artillery

1. Supported platforms
2.  
3. Linux
4. Windows
5.  
6. On windows to install pywin32 is needed.Install version that matches the version of python installed ex: 32/64 bit. Download files to location of your choice.open a cmd prompt browse to directory that files are located. To run type "python setup.py". You will be prompted for credentials if you are not an admin. Artillery wil be installed in "Program Files (x86). After setup you have option to launch program. included is a batch file to launch once it is installed it is located in install directory.Console logging must be enabled in config.
7.  
8. ********************************************artillary.py
9. #!/usr/bin/python
10. ################################################################################
11. #
12. # Artillery - An active honeypotting tool and threat intelligence feed
13. #
14. # Written by Dave Kennedy (ReL1K) @HackingDave
15. #
16. # A Binary Defense Project (https://www.binarydefense.com) @Binary_Defense
17. #
18. ################################################################################
19. import time
20. import sys
21. # needed for backwards compatibility of python2 vs 3 - need to convert to threading eventually
22. try: import thread
23. except ImportError: import _thread as thread
24. import os
25. import subprocess
26. from src.pyuac import * # added so that it prompts when launching from batch file
27. #
28. # Tested on win 7/8/10 also on kali rolling. left this here for when someone tries to launch this directly before using setup.
29. if 'win32' in sys.platform:
30. if not os.path.isfile("C:\Program Files (x86)\\Artillery\\artillery.py"):
31. print("[*] Artillery is not installed, running setup.py..")
32. import setup
33. # subprocess.Popen("python setup.py", shell=True).wait()
34.  
35. # consolidated nix* variants
36. if ('linux' or 'linux2' or 'darwin') in sys.platform:
37. if not os.path.isfile("/var/artillery/artillery.py"):
38. print("[*] Artillery is not installed, running setup.py..")
39. import setup
40. # subprocess.Popen("python setup.py", shell=True).wait()
41. # sys.exit()
42.  
43. from src.core import *
44. # from src.config import * # yaml breaks config reading - disabling
45.  
46. if is_windows():#this is for launching script as admin from batchfile.
47. if not isUserAdmin():# will prompt for user\pass and open in seperate window when you double click batchfile
48. runAsAdmin()
49. #removed below.These folders are created in setup.py
50. #if not os.path.isdir("C:\\Program Files (x86)\\Artillery\\database"):
51. #os.mkdir("C:\\Program Files (x86)\\Artillery\\database")
52. if isUserAdmin():
53. #moved for issue #39 BinaryDefense to only import on windows. seemed like best place
54. #not the best way but for now something will go into eventlog.
55. #for people with subscriptions in there environment like myself.
56. #will work on better way
57. from src.events import ArtilleryStartEvent
58. # let the local(txt))logfile know artillery has started successfully
59. write_log("[*] %s: Artillery has started successfully." % (grab_time()))
60. # write to windows log to let know artillery has started
61. ArtilleryStartEvent()
62. #create temp datebase and continue
63. if not os.path.isfile("C:\\Program Files (x86)\\Artillery\\database\\temp.database"):
64. filewrite = open("C:\\Program Files (x86)\\Artillery\database\\temp.database", "w")
65. filewrite.write("")
66. filewrite.close()
67.  
68. #consolidated nix* variants
69. if is_posix():
70. # Check to see if we are root
71. try: # and delete folder
72. if os.path.isdir("/var/artillery_check_root"):
73. os.rmdir('/var/artillery_check_root')
74. #if not thow error and quit
75. except OSError as e:
76. if (e.errno == errno.EACCES or e.errno == errno.EPERM):
77. print ("[*] You must be root to run this script!\r\n")
78. sys.exit(1)
79. else:
80. if not os.path.isdir("/var/artillery/database/"):
81. os.makedirs("/var/artillery/database/")
82. if not os.path.isfile("/var/artillery/database/temp.database"):
83. filewrite = open("/var/artillery/database/temp.database", "w")
84. filewrite.write("")
85. filewrite.close()
86.  
87.  
88. if is_config_enabled("CONSOLE_LOGGING"):
89. print("[*] %s: Artillery has started successfully.\n[*] If on Windows Ctrl+C to exit. \n[*] Console logging enabled.\n" % (grab_time()))
90.  
91. # prep everything for artillery first run
92. check_banlist_path()
93.  
94. try:
95. # update artillery
96. if is_config_enabled("AUTO_UPDATE"):
97. thread.start_new_thread(update, ())
98.  
99. # import base monitoring of fs
100. if is_config_enabled("MONITOR"):
101. from src.monitor import *
102.  
103. # port ranges to spawn
104. port = read_config("PORTS")
105.  
106. # if we are running posix then lets create a new iptables chain
107. if is_posix():
108. time.sleep(2)
109. create_iptables_subset()
110. # start anti_dos
111. import src.anti_dos
112.  
113. # spawn honeypot
114. import src.honeypot
115.  
116. # spawn ssh monitor
117. if is_config_enabled("SSH_BRUTE_MONITOR"):
118. import src.ssh_monitor
119.  
120. # spawn ftp monitor
121. if is_config_enabled("FTP_BRUTE_MONITOR"):
122. import src.ftp_monitor
123.  
124. # start monitor engine
125. import src.monitor
126.  
127. # check hardening
128. import src.harden
129.  
130. # start the email handler
131. import src.email_handler
132.  
133. # check to see if we are a threat server or not
134. if is_config_enabled("THREAT_SERVER"):
135. thread.start_new_thread(threat_server, ())
136.  
137. # recycle IP addresses if enabled
138. if is_config_enabled("RECYCLE_IPS"):
139. thread.start_new_thread(refresh_log, ())
140.  
141. # pull additional source feeds from external parties other than artillery
142. # - pulls every 2 hours or ATIF threat feeds
143. thread.start_new_thread(pull_source_feeds, ())
144. #removed turns out the issue was windows carriage returns in the init script i had.
145. #note to self never edit linux service files on windows.doh
146. #added to create pid file service would fail to start on kali 2017
147. #if is_posix():
148. # if not os.path.isfile("/var/run/artillery.pid"):
149. # pid = str(os.getpid())
150. # f = open('/var/run/artillery.pid', 'w')
151. # f.write(pid)
152. # f.close()
153.  
154.  
155. # let the program to continue to run
156. while 1:
157. try:
158. time.sleep(100000)
159. except KeyboardInterrupt:
160. print("\n[!] Exiting Artillery... hack the gibson.\n")
161. sys.exit()
162.  
163. #except sys.excepthook as e:
164. # print("Excepthook exception: " + format(e))
165. # pass
166.  
167. except KeyboardInterrupt:
168. sys.exit()
169.  
170. except Exception as e:
171. print("General exception: " + format(e))
172. sys.exit()
173.  
174. ****************************************************************artillery_start.bat
175.  
176. :: script to start artillery
177. @echo off
178. python "C:\Program Files (x86)\Artillery\artillery.py"
179. exit
180. exit
181. exit
182.  
183. **************************************************************** config
184. #############################################################################################
185. #
186. # This is the Artillery configuration file. Change these variables and flags to change how
187. # this behaves.
188. #
189. # Artillery written by: Dave Kennedy (ReL1K)
190. # Website: https://www.binarydefense.com
191. # Email: info [at] binarydefense.com
192. # Download: git clone https://github.com/binarydefense/artillery artillery/
193. # Install: python setup.py
194. #
195. #############################################################################################
196. #
197. # DETERMINE IF YOU WANT TO MONITOR OR NOT
198. MONITOR="ON"
199. #
200. # THESE ARE THE FOLDERS TO MONITOR, TO ADD MORE, JUST DO "/root","/var/", etc.
201. MONITOR_FOLDERS="/var/www","/etc/"
202. #
203. # BASED ON SECONDS, 2 = 2 seconds.
204. MONITOR_FREQUENCY="60"
205. #
206. # PORT 22 CHECK
207. SSH_DEFAULT_PORT_CHECK="ON"
208. #
209. # EXCLUDE CERTAIN DIRECTORIES OR FILES. USE FOR EXAMPLE: /etc/passwd,/etc/hosts.allow
210. EXCLUDE=""
211. #
212. # DO YOU WANT TO AUTOMATICALLY BAN ON THE HONEYPOT
213. HONEYPOT_BAN="OFF"
214. #
215. # WHITELIST IP ADDRESSES, SPECIFY BY COMMAS ON WHAT IP ADDRESSES YOU WANT TO WHITELIST
216. WHITELIST_IP="127.0.0.1,localhost"
217. #
218. # PORTS TO SPAWN HONEYPOT FOR
219. PORTS="22,1433,8080,21,5900,25,53,110,1723,1337,10000,5800,44443,16993"
220. #
221. # SHOULD THE HONEYPOT AUTOMATICALLY ADD ACCEPT RULES TO THE ARTILLERY CHAIN FOR ANY PORTS ITS LISTENING ON
222. HONEYPOT_AUTOACCEPT="ON"
223. #
224. # SHOULD EMAIL ALERTS BE SENT
225. EMAIL_ALERTS="OFF"
226. #
227. # CURRENT SUPPORT IS FOR SMTP, ENTER YOUR USERNAME AND PASSWORD HERE. LEAVE BLANK FOR OPEN RELAY
228. SMTP_USERNAME=""
229. #
230. # ENTER THE SMTP PASSWORD HERE. LEAVE BLANK FOR OPEN RELAY
231. SMTP_PASSWORD=""
232. #
233. # THIS IS WHO TO SEND THE ALERTS TO - EMAILS WILL BE SENT FROM ARTILLERY TO THIS ADDRESS
234. ALERT_USER_EMAIL="user@whatever.com"
235. #
236. # FOR SMTP ONLY HERE, THIS IS THE MAILTO
237. SMTP_FROM="Artillery Incident"
238. #
239. # SMTP ADDRESS FOR SENDING EMAILS, DEFAULT IS GMAIL
240. SMTP_ADDRESS="smtp.gmail.com"
241. #
242. # SMTP PORT FOR SENDING EMAILS DEFAULT IS GMAIL WITH TTLS
243. SMTP_PORT="587"
244. #
245. # THIS WILL SEND EMAILS OUT DURING A CERTAIN FREQUENCY. IF THIS IS SET TO OFF, ALERTS
246. # WILL BE SENT AUTOMATICALLY AS THEY HAPPEN (CAN LEAD TO A LOT OF SPAM)
247. EMAIL_TIMER="ON"
248. #
249. # HOW OFTEN DO YOU WANT TO SEND EMAIL ALERTS (DEFAULT 10 MINUTES)
250. EMAIL_FREQUENCY="600"
251. #
252. # DO YOU WANT TO MONITOR SSH BRUTE FORCE ATTEMPTS
253. SSH_BRUTE_MONITOR="ON"
254. #
255. # HOW MANY ATTEMPTS BEFORE YOU BAN
256. SSH_BRUTE_ATTEMPTS="4"
257. #
258. # DO YOU WANT TO MONITOR FTP BRUTE FORCE ATTEMPTS
259. FTP_BRUTE_MONITOR="OFF"
260. #
261. # HOW MANY ATTEMPTS BEFORE YOU BAN
262. FTP_BRUTE_ATTEMPTS="4"
263. #
264. # DO YOU WANT TO DO AUTOMATIC UPDATES. TYPE ON OR OFF
265. AUTO_UPDATE="OFF"
266. #
267. # ANTI DOS WILL CONFIGURE MACHINE TO THROTTLE CONNECTIONS, TURN THIS OFF IF YOU DO NOT WANT TO USE
268. ANTI_DOS="OFF"
269. #
270. # THESE ARE THE PORTS THAT WILL PROVIDE ANTI-DOS PROTECTION
271. ANTI_DOS_PORTS="80,443"
272. #
273. # THIS WILL THROTTLE HOW MANY CONNECTIONS PER MINUTE ARE ALLOWED HOWEVER THE BURST WILL ENFORCE THIS
274. ANTI_DOS_THROTTLE_CONNECTIONS="50"
275. #
276. # THIS WILL ONLY ALLOW A CERTAIN BURST PER MINUTE THEN WILL ENFORCE AND NOT ALLOW ANYMORE TO CONNECT
277. ANTI_DOS_LIMIT_BURST="200"
278. #
279. # THIS IS THE PATH FOR THE APACHE LOG FILES INCLUDING ERROR AND ACCESS
280. ACCESS_LOG="/var/log/apache2/access.log"
281. ERROR_LOG="/var/log/apache2/error.log"
282. #
283. # THIS ALLOWS YOU TO SPECIFY AN IP ADDRESS. LEAVE THIS BLANK TO BIND TO ALL INTERFACES. EXAMPLE BIND_IP="192.168.1.154"
284. BIND_INTERFACE=""
285. #
286. # THIS TURNS ON THE THREAT INTELLIGENCE FEED, THIS WILL CALL TO https://www.binarydefense.com/banlist.txt IN ORDER TO FIND
287. # ALREADY KNOWN MALICIOUS WEBSITES. WILL PULL EVERY 24 HOURS
288. THREAT_INTELLIGENCE_FEED="ON"
289. #
290. # CONFIGURE THIS TO BE WHATEVER THREAT FEED YOU WANT BY DEFAULT IT WILL USE BINARY DEFENSE
291. # NOTE YOU CAN SPECIFY MULTIPLE THREAT FEEDS BY DOING #http://urlthreatfeed1,http://urlthreadfeed2
292. THREAT_FEED="https://www.binarydefense.com/banlist.txt"
293. #
294. # A THREAT SERVER IS A SERVER THAT WILL COPY THE BANLIST.TXT TO A PUBLIC HTTP LOCATION TO BE PULLED BY
295. # OTHER ARTILLERY SERVER. THIS IS USED IF YOU DO NOT WANT TO USE THE STANDARD BINARY DEFENSE ONE.
296. #
297. # THIS WILL DETECT IF A THREAT SERVER IS NEEDED, AS IN IT WILL COPY TO /var/www/ FOR YOU AUTOMATICALLY
298. THREAT_SERVER="OFF"
299. #
300. # PUBLIC LOCATION TO PULL VIA HTTP ON THE THREAT SERVER. NOTE THAT THREAT SERVER MUST BE SET TO ON
301. THREAT_LOCATION="/var/www/"
302. #
303. # THIS CHECKS TO SEE WHAT PERMISSIONS ARE RUNNING AS ROOT IN A WEB SERVER DIRECTORY
304. ROOT_CHECK="ON"
305. #
306. # Specify SYSLOG TYPE to be local, file or remote. LOCAL will pipe to syslog, REMOTE will pipe to remote SYSLOG, and file will send to alerts.log in local artillery directory
307. SYSLOG_TYPE="LOCAL"
308. #
309. # IF YOU SPECIFY SYSLOG TYPE TO REMOTE, SPECIFY A REMOTE SYSLOG SERVER TO SEND ALERTS TO
310. SYSLOG_REMOTE_HOST="192.168.0.1"
311. #
312. # IF YOU SPECIFY SYSLOG TYPE OF REMOTE, SEPCIFY A REMOTE SYSLOG PORT TO SEND ALERTS TO
313. SYSLOG_REMOTE_PORT="514"
314. #
315. # TURN ON CONSOLE LOGGING
316. CONSOLE_LOGGING="ON"
317. #
318. # RECYCLE LOGS AFTER A CERTAIN AMOUNT OF TIME - THIS WILL WIPE ALL IP ADDRESSES AND START FROM SCRATCH AFTER A CERTAIN INTERVAL
319. RECYCLE_IPS="OFF"
320. #
321. # RECYCLE INTERVAL AFTER A CERTAIN AMOUNT OF MINUTES IT WILL OVERWRITE THE LOG WITH A BLANK ONE AND ELIMINATE THE IPS - DEFAULT IS 7 DAYS
322. ARTILLERY_REFRESH="604800"
323. #
324. # PULL ADDITIONAL SOURCE FEEDS FOR BANNED IP LISTS FROM MULTIPLE OTHER SOURCES OTHER THAN ARTILLERY
325. SOURCE_FEEDS="ON"
326.  
327. **************************************** remove_ban.py
328.  
329. #!/usr/bin/python
330. #
331. # simple remove banned ip
332. #
333. #
334. import sys
335. from src.core import *
336.  
337. try:
338. ipaddress = sys.argv[1]
339. if is_valid_ipv4(ipaddress):
340. path = check_banlist_path()
341. fileopen = file(path, "r")
342. data = fileopen.read()
343. data = data.replace(ipaddress + "\n", "")
344. filewrite = file(path, "w")
345. filewrite.write(data)
346. filewrite.close()
347.  
348. print("Listing all iptables looking for a match... if there is a massive amount of blocked IP's this could take a few minutes..")
349. proc = subprocess.Popen("iptables -L ARTILLERY -n -v --line-numbers | grep %s" % (
350. ipaddress), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
351.  
352. for line in proc.stdout.readlines():
353. line = str(line)
354. match = re.search(ipaddress, line)
355. if match:
356. # this is the rule number
357. line = line.split(" ")
358. line = line[0]
359. print(line)
360. # delete it
361. subprocess.Popen("iptables -D ARTILLERY %s" % (line),
362. stderr=subprocess.PIPE, stdout=subprocess.PIPE, shell=True)
363.  
364. # if not valid then flag
365. else:
366. print("[!] Not a valid IP Address. Exiting.")
367. sys.exit()
368.  
369. except IndexError:
370. print("Description: Simple removal of IP address from banned sites.")
371. print("[!] Usage: remove_ban.py <ip_address_to_ban>")
372.  
373. **************************************************** restart_server.py
374.  
375. #!/usr/bin/python
376. #
377. # restart artillery
378. #
379. #
380. import subprocess
381. import os
382. import signal
383. from src.core import *
384.  
385. proc = subprocess.Popen(
386. "ps -A x | grep artiller[y].py", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
387. # kill running instance of artillery
388. kill_artillery()
389.  
390. print("[*] %s: Restarting Artillery Server..." % (grab_time()))
391. if os.path.isfile("/var/artillery/artillery.py"):
392. write_log("[*] %s: Restarting the Artillery Server process..." %
393. (grab_time()))
394. subprocess.Popen("python /var/artillery/artillery.py &",
395. stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
396.  
397. ***************************************************** setup.py
398.  
399. #!/usr/bin/python
400. #
401. # quick script for installing artillery
402. #
403.  
404. import time
405. import subprocess
406. import re
407. import os
408. import shutil
409. from src.core import *
410. import sys
411. import errno
412. from src.pyuac import * # UAC Check Script found it here.https://gist.github.com/Preston-Landers/267391562bc96959eb41 all credit goes to him.
413. try: input = raw_input
414. except NameError: pass
415.  
416. # Check to see if we are admin
417. if is_windows():
418. if not isUserAdmin():
419. runAsAdmin()# will try to relaunch script as admin will prompt for user\pass and open in seperate window
420. sys.exit(1)
421. if isUserAdmin():
422. print('''
423. Welcome to the Artillery installer. Artillery is a honeypot, file monitoring, and overall security tool used to protect your nix systems.
424.  
425. Written by: Dave Kennedy (ReL1K)
426. ''')
427. #create loop for install/uninstall not perfect but works saves answer for next step
428. if not os.path.isfile("C:\\Program Files (x86)\\Artillery\\artillery.py"):
429. answer = input("[*] Do you want to install Artillery [y/n]: ")
430. #if above is false it must be installed so ask to uninstall
431. else:
432. if os.path.isfile("C:\\Program Files (x86)\\Artillery\\artillery.py"):
433. #print("[*] [*] If you would like to uninstall hit y then enter")
434. answer = input("[*] Artillery detected. Do you want to uninstall [y/n:] ")
435. #put this here to create loop
436. if answer.lower() in ["yes", "y"]:
437. answer = "uninstall"
438.  
439. # Check to see if we are root
440. if is_posix():
441. try: # and delete folder
442. if os.path.isdir("/var/artillery_check_root"):
443. os.rmdir('/var/artillery_check_root')
444. #if not thow error and quit
445. except OSError as e:
446. if (e.errno == errno.EACCES or e.errno == errno.EPERM):
447. print ("You must be root to run this script!\r\n")
448. sys.exit(1)
449. print('''
450. Welcome to the Artillery installer. Artillery is a honeypot, file monitoring, and overall security tool used to protect your nix systems.
451.  
452. Written by: Dave Kennedy (ReL1K)
453. ''')
454. #if we are root create loop for install/uninstall not perfect but works saves answer for next step
455. if not os.path.isfile("/etc/init.d/artillery"):
456. answer = input("Do you want to install Artillery and have it automatically run when you restart [y/n]: ")
457. #if above is true it must be installed so ask to uninstall
458. else:
459. if os.path.isfile("/etc/init.d/artillery"):
460. answer = input("[*] Artillery detected. Do you want to uninstall [y/n:] ")
461. #put this here to create loop
462. if answer.lower() in ["yes", "y"]:
463. answer = "uninstall"
464.  
465. if answer.lower() in ["yes", "y"]:
466. if is_posix():
467. #kill_artillery()
468.  
469. print("[*] Beginning installation. This should only take a moment.")
470.  
471. # if directories aren't there then create them
472. #make root check folder here. Only root should
473. #be able to create or delete this folder right?
474. # leave folder for future installs/uninstall?
475. if not os.path.isdir("/var/artillery_check_root"):
476. os.makedirs("/var/artillery_check_root")
477. if not os.path.isdir("/var/artillery/database"):
478. os.makedirs("/var/artillery/database")
479. if not os.path.isdir("/var/artillery/src/program_junk/"):
480. os.makedirs("/var/artillery/src/program_junk/")
481.  
482. # install to rc.local
483. print("[*] Adding artillery into startup through init scripts..")
484. if os.path.isdir("/etc/init.d"):
485. if not os.path.isfile("/etc/init.d/artillery"):
486. fileopen = open("src/startup_artillery", "r")
487. config = fileopen.read()
488. filewrite = open("/etc/init.d/artillery", "w")
489. filewrite.write(config)
490. filewrite.close()
491. print("[*] Triggering update-rc.d on artillery to automatic start...")
492. subprocess.Popen(
493. "chmod +x /etc/init.d/artillery", shell=True).wait()
494. subprocess.Popen(
495. "update-rc.d artillery defaults", shell=True).wait()
496.  
497. # remove old method if installed previously
498. if os.path.isfile("/etc/init.d/rc.local"):
499. fileopen = open("/etc/init.d/rc.local", "r")
500. data = fileopen.read()
501. data = data.replace(
502. "sudo python /var/artillery/artillery.py &", "")
503. filewrite = open("/etc/init.d/rc.local", "w")
504. filewrite.write(data)
505. filewrite.close()
506. #Changed order of cmds. was giving error about file already exists.
507. #also updated location to be the same accross all versions of Windows
508. if is_windows():
509. program_files = os.environ["PROGRAMFILES(X86)"]
510. install_path = os.getcwd()
511. shutil.copytree(install_path, program_files + "\\Artillery\\")
512. os.makedirs(program_files + "\\Artillery\\logs")
513. os.makedirs(program_files + "\\Artillery\\database")
514. os.makedirs(program_files + "\\Artillery\\src\\program_junk")
515.  
516.  
517. if is_posix():
518. choice = input("[*] Do you want to keep Artillery updated? (requires internet) [y/n]: ")
519. if choice in ["y", "yes"]:
520. print("[*] Checking out Artillery through github to /var/artillery")
521. # if old files are there
522. if os.path.isdir("/var/artillery/"):
523. shutil.rmtree('/var/artillery')
524. subprocess.Popen(
525. "git clone https://github.com/binarydefense/artillery /var/artillery/", shell=True).wait()
526. print("[*] Finished. If you want to update Artillery go to /var/artillery and type 'git pull'")
527. else:
528. print("[*] Copying setup files over...")
529. subprocess.Popen("cp -rf * /var/artillery/", shell=True).wait()
530.  
531. # if os is Mac Os X than create a .plist daemon - changes added by
532. # contributor - Giulio Bortot
533. if os.path.isdir("/Library/LaunchDaemons"):
534. # check if file is already in place
535. if not os.path.isfile("/Library/LaunchDaemons/com.artillery.plist"):
536. print("[*] Creating com.artillery.plist in your Daemons directory")
537. filewrite = open(
538. "/Library/LaunchDaemons/com.artillery.plist", "w")
539. filewrite.write('<?xml version="1.0" encoding="UTF-8"?>\n<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">\n<plist version="1.0">\n<dict>\n<key>Disabled</key>\n<false/>\n<key>ProgramArguments</key>\n<array>\n<string>/usr/bin/python</string>\n<string>/var/artillery/artillery.py</string>\n</array>\n<key>KeepAlive</key>\n<true/>\n<key>RunAtLoad</key>\n<true/>\n<key>Label</key>\n<string>com.artillery</string>\n<key>Debug</key>\n<true/>\n</dict>\n</plist>')
540. print("[*] Adding right permissions")
541. subprocess.Popen(
542. "chown root:wheel /Library/LaunchDaemons/com.artillery.plist", shell=True).wait()
543.  
544. choice = input("[*] Would you like to start Artillery now? [y/n]: ")
545. if choice in ["yes", "y"]:
546. if is_posix():
547. # this cmd is what they were refering to as "no longer supported"? from update-rc.d on install.
548. # It looks like service starts but you have to manually launch artillery
549. subprocess.Popen("/etc/init.d/artillery start", shell=True).wait()
550. print("[*] Installation complete. Edit /var/artillery/config in order to config artillery to your liking")
551. #added to start after install.launches in seperate window
552. if is_windows():
553. os.chdir("src\windows")
554. #copy over banlist
555. os.system("start cmd /K banlist.bat")
556. #Wait to make sure banlist is copied over
557. time.sleep(2)
558. #launch from install dir
559. os.system("start cmd /K launch.bat")
560. #cleanup cache folder
561. time.sleep(2)
562. os.system("start cmd /K del_cache.bat")
563.  
564.  
565. #added root check to uninstall for linux
566. if answer == "uninstall":
567. if is_posix():
568. try: #check if the user is root
569. if os.path.isdir("/var/artillery_check_root"):
570. os.rmdir('/var/artillery_check_root')
571. #if not throw an error and quit
572. except OSError as e:
573. if (e.errno == errno.EACCES or e.errno == errno.EPERM):
574. print ("[*] You must be root to run this script!\r\n")
575. sys.exit(1)
576. else:# remove all of artillery
577. os.remove("/etc/init.d/artillery")
578. subprocess.Popen("rm -rf /var/artillery", shell=True)
579. subprocess.Popen("rm -rf /etc/init.d/artillery", shell=True)
580. #added to remove service files on kali2
581. #subprocess.Popen("rm /lib/systemd/system/artillery.service", shell=True)
582. #kill_artillery()
583. print("[*] Artillery has been uninstalled. Manually kill the process if it is still running.")
584. #Delete routine to remove artillery on windows.added uac check
585. if is_windows():
586. if not isUserAdmin():
587. runAsAdmin()
588. if isUserAdmin():
589. #remove program files
590. subprocess.call(['cmd', '/C', 'rmdir', '/S', '/Q', 'C:\\Program Files (x86)\\Artillery'])
591. #del uninstall cache
592. os.chdir("src\windows")
593. os.system("start cmd /K del_cache.bat")
594. #just so they can see this message slleep a sec
595. print("[*] Artillery has been uninstalled.\n[*] Manually kill the process if it is still running.")
596. time.sleep(3)