V2.1: Network Map integration, Scan History, OS detection improvements

- Added nmap wrapper to auto-send scan results to Dashboard - Network Map now displays hosts from terminal scans - Scan History tab shows all scans (GUI and terminal) - Load previous scans to Network Map feature - Improved OS detection from nmap output (parses OS details, smb-os-discovery) - Added determine_os_type() with OUI/MAC vendor lookup - Static network map layout (no more jumpy D3 force simulation) - Fixed docker-compose for Ollama connectivity (host.docker.internal) - Added test_services.sh for comprehensive testing
2026-03-01 22:30:22 -05:00 · 2025-12-08 09:07:41 -05:00
parent 26bcb7f947
commit 5d5a4d4e20
9 changed files with 825 additions and 142 deletions
--- a/services/kali/Dockerfile
+++ b/services/kali/Dockerfile
@@ -3,35 +3,56 @@ FROM kalilinux/kali-rolling
 # Avoid prompts during package installation
 ENV DEBIAN_FRONTEND=noninteractive

-# Update and install ALL Kali tools
-# Using kali-linux-everything metapackage for complete tool suite
+# Configure apt to use direct Kali mirrors (avoid CDN mirrors that get blocked by content filters)
+# The mirror.us.cdn-perfprod.com CDN is being blocked by SafeBrowse content filter
+RUN echo 'deb http://kali.download/kali kali-rolling main non-free non-free-firmware contrib' > /etc/apt/sources.list && \
+    echo 'Acquire::Retries "5";' > /etc/apt/apt.conf.d/80-retries
+
+# Update and install essential security tools
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    kali-linux-everything \
+    nmap \
+    nikto \
+    sqlmap \
+    gobuster \
+    dirb \
+    wfuzz \
+    hydra \
+    john \
+    hashcat \
+    whois \
+    dnsutils \
+    net-tools \
+    iputils-ping \
+    curl \
+    wget \
+    git \
+    vim \
+    jq \
+    uuid-runtime \
+    python3 \
+    python3-pip \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

-# Install additional Python tools and utilities for command logging
+# Install additional Python tools for command logging and scripting
 RUN pip3 install --break-system-packages \
    requests \
    beautifulsoup4 \
    shodan \
    censys

-# Install jq and uuid-runtime for command logging
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    jq \
-    uuid-runtime \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
 # Create workspace directory
 WORKDIR /workspace

-# Copy scripts
+# Copy scripts and convert Windows line endings to Unix
 COPY entrypoint.sh /entrypoint.sh
 COPY command_logger.sh /usr/local/bin/command_logger.sh
 COPY capture_wrapper.sh /usr/local/bin/capture
-RUN chmod +x /entrypoint.sh /usr/local/bin/command_logger.sh /usr/local/bin/capture
+COPY nmap_wrapper.sh /usr/local/bin/nmap
+
+# Convert any Windows line endings (CRLF) to Unix (LF)
+RUN sed -i 's/\r$//' /entrypoint.sh /usr/local/bin/command_logger.sh /usr/local/bin/capture /usr/local/bin/nmap
+RUN chmod +x /entrypoint.sh /usr/local/bin/command_logger.sh /usr/local/bin/capture /usr/local/bin/nmap

 # Create command history directory
 RUN mkdir -p /workspace/.command_history
--- a/services/kali/capture_wrapper.sh
+++ b/services/kali/capture_wrapper.sh
@@ -1,8 +1,10 @@
 #!/bin/bash
 # Output Capture Wrapper for Security Tools
 # Wraps command execution to capture stdout/stderr and save results
+# Automatically sends nmap results to dashboard network map

 COMMAND_LOG_DIR="${COMMAND_LOG_DIR:-/workspace/.command_history}"
+DASHBOARD_URL="${DASHBOARD_URL:-http://strikepackage-dashboard:8080}"
 mkdir -p "$COMMAND_LOG_DIR"

 # Get command from arguments
@@ -61,12 +63,35 @@ cat > "$output_file" << EOF
 }
 EOF

+# Output results to terminal first
+echo "$stdout_content"
+[ -n "$stderr_content" ] && echo "$stderr_content" >&2
+
 # Clean up temp files
 rm -f "$stdout_file" "$stderr_file"

-# Output results to terminal
-cat "$stdout_file" 2>/dev/null || true
-cat "$stderr_file" >&2 2>/dev/null || true
+# If this was an nmap command, send results to dashboard network map
+if [[ "$cmd_string" == nmap* ]] && [ $exit_code -eq 0 ]; then
+    echo "" >&2
+    echo "[StrikePackageGPT] Detected nmap scan, sending to Network Map..." >&2
+    
+    # Send nmap output to dashboard for parsing
+    nmap_json=$(jq -n --arg output "$stdout_content" --arg source "terminal" \
+        '{output: $output, source: $source}')
+    
+    response=$(curl -s -X POST "${DASHBOARD_URL}/api/network/nmap-results" \
+        -H "Content-Type: application/json" \
+        -d "$nmap_json" 2>/dev/null || echo '{"error":"failed to connect"}')
+    
+    # Parse response
+    added=$(echo "$response" | jq -r '.added // 0' 2>/dev/null)
+    updated=$(echo "$response" | jq -r '.updated // 0' 2>/dev/null)
+    total=$(echo "$response" | jq -r '.total // 0' 2>/dev/null)
+    
+    if [ "$added" != "null" ] && [ "$added" != "0" -o "$updated" != "0" ]; then
+        echo "[StrikePackageGPT] Network Map updated: $added added, $updated updated (total: $total hosts)" >&2
+    fi
+fi

 echo "" >&2
 echo "[StrikePackageGPT] Command captured: $cmd_id" >&2
--- a/services/kali/entrypoint.sh
+++ b/services/kali/entrypoint.sh
@@ -3,12 +3,48 @@
 # Enable command logging by default for all bash sessions
 echo 'source /usr/local/bin/command_logger.sh' >> /root/.bashrc
 echo 'export COMMAND_LOG_DIR=/workspace/.command_history' >> /root/.bashrc
+echo 'export DASHBOARD_URL=http://strikepackage-dashboard:8080' >> /root/.bashrc

 # Create convenience aliases for captured execution
 cat >> /root/.bashrc << 'ALIASES'
 # Convenience alias to run commands with automatic capture
 alias run='capture'

+# Wrap nmap to automatically send results to network map
+nmap_wrapper() {
+    local output
+    local exit_code
+    
+    # Run nmap and capture output
+    output=$(/usr/bin/nmap "$@" 2>&1)
+    exit_code=$?
+    
+    # Display output
+    echo "$output"
+    
+    # If successful, send to dashboard network map
+    if [ $exit_code -eq 0 ]; then
+        echo "" >&2
+        echo "[StrikePackageGPT] Sending nmap results to Network Map..." >&2
+        
+        # Send to dashboard
+        response=$(curl -s -X POST "${DASHBOARD_URL:-http://strikepackage-dashboard:8080}/api/network/nmap-results" \
+            -H "Content-Type: application/json" \
+            -d "$(jq -n --arg output "$output" --arg source "terminal" '{output: $output, source: $source}')" 2>/dev/null)
+        
+        added=$(echo "$response" | jq -r '.added // 0' 2>/dev/null)
+        updated=$(echo "$response" | jq -r '.updated // 0' 2>/dev/null)
+        total=$(echo "$response" | jq -r '.total // 0' 2>/dev/null)
+        
+        if [ "$added" != "null" ] 2>/dev/null; then
+            echo "[StrikePackageGPT] Network Map: $added added, $updated updated (total: $total hosts)" >&2
+        fi
+    fi
+    
+    return $exit_code
+}
+alias nmap='nmap_wrapper'
+
 # Helper function to show recent commands
 recent_commands() {
    echo "Recent commands logged:"
@@ -18,36 +54,42 @@ recent_commands() {
    done
 }
 alias recent='recent_commands'
+
+# Show network map hosts
+show_hosts() {
+    echo "Network Map Hosts:"
+    curl -s "${DASHBOARD_URL:-http://strikepackage-dashboard:8080}/api/network/hosts" | jq -r '.hosts[] | "\(.ip)\t\(.hostname // "-")\t\(.os // "-")\tPorts: \(.ports | length)"' 2>/dev/null || echo "No hosts found"
+}
+alias hosts='show_hosts'
+
+# Clear network map
+clear_hosts() {
+    curl -s -X DELETE "${DASHBOARD_URL:-http://strikepackage-dashboard:8080}/api/network/hosts" | jq .
+    echo "Network map cleared"
+}
 ALIASES

 echo "=================================================="
 echo "  StrikePackageGPT - Kali Container"
-echo "  Security Tools Ready + Command Capture Enabled"
+echo "  Security Tools Ready + Network Map Integration"
 echo "=================================================="
 echo ""
 echo "Available tools:"
 echo "  - nmap, masscan (port scanning)"
-echo "  - amass, theharvester (reconnaissance)"
 echo "  - nikto, gobuster (web testing)"
 echo "  - sqlmap (SQL injection)"
 echo "  - hydra (brute force)"
-echo "  - metasploit (exploitation)"
-echo "  - searchsploit (exploit database)"
-echo "  - aircrack-ng, wifite (wireless)"
 echo "  - john, hashcat (password cracking)"
-echo "  - and 600+ more Kali tools"
 echo ""
-echo "🔄 BIDIRECTIONAL CAPTURE ENABLED 🔄"
+echo "🗺️  NETWORK MAP INTEGRATION ENABLED 🗺️"
 echo ""
-echo "Commands you run here will be captured and visible in:"
-echo "  • Dashboard history"
-echo "  • API scan results"
-echo "  • Network visualization"
+echo "nmap scans automatically appear in the Dashboard Network Map!"
 echo ""
-echo "Usage:"
-echo "  • Run commands normally: nmap -sV 192.168.1.1"
-echo "  • Use 'capture' prefix for explicit capture: capture nmap -sV 192.168.1.1"
-echo "  • View recent: recent"
+echo "Commands:"
+echo "  • nmap -sV 192.168.1.1    - Scan and auto-add to map"
+echo "  • hosts                    - Show network map hosts"
+echo "  • clear_hosts             - Clear network map"
+echo "  • recent                  - Show recent commands"
 echo ""
 echo "Container is ready for security testing."
 echo ""
--- a/services/kali/nmap_wrapper.sh
+++ b/services/kali/nmap_wrapper.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+# StrikePackageGPT nmap wrapper - sends scan results to Network Map and Scan History automatically
+
+DASHBOARD_URL="${DASHBOARD_URL:-http://strikepackage-dashboard:8080}"
+REAL_NMAP="/usr/bin/nmap"
+
+# Capture the full command for logging
+full_command="nmap $*"
+
+# Determine target (last non-flag argument)
+target="unknown"
+for arg in "$@"; do
+    if [[ ! "$arg" =~ ^- ]]; then
+        target="$arg"
+    fi
+done
+
+# Create temp file for output
+tmpfile=$(mktemp)
+trap "rm -f $tmpfile" EXIT
+
+# Run the actual nmap and capture output
+"$REAL_NMAP" "$@" 2>&1 | tee "$tmpfile"
+exit_code=${PIPESTATUS[0]}
+
+# If successful, send to dashboard
+if [ $exit_code -eq 0 ]; then
+    echo "" >&2
+    echo "[StrikePackageGPT] Sending results to Dashboard..." >&2
+    
+    # Use jq with file input to avoid argument length limits
+    # Send to network map
+    jq -Rs --arg source "terminal" '{output: ., source: $source}' "$tmpfile" | \
+        curl -s -X POST "${DASHBOARD_URL}/api/network/nmap-results" \
+            -H "Content-Type: application/json" \
+            -d @- >/dev/null 2>&1
+    
+    # Send to scan history
+    response=$(jq -Rs --arg tool "nmap" --arg target "$target" --arg command "$full_command" \
+        '{tool: $tool, target: $target, command: $command, output: ., source: "terminal"}' "$tmpfile" | \
+        curl -s -X POST "${DASHBOARD_URL}/api/scans/terminal" \
+            -H "Content-Type: application/json" \
+            -d @- 2>/dev/null)
+    
+    if [ -n "$response" ]; then
+        echo "[StrikePackageGPT] ✓ Results saved to Network Map and Scan History" >&2
+    fi
+fi
+
+exit $exit_code