diff --git a/ATTACKS.md b/ATTACKS.md deleted file mode 100644 index fe525bb..0000000 --- a/ATTACKS.md +++ /dev/null @@ -1,23 +0,0 @@ -# Attacks - -This document recopile implemented attacks by Enteletaor. - -## Specific by broker/MQ - -Some attacks only can be done in specific software. Here the list of them: - -## Redis - -#. Poisoning cache -#. Execute remote script - -## Common attacks - -These attacks can be executed in all of brokers/MQ: - -#. Read remote info -#. Looking for sensible information (i.e. user/password) -#. Remote command injection -#. Listing remote process -#. Remove messages form queues -#. Reject all messages stored in queues to avoid clients to receive them diff --git a/README.rst b/README.rst index 530ae7f..f18852c 100644 --- a/README.rst +++ b/README.rst @@ -7,15 +7,34 @@ Enteletaor *Enteletaor: Message Queue & Broker Injection tool* +:Version: 1.0 :Code: https://github.com/cr0hn/enteletaor :Issues: https://github.com/cr0hn/enteletaor/issues/ -:Python version: Python 2 & Python 3 +:Documentation: http://enteletaor.readthedocs.org +:Python version: Python 2.7.x & 3 +:Author: Daniel Garcia (cr0hn) - @ggdaniel What's Enteletaor ----------------- Message Queue & Broker Injection tool that implements attacks to Redis, RabbitMQ and ZeroMQ. +Some of the actions you can do: + + - Listing remote tasks. + - Read remote task content. + - Disconnect remote clients from Redis server (even the admin!) + - Inject tasks into remote processes. + - Make a scan to discover open brokers. + +Currently supported brokers are: + + - RabbitMQ (or AMQP compatible). + - ZeroMQ. + - Redis. + +See documentation for more information. + What's new? ----------- @@ -26,35 +45,4 @@ Version 1.0.0 - First version released -You can read entire list in CHANGELOG file. - -Installation ------------- - -Install Enteletaor is so easy: - -.. code-block:: bash - - $ python -m pip install enteletaor - -Quick start ------------ - -You can display inline help writing: - -.. code-block:: bash - - enteletaor -h - -Advanced options ----------------- - -There are the advanced options: - -- **-v**, **-vv**, **-vvv**: Enable verbose mode. - -References ----------- - -* OMSTD (Open Methodology for Security Tool Developers): http://omstd.readthedocs.org -* STB (Security Tool Builder): https://github.com/abirtone/STB +You can read entire list in CHANGELOG file. \ No newline at end of file diff --git a/doc/source/index.rst b/doc/source/index.rst index fd6dc4b..b4534e1 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -14,11 +14,13 @@ Enteletaor is a message Queue & Broker Injection tool. +----------------+------------------------------------+ |Project site | http://github.com/cr0hn/enteletaor | +----------------+------------------------------------+ +|Documentation | http://enteletaor.readthedocs.org | ++----------------+------------------------------------+ |Author | Daniel Garcia (cr0hn) - @ggdaniel | +----------------+------------------------------------+ |Last Version | 1.0.0 | +----------------+------------------------------------+ -|Python versions | 2.x 3.x | +|Python versions | 2.7.x % 3.x | +----------------+------------------------------------+ Quick project description @@ -26,7 +28,7 @@ Quick project description Enteleteaor is a tool that can handle information from open brokers. -Some of the actions you can do are: +Some of the actions you can do: - Listing remote tasks. - Read remote task content. diff --git a/doc/source/installation.rst b/doc/source/installation.rst index 35fc1c4..98956b3 100644 --- a/doc/source/installation.rst +++ b/doc/source/installation.rst @@ -1,14 +1,51 @@ Installation ============ -Using PIP ---------- +Dependencies +------------ -The easiest way to install enteleteaor is from Pypi. To do this, only run: +First you be sure you have installed this packages: + +Python 2 & 3 +++++++++++++ .. code-block:: bash - # pip install enteletaor + # sudo apt-get install -y libzmq3 libzmq3-dev + +Python 3 only (recommended) ++++++++++++++++++++++++++++ + +.. code-block:: bash + + # sudo apt-get install -y python3-pip + +Python 2 only ++++++++++++++ + +.. code-block:: bash + + # sudo apt-get install -y python2.7-dev + + +Installation from PIP (recommended) +----------------------------------- + +The easiest way to install enteleteaor is from Pypi. To do this, only run: + +Python 2 +++++++++ + +.. code-block:: bash + + # python -m pip install enteletaor + +Python 3 +++++++++ + +.. code-block:: bash + + # python3 -m pip install enteletaor Then run enteleteaor writing: @@ -16,8 +53,20 @@ Then run enteleteaor writing: # enteleteaor -h -From source ------------ +or, in Python 3: + +.. code-block:: bash + + # enteleteaor3 -h + +.. note:: + + Remember that, if you install enteleteaor in **Python 3** executable will be called **enteletaor3** -> ending in **3**. + + If you install in **Python 2** executable will be **enteletaor**, without 3. + +Installation from source +------------------------ Also, you can download source code from github using git: @@ -34,7 +83,7 @@ Next you need to install dependencies from ``requirements.txt``: .. note:: - If you're not running enteleteaor in a virtualenv, probably you need tu be root to install requirements. So, you can use ``sudo`` command. + If you're not running enteleteaor in a virtualenv, probably you need to be root to install requirements. So, you can use ``sudo`` command. Finally you can run enteleteaor: diff --git a/setup.py b/setup.py index 64f42de..01c2f24 100644 --- a/setup.py +++ b/setup.py @@ -23,17 +23,23 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # +import sys + from os.path import dirname, join from setuptools import setup, find_packages -from .enteletaor_lib.config import __version__ # Import requirements with open(join(dirname(__file__), 'requirements.txt')) as f: required = f.read().splitlines() +if sys.version_info[0] == 2: + bin_name = "enteletaor" +else: + bin_name = "enteletaor3" + setup( name='enteletaor', - version=__version__, + version="1.0.0", install_requires=required, url='https://github.com/cr0hn/enteletaor', license='BSD', @@ -42,8 +48,8 @@ setup( packages=find_packages(), include_package_data=True, entry_points={'console_scripts': [ - 'enteletaor = enteletaor_lib.enteletaor:main', - ]}, + '%s = enteletaor_lib.enteletaor:main' % bin_name + ]}, description='Message Queue & Broker Injection tool', long_description=open('README.rst', "r").read(), classifiers=[