diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 695f9519a793b785785addfa5b9fbf152b35ec0d..570b65a8b452d875095ca2e1848fe9ddd743b993 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,9 +18,9 @@ test: script: - docker network create test-genscan - docker run --rm -d --network=test-genscan --name dvwa vulnerables/web-dvwa - - cp "${CI_PROJECT_DIR}/config-example.json" /tmp/ + - echo '{"target":{"url":"http://dvwa/","ip":"dvwa"},"config":{"w3af":{"profile":"fast_scan"},"zap":{"profile":"basic"},"nmap":{"profile":"basic_discovery"}}}' > /tmp/config-genscan.json - mkdir /tmp/out - - docker run --rm --network=test-genscan -v /tmp/config-example.json:/root/config.json -v /tmp/out:/root/out registry-gitlab.xlab.si/cyberwiser/$SERVICE:$VERSION + - docker run --rm --network=test-genscan -v /tmp/config-genscan.json:/root/config.json -v /tmp/out:/root/out registry-gitlab.xlab.si/cyberwiser/$SERVICE:$VERSION - cat /tmp/out/cscan-log.txt - grep -q "W3af" /tmp/out/genscan-out.json - grep -q "OWASP ZAP" /tmp/out/genscan-out.json @@ -28,6 +28,7 @@ test: after_script: - docker kill dvwa || docker network rm test-genscan - docker network rm test-genscan + - rm /tmp/config-genscan.json || true - rm /tmp/genscan-out.json || true - rm -rf /tmp/out diff --git a/MANIFEST b/MANIFEST index f5fd3aad31471eba9c53d0472377ec6e8c4fdc2d..b445243524714d5897f962891c4f0d6117db4330 100644 --- a/MANIFEST +++ b/MANIFEST @@ -1,3 +1,3 @@ -VERSION=v1.4.0 +VERSION=v1.4.1 SERVICE=vat-genscan diff --git a/Makefile b/Makefile index c221fc92a4870766e3934ab05a28ba73ced5bd73..b7846c118e547d0483177e55ae9b3223dca18fe3 100644 --- a/Makefile +++ b/Makefile @@ -5,8 +5,6 @@ SERVICE = $(shell grep SERVICE MANIFEST | cut -d '=' -f2) VERSION = $(shell grep VERSION MANIFEST | cut -d '=' -f2) -CONFIG ?= $(shell pwd)/config-example.json - TEST_DIR = /tmp/test-$(SERVICE)-$(VERSION)-$(shell date +%s)/ build: @@ -16,7 +14,8 @@ test: docker network create test-genscan docker run --rm -d --network=test-genscan --name dvwa vulnerables/web-dvwa mkdir $(TEST_DIR) - docker run --rm --network=test-genscan -v $(CONFIG):/root/config.json -v $(TEST_DIR):/root/out/ registry-gitlab.xlab.si/cyberwiser/$(SERVICE):$(VERSION) + echo '{"target":{"url":"http://dvwa/","ip":"dvwa"},"config":{"w3af":{"profile":"fast_scan"},"zap":{"profile":"basic"},"nmap":{"profile":"basic_discovery"}}}' > $(TEST_DIR)config.json + docker run --rm --network=test-genscan -v $(TEST_DIR)config.json:/root/config.json -v $(TEST_DIR):/root/out/ registry-gitlab.xlab.si/cyberwiser/$(SERVICE):$(VERSION) docker kill dvwa docker network rm test-genscan grep -q "W3af" $(TEST_DIR)genscan-out.json @@ -25,7 +24,7 @@ test: start: ifdef OUTPUT_DIR - docker run -v $(CONFIG):/root/config.json -v $(OUTPUT_DIR):/root/out/ registry-gitlab.xlab.si/cyberwiser/$(SERVICE):$(VERSION) + docker run -e TARGET=$(TARGET) -v $(OUTPUT_DIR):/root/out/ registry-gitlab.xlab.si/cyberwiser/$(SERVICE):$(VERSION) else - docker run -v $(CONFIG):/root/config.json registry-gitlab.xlab.si/cyberwiser/$(SERVICE):$(VERSION) + docker run -e TARGET=$(TARGET) registry-gitlab.xlab.si/cyberwiser/$(SERVICE):$(VERSION) endif diff --git a/config-example.json b/basic-config.json similarity index 58% rename from config-example.json rename to basic-config.json index 9f61d529fc69cc8a872189bcded19a615fb65382..83396cfc054f92b6662970691b8fba5acbb5324d 100644 --- a/config-example.json +++ b/basic-config.json @@ -1,7 +1,6 @@ { "target": { - "url": "http://dvwa/", - "ip": "dvwa" + "url": "" }, "config": { "w3af": { @@ -9,9 +8,6 @@ }, "zap": { "profile": "basic" - }, - "nmap": { - "profile": "basic_discovery" } } } diff --git a/configure.py b/configure.py index 6e27c9875b1bc5c45041526789709789d28ebe17..f56f95ccc57fe797843a144d01d482caa9328e69 100644 --- a/configure.py +++ b/configure.py @@ -73,7 +73,7 @@ def main(): target = os.environ.get('TARGET') if target is None: raise UndefinedTargetException() - config = load_config("/service/config-example.json") + config = load_config("/service/basic-config.json") config["target"]["url"] = target with open("/root/config.json", "w") as outfile: json.dump(config, outfile) diff --git a/wiser-wcs-reports/main.py b/wiser-wcs-reports/main.py index 60e3d00f9463eb67778bd2cc69a0bce35ed6e7ad..ad9698f8e153193298957eb73071b06989b304f9 100644 --- a/wiser-wcs-reports/main.py +++ b/wiser-wcs-reports/main.py @@ -63,13 +63,13 @@ def list_vulnerabilities(reports): if __name__ == "__main__": config = parse_config_file('wiser-wcs.cfg') reports = reports_json(config['cscan_config']['cscan_output']) - print("printing vulnerabilities: ") vulnerabilities = list_vulnerabilities(reports) vulnerabilities_list = list() + print("printing vulnerabilities:") for vulnerability in vulnerabilities: print(vulnerability) vulnerabilities_list.append(vulnerability.__dict__) vulnerabilities_json = json.dumps({ "reports": vulnerabilities_list}) - print("printing vulnerabilities JSON: ") + print("printing vulnerabilities JSON:") print(vulnerabilities_json)