def execute(self): """ Run the scanner """ # Prepare parameters target_url = url.parse_url(self.config.get("target")) nikto_parameters = shlex.split(self.config.get("nikto_parameters", "")) # Make temporary files output_file_fd, output_file = tempfile.mkstemp() log.debug("Output file: %s", output_file) os.close(output_file_fd) # Prepare -Save option if needed save_findings = list() if self.config.get("save_intermediates_to", None): base = os.path.join(self.config.get("save_intermediates_to"), __name__.split(".")[-2]) try: os.makedirs(base, mode=0o755, exist_ok=True) save_findings.append("-Save") save_findings.append(base) except: pass # Run scanner task = subprocess.run(["perl", "nikto.pl"] + nikto_parameters + [ "-h", target_url.hostname, "-p", url.get_port(target_url), "-Format", "xml", "-output", output_file ] + save_findings, cwd="/opt/nikto/program", stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Parse findings parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task) # Remove temporary files os.remove(output_file)
def execute(self): """ Run the scanner """ # Discover open ports include_ports = list() if self.config.get("include_ports", "0-65535"): include_ports.append( f'-p{self.config.get("include_ports", "0-65535")}') exclude_ports = list() if self.config.get("exclude_ports", None): exclude_ports.append("--exclude-ports") exclude_ports.append(f'{self.config.get("exclude_ports")}') target_url = url.parse_url(self.config.get("target")) task = subprocess.run( ["nmap", "-PN"] + include_ports + exclude_ports + [ "--min-rate", "1000", "--max-retries", "0", "--max-rtt-timeout", "200ms", target_url.hostname ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Use discovered ports ports = list() tcp_ports = "" udp_ports = "" for each in re.findall(r'([0-9]*/[tcp|udp])', str(task.stdout)): if "/t" in each: tcp_ports += f'{each.replace("/t", "")},' elif "/u" in each: udp_ports += f'{each.replace("/u", "")},' if tcp_ports: ports.append(f"-pT:{tcp_ports[:-1]}") if udp_ports: ports.append(f"-pU:{udp_ports[:-1]}") if not ports: log.warning("No open ports found. Exiting") return # Make temporary files output_file_fd, output_file = tempfile.mkstemp() log.debug("Output file: %s", output_file) os.close(output_file_fd) # Scan target nmap_parameters = shlex.split( self.config.get("nmap_parameters", "-v -sVA")) nse_scripts = self.config.get( "nse_scripts", "ssl-date,http-mobileversion-checker,http-robots.txt,http-title,http-waf-detect," "http-chrono,http-headers,http-comments-displayer,http-date") task = subprocess.run(["nmap"] + nmap_parameters + ports + [ "--min-rate", "1000", "--max-retries", "0", f'--script={nse_scripts}', target_url.hostname, "-oX", output_file ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Parse findings parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task) # Remove temporary files os.remove(output_file)
def execute(self): """ Run the scanner """ task = subprocess.run(["npm", "audit", "--json"], cwd=self.config.get("code"), stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(task.stdout.decode("utf-8", errors="ignore"), self) # Save intermediates self.save_intermediates(task.stdout)
def execute(self): """ Run the scanner """ task = subprocess.run([ "aem-wrapper.sh", "-u", self.config.get("target"), "--host", self.config.get("scanner_host", "127.0.0.1"), "--port", self.config.get("scanner_port", "4444") ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(task.stdout.decode("utf-8", errors="ignore"), self) # Save intermediates self.save_intermediates(task.stdout)
def execute(self): """ Run the scanner """ # Make temporary directory output_dir = tempfile.mkdtemp() log.debug("Output directory: %s", output_dir) # Run task task = subprocess.run([ "insider", "-force", "-no-html", "-target", self.config.get("code"), "-tech", self.config.get("tech") ], cwd=output_dir, stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) output_file = os.path.join(output_dir, os.listdir(output_dir)[0]) parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task)
def execute(self): """ Run the scanner """ # Make temporary directory output_dir = tempfile.mkdtemp() log.debug("Output directory: %s", output_dir) output_file = os.path.join(output_dir, "retirejs.json") # Run task task = subprocess.run([ "retire", f"--jspath={self.config.get('code')}", "--outputformat=json", f"--outputpath={output_file}", "--includemeta", "--exitwith=0" ], cwd=output_dir, stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task)
def execute(self): """ Run the scanner """ # Get target host IP target_url = url.parse_url(self.config.get("target")) host = target_url.hostname if not url.find_ip(host): task = subprocess.run(["getent", "hosts", host], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) host = url.find_ip(task.stdout.decode("utf-8", errors="ignore")) if host: host = host[0].strip() if not host: log.warning("No target IP found. Exiting") return # Prepare config include_ports = list() if self.config.get("include_ports", "0-65535"): include_ports.append("-p") include_ports.append( f'{self.config.get("include_ports", "0-65535")}') include_ports.append( f'-pU:{self.config.get("include_ports", "0-65535")}') exclude_ports = list() if self.config.get("exclude_ports", None): exclude_ports.append("--exclude-ports") exclude_ports.append(f'{self.config.get("exclude_ports")}') # Make temporary files output_file_fd, output_file = tempfile.mkstemp() log.debug("Output file: %s", output_file) os.close(output_file_fd) # Scan target task = subprocess.run(["masscan", host] + include_ports + [ "--rate", "1000", "-oJ", output_file, ] + exclude_ports, stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Parse findings parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task) # Remove temporary files os.remove(output_file)
def execute(self): """ Run the scanner """ targets = self.config.get("requirements", "requirements.txt") if isinstance(targets, str): targets = [targets] options = list() for target in targets: options.append("-r") options.append(target) task = subprocess.run(["safety", "check", "--json"] + options, stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(task.stdout.decode("utf-8", errors="ignore"), self) # Save intermediates self.save_intermediates(task.stdout)
def execute(self): """ Run the scanner """ # Prepare parameters spotbugs_parameters = shlex.split(self.config.get("scan_opts", "")) # Make temporary files output_file_fd, output_file = tempfile.mkstemp() log.debug("Output file: %s", output_file) os.close(output_file_fd) # Run task task = subprocess.run( ["spotbugs", "-xml:withMessages"] + spotbugs_parameters + ["-output", output_file, self.config.get("code")], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task)
def execute(self): """ Run the scanner """ # Prepare parameters additional_parameters = shlex.split(self.config.get("comp_opts", "")) # Make temporary directory output_dir = tempfile.mkdtemp() log.debug("Output directory: %s", output_dir) # Run task task = subprocess.run([ "dependency-check.sh", "-n", "-f", "JSON", "-o", output_dir, "-s", self.config.get("comp_path") ] + additional_parameters, stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) output_file = os.path.join(output_dir, "dependency-check-report.json") parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task)
def execute(self): """ Run the scanner """ # Make temporary directory output_dir = tempfile.mkdtemp() output_file = os.path.join(output_dir, "report.json") log.debug("Output directory: %s", output_dir) # Run task task = subprocess.run([ "semgrep", "--disable-version-check", "--quiet", "--no-rewrite-rule-ids", "--json", "--config", self.config.get("ruleset"), "--output", output_file, self.config.get("code") ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task)
def execute(self): """ Run the scanner """ # Get target host IP target_url = url.parse_url(self.config.get("target")) # Make temporary files output_file_fd, output_file = tempfile.mkstemp() log.debug("Output file: %s", output_file) os.close(output_file_fd) # Scan target task = subprocess.run([ "sslyze", "--regular", f"--json_out={output_file}", "--quiet", f"{target_url.hostname}:{url.get_port(target_url)}" ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Parse findings parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task) # Remove temporary files os.remove(output_file)
def execute(self): """ Run the scanner """ # Make temporary file output_file_fd, output_file = tempfile.mkstemp(".json") log.debug("Output file: %s", output_file) os.close(output_file_fd) # Run task set_options = list() if not self.config.get("show_without_fix", False): set_options.append("--ignore-unfixed") if self.config.get("skip_update", True): set_options.append("--skip-update") task = subprocess.run([ "trivy", "image", "--format", "json", ] + set_options + [ ] + shlex.split(self.config.get("trivy_options", "--no-progress")) + [ "--timeout", self.config.get("timeout", "1h"), "--output", output_file, self.config.get("code"), ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task)
def execute(self): """ Run the scanner """ # Get config config_data = pkg_resources.resource_string( "dusty", f"{'/'.join(__name__.split('.')[1:-1])}/data/w3af_full_audit.w3af" ) if self.config.get("config_file", None): with open(self.config.get("config_file"), "r") as config: config_data = config.read() # Make temporary files config_file_fd, config_file = tempfile.mkstemp() output_file_fd, output_file = tempfile.mkstemp() log.debug("Config file: %s", config_file) log.debug("Output file: %s", output_file) # Fill config data variables config_data = config_data.decode("utf-8").format( target=self.config.get("target"), output_section=constants.W3AF_OUTPUT_SECTION.replace("{output_file}", output_file) ) os.write(config_file_fd, config_data.encode("utf-8")) # Close unneeded handles os.close(config_file_fd) os.close(output_file_fd) # Run scanner task = subprocess.run([ "w3af_console", "-y", "-n", "-s", config_file ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Parse findings parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, config_file, task) # Remove temporary files os.remove(config_file) os.remove(output_file) pkg_resources.cleanup_resources()
def execute(self): """ Run the scanner """ include_checks = list() if self.config.get("include_checks", None): include_checks.append("-t") include_checks.append(self.config.get("include_checks")) exclude_checks = list() if self.config.get("exclude_checks", None): exclude_checks.append("-x") exclude_checks.append(self.config.get("exclude_checks")) excluded_files = list() if self.config.get("excluded_files", None): excluded_files.append("--skip-files") excluded_files.append(self.config.get("excluded_files")) task = subprocess.run( [ "brakeman", "--no-exit-on-warn", "--no-exit-on-error", "-f", "json" ] + include_checks + exclude_checks + excluded_files + [self.config.get("code")], stdout=subprocess.PIPE, stderr=subprocess.PIPE ) log.log_subprocess_result(task) parse_findings(task.stdout.decode("utf-8", errors="ignore"), self) # Save intermediates self.save_intermediates(task.stdout)
def execute(self): """ Run the scanner """ # Squash commits (if needed) if self.config.get("squash_commits", None): # Rename old .git try: os.rename( os.path.join(self.config.get("code"), ".git"), os.path.join(self.config.get("code"), ".git.old") ) except: log.debug("Failed to rename old .git: %s", traceback.format_exc()) # Initialize new repo current_dir = os.getcwd() try: os.chdir(self.config.get("code")) # Patch dulwich to work without valid UID/GID dulwich.repo.__original__get_default_identity = dulwich.repo._get_default_identity # pylint: disable=W0212 dulwich.repo._get_default_identity = git_clone._dulwich_repo_get_default_identity # pylint: disable=W0212 # Set USERNAME if needed try: getpass.getuser() except: # pylint: disable=W0702 os.environ["USERNAME"] = "******" # Add current code repository = dulwich.porcelain.init(self.config.get("code")) repository._put_named_file(os.path.join("info", "exclude"), b"/.git.old/") # pylint: disable=W0212 dulwich.porcelain.add(repository) log.debug("Git repository status: %s", dulwich.porcelain.status(repository, True)) dulwich.porcelain.commit( repository, b"Current project code", b"Carrier <dusty@localhost>" ) finally: os.chdir(current_dir) # Make temporary files output_file_fd, output_file = tempfile.mkstemp(".json") log.debug("Output file: %s", output_file) os.close(output_file_fd) additional_options = list() if self.config.get("redact_offenders", None): additional_options.append("--redact") # Use custom rules if self.config.get("use_custom_rules", None): custom_rules_path = self.config.get("custom_rules_path", None) if custom_rules_path: config_path = custom_rules_path else: config_path = pkg_resources.resource_filename( "dusty", f"{'/'.join(__name__.split('.')[1:-1])}/data/gitleaks.toml") additional_options.append("--config") additional_options.append(config_path) log.debug("Custom config path: %s", config_path) # Run task task = subprocess.run( [ "gitleaks", "--repo-path", self.config.get("code"), "--report", output_file ] + additional_options, stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.log_subprocess_result(task) # Parse findings parse_findings(output_file, self) # Save intermediates self.save_intermediates(output_file, task) # Revert commit squashing (if any) if self.config.get("squash_commits", None): shutil.rmtree(os.path.join(self.config.get("code"), ".git")) try: os.rename( os.path.join(self.config.get("code"), ".git.old"), os.path.join(self.config.get("code"), ".git") ) except: log.debug("Failed to revert .git: %s", traceback.format_exc())