Pull request

README.md

@@ -13,41 +13,49 @@
 
 
 ## Introduction:  
-ocLE4P is a customizable Local Enumeration and Privilege Escalation tool based on Python. Everyone can write their own plugins by following the template files and including the plugins into the ocLE4P.py file. The enumeration plugins in mdcvxiv.py also support non-interactive shells. The non-interactive options give the user file with the output of the chosen enumeration.  
-###### What is Local Enumeration?  
-Local Enumeration is ordering in a list, specific assets of a system. That might be the running processes of the system, the version of the drivers, users of the system etc.  
-###### What is Privilege Escalation?  
-Privilege Escalation is escalating the rights of low privilege user to one with higher rights or root.  
+ocLE4P is a customizable Local Enumeration and Privilege Escalation tool based on Python. Everyone can write their own plugins by following
+the template files and including the plugins into the ocLE4P.py file. The enumeration plugins in "mdcvxiv.py" also support non-interactive shells.
+The non-interactive options give the user file with the output of the chosen enumeration. 
+###### What is Local Enumeration? 
+Local Enumeration is ordering in a list, specific assets of a system. That might be the running processes of the system, the version of the drivers,
+users of the system etc. 
+###### What is Privilege Escalation? 
+Privilege Escalation is escalating the rights of low privilege user to one with higher rights or root.
+The purpose of the project is to collect as many as possible tools for Local Enumeration and PrivEsc. That can automate the process of gathering information a system after successful penetration tasting, and it can even escalate the privilege of the user.  
 
 
 ## User documentation:  
-The project is based on Python 3.  It contains a menu, "ocLE4P.py", from which, the user can choose the plugin he/she wants to use. If the file is run with an argument "-h" or "--help", the non-interactive enumeration options, will be displayed. The non-interactive interface is contained in "mdcvxiv.py" plugin.  
+The project is based on Python 3. It contains a menu, "ocLE4P.py", from which, the user can choose the plugin he/she wants to use. If the file is run with an argument "-h" or "--help", the non-interactive enumeration options, will be displayed. The non-interactive interface is contained in "mdcvxiv.py" plugin.  
 
 ### Setup  
-   Requirements for installation:  
+Requirements for installation:
    - Linux, BSD OS or Windows (Tested on Arch, Kali Linux, LXDE, Windows7, Debian)
-   - python3
+   - Python 3
    - pip3 (dev mod)
-   - git (optional)  
-
-   Once downloaded, the tool is ready for usage.
+   - git (optional) 
+No external libs are used, so once downloaded, the tool is ready for usage.
 
 ### Usage  
-   Run ```python3 ocLE4P.py``` to open the menu or ```python3 ocLE4P.py -h``` for non-interactive interface.  
+Run ```python3 ocLE4P.py``` to open the menu or ```python3 ocLE4P.py -h``` for non-interactive interface.  
+The menu has two main options.
+1 - Privilege Escalation
+2 - Local Enumeration
+Each of them will take you to a sub-menu with the relevant plugins. The menu is checking the system when it is started, so only plugins for the specific OS are displayed.
+The non-interactive interface supports all enumerations plugins in "mdcvxiv.py", so they can be started without entering the menu. The output is collected into a log file.
 
 ## Unit Tests:  
 ### 'mdcvxiv.py' test [![tests/test_mdcvxiv_plugins.py](https://img.shields.io/badge/tests-test__mdcvxiv__plugins.py-red)](https://github.coventry.ac.uk/ivanovn/ocLEAP/blob/master/tests/test_mdcvxiv_plugins.py)  
 |Function|Test|Expected result|
 |---|---|---|
 |fileIn()|Open log file|True|
 |fileIn()|Check the functionality with simulated plugin|True|
-|interactive()|Pass incorect argument and chacks for "Incorrect argument!"|True|
-|interactive()|Pass two arguments and chacks for "Only one argument is required!"|True|
-|interactive()|Check is every available option printed|True|
+|interactive()|Pass incorrect argument and checks for "Incorrect argument!"|True|
+|interactive()|Pass two arguments and checks for "Only one argument is required!"|True|
+|interactive()|Check is every available option is printed|True|
 |interactive()|Open log file (insurance for correctly called function)|True|
-|interactive()|Chacks if the options are written|True|
+|interactive()|Checks if the options are written|True|
 |TempFile().gen()|Checks if file is generated|True|
-|TempFile().gen()|Checks if file is deleted|True|
+|TempFile().rem()|Checks if file is deleted|True|
 
 |Plugin|Test|Expected result|
 |---|---|---|

src/jcnetworkenum.py

@@ -0,0 +1,17 @@
+#!python3 
+import pty
+import os #used to automate linux commands within python files
+from plugins import Enumeration #using generic class from plugins file
+class NetworkEnumeration(Enumeration): #using generic enumeration class for specific enumeration class
+	def __init__(self): #constructor to initialise class
+		Enumeration.__init__(self)
+		self.name="Network Enumeration" #overriding generic info from enumeration class and replacing with meaningful info
+		self.author="Joe Conteh"
+		self.description="Provides the user with the network configuration display information and cpu architecture"
+		self.version="0.1 alpha"
+
+
+	def execute(self): # when called on, displays info contained in function
+		cpu=os.system("lscpu") #provides cpu architecture
+		network=os.system("ifconfig") #provides network configuration
+

src/jcprivesc.py

@@ -0,0 +1,14 @@
+#!python3
+import pty
+import os
+from plugins import PrivEsc
+class PrivilegeEsc(PrivEsc):
+	def __init__(self):
+		PrivEsc.__init__(self)
+		self.name="Privilege Escalation"
+		self.author="Joe Conteh"
+		self.description="Increases the privileges of the user, allows user to see contents of shadow file"
+		self.version="0.1 alpha"
+
+	def execute(self):
+		os.system("cat /etc/shadow")

src/jcsystemenum.py

@@ -0,0 +1,16 @@
+#!python3
+import pty
+import os
+from plugins import Enumeration
+class SystemEnumeration(Enumeration):
+	def __init__(self):
+		Enumeration.__init__(self)
+		self.name="System Enumeration"
+		self.author="Joe Conteh"
+		self.description="Provides the user with the system information and hostname"
+		self.version="0.1 alpha"
+
+	def execute(self):
+		os.system("uname -a")
+		os.system("hostname")
+

src/mdcvxiv.py

@@ -90,7 +90,7 @@ def NoNinteractive(*arg):
         Plugin for host info and host services enumeration.
         """
         }
-    linEn, sysServUNIX, popsUNIX, winEn, sysServWIN=opt.items()
+    linEn, sysServUNIX, popsUNIX, winEn, sysServWIN = opt.items()
 
     def heLp(opt):
         print(description)
@@ -124,7 +124,9 @@ def heLp(opt):
 #<--------------------------------------------------------------------------------------------------------------------->
 class TempFile:
     """
-    Class with methods for temporary file crating and deleting
+    Class with methods for temporary file crating and deleting.
+    This class is used instead of tempfile with purpose not bloating
+    with too many libs
     Methods:
         gen()      :Calls the temporary file, generated in __init__
             Return: Temp. File
@@ -483,7 +485,7 @@ def NETstat():
             err=err.decode()
             return result, err
 
-        result, err=NETstat()
+        result, err = NETstat()
 
         if out==False:
             print(f"\n\n\033[1;32m Ports Status:\033[0m\n")
@@ -500,7 +502,7 @@ def NETstat():
 
         else: pass
 
-        result, err=NETstat()
+        result, err = NETstat()
 
         outCach+=f"\n\n\n Ports Status:\n\n"
         result=result.split("\n")

src/ocLE4P.py

@@ -18,6 +18,10 @@
     from ja_plugins import BasicHostInfo
     from ja_plugins import BasicNetworkInfo
     from ja_plugins import SudoRights
+    from jcprivesc import PrivilegeEsc
+    from jcsystemenum import SystemEnumeration
+    from jcnetworkenum import NetworkEnumeration
+
     #from YOUR_PLUGINFILE import YOUR_PLUGINS
 
 
@@ -48,6 +52,7 @@
         ESCAL.append(grepSHADOW())
         ESCAL.append(Shadow())
         ESCAL.append(SudoRights())
+        ESCAL.append(PrivilegeEsc())
         #ESCAL.append(YOUR_PLUGIN)
 
         #Make a list of available enumerations
@@ -59,6 +64,8 @@
         ENUM.append(BasicHostInfo())
         ENUM.append(BasicNetworkInfo())
         ENUM.append(WritableScripts())
+        ENUM.append(SystemEnumeration())
+        ENUM.append(NetworkEnumeration())
         #ENUM.append(YOUR_PLUGIN)