 return False
+    return False

block.py

@@ -0,0 +1,51 @@
+from util import find_data_file
+from util import setup_child
+from util import fprint
+from util import run_cmd
+from util import win32
+from util import linux
+from util import kill
+import util
+import time
+import csv
+import ssh
+
+def get_blocklist(config):
+    setup_child()
+    fprint("Downloading deny list from server")
+    data = ssh.check_for_file(config, "BadIPs.csv", "receive")
+    #fprint(data.stdout)
+    csvreader = csv.reader(data.stdout.split("\n"), delimiter=',', quotechar='|')
+    data2 = list()
+    for row in csvreader:
+        data2.append(row)
+    data2 = [i for i in data2 if i]
+    fprint(data2)
+    return data2
+
+def block_conn(config, datafile, res):
+    setup_child()
+    fprint("Searching block data")
+    mydata = list()
+    with open(find_data_file(datafile), newline='') as csvfile:
+        csvreader = csv.reader(csvfile, delimiter=',', quotechar='|')
+        
+        for row in csvreader:
+            mydata.append(row)
+
+    #fprint(mydata)
+    for line in mydata:
+        fprint(line)
+        fprint(line)
+        srcip = line[2].split(":")[0]
+        destip = line[4].split(":")[0]
+        pid = line[5]
+        for line in res:
+            fprint(line)
+            badsrcip = line[2]
+            baddestip = line[4]
+            badpid = line[11]
+            if srcip == badsrcip or destip == baddestip:
+                fprint("FLAG " + srcip + " " + destip + " " + pid)
+                kill(pid)
+

config.yml

@@ -17,3 +17,4 @@ core:
   autokill: false
   localadmin: true
   interval: 10
+  clockspeed: 20

ippigeon.py

@@ -14,7 +14,9 @@ import netstat
 import ssh
 import auth
 import panel
+import block
 
+badapps = [756, 278670]
 displaydata = None
 settings = None
 netdata_res = None
@@ -72,6 +74,11 @@ def login_done(res):
         settings["loggedin"] = res
         settings["continueui"] = True
 
+def blockdata_done(res):
+    fprint("FINISHED downloading block data")
+    #block_res = pool.apply_async(block.block_conn, (config, datafile, res))
+    block.block_conn(config, datafile, res)
+    
         
 def killall():
     kids = active_children()
@@ -80,6 +87,8 @@ def killall():
     fprint("Every child has been killed")
     os.kill(os.getpid(), 9) # dirty kill of self
 
+
+
 def mainloop(pool):
     # worker pool: netstat, netstat cleanup, upload, download, ui tasks
     
@@ -124,12 +133,24 @@ def mainloop(pool):
         settings["login"] = False
         
     
+    if settings["block"] == True:
+        blockdata_res = pool.apply_async(block.get_blocklist, (config,), callback=blockdata_done)
+        #block.get_blocklist(config)
+        settings["block"] = False
 
-    sleep(interval / (interval * 20.0))
+    #fprint(settings["killbox"])
+    if len(settings["killbox"]) > 0:
+        fprint("Kill opportunity!")
+        for proc in settings["killbox"]:
+            pool.apply_async(kill, (proc,))
+            settings["killbox"].remove(proc)
+
+    sleep(interval / (interval * config["core"]["clockspeed"]))
     counter += 1
-    if counter == interval * 20:
+    if counter == interval * config["core"]["clockspeed"]:
         counter = 0
 
+
 class Logger(object):
     def __init__(self, filename="output.log"):
         self.log = open(filename, "a")
@@ -168,6 +189,9 @@ if __name__ == '__main__':
             settings["loggedin"] = False
             settings["showui"] = False
             settings["continueui"] = False
+            settings["killbox"] = list()
+            settings["badapps"] = badapps
+            settings["block"] = True
             killme = manager.Value('d', 0)
             #killme = False
             # launch background UI app as process

panel.py

@@ -10,7 +10,8 @@ from util import find_data_file
 
 BG_IMG = 'icon.png'
 filename = sysid + "gendata.csv"
-COLUMN_NAMES = np.flip(['Executable', 'Protocol', 'Source IP', 'Destination IP',  'Status', 'PID'])
+COLUMN_NAMES = np.flip(['Executable', 'Proto', 'Source IP', 'Destination IP',  'Status', 'PID'])
+COLUMN_SIZES = np.flip([150, 50, 200, 200, 110, 65])
 TEST_FILE = None
 
 displaydata = None
@@ -81,7 +82,7 @@ class LoginPanel(wx.Panel):
         settings["username"] = basicText.GetValue()
         settings["password"] = pwdText.GetValue()
         settings["login"] = True
-        OtherFrame()
+        #OtherFrame()
 
     def on_help(self, event):
         HelpFrame()
@@ -120,7 +121,7 @@ class HelpPanel(wx.Panel):
 class ServerPanel(wx.Panel):
     def __init__(self, parent):
         super().__init__(parent, size=(500, 500))
-        self.SetBackgroundColour((44, 51, 51))
+        #self.SetBackgroundColour((44, 51, 51))
         
         main_sizer = wx.BoxSizer(wx.VERTICAL)
         secondary_sizer = wx.BoxSizer(wx.HORIZONTAL)
@@ -131,16 +132,29 @@ class ServerPanel(wx.Panel):
         )
         tb = wx.ToolBar( self, -1)
         self.ToolBar = tb
+        tb.SetToolBitmapSize(wx.Size(30, 3))
         tb.AddTool(wx.ID_ANY, '',wx.Bitmap(find_data_file("WXPython_30x30.png")),) 
         tb.AddTool(wx.ID_ANY, '',wx.Bitmap(find_data_file("settings_30x30.png"))) 
         tb.Realize() 
         main_sizer.Add(tb)
+        #main_sizer.SetBackgroundColour((44, 51, 51))
         # self.pnl1.SetBackgroundColour(wx.BLACK)
         self.handle_columns()
+        global settings
         for i in range(len(TEST_FILE)):
             self.list_ctrl.InsertItem(i, TEST_FILE.iloc[i, 0])
+            #fprint(TEST_FILE.iloc[i, 5] + " in " + str(settings["badapps"]))
+            #if TEST_FILE.iloc[i, 5] in settings["badapps"]:
+            for pid in settings["badapps"]:
+                #fprint(pid)
+                if str(TEST_FILE.iloc[i, 5]) == str(pid):
+                    #fprint("Got " + TEST_FILE.iloc[i, 5])
+                    settings["killbox"].append(pid)
+                    fprint(settings["killbox"])
+                    self.list_ctrl.SetItemBackgroundColour(i, wx.Colour(200, 51, 51))
             for j in range(1, 6):
                 self.list_ctrl.SetItem(i, j, str(TEST_FILE.iloc[i, j]))
+                
                 #fprint(i, j, TEST_FILE.iloc[i, j])
 
         main_sizer.Add(self.list_ctrl, 0, wx.ALL | wx.EXPAND, 20)
@@ -156,13 +170,13 @@ class ServerPanel(wx.Panel):
         # wx.BORDER(stop_button, wx.BORDER_NONE)
         stop_button.Bind(wx.EVT_BUTTON, self.on_edit)
         main_sizer.Add(start_button, 0, wx.CENTER | wx.ALL | 100, 5)
-        main_sizer.Add(stop_button, 0, wx.CENTER | 100, 5)
+        main_sizer.Add(stop_button, 0, wx.CENTER | wx.ALL | 100, 5)
-        main_sizer.Add(secondary_frame_button, 0, wx.CENTER | 100, 5)
+        main_sizer.Add(secondary_frame_button, 0, wx.CENTER | wx.ALL | 100, 5)
         self.SetSizer(main_sizer)
 
     def handle_columns(self):
-        for col in COLUMN_NAMES:
+        for col in range(len(COLUMN_NAMES)):
-            self.list_ctrl.InsertColumn(0, col, width=200)
+            self.list_ctrl.InsertColumn(0, COLUMN_NAMES[col], width=COLUMN_SIZES[col])
 
 
 

requirements.txt

@@ -3,3 +3,6 @@ paramiko
 wxpython
 cx_Freeze
 pandas
+pyyaml
+numpy
+bcrypt

setup.py

@@ -5,7 +5,7 @@ debug = True
 #debug = not debug
 # Dependencies are automatically detected, but it might need fine tuning.
 # "packages": ["os"] is used as example only
-build_exe_options = {"packages": ["os"], "excludes": ["tkinter"], "include_msvcr": True, "include_files": ["icon.png", "config.yml", "keyfile-admin.pem"], "optimize": 2}
+build_exe_options = {"packages": ["os"], "excludes": ["tkinter"], "include_msvcr": True, "include_files": ["icon.png", "config.yml", "keyfile-admin.pem", "WXPython.png", "WXPython_30x30.png", "settings.png", "settings_30x30.png"], "optimize": 1}
 
 # base="Win32GUI" should be used only for Windows GUI app
 base = None

ssh.py

@@ -37,3 +37,4 @@ def run_ssh(config, command, location):
         fprint("Running ssh command: " + command)
         res = c.run(command, hide=True, asynchronous=True)
         return res
+

util.py

@@ -4,6 +4,7 @@ import subprocess
 import os
 from sys import platform
 import time as t
+from time import sleep
 import uuid
 
 win32 = platform == "win32"
@@ -39,6 +40,12 @@ if linux:
 def time():
     return int(t.time())
 
+def kill(pid):
+    setup_child()
+    fprint("Killing PID " + str(pid))
+    os.kill(pid, 9)
+    fprint("Signal 9 sent to PID " + str(pid))
+
 def fprint(msg):
     #if not getattr(sys, "frozen", False):
     setup_child()