Skip to content
Snippets Groups Projects
Select Git revision
  • dev-image-test-bak
  • master default
  • include-tests
  • remove-yaml-quotes
  • configurable-ci-setup-lookup-path
  • dev-images
  • tmp/deploy-image-build
  • fast-ci
  • modular-templates
9 results

Dockerfile

Blame
  • Forked from tecnalia_robotics-public / templates
    Source project has a limited visibility.
    configure.py 3.53 KiB
    import os
    import json
    import configparser
    
    '''
    Supported scanners:
        - w3af
        - zap
        - nmap
    '''
    
    
    def load_config(path):
        with open(path, "r") as f_conf:
            return json.load(f_conf)
    
    def configure():
        config = load_config("/root/config.json")
    
        cs_categories = []
        cs_scripts = []
    
        # configure cscan target
        target = config["target"]
        if "url" in target:
            with open("/service/cscan/websites.txt", "w") as f_t:
                f_t.write(target["url"])
                f_t.write(os.linesep)
            cs_categories.append('web')
        if "ip" in target:
            with open("/service/cscan/ips.txt", "w") as f_t:
                f_t.write(target["ip"])
                f_t.write(os.linesep)
            cs_categories.append('network')
    
        # configure scanners
        cscan_config = configparser.ConfigParser()
    
        for scanner in config["config"]:
            profile = config["config"][scanner]["profile"]
            if scanner == "w3af":
                cscan_config["W3AF"] = {"CS_W3AF": "/service/w3af/w3af_api"}
                if profile == "fast_scan":
                    cscan_config["W3AF"]["CS_W3AF_PROFILE"] = "/service/w3af/profiles/fast_scan.pw3af"
                elif profile == "auth_scan":
                    cscan_config["W3AF"]["CS_W3AF_PROFILE"] = "/service/w3af/profiles/auth_scan.pw3af"
                    w3af_config = configparser.ConfigParser()
                    w3af_config.read("/service/w3af/profiles/auth_scan.template")
                    for key in config["config"][scanner]["parameters"]:
                        w3af_config['auth.extended_generic'][key] = config["config"][scanner]["parameters"][key]
                    with open ("/service/w3af/profiles/auth_scan.pw3af", "w") as f_out:
                        w3af_config.write(f_out)
                else:
                    raise UnsupportedProfileException()
                cs_scripts.append("w3af.sh")
            elif scanner == "zap":
                cscan_config["ZAP"] = {"CS_ZAP": "/service/ZAP/zap.sh"}
                if profile != "basic":
                    raise UnsupportedProfileException()
                cs_scripts.append("zap.sh")
            elif scanner == "nmap":
                cscan_config["NMAP"] = {"CS_NMAP": "nmap"}
                if profile == "basic_discovery":
                    cscan_config["NMAP"]["CS_NMAP_ARGS"] = "-sV"
                elif profile == "basic_discovery_ports":
                    cscan_config["NMAP"]["CS_NMAP_ARGS"] = "-sV -p " + config["config"][scanner]["parameters"]["ports"]
                elif profile == "custom_parameters":
                    cscan_config["NMAP"]["CS_NMAP_ARGS"] = config["config"][scanner]["parameters"]["parameters"]
                else:
                    raise UnsupportedProfileException()
                cs_scripts.append("nmap.sh")
            else:
                raise UnsupportedScannerException()
        
        cscan_config["Default setup"] = {
            "CS_CATEGORIES": ",".join(cs_categories),
            "CS_SCRIPTS": ",".join(cs_scripts)
            }
        
        with open("/service/cscan/cscan_conf.ini", "w") as f_csconf:
            cscan_config.write(f_csconf)
    
    def main():
        if not os.path.exists("/root/config.json"):
            target = os.environ.get('TARGET')
            if target is None:
                raise UndefinedTargetException()
            config = load_config("/service/basic-config.json")
            config["target"]["url"] = target
            with open("/root/config.json", "w") as outfile:
                json.dump(config, outfile)
        configure()
        
    
    
    class UnsupportedProfileException(Exception):
        pass
    
    class UnsupportedScannerException(Exception):
        pass
    
    class UndefinedTargetException(Exception):
        pass
    
    if __name__ == "__main__":
        main()