secforce / sparta Goto Github PK

Python 2.7.6

Linux ubuntu 3.13.0-45-generic #74-Ubuntu SMP Tue Jan 13 19:36:28 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Traceback (most recent call last):
File "sparta.py", line 83, in
controller = Controller(view, logic) # Controller prep (communication between model and view)
File "/usr/share/sparta/controller/controller.py", line 34, in init
self.start() # initialisations (globals, etc)
File "/usr/share/sparta/controller/controller.py", line 46, in start
self.view.start(title)
File "/usr/share/sparta/ui/view.py", line 89, in start
self.updateInterface()
File "/usr/share/sparta/ui/view.py", line 1130, in updateInterface
self.updateServiceNamesTableView()
File "/usr/share/sparta/ui/view.py", line 868, in updateServiceNamesTableView
self.ServiceNamesTableModel = ServiceNamesTableModel(self.controller.getServiceNamesFromDB(self.filters), headers)
File "/usr/share/sparta/controller/controller.py", line 401, in getServiceNamesFromDB
return self.logic.getServiceNamesFromDB(filters)
File "/usr/share/sparta/app/logic.py", line 214, in getServiceNamesFromDB
return metadata.bind.execute(tmp_query).fetchall()
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 2447, in execute
return connection.execute(statement, _multiparams, *_params)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1449, in execute
params)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1628, in _execute_text
statement, parameters
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1698, in _execute_context
context)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1691, in _execute_context
context)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/default.py", line 331, in do_execute
cursor.execute(statement, parameters)
sqlalchemy.exc.OperationalError: (OperationalError) no such table: db_tables_nmap_service "SELECT DISTINCT service.name FROM db_tables_nmap_service as service INNER JOIN db_tables_nmap_port as ports INNER JOIN db_tables_nmap_host AS hosts ON hosts.id = ports.host_id AND service.id=ports.service_id WHERE 1=1 AND hosts.status!='down' AND ports.state!='closed' AND ports.state!='filtered' AND ports.state!='open|filtered' ORDER BY service.name ASC" ()

I resolved this by forcing a sqlalchemy upgrade with
sudo pip install SQLAlchemy --upgrade

First let me start by saying thanks for the great tool - it is fast becoming one of my "go tos" as it is so easy to configure and add new tools. I have been using it a bit in the last few days and have experienced what I think is a bug and also had some suggestions for improvements/enhancements (some may already be there but if they are I am not sure where).

Let's first start with the "bug": in the sparta.conf when I have enable scheduler set to true and enable scheduler on import set to false. The tools in the scheduled settings kick off when I import a nmap file. I want them to run when I add hosts manually (smaller lists usually) and NOT when I import (larger lists usually). I thought this would have done that but it does not.

Now for the enhancements/improvements - We have all this greatt stuff in here - now we need reports. I know you are woking on them but I wanted to +1 the need for reports. In the Host scan section the NMAP commands fall under "Portscan" menue item. How do we create menue items? I think this would be helpful to keep the UI looking fresh and neat.

testing

I wonder what if I don't have network range and I have list of IPs or domain and I want to run Sparta on this list of domains/ IPs. I don't see any option to import this list from a file?!

would very much like to add host names next to ip addresses similar to the way db_nmap auto-populates the database after running a nmap dns host enumeration nse script against a dns server.

Is it possible to use spaces instead of tabs? Using tabs makes the code indent too much. Apart from that using spaces is a part of the Python style guide.

Proposal:

Convert tabs to 4 spaces.

would like to see some way of customizing nmap scans / nse scripts

You guys have made a killer tool and I am already using it on engagements. I love the integration with other tools, but was somewhat bummed by the fact that "Launch dirbuster" simply opens the tool. I'm no dirbuster expert, so maybe it can be done all via cli, but if http is detected, you could simply kick off a dirb scan and output the results to a window just like you do with nikto (that's an awesome integration by the way).

I'm using sparta on a standard Kali Linux install.

Nikto output files are not saved into a separate directory but stay in a temp folder called sparta-RANDOM-Running (within the project directory). The Nikto output files saved there are also not complete. Half of the finding and the summary are missing. Although as long as the tab of the Nikto scan is kept open the complete Nikto output is available there.
In the SQLite db if find a outputfile pointing to /tmp/sparta-RANDOM-running/20150325time-nikto-xx.xx.xx.xx-443 which has the same filename as in the project directory.

For other scripts I do not encounter this behavior.

Hi, there should be option for change default interface from where Sparta take IP address, because probably take IP from eth0 and there is no option to change this default value when Sparta generate resource file for MSF :).

On the Sparta documentation page, you use this as an example for adding tools to Sparta:

nikto=Run nikto, nikto -o [OUTPUT].txt -p [PORT] -h [IP], “http,https”

Are there any available variables other than IP, OUTPUT, and PORT? A list would be great in the documentation.

Hello

When trying to check for default FTP or any service hydra produces this error.

[ERROR] file for colon files (login:pass) not found:./wordlists/ftp-default-userpass.txt

Not sure what broke this as was working fine earlier, potential update broke feature.

Running of kali linux, Opened sparta from usr/share/sparta - issue still persent
Copied sparta wordlists to Kalis wordlist location - issue still present

Not sure why the app cannot find the wordlists, any ideas ?

Kind regards

I was recently doing an external penetration test that involved very stealthy and progressive enumeration scans on a block of 24 IP addresses. I disabled the scheduler scans on this engagement in favor of manually launching a series of custom nmap scans of increasing speed and scope. The issue that I ran into is I had to launch the scans individually for each host as opposed to firing off each scan on the entire range. Some suggestions to combat this could be:

• Allow selection and scanning of multiple hosts in the main hosts tab
• Ability to launch scans on a custom range outside of the hosts tab (a-la Zenmap)

Once the scans were completed and all the host enumeration was done, using Sparta on the detected services was very nice. Great tool, guys!

How do I fix this?

Traceback (most recent call last):
File "/home/bo0om/soft/sparta/ui/view.py", line 706, in contextMenuServiceNamesTableView
self.controller.handleServiceNameAction(targets, actions, action)
File "/home/bo0om/soft/sparta/controller/controller.py", line 314, in handleServiceNameAction
self.runCommand(tool, tabtitle, ip[0], ip[1], ip[2], command, getTimestamp(True), outputfile, self.view.createNewTabForHost(ip[0], tabtitle, restoring))
File "/home/bo0om/soft/sparta/controller/controller.py", line 498, in runCommand
textbox.setProperty('dbId', QVariant(str(self.logic.addProcessToDB(qProcess)))) # database id for the process is stored so that we can retrieve the widget later (in the tools tab)
File "/home/bo0om/soft/sparta/app/logic.py", line 402, in addProcessToDB
self.db.commit()
File "/home/bo0om/soft/sparta/db/database.py", line 47, in commit
session.commit()
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/scoping.py", line 114, in do
return getattr(self.registry(), name)(_args, *_kwargs)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 656, in commit
self.transaction.commit()
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 314, in commit
self._prepare_impl()
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 298, in _prepare_impl
self.session.flush()
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1583, in flush
self._flush(objects)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1654, in _flush
flush_context.execute()
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/unitofwork.py", line 331, in execute
rec.execute(self)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/unitofwork.py", line 475, in execute
uow
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/persistence.py", line 64, in save_obj
table, insert)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/orm/persistence.py", line 558, in _emit_insert_statements
execute(statement, params)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1449, in execute
params)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1584, in _execute_clauseelement
compiled_sql, distilled_params
File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1698, in _execute_context
context)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1691, in _execute_context
context)
File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py", line 331, in do_execute
cursor.execute(statement, parameters)
sqlalchemy.exc.ProgrammingError: (ProgrammingError) You must not use 8-bit bytestrings unless you use a text_factory that can interpret 8-bit bytestrings (like text_factory = str). It is highly recommended that you instead just switch your application to Unicode strings. u'INSERT INTO db_tables_process (display, pid, name, tabtitle, hostip, port, protocol, command, starttime, outputfile, status, closed) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' ('True', '0', 'ftp-default', 'ftp-default (21/tcp)', '192.168.1.66', '21', 'tcp', u'hydra -s 21 -C ./wordlists/ftp-default-userpass.txt -u -o "/tmp/sparta-4Tolxp-running/ftpdefault/20150115133122-ftp-default-5.9.80.212-21.txt" -f 5.9.80.212 ftp', '15 \xd0\xaf\xd0\xbd\xd0\xb2 2015 13:31:22', '/tmp/sparta-4Tolxp-running/ftpdefault/20150115133122-ftp-default-5.9.80.212-21', 'Waiting', 'False')

I tried to run but it says i need to apt-get python-elixir. I did but its already installed.

I recommend renaming the db_tables_nmap_host table to something more generic like db_tables_host. I would also do the same for all tables that have to potential to store other data which did not come from Nmap. This will increase the potential for expansion outside of using Nmap for host identification. Better to do it now then when the project is much farther along. A generic table name can allow for parsing other tool output (like Nessus) into the table without confusion.

"At the moment, SPARTA can be configured by editing the sparta.conf file located in SPARTA’s root folder. At launch time, SPARTA checks if this file exists and if it does not, a new file is created with default values."

As quoted from your website. Is it possible to add tools into Sparta, such as Sqlmap, or wapiti, so that once the nmap scan is complete, sparta would then run tools like nikto, and wapiti together to scan port 80. If so, what codes should I edit to make this possible?

It would be great if you could import a list of hosts instead of having to add them one by one. As SPARTA tries to save time, I think it's a must. :-)

Thanks.

If you click on the status column, the expected behavior would be to sort by that column. Within one or two clicks, it should be possible to bring tasks that are still running to the top of the log.

There should also be an End Time for each task, but I guess that's more of a separate feature request...

Hello, i went over all of the issue related to the Elixir not found problem with no success

can you please help ?

:/usr/bin$ sparta
[-] Import failed. Elixir library not found.
Try installing it with: apt-get install python-elixir

Bugz

For tool to be ultimately useful i think some kind of remoting support is essential. Sort of daemon which would do the tasks and GUI as the client to manage daemon. Possibly with multi-user support. What are your opinions on this?

Is it possible to (either by default or through a settings option) to autorun the SchedulerSettings/PortActions when NMap data is imported, as opposed to only running the actions when a scan is initiated from Sparta? Would be killer!

It seems that SPARTA do not fully support IPv6,
when adding an IPv6 address in the scope we got an Invalid Input;
and when importing an nmap xml file including an IPv6 host only, nmap scans fails to launch and the IPv6 address is not even shown in the Information tab.

[+] Parsing nmap xml file: /root/Desktop/jason6.xml
    [+] Finished in 0.0682790279388 seconds.
Traceback (most recent call last):
  File "/root/sparta/ui/view.py", line 1125, in updateInterface
    self.updateHostsTableView()
  File "/root/sparta/ui/view.py", line 851, in updateHostsTableView
    self.HostsTableModel.sort(3, Qt.DescendingOrder)
  File "/root/sparta/app/hostmodels.py", line 124, in sort
    array.append(IP2Int(self.__hosts[i]['ip']))
  File "/root/sparta/app/auxiliary.py", line 37, in IP2Int
    o = map(int, ip.split('.'))
ValueError: invalid literal for int() with base 10: ''

:)

Hi, Guys - I recently started using sparta pretty much exclusively on some live engagements, hence the slew of observations from me. It has been awesome but has given me some ideas for tweaks.

Related to my previous comment regarding alternate config files, another idea that came to me was to move the rest of the logic for the staged nmap scans into the config file and out of the code to allow the entire nmap command (timing, service / OS identification, etc) to be modified within the config. I noted this in an external pentest in which stealth is of utmost priority and you don't want to use a timing of 4. Basically make the config file format for the staged scans to mirror the other tools instead of only specifying ports. This could further be modified to handle different levels of staged scans (some configs have 3 stages, some have 5, etc). I seem to remember stage levels being mentioned in another issue and cannot remember if it was ever implemented.

I may have some time to play with this one and shoot you a PR if you want - seems like this fix could be added without significantly changing the overall structure of the code and mangling your work.

Great job guys!

Related to my previous post, another potential enhancement that comes to mind is to copy imported nmap scan files into the project file at the time of import (and possibly convert to html as well). This way the project file tool output directories remain a complete reference to the data in the project database.

As stated before, I'll be happy to play around with this as well and submit a PR.

Great tool, BTW - this project is looking to be one of the most useful tools in performing a penetration test that I have come across in a LOOONG time! Good job, gentlemen.

Alright so im trying to work on releasing some videos for my YouTube channel of this awesome program however im facing a The session file ./hydra.restore was written Type "Hydra -R" To resume session hang its i have a total of 7215 passwords in a file it keeps spamming
The session file ./hydra.restore was written Type "Hydra -R" To resume session
and its stuck at 7063 and just keeps saying The session file ./hydra.restore was written Type "Hydra -R" To resume session now i cd to /cd /opt/sparta/
and typed Hydra -R says something about glibc detected **** hydra: double free or corruption
Not sure what that's all about been it shows that with some kinda 0x000007fb7f84dca80 then it spamms the terminal heh so not sure if this is a bug or what but im using the latest Kali Linux and the listed files from the website the apt-get install python-elixir and pt-get install ldap-utils rwho rsh-client x11-apps finger both installed.

Trying to brute force my SSH server on my level network.

On a fully upgraded version of Kali, I get the following error when trying to run Sparta:

[-] Import failed. Elixir library not found.
Try installing it with: apt-get install python-elixir

I tried to do the import manually from a Python prompt and get the following:
Python 2.7.3 (default, Mar 13 2014, 11:03:55)
[GCC 4.7.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.

import elixir
Traceback (most recent call last):
File "", line 1, in
File "/usr/lib/pymodules/python2.7/elixir/init.py", line 29, in
from elixir.entity import Entity, EntityBase, EntityMeta, EntityDescriptor,
File "/usr/lib/pymodules/python2.7/elixir/entity.py", line 17, in
from sqlalchemy.orm import MapperExtension, mapper, object_session,
ImportError: cannot import name ScopedSession

I placed this code right before "import elixir" in the try statement to resolve the issue:
import sqlalchemy.orm
sqlalchemy.orm.ScopedSession = sqlalchemy.orm.scoped_session
REF: http://stackoverflow.com/questions/14201210/impossible-to-initialize-elixir

Installed SQLAlchemy version:

dpkg -s python-sqlalchemy
Package: python-sqlalchemy
Status: install ok installed
Priority: optional
Section: python
Installed-Size: 3028
Maintainer: Piotr Ożarowski [email protected]
Architecture: all
Source: sqlalchemy
Version: 0.7.8-1

https://github.com/batmancrew/sparta/blob/master/sparta.conf

I may be missing this as a current feature already, but it would be really cool to be able to specify an alternate config file to allow you to have separate staged scan options for different assessment types (for example, a stealthy configuration for external penetration tests and a loud version for internal vulnerability assessments where stealth is not a priority).

Hello there
I get an error message:

Hydra v7.5 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only
Hydra (http://www.thc.org/thc-hydra) starting at 2015-02-09 15:49:10

[ERROR] Unknown service: /home/user/dicts/dict.txt

while trying to bruteforce ftp credentials via hydra with the following options:
-Username - single name

• Password - password list from file
• try blank password + try login as password + loop arround users + exit on first valid

Please can we enable the tab view of nmap scans? The reason for this is that when scanning if a scan is taking a considerable time we would be able to terminate it. Currently there is no ability to know if a scan has 2 minutes left or 2 hours left.

I think this code is the bit that prevents them from being displayed. controller.py:
if 'nmap' in name: # to make sure different nmap scans appear under the same tool name
name = 'nmap'
invisibleTab = True

When changed to false they appear briefly and then disappear.

Hello,
I have found a new bug.

If I go to the tab "Scan" > "Tools" and I click on "Tool", I get the following error message:

Traceback (most recent call last):
File "/usr/share/sparta/app/processmodels.py", line 115, in sort
array.append(self.__processes[i]['status'])
File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 2835, in _key_fallback
expression._string_or_unprintable(key))
sqlalchemy.exc.NoSuchColumnError: "Could not locate column in row for column 'status'"

Could you fix that bug please?

Thank you.

Hi developers! I found this tool so cool. I have a question about hydra. There is a way to restore the session into SPARTA? I'm using 1.0.2 version of course. Thank you in advice!

"sqlalchemy.exc.OperationalError: (OperationalError) no such table: db_tables_nmap_host "SELECT * FROM db_tables_nmap_host AS hosts WHERE 1=1 AND hosts.status!='down'" ()"

Is there a way to move the data/file in a way to get around this?

A nice feature enhancement would be to use something like xsltproc to convert nmap xml output into html and store it along with the other nmap output files in the output/nmap directory. This would allow for easy inclusion of all nmap scan results in the final penetration test report / supporting documentation as well as for reference in the audit workpapers.

Quick and dirty way would be to add it to the moveToolOutput function. I will be happy to play with it and submit PR.

The snmp-check command line needs to be corrected. Currently, it results in a pile of inactive GUI snmpcheck windows popping up instead of correctly calling snmp-check and importing results back into the Sparta interface.

snmpcheck -t [ip] [port]

should be

snmp-check -t [ip] [port]

Hi,

When you try to screenshots, assign an IP port 443 which makes when performing capture not appear correctly. Catches should do before putting https: //

I hope I explained correctly.

Grettings

Hi,

First of all, it is really awesome and useful tool 👍

I would like to know if you are going to provide support for windows in future. I would like to include this in Pentestbox .

Thanks
Aditya Agrawal

Hi,

First off, absolutely love the tool!

Is there a way of changing the [OUTPUT] variable? For example, I don't necessarily require the date/time of the scan in the title of the output file.

Sorry if I've missed it and there already is!

Hi guys,

Thank you for your work, this tool could be very great.

I have some suggestions to improve it.

• To not run all tools automatically (ex: nikto, etc.). Propose an option to the user to do it or to do it manually. It happens on pentest that we have too much ip to tests (it would not be supported by our computer to run nikto everywhere). Nikto is only an example, but if the user checks that he wants to do it manually, nothing is launched (or only the screenshot options).
• A log tab to see the nmap scan could be useful. When a scan is launched, a nmap tab will appear (as it's done with the other tools) with the output of the -v options.
• When I tried to run an nmap full tcp scan, it does not work (it does not show that nmap crash, just the statue changed to completed). The fast TCP scan works well by the way.

Your tool could be very useful during pentest. Have a great day.

Alessandro ZANNI

I use this tool quite a lot to test VPNs, could it be included?

https://labs.portcullis.co.uk/tools/iker/

I've written it in to my sparta.conf file, however I thought it might be useful for other testers that may not be aware of it :)

it would be nice to allow users to select more than one host at a time.

for some non-staged (yet still intensive scans) it would be nice to queue more than one scan at a time.

Errors:
[-] Import failed. Elixir library not found.
Try installing it with: apt-get install python-elixir

But python-elixir installed. Import elixir leads to such error:
python

import elixir
Traceback (most recent call last):
File "", line 1, in
File "/usr/lib/pymodules/python2.7/elixir/__ init __.py", line 29, in
from elixir.entity import Entity, EntityBase, EntityMeta, EntityDescriptor,
File "/usr/lib/pymodules/python2.7/elixir/entity.py", line 17, in
from sqlalchemy.orm import MapperExtension, mapper, object_session,
ImportError: cannot import name ScopedSession

FIx:
python-sqlalchemy 0.8.0+, which changed the name of “ScopedSession” to
“scoped_session”

pip install sqlalchemy==0.7.8 fixes the problem

Not sure if it's something you guys would want to fix, but Centos/RHEL6 can't run this due to not having Python 2.7. I've not attempted a workaround and know that Centos 6 is pretty old, but thought I'd bring it up in case others are confused/having trouble.

im tryng to launch sparta but it shows me this error.

[-] Import failed. PyQt4 library not found.
Try installing it with: apt-get install python-qt4

I know there is a message on a try: inside the script but the problem is that i have the PyQt4 module installed, because im able to import the module from the python interpreter

any idea how i can fix this problem?

Compiled Cuttycapt as per your instructions. That worked well, however screenshots do not work within the Sparta for certs that are based on URL and not IP. I looked in the config file to try to insert '--insecure' since that seems to work from the command-line with Cuttycapt, but wasn't able to find the command for Cuttycapt, just the pathway which I pointed to my new Cuttycapt.