Skip to content

Commit

Permalink
Merge pull request #72 from morpheuslord/pcap
Browse files Browse the repository at this point in the history 
Optimized code and added PCAP analysis
  • Loading branch information
@morpheuslord
morpheuslord authored Oct 18, 2023
2 parents d7f932f + 8098a9e commit 3131375
Show file tree
Hide file tree
Showing 19 changed files with 1,742 additions and 730 deletions.
42 changes: 40 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,15 @@ This is a Proof Of Concept application that demostrates how AI can be used to ge

## Requirements

- Python 3.10
- Python 3.10 or above
- All the packages mentioned in the requirements.txt file
- OpenAI API
- Bard API (MakerSuite Palm)
- llama.cpp
- Runpod serverless endpoint
- HuggingFace token (with llama2 access )
- IPGeolocation API
- Wireshark and tshark (both added to path)

## Usage Package

Expand All @@ -29,6 +30,7 @@ from GVA.dns_recon import DNSRecon
from GVA.geo import geo_ip_recon
from GVA.jwt import JWTAnalyzer
from GVA.menus import Menus
from GVA.packet_analysis import PacketAnalysis
from GVA.ai_models import NMAP_AI_MODEL
from GVA.ai_models import DNS_AI_MODEL
from GVA.ai_models import JWT_AI_MODEL
Expand All @@ -45,12 +47,14 @@ port_scanner = NetworkScanner()
jwt_analizer = JWTAnalyzer()
sub_recon = sub_enum()
asset_codes = Assets()

packet_analysis = PacketAnalysis()

# KEEP IT BLANK IF YOU HAVE NO CLUE THE MENU WILL ASK TO FILL IT ONCE ACTIVE
lkey = "LLAMA API KEY"
lendpoint = "LLAMA ENDPOINT"
keyset = "AI API KEY"
output_loc = "OUTPUT LOCATION FOR PCAP"
threads = 200 # Default INT 200 but can be increased.
target_ip_hostname_or_token = "TARGET IP, HOSTNAME OR TOKEN"
profile_num = "PROFILE FOR NMAP SCAN"
ai_set = "AI OF CHOICE"
Expand All @@ -64,6 +68,8 @@ Menus(
lamma_key=lkey,
llama_api_endpoint=lendpoint,
initial_keyset=keyset,
threads=threads,
output_loc=output_loc,
target=target_ip_hostname,
profile_num=profile_num,
ai_set=ai_set,
Expand Down Expand Up @@ -127,6 +133,9 @@ python gpt_vuln.py --target <HOSTNAME> --attack sub --list <PATH to FILE>
# Specify target for geolocation lookup
python gpt_vuln.py --target <IP> --attack geo

# Specify PCAP file for packet analysis
python gpt_vuln.py --target <PCAP FILE> --attack pcap --output <OUTPUT FILE LOCATION> --thread NUM of threads <200:default>

# Specify the AI to be used for nmap
python gpt_vuln.py --target <IP> --attack nmap --profile <1-5> --ai llama /llama-api /bard / openai <default>

Expand Down Expand Up @@ -161,6 +170,7 @@ python gpt_vuln.py --menu True
│ 3 │ Subdomain Enum │
│ 4 │ GEO-IP Enum │
| 5 | JWT Analysis |
| 6 | PCAP Analysis |
│ q │ Quit │
└─────────┴────────────────┘
Enter your choice:
Expand Down Expand Up @@ -560,6 +570,34 @@ target is jainuniversity.ac.in
└─────────────────────────────┴─────────────────────────────────────────────────────────────────────────┘
```

#### PCAP OUTPUT

```
Collecting Json Data
Extracting IP details...
Extracting DNS details...
Extracting EAPOL details...
Extracting TCP STREAMS details...
TCP streams can take some time..
Total Streams combination: 252
Number of workers in progress: 250
Completed
GVA Report for PCAP
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Identifiers ┃ Data ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ PacketAnalysis.Services │ ['49943', '49958', '49934', '49944', '49931', '443', '49957'] │
│ PacketAnalysis.TCP Streams │ ['1', '4', '5', '2', '0', '3'] │
│ PacketAnalysis.Sources Address │ ['█████████████', '1.1.1.1', '█████████████', '█████████████', '█████████████', '█████████████'] │
│ PacketAnalysis.Destination Address │ ['█████████████', '1.1.1.1', '█████████████', '█████████████', '█████████████', '█████████████'] │
│ PacketAnalysis.DNS Resolved │ [] │
│ PacketAnalysis.DNS Query │ ['oneclient.sfx.ms'] │
│ PacketAnalysis.DNS Response │ ['oneclient.sfx.ms.edgekey.net', 'e9659.dspg.akamaiedge.net', 'oneclient.sfx.ms'] │
│ PacketAnalysis.EAPOL Data │ [] │
│ PacketAnalysis. Total Streams Data │ 126 │
└────────────────────────────────────┴────────────────────────────────────────────────────────────────────────────────────────────────────┘
```

# Usage GUI

The GUI uses customtkinter for the running of the code. The interface is straightforward the only thing required to remember is:
Expand Down
Binary file modified commands/__pycache__/assets.cpython-311.pyc
View file
Binary file not shown.
Binary file modified commands/__pycache__/dns_recon.cpython-311.pyc
View file
Binary file not shown.
Binary file modified commands/__pycache__/menus.cpython-311.pyc
View file
Binary file not shown.
Binary file modified commands/__pycache__/models.cpython-311.pyc
View file
Binary file not shown.
Binary file added commands/__pycache__/packet_analysis.cpython-311.pyc
View file
Binary file not shown.
38 changes: 30 additions & 8 deletions commands/assets.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ def start_api_app():
osp = platform.system()
match osp:
case 'Darwin':
subprocess.Popen(["python3", "llama_api.py"], creationflags=CREATE_NEW_CONSOLE)
subprocess.Popen(["python3", "llama_api.py"])
case 'Linux':
subprocess.Popen(["python3", "llama_api.py"])
case 'Windows':
Expand All @@ -59,15 +59,19 @@ def help_menu() -> None:
table.add_column("Discription", style="green")
table.add_column("Other internal options", style="green")
table.add_row("Attack", "--attack", "TXT/STRING",
"The Attack the user whats to run", "sub / dns / nmap / geo")
table.add_row("Target", "--target", "IP/HOSTNAME",
"The Attack the user whats to run", "sub / dns / nmap / geo/ jwt/ pcap")
table.add_row("Target", "--target", "IP/HOSTNAME/TOKEN/PCAP-FILE",
"The target of the user", "None")
table.add_row("Domain List", "--list", "Path to text file",
"subdomain dictionary list", "Path")
table.add_row("Thread", "--thread", "INT",
"Number of threads for PCAP analysis", "200 (Default)")
table.add_row("Output", "--output", "Path to text file",
"Outputs the PCAP analysis", "Path")
table.add_row("Profile", "--profile", "INT (1-13)",
"The type of Nmap Scan the user intends", "None")
table.add_row("AI", "--ai", "STRING",
"Choose your AI of choice", "bard / openai (default)")
"Choose your AI of choice", "/ LLAMA (RUNPOD OR LOCAL) /bard / openai (default)")
table.add_row("menu", "--menu", "BOOL",
"Interactive UI menu", "True / False (Default)")
table.add_row("Rich Help", "--r", "STRING",
Expand All @@ -86,7 +90,8 @@ def print_output(self, attack_type: str, jdata: str, ai: str) -> Any:
table.add_column("Results", style="green")

for key, value in data.items():
table.add_row(key, value)
val = str(value)
table.add_row(key, str(val))
print(table)
case 'bard':
data = json.loads(jdata)
Expand All @@ -95,7 +100,8 @@ def print_output(self, attack_type: str, jdata: str, ai: str) -> Any:
table.add_column("Results", style="green")

for key, value in data.items():
table.add_row(key, value)
val = str(value)
table.add_row(key, str(val))
print(table)
case 'llama':
ai_out = Markdown(jdata)
Expand Down Expand Up @@ -178,7 +184,8 @@ def print_output(self, attack_type: str, jdata: str, ai: str) -> Any:
table.add_column("Results", style="green")

for key, value in data.items():
table.add_row(key, value)
val = str(value)
table.add_row(key, str(val))
print(table)
case 'bard':
data = json.loads(jdata)
Expand All @@ -187,7 +194,8 @@ def print_output(self, attack_type: str, jdata: str, ai: str) -> Any:
table.add_column("Results", style="green")

for key, value in data.items():
table.add_row(key, value)
val = str(value)
table.add_row(key, str(val))
print(table)
case 'llama':
ai_out = Markdown(jdata)
Expand Down Expand Up @@ -229,3 +237,17 @@ def print_output(self, attack_type: str, jdata: str, ai: str) -> Any:

console = Console()
console.print(table)
case "PCAP":
data = json.loads(jdata)
table = Table(title="GVA Report for PCAP", show_header=True, header_style="bold magenta")
table.add_column("Identifiers", style="cyan")
table.add_column("Data", style="green")

flattened_data: dict = self.flatten_json(data, separator='.')

for key, value in flattened_data.items():
value_str = str(value)
table.add_row(key, str(value_str))

console = Console()
console.print(table)
58 changes: 27 additions & 31 deletions commands/dns_recon.py
View file
Original file line number Diff line number Diff line change
@@ -1,49 +1,45 @@
from typing import Any, Optional
from rich import print
import requests
import dns.resolver as dns_resolver_module
from rich.progress import track


class DNSRecon:
analyze = ''

def dns_resolver(self, AIModels, target: str, akey: Optional[str], bkey: Optional[str], lkey, lendpoint, AI: str) -> Any:
if target is not None:
pass
else:
raise ValueError("InvalidTarget: Target Not Provided")
analyze = ''
# The DNS Records to be enumerated
record_types = ['A', 'AAAA', 'NS', 'CNAME', 'MX', 'PTR', 'SOA', 'TXT']
for record_type in track(record_types):
try:
answer = dns_resolver_module.resolve(target, record_type)
for server in answer:
st = server.to_text()
analyze += f"\n{record_type} : {st}"
except dns_resolver_module.NoAnswer:
print('No record Found')
pass
except dns_resolver_module.NXDOMAIN:
print('NXDOMAIN record NOT Found')
pass
except dns_resolver_module.LifetimeTimeout:
print("Timed out, check your internet")
pass
except requests.exceptions.InvalidHeader:
pass
except KeyboardInterrupt:
print("Bye")
quit()
try:
print("✅ Domain Name Scanned")
Domain_scans = requests.get(f'https://api.hackertarget.com/dnslookup/?q={target}')
print("✅ Reverse DNS Scanned")
reverse_dns = requests.get(f'https://api.hackertarget.com/reversedns/?q={target}')
print("✅ Zone Transfer Scanned")
zone_transfer = requests.get(f'https://api.hackertarget.com/zonetransfer/?q={target}')
self.analyze = f"""
Domain Names:
{Domain_scans.text}
Reverse Dns:
{reverse_dns.text}
response = ""
Zone Transfer:
{zone_transfer.text}
"""
except requests.Timeout:
print("❌ Request timeout error")
pass
match AI:
case 'openai':
try:
if akey is not None:
# Clean up Bearer token from newline characters
akey = akey.replace('\n', '')
else:
raise ValueError("KeyNotFound: Key Not Provided")
response = AIModels.gpt_ai(akey, analyze)
print(self.analyze)
response = AIModels.gpt_ai(key=akey, analyze=self.analyze)
except KeyboardInterrupt:
print("Bye")
quit()
Expand All @@ -53,19 +49,19 @@ def dns_resolver(self, AIModels, target: str, akey: Optional[str], bkey: Optiona
bkey = bkey.replace('\n', '')
else:
raise ValueError("KeyNotFound: Key Not Provided")
response = AIModels.BardAI(bkey, analyze)
response = AIModels.BardAI(bkey, self.analyze)
except KeyboardInterrupt:
print("Bye")
quit()
case 'llama':
try:
response = AIModels.llama_AI(analyze, "local", lkey, lendpoint)
response = AIModels.llama_AI(self.analyze, "local", lkey, lendpoint)
except KeyboardInterrupt:
print("Bye")
quit()
case 'llama-api':
try:
response = AIModels.llama_AI(analyze, "runpod", lkey, lendpoint)
response = AIModels.llama_AI(self.analyze, "runpod", lkey, lendpoint)
except KeyboardInterrupt:
print("Bye")
quit()
Expand Down
Loading

0 comments on commit 3131375

Please sign in to comment.