DocRock3r/Bjorn
1
0
Fork 0
mirror of https://github.com/infinition/Bjorn.git synced 2026-03-19 02:00:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0584a1a8e7f22d75d3e510b59e7ddd3754a0339
Bjorn/CHANGELOG.md
infinition b0584a1a8e feat: Add login page with dynamic RGB effects and password toggle functionality 
feat: Implement package management utilities with JSON endpoints for listing and uninstalling packages

feat: Create plugin management utilities with endpoints for listing, configuring, and installing plugins

feat: Develop schedule and trigger management utilities with CRUD operations for schedules and triggers
2026-03-19 00:40:04 +01:00

491 lines
29 KiB
Markdown
Raw Blame History

# BJORN — Changelog
> **From Viking Raider to Cyber Warlord.**
> This release represents a complete transformation of Bjorn — from a \~8,200-line Python prototype into a **\~58,000-line Python + \~42,000-line frontend** autonomous cybersecurity platform with AI orchestration, WiFi recon, HID attacks, network watchdog, C2 infrastructure, and a full Single-Page Application dashboard.
---
## [2.1.0] — 2026-03-19
### Codebase Cleanup
- All Python file headers standardized to `"""filename.py - Description."""` format (~120 files)
- All French comments, docstrings, log/print strings, and error messages translated to English
- Removed redundant/obvious comments, verbose 10-20 line header essays trimmed to 1-3 lines
- Fixed encoding artifacts (garbled UTF-8 box-drawing chars in CSS)
- Fixed `# webutils/` path typos in 3 web_utils files
- Replaced LLM-style em dashes with plain hyphens across all .py files
### Custom Scripts System
- **Custom scripts directory** (`actions/custom/`) for user-uploaded scripts, ignored by orchestrator
- **Two script formats supported**: Bjorn-format (class + `execute()` + `shared_data`) and free Python scripts (plain `argparse`)
- **Auto-detection** via AST parsing: scripts with `b_class` var use action_runner, others run as raw subprocess
- **`b_args` support** for both formats: drives web UI controls (text, number, select, checkbox, slider)
- **Upload/delete** via web UI with metadata extraction (no code exec during upload)
- **Auto-registration**: scripts dropped in `actions/custom/` via SSH are detected on next API call
- Two example templates: `example_bjorn_action.py` and `example_free_script.py`
- Custom scripts appear in console-sse manual mode dropdown under `<optgroup>`
### Action Runner
- **`action_runner.py`** - Generic subprocess wrapper that bootstraps `shared_data` for manual action execution
- Supports `--ip`, `--port`, `--mac` + arbitrary `--key value` args injected as `shared_data` attributes
- SIGTERM handler for graceful stop from the web UI
- MAC auto-resolution from DB if not provided
- Handles both `execute()` and `scan()` (global actions like NetworkScanner)
### Script Scheduler & Conditional Triggers
- **`script_scheduler.py`** - Lightweight 30s-tick background daemon for automated script execution
- **Recurring schedules**: run every N seconds (min 30s), persistent across reboots
- **One-shot schedules**: fire at a specific datetime, auto-disable after
- **Conditional triggers**: fire scripts when DB conditions are met (AND/OR block logic)
- **8 condition types**: `action_result`, `hosts_with_port`, `hosts_alive`, `cred_found`, `has_vuln`, `db_count`, `time_after`, `time_before`
- **Orchestrator hook**: triggers evaluated immediately when actions complete (not just on 30s tick)
- **Concurrency limited** to 4 simultaneous scheduled scripts (Pi Zero friendly)
- **Condition builder** (`web/js/core/condition-builder.js`) - Visual nested AND/OR block editor
- Scheduler page extended with 3 tabs: Queue (existing kanban), Schedules, Triggers
- Full CRUD UI for schedules and triggers with inline edit, toggle, delete, auto-refresh
- "Test" button for dry-run condition evaluation
### Package Manager
- **pip package management** for custom script dependencies
- **SSE streaming** install progress (`pip install --break-system-packages`)
- Packages tracked in DB (`custom_packages` table) - only recorded after successful install
- Uninstall with DB cleanup
- Package name validation (regex whitelist, no shell injection)
- New "Packages" tab in Actions page sidebar
### New Database Modules
- `db_utils/schedules.py` - Schedule and trigger persistence (CRUD, due queries, cooldown checks)
- `db_utils/packages.py` - Custom package tracking
### New Web Endpoints
- `/api/schedules/*` (list, create, update, delete, toggle) - 5 endpoints
- `/api/triggers/*` (list, create, update, delete, toggle, test) - 6 endpoints
- `/api/packages/*` (list, install SSE, uninstall) - 3 endpoints
- `/upload_custom_script`, `/delete_custom_script` - Custom script management
### Resource & Memory Fixes
- Script output buffer capped at 2000 lines (was unbounded)
- Finished scripts dict auto-pruned (max 20 historical entries)
- AST parse results cached by file mtime (no re-parsing on every API call)
- Module imports replaced with AST extraction in `list_scripts()` (no more `sys.modules` pollution)
- Custom scripts filesystem scan throttled to once per 30s
- Scheduler daemon: event queue capped at 100, subprocess cleanup with `wait()` + `stdout.close()`
- Package install: graceful terminate -> wait -> kill cascade with FD cleanup
### Multilingual Comments Import
- `comment.py` `_ensure_comments_loaded()` now imports all `comments.*.json` files on every startup
- Drop `comments.fr.json`, `comments.de.json`, etc. next to `comments.en.json` for automatic multi-language support
- Existing comments untouched via `INSERT OR IGNORE` (unique index dedup)
---
## [2.0.0] — 2025/2026 Major Release
### TL;DR — What's New
| Area | v1 (alpha 2) | v2 (this release) |
|------|-------------|-------------------|
| Python codebase | ~8,200 lines | **~58,000 lines** (7x) |
| Web frontend | ~2,100 lines (6 static HTML pages) | **~42,000 lines** (25-page SPA) |
| Action modules | 17 | **32** |
| Database | Monolithic SQLite helper | **Modular facade** (18 specialized modules) |
| AI/ML | Basic heuristic scoring | **Full RL engine** + LLM orchestrator + MCP server |
| Web UI | Static multi-page HTML | **Hash-routed SPA** with lazy-loading, theming, i18n |
| Languages | English only | **7 languages** (EN, FR, ES, DE, IT, RU, ZH) |
| WiFi recon | None | **Bifrost engine** (Pwnagotchi-compatible) |
| HID attacks | None | **Loki module** (USB Rubber Ducky-style) |
| Network watchdog | None | **Sentinel engine** (9 detection modules) |
| C2 server | None | **ZombieLand** (encrypted C2 with agent management) |
| LLM integration | None | **LLM Bridge** + MCP Server + Autonomous Orchestrator |
| Display | Basic 2.13" e-paper | **Multi-size EPD** + web-based layout editor |
---
### New Major Features
#### AI & LLM Integration — Bjorn Gets a Brain
- **LLM Bridge** (`llm_bridge.py`) — Singleton, thread-safe LLM backend with automatic cascade:
1. LaRuche swarm node (LAND protocol / mDNS auto-discovery)
2. Local Ollama instance
3. External API (Anthropic / OpenAI / OpenRouter)
4. Graceful fallback to templates
- **Agentic tool-calling loop** — Up to 6-turn tool-use cycles with Anthropic API, enabling the LLM to query live network data and queue actions autonomously
- **MCP Server** (`mcp_server.py`) — Model Context Protocol server exposing 7 Bjorn tools (`get_hosts`, `get_vulnerabilities`, `get_credentials`, `get_action_history`, `get_status`, `run_action`, `query_db`), compatible with Claude Desktop and any MCP client
- **LLM Orchestrator** (`llm_orchestrator.py`) — Three operating modes:
- `none` — LLM disabled (default, zero overhead)
- `advisor` — LLM suggests one action per cycle (priority 85)
- `autonomous` — Own daemon thread, full tool-calling loop, LLM becomes sole master of the action queue
- **Smart fingerprint skip** — Autonomous mode only calls the LLM when network state actually changes (new hosts, vulns, or credentials), saving API tokens
- **LAND Protocol** (`land_protocol.py`) — Native Python client for Local AI Network Discovery, auto-detects LaRuche inference nodes on LAN via mDNS
- **LLM-powered EPD comments** — E-paper display comments optionally generated by LLM with Norse personality, seamless fallback to database templates
- **Web chat interface** — Terminal-style chat with the LLM, tool-calling support, orchestrator reasoning log viewer
- **LLM configuration page** — Full web UI for all LLM/MCP settings, connection testing, per-tool access control
- **45+ new configuration parameters** for LLM bridge, MCP server, and orchestrator
#### Bifrost — WiFi Reconnaissance Engine
- **Pwnagotchi-compatible** WiFi recon daemon running alongside all Bjorn modes
- **BettercapClient** — Full HTTP API client for bettercap (session control, WiFi module management, handshake capture)
- **BifrostAgent** — Drives channel hopping, AP tracking, client deauth, handshake collection
- **BifrostAutomata** — State machine (MANUAL, AUTOMATIC, BORED, SAD, EXCITED, LONELY) controlling recon aggressiveness
- **BifrostEpoch** — Tracks WiFi recon epochs with reward calculation
- **BifrostVoice** — Personality/mood system for EPD display messages
- **Plugin system** — Extensible event-driven plugin architecture
- **Dedicated web page** (`bifrost.js`) for real-time WiFi recon monitoring
- **Database module** (`db_utils/bifrost.py`) for persistent handshake and AP storage
- **Monitor mode management** — Automatic WiFi interface setup/teardown scripts
#### Loki — USB HID Attack Framework
- **USB Rubber Ducky-style HID injection** via Raspberry Pi USB gadget mode
- **HID Controller** (`loki/hid_controller.py`) — Low-level USB HID keyboard/mouse report writer to `/dev/hidg0`/`/dev/hidg1`
- **HIDScript engine** (`loki/hidscript.py`) — JavaScript-based payload scripting language
- **Multi-language keyboard layouts** — US, FR, DE, ES, IT, RU, UK, ZH with JSON layout definitions and auto-generation tool
- **Pre-built payloads** — Hello World, Reverse Shell (Linux), Rickroll, WiFi credential exfiltration (Windows)
- **Job queue** (`loki/jobs.py`) — Managed execution of HID payloads with status tracking
- **Loki Deceiver action** (`actions/loki_deceiver.py`) — Rogue access point creation for WiFi authentication capture and MITM
- **Dedicated web page** (`loki.js`) for payload management and execution
- **Database module** (`db_utils/loki.py`) for job persistence
#### Sentinel — Network Watchdog Engine
- **9 detection modules** running as a lightweight background daemon:
- `new_device` — Never-seen MAC appears on the network
- `device_join` — Known device comes back online
- `device_leave` — Known device goes offline
- `arp_spoof` — Same IP claimed by multiple MACs (ARP cache conflict)
- `port_change` — Host ports changed since last snapshot
- `service_change` — New service detected on known host
- `rogue_dhcp` — Multiple DHCP servers detected
- `dns_anomaly` — DNS response pointing to unexpected IP
- `mac_flood` — Sudden burst of new MACs (possible MAC flooding attack)
- **Zero extra network traffic** — All checks read from existing Bjorn DB
- **Configurable severity levels** (info, warning, critical)
- **Dedicated web page** (`sentinel.js`) for alert browsing and rule management
- **Database module** (`db_utils/sentinel.py`) for alert persistence
#### ZombieLand — Command & Control Infrastructure
- **C2 Manager** (`c2_manager.py`) — Professional C2 server with:
- Encrypted agent communication (Fernet)
- SSH-based agent registration via Paramiko
- Agent heartbeat monitoring and health tracking
- Job dispatch and result collection
- UUID-based agent identification
- **Dedicated web page** (`zombieland.js`) with SSE-powered real-time agent monitoring
- **Database module** (`db_utils/agents.py`) for agent and job persistence
- **Marked as experimental** with appropriate UI warnings
---
### New Action Modules (15 New Actions)
| Action | Module | Description |
|--------|--------|-------------|
| **ARP Spoofer** | `arp_spoofer.py` | Bidirectional ARP cache poisoning for MITM positioning with automatic gateway detection and clean ARP table restoration |
| **Berserker Force** | `berserker_force.py` | Service resilience stress-testing — baseline measurement, controlled TCP/SYN/HTTP load testing, performance degradation quantification |
| **DNS Pillager** | `dns_pillager.py` | Comprehensive DNS reconnaissance — reverse DNS, record enumeration (A/AAAA/MX/NS/TXT/CNAME/SOA/SRV/PTR), zone transfer attempts |
| **Freya Harvest** | `freya_harvest.py` | Network-wide data harvesting and consolidation action |
| **Heimdall Guard** | `heimdall_guard.py` | Advanced stealth module for traffic manipulation and IDS/IPS evasion |
| **Loki Deceiver** | `loki_deceiver.py` | Rogue access point creation for WiFi authentication capture and MITM attacks |
| **Odin Eye** | `odin_eye.py` | Passive network analyzer for credential and data pattern hunting |
| **Rune Cracker** | `rune_cracker.py` | Advanced hash/credential cracking module |
| **Thor Hammer** | `thor_hammer.py` | Lightweight service fingerprinting via TCP connect + banner grab (Pi Zero friendly, no nmap dependency) |
| **Valkyrie Scout** | `valkyrie_scout.py` | Web surface reconnaissance — probes common paths, extracts auth types, login forms, missing security headers, error/debug strings |
| **Yggdrasil Mapper** | `yggdrasil_mapper.py` | Network topology mapper via traceroute with service enrichment from DB and merged JSON topology graph |
| **Web Enumeration** | `web_enum.py` | Web service enumeration and directory discovery |
| **Web Login Profiler** | `web_login_profiler.py` | Web login form detection and profiling |
| **Web Surface Mapper** | `web_surface_mapper.py` | Web application surface mapping and endpoint discovery |
| **WPAsec Potfiles** | `wpasec_potfiles.py` | WPA-sec.stanev.org potfile integration for WiFi password recovery |
| **Presence Join** | `presence_join.py` | Event-triggered action when a host joins the network (priority 90) |
| **Presence Leave** | `presence_left.py` | Event-triggered action when a host leaves the network (priority 90) |
| **Demo Action** | `demo_action.py` | Template/demonstration action for community developers |
### Improved Action Modules
- All bruteforce actions (SSH, FTP, SMB, SQL, Telnet) **rewritten** with shared `bruteforce_common.py` module providing:
- `ProgressTracker` class for unified EPD progress reporting
- Standardized credential iteration and result handling
- Configurable rate limiting and timeout management
- **Scanning action** (`scanning.py`) improved with better network discovery and host tracking
- **Nmap Vulnerability Scanner** refined with better CVE parsing and result persistence
- All steal/exfiltrate modules updated for new database schema compatibility
### Removed Actions
| Action | Reason |
|--------|--------|
| `rdp_connector.py` / `steal_files_rdp.py` | Replaced by more capable modules |
| `log_standalone.py` / `log_standalone2.py` | Consolidated into proper logging system |
| `ftp_connector.py`, `smb_connector.py`, etc. | Connector pattern replaced by dedicated bruteforce modules |
---
### Web Interface — Complete Rewrite
#### Architecture Revolution
- **Static multi-page HTML** (6 pages) replaced by a **hash-routed Single Page Application** with 25 lazy-loaded page modules
- **SPA Router** (`web/js/core/router.js`) — Hash-based routing with guaranteed `unmount()` cleanup before page transitions
- **ResourceTracker** (`web/js/core/resource-tracker.js`) — Automatic tracking and cleanup of intervals, timeouts, event listeners, and AbortControllers per page — **zero memory leaks**
- **Single `index.html`** entry point replaces 6 separate HTML files
- **Modular CSS** — Global stylesheet + per-page CSS files (`web/css/pages/*.css`)
#### New Web Pages (19 New Pages)
| Page | Module | Description |
|------|--------|-------------|
| **Dashboard** | `dashboard.js` | Real-time system stats, resource monitoring, uptime tracking |
| **Actions** | `actions.js` | Action browser with enable/disable toggles and configuration |
| **Actions Studio** | `actions-studio.js` | Visual action pipeline editor with drag-and-drop canvas |
| **Attacks** | `attacks.js` | Attack configuration with image upload and EPD layout editor tab |
| **Backup** | `backup.js` | Database backup/restore management |
| **Bifrost** | `bifrost.js` | WiFi recon monitoring dashboard |
| **Database** | `database.js` | Direct database browser and query tool |
| **Files** | `files.js` | File manager with upload, drag-drop, rename, delete |
| **LLM Chat** | `llm-chat.js` | Terminal-style LLM chat with tool-calling and orch log viewer |
| **LLM Config** | `llm-config.js` | Full LLM/MCP configuration panel |
| **Loki** | `loki.js` | HID attack payload management and execution |
| **RL Dashboard** | `rl-dashboard.js` | Reinforcement Learning metrics and model performance visualization |
| **Scheduler** | `scheduler.js` | Action scheduler configuration and monitoring |
| **Sentinel** | `sentinel.js` | Network watchdog alerts and rule management |
| **Vulnerabilities** | `vulnerabilities.js` | CVE browser with modal details and feed sync |
| **Web Enum** | `web-enum.js` | Web enumeration results browser with status filters |
| **ZombieLand** | `zombieland.js` | C2 agent management dashboard (experimental) |
| **Bjorn Debug** | `bjorn-debug.js` | System debug information and diagnostics |
| **Scripts** | (via scheduler) | Custom script upload and execution |
#### Improved Existing Pages
- **Network** (`network.js`) — D3 force-directed graph completely rewritten with proper cleanup on unmount, lazy D3 loading, search debounce, simulation stop
- **Credentials** (`credentials.js`) — AbortController tracking, toast timer cleanup, proper state reset
- **Loot** (`loot.js`) — Search timer cleanup, ResourceTracker integration
- **NetKB** (`netkb.js`) — View mode persistence, filter tracking, pagination integration
- **Bjorn/EPD** (`bjorn.js`) — Image refresh tracking, zoom controls, null EPD state handling
#### Internationalization (i18n)
- **7 supported languages**: English, French, Spanish, German, Italian, Russian, Chinese
- **i18n module** (`web/js/core/i18n.js`) with JSON translation files, `t()` helper function, and `data-i18n` attribute auto-translation
- **Fallback chain**: Current language -> English -> developer warning
- **Language selector** in UI with `localStorage` persistence
#### Theming Engine
- **Theme module** (`web/js/core/theme.js`) — CSS variable-based theming system
- **Preset themes** including default "Nordic Acid" (dark green/cyan)
- **User custom themes** with color picker + raw CSS editing
- **Icon pack switching** via icon registry
- **Theme import/export** as JSON
- **Live preview** — changes applied instantly without page reload
- **`localStorage` persistence** across sessions
#### Other Frontend Features
- **Console SSE** (`web/js/core/console-sse.js`) — Server-Sent Events for real-time log streaming with reconnect logic
- **Quick Panel** (`web/js/core/quickpanel.js`) — Fast-access control panel
- **Sidebar Layout** (`web/js/core/sidebar-layout.js`) — Collapsible sidebar navigation
- **Settings Config** (`web/js/core/settings-config.js`) — Dynamic form generation from config schema with chip editor
- **EPD Layout Editor** (`web/js/core/epd-editor.js`) — SVG drag-and-drop editor for e-paper display layouts with grid/snap, zoom (50-600%), undo stack, element properties panel
- **D3.js v7** bundled for network topology visualization
- **PWA Manifest** updated for installable web app experience
---
### Core Engine Improvements
#### Database — Modular Facade Architecture
- **Complete database rewrite** — Monolithic SQLite helper replaced by `BjornDatabase` facade delegating to **18 specialized modules** in `db_utils/`:
- `base.py` — Connection management, thread-safe connection pool
- `config.py` — Configuration CRUD operations
- `hosts.py` — Host discovery and tracking
- `actions.py` — Action metadata and history
- `queue.py` — Action queue with priority system and circuit breaker
- `vulnerabilities.py` — CVE vulnerability storage
- `software.py` — Software inventory
- `credentials.py` — Credential storage
- `services.py` — Service/port tracking
- `scripts.py` — Custom script management
- `stats.py` — Statistics and metrics
- `backups.py` — Database backup/restore
- `comments.py` — EPD comment templates
- `agents.py` — C2 agent management
- `studio.py` — Actions Studio pipeline data
- `webenum.py` — Web enumeration results
- `sentinel.py` — Sentinel alert storage
- `bifrost.py` — WiFi recon data
- `loki.py` — HID attack job storage
- **Full backward compatibility** maintained via `__getattr__` delegation
#### Orchestrator — Smarter, More Resilient
- **Action Scheduler** (`action_scheduler.py`) — Complete rewrite with:
- Trigger evaluation system (`on_host_alive`, `on_port_change`, `on_web_service`, `on_join`, `on_leave`, `on_start`, `on_success:*`)
- Requirements checking with dependency resolution
- Cooldown and rate limiting per action
- Priority queue processing
- Circuit breaker integration
- LLM autonomous mode skip option
- **Per-action circuit breaker** — 3-state machine (closed -> open -> half-open) with exponential backoff, prevents repeated failures from wasting resources
- **Global concurrency limiter** — DB-backed running action count check, configurable `semaphore_slots`
- **Manual mode with active scanning** — Background scan timer keeps network discovery running even in manual mode
- **Runtime State Updater** (`runtime_state_updater.py`) — Dedicated background thread keeping display-facing data fresh, decoupled from render loop
#### AI/ML Engine — From Heuristic to Reinforcement Learning
- **AI Engine** (`ai_engine.py`) — Full reinforcement learning decision engine:
- Feature-based action scoring
- Model versioning with up to 3 versions on disk
- Auto-rollback if average reward drops after 50 decisions
- Cold-start bootstrap with persistent per-(action, port_profile) running averages
- Blended heuristic/bootstrap scoring during warm-up phase
- **Feature Logger** (`feature_logger.py`) — Structured feature logging for ML training with variance-based feature selection
- **Data Consolidator** (`data_consolidator.py`) — Aggregates logged features into training-ready datasets exportable for TensorFlow/PyTorch
- **Continuous reward shaping** — Novelty bonus, repeat penalty, diminishing returns, partial credit for long-running failed actions
- **AI utility modules** (`ai_utils.py`) for shared ML helper functions
#### Display — Multi-Size EPD Support
- **Display Layout Engine** (`display_layout.py`) — JSON-based element positioning system:
- Built-in layouts for 2.13" and 2.7" Waveshare e-paper displays
- 20+ positionable UI elements (icons, text, bars, status indicators)
- Custom layout override via `resources/layouts/{epd_type}.json`
- `px()`/`py()` scaling preserved for resolution independence
- **EPD Manager** (`epd_manager.py`) — Abstraction layer over Waveshare EPD hardware
- **Web-based EPD Layout Editor** — SVG drag-and-drop canvas with:
- Corner resize handles
- Color/NB/BN display mode preview
- Grid/snap, zoom (50-600%), toggleable element labels
- Add/delete elements, import/export layout JSON
- 50-deep undo stack (Ctrl+Z)
- Color-coded elements by type
- Arrow key nudge, keyboard shortcuts
- **Display module** (`display.py`) grew from 390 to **1,130 lines** with multi-layout rendering pipeline
#### Web Server — Massive Expansion
- **webapp.py** grew from 222 to **1,037 lines**
- **18 web utility modules** in `web_utils/` (was: 0):
- `action_utils.py`, `attack_utils.py`, `backup_utils.py`, `bifrost_utils.py`
- `bluetooth_utils.py`, `c2_utils.py`, `character_utils.py`, `comment_utils.py`
- `db_utils.py`, `debug_utils.py`, `file_utils.py`, `image_utils.py`
- `index_utils.py`, `llm_utils.py`, `loki_utils.py`, `netkb_utils.py`
- `network_utils.py`, `orchestrator_utils.py`, `rl_utils.py`, `script_utils.py`
- `sentinel_utils.py`, `studio_utils.py`, `system_utils.py`, `vuln_utils.py`
- `webenum_utils.py`
- **Paginated API endpoints** for heavy data (`?page=N&per_page=M`)
- **RESTful API** covering all new features (LLM, MCP, Sentinel, Bifrost, Loki, C2, EPD editor, backups, etc.)
#### Configuration — Greatly Expanded
- **shared.py** grew from 685 to **1,502 lines** — more than doubled
- **New configuration sections**:
- LLM Bridge (14 parameters)
- MCP Server (4 parameters)
- LLM Orchestrator (7 parameters)
- AI/ML Engine (feature selection, model versioning, cold-start bootstrap)
- Circuit breaker (threshold, cooldown)
- Manual mode scanning (interval, auto-scan toggle)
- Sentinel watchdog settings
- Bifrost WiFi recon settings
- Loki HID attack settings
- Runtime state updater timings
- **Default config system** — `resources/default_config/` with bundled default action modules and comment templates
---
### Security Fixes
- **[SEC-01]** Eliminated all `shell=True` subprocess calls — replaced with safe argument lists
- **[SEC-02]** Added MAC address validation (regex) in DELETE route handler to prevent path traversal
- **[SEC-03]** Strengthened path validation using `os.path.realpath()` + dedicated validation helper to prevent symlink-based path traversal
- **[SEC-04]** Cortex config secrets replaced with placeholder values, properly `.gitignore`d
- **[SEC-05]** Added JWT authentication to Cortex WebSocket `/ws/logs` endpoint
- **[SEC-06]** Cortex device API authentication now required by default, CORS configurable via environment variable
- **MCP security** — Per-tool access control via `mcp_allowed_tools`, `query_db` restricted to SELECT only
- **File operations** — All file upload/download/delete operations use canonicalized path validation
### Bug Fixes
- **[BT-01]** Replaced bare `except:` clauses with specific exception handling + logging in Bluetooth utils
- **[BT-02]** Added null address validation in Bluetooth route entry points
- **[BT-03]** Added `threading.Lock` for `bt.json` read/write (race condition fix)
- **[BT-04]** Changed `auto_bt_connect` service restart to non-fatal (`check=False`)
- **[WEB-01]** Fixed SSE reconnect counter — only resets after 5+ consecutive healthy messages (was: reset on every single message, enabling infinite reconnect loops)
- **[WEB-02]** Removed empty string from `silent_routes` that was suppressing ALL log messages
- **[STAB-03]** Cleaned up dead GPS UI references, wired rl-dashboard mount
- **[ORCH-BUG]** Fixed Auto->Manual mode switch not resetting status to IDLE (4-location fix across `orchestrator.py`, `Bjorn.py`, and `orchestrator_utils.py`)
- Fixed D3 network graph memory leaks on page navigation
- Fixed multiple zombie timer and event listener leaks across all SPA pages
- Fixed search debounce timers not being cleaned up on unmount
### Quality & Stability
- **Standardized error handling** across all `web_utils` modules with consistent JSON response format
- **Magic numbers extracted** to named constants throughout the codebase
- **All 18 SPA pages** reviewed and hardened:
- 11 pages fully rewritten with ResourceTracker, safe DOM (no innerHTML), visibility-aware pollers
- 7 pages with targeted fixes for memory leaks, zombie timers, state reset issues
- **Uniform action metadata format** — All actions use AST-friendly `b_*` module-level constants for class, module, status, port, service, trigger, priority, cooldown, rate_limit, etc.
---
### Infrastructure & DevOps
- **Mode Switcher** (`mode-switcher.sh`) — Shell script for switching between operation modes
- **Bluetooth setup** (`bjorn_bluetooth.sh`) — Automated Bluetooth service configuration
- **USB Gadget setup** (`bjorn_usb_gadget.sh`) — USB HID gadget mode configuration for Loki
- **WiFi setup** (`bjorn_wifi.sh`) — WiFi interface and monitor mode management
- **MAC prefix database** (`data/input/prefixes/nmap-mac-prefixes.txt`) — Vendor identification for discovered devices
- **Common wordlists** (`data/input/wordlists/common.txt`) — Built-in wordlist for web enumeration
### Dependencies
**Added:**
- `zeroconf>=0.131.0` — LaRuche/LAND mDNS auto-discovery
- `paramiko` — SSH operations for C2 agent communication (moved from optional to core)
- `cryptography` (via Fernet) — C2 communication encryption
**Removed:**
- `Pillow==9.4.0` — No longer pinned (use system version)
- `rich==13.9.4` — Removed (was used for standalone logging)
- `pandas==2.2.3` — Removed (lightweight alternatives used instead)
**Optional (documented):**
- `mcp[cli]>=1.0.0` — MCP server support
---
### Breaking Changes
- **Web UI URLs changed** — Individual page URLs (`/bjorn.html`, `/config.html`, etc.) replaced by SPA hash routes (`/#/bjorn`, `/#/settings`, etc.)
- **Database schema expanded** — New tables for actions queue, circuit breaker, sentinel alerts, bifrost data, loki jobs, C2 agents, web enumeration, studio pipelines. Migration is automatic.
- **Configuration keys expanded** — `shared_config.json` now contains 45+ additional keys. Unknown keys are safely ignored; new defaults are applied automatically.
- **Action module format updated** — Actions now use `b_*` metadata constants instead of class-level attributes. Old-format actions will need migration.
- **RDP actions removed** — `rdp_connector.py` and `steal_files_rdp.py` dropped in favor of more capable modules.
---
### Stats
```
Component | v1 | v2 | Change
─────────────────────┼───────────┼─────────────┼──────────
Python files | 37 | 130+ | +250%
Python LoC | ~8,200 | ~58,000 | +607%
JS/CSS/HTML LoC | ~2,100 | ~42,000 | +1,900%
Action modules | 17 | 32 | +88%
Web pages | 6 | 25 | +317%
DB modules | 1 | 18 | +1,700%
Web API modules | 0 | 18+ | New
Config parameters | ~80 | ~180+ | +125%
Supported languages | 1 | 7 | +600%
Shell scripts | 3 | 5 | +67%
```
---
*Skol! The Cyberviking has evolved.*
Reference in New Issue View Git Blame Copy Permalink