Develop (#2)

Develop

Author: J12934

.gitignore

@@ -48,3 +48,5 @@ build-iPhoneSimulator/
 
 # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
 .rvmrc
+
+/.idea/

.travis.yml

@@ -0,0 +1,23 @@
+language: ruby
+rvm:
+  - 2.5
+jobs:
+  include:
+    - stage: test
+      script: rake test
+    - stage: build docker image
+      services:
+        - docker
+      script:
+        - export REPO=securecodebox/wpscan
+        - export TAG=$(echo $TRAVIS_BRANCH | sed 's/\//-/g')
+        - echo -en "travis_fold:start:Docker_Build\r"
+        - docker build -t $REPO:$TAG --build-arg="BUILD_DATE=$(date --rfc-3339=seconds)" --build-arg=VERSION=$TRAVIS_TAG --build-arg=COMMIT_ID=$TRAVIS_COMMIT --build-arg=BRANCH=$TRAVIS_BRANCH --build-arg=REPOSITORY_URL="https://github.com/secureCodeBox/scanner-cms-wpscan" .
+        - echo -en "travis_fold:end:Docker_Build\r"
+        - docker images
+      deploy:
+        - provider: script
+          skip_cleanup: true
+          script: bash .travis/deployDockerHub.sh
+          on:
+            all_branches: true

.travis/deployDockerHub.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+echo "Docker Login"
+echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+echo "Pushing to Dockerhub"
+
+if [[ $TRAVIS_BRANCH =~ ^develop$ ]]
+then
+    echo "Develop Build: Pushing develop tag"
+    
+    echo $(docker tag $REPO:$TAG $REPO:develop)
+    echo $(docker tag $REPO:$TAG $REPO:develop-$TRAVIS_BUILD_NUMBER)
+
+    echo $(docker push $REPO:develop)
+    echo $(docker push $REPO:develop-$TRAVIS_BUILD_NUMBER)
+elif [ "$TRAVIS_BRANCH" = "$TRAVIS_TAG" ]
+then
+    echo "Tagged Release: Pushing versioned docker image." 
+    echo $(docker tag $REPO:$TAG $REPO:$TRAVIS_TAG)
+    echo $(docker tag $REPO:$TAG $REPO:latest)
+    echo $(docker push $REPO:$TRAVIS_TAG)
+    echo $(docker push $REPO:latest)
+else
+    echo "Feature Branch: Pushing only branch Tag"
+    echo $(docker push $REPO:$TAG)
+fi

Dockerfile

@@ -0,0 +1,54 @@
+FROM ruby:alpine
+
+WORKDIR /sectools
+ADD Gemfile /sectools
+
+RUN apk --update add --virtual build-dependencies ruby-dev build-base &&\
+    apk --update add curl &&\
+    apk --update add git
+
+RUN gem install wpscan bundler &&\
+    bundle install &&\
+    apk del build-dependencies && \
+    rm -rf /var/cache/apk/*
+
+COPY . /wpscan
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=120s --retries=3 CMD curl --fail http://localhost:8080/status || exit 1
+
+COPY src/ src/
+
+RUN addgroup --system wpscan && \
+    adduser --system wpscan
+
+RUN chgrp -R 0 /sectools/ && \
+    chmod -R g=u /sectools/ && \
+    chown -R wpscan /sectools/
+
+USER wpscan
+
+EXPOSE 8080
+
+ARG COMMIT_ID=unkown
+ARG REPOSITORY_URL=unkown
+ARG BRANCH=unkown
+ARG BUILD_DATE
+ARG VERSION
+
+ENV SCB_COMMIT_ID ${COMMIT_ID}
+ENV SCB_REPOSITORY_URL ${REPOSITORY_URL}
+ENV SCB_BRANCH ${BRANCH}
+
+LABEL org.opencontainers.image.title="secureCodeBox scanner-webserver-wordpress" \
+    org.opencontainers.image.description="Wordpress_Scan integration for secureCodeBox" \
+    org.opencontainers.image.authors="iteratec GmbH" \
+    org.opencontainers.image.vendor="iteratec GmbH" \
+    org.opencontainers.image.documentation="https://github.com/secureCodeBox/secureCodeBox" \
+    org.opencontainers.image.licenses="Apache-2.0" \
+    org.opencontainers.image.version=$VERSION \
+    org.opencontainers.image.url=$REPOSITORY_URL \
+    org.opencontainers.image.source=$REPOSITORY_URL \
+    org.opencontainers.image.revision=$COMMIT_ID \
+    org.opencontainers.image.created=$BUILD_DATE
+
+ENTRYPOINT ["ruby","/sectools/src/main.rb"]

Gemfile

@@ -0,0 +1,7 @@
+source 'https://rubygems.org'
+
+gem "sinatra"
+gem "rest-client"
+gem "wpscan", "3.5.4"
+
+gem "ruby-scanner-scaffolding", :git => "https://github.com/secureCodeBox/ruby-scanner-scaffolding.git", :tag => "v1.0.0"

Gemfile.lock

@@ -0,0 +1,95 @@
+GIT
+  remote: https://github.com/secureCodeBox/ruby-scanner-scaffolding.git
+  revision: fff6c92edffb1f55bde432156ffd60c38c034e49
+  tag: v1.0.0
+  specs:
+    ruby-scanner-scaffolding (1.0.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (5.2.3)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    addressable (2.6.0)
+      public_suffix (>= 2.0.2, < 4.0)
+    cms_scanner (0.5.2)
+      nokogiri (~> 1.10.0)
+      opt_parse_validator (~> 1.7.3)
+      public_suffix (>= 3.0, < 3.2)
+      ruby-progressbar (~> 1.10.0)
+      typhoeus (~> 1.3.0)
+      xmlrpc (~> 0.3)
+      yajl-ruby (~> 1.4.1)
+    concurrent-ruby (1.1.5)
+    domain_name (0.5.20180417)
+      unf (>= 0.0.5, < 1.0.0)
+    ethon (0.12.0)
+      ffi (>= 1.3.0)
+    ffi (1.11.1)
+    ffi (1.11.1-x64-mingw32)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    i18n (1.6.0)
+      concurrent-ruby (~> 1.0)
+    mime-types (3.2.2)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2019.0331)
+    mini_portile2 (2.4.0)
+    minitest (5.11.3)
+    mustermann (1.0.3)
+    netrc (0.11.0)
+    nokogiri (1.10.3)
+      mini_portile2 (~> 2.4.0)
+    nokogiri (1.10.3-x64-mingw32)
+      mini_portile2 (~> 2.4.0)
+    opt_parse_validator (1.7.3)
+      activesupport (>= 4.2, < 5.3.0)
+      addressable (>= 2.5, < 2.7)
+    public_suffix (3.1.0)
+    rack (2.0.7)
+    rack-protection (2.0.5)
+      rack
+    rest-client (2.0.2)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 4.0)
+      netrc (~> 0.8)
+    rest-client (2.0.2-x64-mingw32)
+      ffi (~> 1.9)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 4.0)
+      netrc (~> 0.8)
+    ruby-progressbar (1.10.1)
+    sinatra (2.0.5)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.5)
+      tilt (~> 2.0)
+    thread_safe (0.3.6)
+    tilt (2.0.9)
+    typhoeus (1.3.1)
+      ethon (>= 0.9.0)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.6)
+    wpscan (3.5.4)
+      cms_scanner (~> 0.5.1)
+    xmlrpc (0.3.0)
+    yajl-ruby (1.4.1)
+
+PLATFORMS
+  ruby
+  x64-mingw32
+
+DEPENDENCIES
+  rest-client
+  ruby-scanner-scaffolding!
+  sinatra
+  wpscan (= 3.5.4)
+
+BUNDLED WITH
+   2.0.1

README.md

@@ -1,2 +1,99 @@
-# scanner-cms-wpscan
+# About
+
 This repository contains a self contained µService utilizing the WPScan scanner for the secureCodeBox project.
+
+Further Documentation:
+
+- [Project Description][scb-project]
+- [Developer Guide][scb-developer-guide]
+- [User Guide][scb-user-guide]
+
+## Configuration Options
+
+To configure this service specify the following environment variables:
+
+| Environment Variable       | Value Example |
+| -------------------------- | ------------- |
+| ENGINE_ADDRESS             | http://engine |
+| ENGINE_BASIC_AUTH_USER     | username      |
+| ENGINE_BASIC_AUTH_PASSWORD | 123456        |
+
+### Local setup
+
+1. Clone the repository
+2. You might need to install some dependencies `gem install sinatra rest-client`
+3. Run locally `ruby src/main.rb`
+
+### Test
+
+To run the testsuite run:
+
+`rake test`
+
+## WpScan Parameters
+
+To hand over supported parameters through api usage, you can set following attributes:
+
+```json
+[
+  {
+    "name": "some Name",
+    "context": "some Context",
+    "target": {
+      "name": "targetName",
+      "location": "http://your-target.com/",
+      "attributes": {
+        "WP_STEALTHY": "true",
+        "WP_ENUMERATE": "[Options]",
+        "WP_MAX_DURATION": "[Seconds]",
+        "WP_THROTTLE": "[Milliseconds]",
+        "WP_REQUEST_TIMEOUT": "[Seconds]",
+        "WP_DETECTION_MODE": "[Options]",
+        "WP_USER_AGENT": "[userAgent]",
+        "WP_HEADERS": "[headers]"
+      }
+    }
+  }
+]
+```
+
+Options for enumerate attribute:
+
+```txt
+Enumeration Process
+Available Choices:
+  vp  |  Vulnerable plugins
+  ap  |  All plugins
+  p   |  Plugins
+  vt  |  Vulnerable themes
+  at  |  All themes
+  t   |  Themes
+  tt  |  Timthumbs
+  cb  |  Config backups
+  dbe |  Db exports
+  u   |  User IDs range. e.g: u1-5
+         Range separator to use: '-'
+         Value if no argument supplied: 1-10
+  m   |  Media IDs range. e.g m1-15
+         Note: Permalink setting must be set to "Plain" for those to be detected
+         Range separator to use: '-'
+         Value if no argument supplied: 1-100
+
+Separator to use between the values: ','
+Default: All Plugins, Config Backups
+Value if no argument supplied: vp,vt,tt,cb,dbe,u,m
+Incompatible choices (only one of each group/s can be used):
+  - vp, ap, p
+  - vt, at, t
+```
+
+## Build with docker
+
+To build the docker container run:
+
+`docker build -t IMAGE_NAME:LABEL .`
+
+[scb-project]: https://github.com/secureCodeBox/secureCodeBox
+[scb-developer-guide]: https://github.com/secureCodeBox/secureCodeBox/blob/develop/docs/developer-guide/README.md
+[scb-developer-guidelines]: https://github.com/secureCodeBox/secureCodeBox/blob/develop/docs/developer-guide/README.md#guidelines
+[scb-user-guide]: https://github.com/secureCodeBox/secureCodeBox/tree/develop/docs/user-guide

Rakefile

@@ -0,0 +1,7 @@
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << "test"
+  t.test_files = FileList['tests/*test.rb']
+  t.verbose = true
+end

src/main.rb

@@ -0,0 +1,29 @@
+require 'sinatra'
+require 'json'
+require 'bundler'
+Bundler.setup(:default)
+require 'ruby-scanner-scaffolding'
+require 'ruby-scanner-scaffolding/healthcheck'
+require_relative "./wordpress_worker"
+
+set :port, 8080
+set :bind, '0.0.0.0'
+set :environment, :production
+
+client = WordpressWorker.new(
+	'http://localhost:8080',
+	'wordpress_webserverscan',
+	['PROCESS_TARGETS']
+)
+
+healthcheckClient = Healthcheck.new
+
+get '/status' do
+	status 500
+	if client.healthy?
+		status 200
+  end
+	content_type :json
+	healthcheckClient.check(client)
+end
+

src/wordpress_configuration.rb

@@ -0,0 +1,34 @@
+def is_set(val)
+  if val != ''
+  elsif val.is_a?(Array)
+  val.length != 0
+end
+end
+
+class WordpressConfiguration
+  attr_accessor :job_id
+  attr_accessor :wordpress_scanner_target
+  attr_accessor :wordpress_configuration
+
+  def self.from_target(job_id, target)
+    config = WordpressConfiguration.new
+
+    enumerate = []
+    target.dig('attributes', 'WP_ENUMERATE').each { |_, flag| enumerate << flag unless flag.nil?  } unless !target.dig('attributes', 'WP_ENUMERATE')
+
+    config.job_id = job_id
+    config.wordpress_scanner_target = target.dig('location')
+    config.wordpress_configuration = ""
+    config.wordpress_configuration += '--stealthy ' if target.dig('attributes', 'WP_STEALTHY')
+    config.wordpress_configuration += "--enumerate #{enumerate.join(",")} " unless enumerate.empty?
+    config.wordpress_configuration += "--max-scan-duration #{target.dig('attributes', 'WP_MAX_DURATION')} " unless !target.dig('attributes', 'WP_MAX_DURATION')
+    config.wordpress_configuration += "--throttle #{target.dig('attributes', 'WP_THROTTLE')} " unless !target.dig('attributes', 'WP_THROTTLE')
+    config.wordpress_configuration += "--request-timeout #{target.dig('attributes', 'WP_REQUEST_TIMEOUT')} " unless !target.dig('attributes', 'WP_REQUEST_TIMEOUT')
+    config.wordpress_configuration += "--detection-mode #{target.dig('attributes', 'WP_DETECTION_MODE')} " unless !target.dig('attributes', 'WP_DETECTION_MODE')
+    config.wordpress_configuration += "--ua #{target.dig('attributes', 'WP_USER_AGENT')} " unless !target.dig('attributes', 'WP_USER_AGENT')
+    config.wordpress_configuration += "--headers #{target.dig('attributes', 'WP_HEADERS')} " unless !target.dig('attributes', 'WP_HEADERS')
+
+
+    config
+  end
+end