added logic to launch bloodhound with the

distrobox.
2025-03-13 15:02:01 -05:00
parent b137e0c34d
commit 2796d31f14
3 changed files with 66 additions and 11 deletions
--- a/README.md
+++ b/README.md
@@ -53,11 +53,11 @@ Current engagements: client1 internal pentest, client 2 internal pentest

 This tool automatically creates the file structure, and if you use the start_pentest option populates the markdown note files with the templates I use.  

-For example if I get a new internal pentest engagement for client 3 but it hasn't started yet I'll start by creating the folder and note structure using option 4 in the menu system. This would create the folder structure and notes templates in the /home/pyro/pentests/upcomming/client3/internal_pentest and /home/pyro/notes/upcomming/client3/internal_pentest folders respectively. It does not create the distrobox or add it to the tracked project list yet.
+For example if I get a new internal pentest engagement for client 3 but it hasn't started yet I'll start by creating the folder and note structure using option 4 in the menu system. This would create the folder structure and notes templates in the /home/pyro/pentests/upcomming/client3/internal_pentest and /home/pyro/notes/upcomming/client3/internal_pentest folders respectively. It does not create the distrobox, but it does add it to the list of tracked projects, with a status of upcomming.

-Once the engagement starts I'd run option 6 "import new project - and set up new distrobox" from the menu system. It will ask if you have an existing folder structure to copy over, since I created that structure before with option 4 I would answer y, yes, or anything with the letter y in it. Then it prompts you to past the path to the folders to copy over. Here I browse to /home/pyro/pentests/upcomming in dolphin. I right click on the client3 folder and select "copy path" and then paste that into the terminal. I repeat this process for the notes folder.
+Once the engagement starts I'd run option 9 to promote a project from upcomming status to current status. This will automatically copy the needed files over, and will clean up the empty directory in the upcomming files directory, but the empty folder in the upcomming notes folder is still not cleaning correctly, I'm working on that.

-It then attempts to guess the client name and project name based on the folder structure, and asks you to confirm. If its correct the project object will be created, the folders will be copied, and a new distrobox will be set up. If it is not correct it will prompt you to correct it, then copy the files, create a new project object, and setup a new distrobox.  At the moment it is not very fault tollerant and will fail if there is an existing folder with the same name. I plan to fix that later, but haven't gotten around to it yet. Once the distro box is set up (this takes a while) it will return you to the main menu.
+It then will create a new distrobox and ask you if you need to set up cobalt strike for the project. if so it'll ask you for the path to your cobalt strike, it'll copy that into the project files folder so that you can run it if needed.

 During the test I use the menu system to spawn new terminals in the distrobox created for the engagement, use the various file generation options to get data in easily usable format for attack operations, etc.

--- a/pentest_tool/src/box_controls.rs
+++ b/pentest_tool/src/box_controls.rs
@@ -1,15 +1,15 @@
 use core::error;
 use std::os::unix::thread::JoinHandleExt;
-use std::process::Command;
+use std::process::{Command, Stdio};
 use std::{path::PathBuf, process};
 use std::env;
 use std::fs;
-use std::io::stdin;
+use std::io::{stdin, BufRead, BufReader};
 use std::io::Write;
 use std::thread::{self, JoinHandle, Thread};
 use std::time::Duration;
 use std::str::FromStr;
-use crate::Project;
+use crate::{get_user_input, Project};

 pub fn stop_all_boxes(projects: &Vec<Project>){
    let mut problem_childs: Vec<Project> = Vec::new();
@@ -205,4 +205,53 @@ pub fn launch_cobalt_strike(project: Project) -> Option<JoinHandle<()>>{
        }
    });
    return Some(handle);
+}
+
+pub fn launch_bloodhound_gui(project: Project) -> Option<JoinHandle<()>>{
+    let mut bloodhound_command = String::new();
+    let version_response = get_user_input("do you want to use a specific bloodhound version?");
+    if version_response.to_lowercase().contains("y"){
+        bloodhound_command = get_user_input("path to the bloodhound binary you want to use?");
+    }
+    else{
+        bloodhound_command = "bloodhound".to_owned();
+    }
+    let mut neo4j_started = false;
+    let neo4jstart_res = Command::new("distrobox")
+                                                        .arg("enter")
+                                                        .arg("--root")
+                                                        .arg(&project.boxname)
+                                                        .arg("--")
+                                                        .arg("sudo")
+                                                        .arg("neo4j")
+                                                        .arg("start")
+                                                        .status();
+    if neo4jstart_res.is_err(){
+        let error = neo4jstart_res.err().unwrap();
+        println!("errror starting neo4j...");
+        println!("{}", error);
+    }
+    else{
+        neo4j_started = true;
+        thread::sleep(Duration::from_secs(3));
+    }
+    if neo4j_started == false{
+        println!("review previous errors, not spawning bloodhound thread...");
+        return None;
+    }
+    let handle = thread::spawn(move ||{
+        let bloodhound_res = Command::new("distrobox")
+                                                        .arg("enter")
+                                                        .arg("--root")
+                                                        .arg(&project.boxname)
+                                                        .arg("--")
+                                                        .arg(bloodhound_command)
+                                                        .output();
+        if bloodhound_res.is_err(){
+            let error = bloodhound_res.err().unwrap();
+            println!("error starting bloodhound!");
+            println!("{}", error);
+        }
+    });
+    return Some(handle);
 }
--- a/pentest_tool/src/menu.rs
+++ b/pentest_tool/src/menu.rs
@@ -1,9 +1,11 @@
+use core::time;
 use std::clone;
 use std::path;
 use std::path::Path;
 use std::path::PathBuf;
 use std::process::exit;
 use chrono::Datelike;
+use chrono::Duration;
 use clearscreen::clear;
 use clearscreen;
 use chrono::Local;
@@ -37,7 +39,7 @@ fn get_active_project(projects: &Vec<Project>) -> &Project{
 pub fn main_menu(mut projects: Vec<Project>, config_path: PathBuf, base_files: &PathBuf, base_notes: &PathBuf, tools_dir: &PathBuf, boxtemplate: String, terminal: String, cracking_rig: String, rockyou: String, rule: String, upcoming_files: &PathBuf, upcoming_notes: &PathBuf, password_spray_file: &PathBuf){
    let mut loopize = true;
    let mut new_id = next_project_id(&config_path);
-    let mut threads = Vec::new();
+    let mut threads = Vec::new(); 
    loop {
        let active_project = get_active_project(&projects);
        let mut response = String::new();
@@ -137,8 +139,9 @@ Year: {}
            21.) Stop All Distroboxes
            22.) Password Spray (will print password to spray, and wait the obervation window time)
            23.) crack password hashes on your cracking rig
-            24.) prune unused distroboxes (free up system storage)
-            25.) Quit Application
+            24.) Launch bloodhound with the current project's distrobox
+            25.) prune unused distroboxes (free up system storage)
+            26.) Quit Application
 \n",&base_files.display(), &upcoming_files.display(), active_project.customer, active_project.project_name, active_project.files_folder.display(), active_project.notes_folder.display(), active_project.boxname, terminal, season, year);
        std::io::stdin().read_line(&mut response).expect("error getting menu input");
        clear().expect("error clearing screen");
@@ -169,8 +172,9 @@ Year: {}
            "21" => box_controls::stop_all_boxes(&projects),
            "22" => info_controls::password_spray_help(&active_project, season, lseason, year, &tools_dir, &config_path),
            "23" => info_controls::crack_hashes(&cracking_rig, &active_project, &terminal, &rockyou, &rule),
-            "24" => {let prune_thread = box_controls::clean_unused_boxes(&projects, &boxtemplate); if prune_thread.is_some(){threads.push(prune_thread.unwrap());}},
-            "25" => {project_controls::save_projects(&projects, &config_path);
+            "24" => {let bloodhound_handle = box_controls::launch_bloodhound_gui(active_project.clone()).unwrap(); threads.push(bloodhound_handle);},
+            "25" => {let prune_thread = box_controls::clean_unused_boxes(&projects, &boxtemplate); if prune_thread.is_some(){threads.push(prune_thread.unwrap());}},
+            "26" => {project_controls::save_projects(&projects, &config_path);
                    let mut stop = String::new(); 
                    println!("stop all boxes?\ny/n");
                    std::io::stdin().read_line(&mut stop).unwrap();
@@ -187,6 +191,8 @@ Year: {}
        let mut enter = String::new();
        std::io::stdin().read_line(&mut enter).unwrap();
    }
+    println!("this will hang until all threads are finished.");
+    println!("make sure to close all programs opened with this menu, like cobalt strike or bloodhound.");
    for thread in threads{
        thread.join().unwrap();
    }