gauntlt 0.0.0 → 0.0.5

data/features/help.feature

@@ -0,0 +1,37 @@
+Feature: Display help info
+
+  As a user of gauntlt,
+  I want contextual help info,
+  In order to learn the options required by an attack
+
+  Scenario: A user runs the help command in the core part of gauntlt
+    When I run `gauntlt --help`
+    Then I should see a help menu that explains how to invoke gauntlt
+
+  Scenario: A user runs the help command for a certain test
+    When I run `gauntlt attack -h -n nmap`
+    Then the output should contain:
+    """
+    Command 'attack':
+    """
+
+  Scenario: A user runs gauntlt without any arguments
+    When I run `gauntlt`
+    Then I should see a help menu that explains how to invoke gauntlt
+
+  Scenario: A user runs the attack command without specifying attack name
+    When I run `gauntlt attack`
+    Then the output should contain:
+    """
+    Available attacks:
+
+      cookies
+      curl
+      http_methods
+      nmap
+      sqlmap
+      sslyze
+
+      try: gauntlt attack -n nmap
+    """
+

data/features/report.feature

@@ -0,0 +1,5 @@
+# Feature: Report details of security behaviour
+#
+#   In order to document and analyze security behaviour,
+#   As a software developer or security expert,
+#   I want to generate a report.

data/features/step_definitions/aruba_extension_steps.rb

@@ -0,0 +1,3 @@
+Then /^it should pass$/ do
+  assert_success(true)
+end

data/features/step_definitions/config_steps.rb

@@ -0,0 +1,3 @@
+Given /^an attack "(.*?)" exists$/ do |attack_name|
+  Gauntlt.should have_attack(attack_name)
+end

data/features/step_definitions/help_steps.rb

@@ -0,0 +1,8 @@
+Then /^I should see a help menu that explains how to invoke gauntlt$/ do
+  steps %q{
+    Then the output should contain:
+    """
+      -h, --help
+    """
+  }
+end

data/features/step_definitions/support_steps.rb

@@ -0,0 +1,5 @@
+Then /^debug$/ do
+  require 'debugger'
+  debugger
+  nil
+end

data/features/support/aruba.rb

@@ -0,0 +1,5 @@
+require 'aruba/cucumber'
+
+Before do
+  @aruba_timeout_seconds = 5  # Add more time for sloooooowww networks
+end

data/features/support/attack_steps.rb

@@ -0,0 +1 @@
+require 'gauntlt'

data/features/support/env.rb

@@ -0,0 +1 @@
+require 'gauntlt'

data/features/support/hooks.rb

@@ -0,0 +1,3 @@
+Before('@slow') do
+  @aruba_timeout_seconds = 10
+end

data/features/support/profile/profile.xml

@@ -0,0 +1,5 @@
+<app>
+	<name>google</name>
+	<hostname>www.google.com</hostname>
+	<login>https://www.example.com/login.php</login>
+</app>	

data/gauntlt.gemspec

@@ -5,21 +5,26 @@ require "gauntlt/version"
 Gem::Specification.new do |s|
   s.name        = "gauntlt"
   s.version     = Gauntlt::VERSION
-  s.authors     = ["James Wickett"]
+  s.authors     = ["James Wickett", "Mani Tadayon"]
   s.email       = ["james@ruggeddevops.org"]
   s.homepage    = ""
-  s.summary     = %q{the security testing tool using cucumber}
-  s.description = %q{Using standard Gherkin language to define security tests, gauntlet happily wraps cucumber functionality and provides a security testing framework that security engineers, developers and operations teams can collaborate on together.}
+  s.summary     = %q{behaviour-driven security using cucumber}
+  s.description = %q{Using standard Gherkin language to define security tests, gauntlt happily wraps cucumber functionality and provides a security testing framework that security engineers, developers and operations teams can collaborate on together.}
 
-  s.rubyforge_project = "gauntlt"
-
-  s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- {test,spec}/*`.split("\n")
+    s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
   # specify any dependencies here; for example:
-  # s.add_development_dependency "rspec"
+  s.add_development_dependency "cucumber"
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "aruba"
+  s.add_development_dependency "rake"  
+
   s.add_runtime_dependency "cucumber"
   s.add_runtime_dependency "aruba"
+  s.add_runtime_dependency "curb"  
+  s.add_runtime_dependency "acclaim"
+  s.add_runtime_dependency "ribbon", "0.7.0"
 end

data/gem_tasks/cucumber.rake

@@ -0,0 +1,5 @@
+require 'cucumber/rake/task'
+
+Cucumber::Rake::Task.new(:features) do |t|
+  t.fork = false
+end

data/gem_tasks/rspec.rake

@@ -0,0 +1,6 @@
+require 'rspec/core/rake_task'
+
+desc "Run RSpec"
+RSpec::Core::RakeTask.new do |t|
+  t.verbose = true
+end

data/lib/gauntlt.rb

@@ -1,5 +1,39 @@
 require "gauntlt/version"
 
+require 'rubygems'
+require 'cucumber'
+require 'gauntlt/attack'
+
 module Gauntlt
-  puts "this is gauntlt"  # Your code goes here...
+  CURRENT_DIR = if defined?(Pathname) # ruby 1.9
+    Pathname.new(__FILE__).dirname.to_s
+  else
+    File.dirname(File.expand_path(__FILE__))
+  end
+
+  GAUNTLT_DIR = File.join(CURRENT_DIR, 'gauntlt')
+
+  ATTACKS_DIR = File.join(GAUNTLT_DIR, 'attack_adapters')
+
+  ATTACK_GLOB_PATTERN = ATTACKS_DIR + '/*.rb'
+
+  class << self
+    def attack_files
+      Dir.glob(ATTACK_GLOB_PATTERN)
+    end
+
+    def attacks
+      attack_files.map do |full_path|
+        File.basename(full_path, '.rb')
+      end.sort
+    end
+
+    def has_attack?(name)
+      attacks.include?(name)
+    end
+
+    def attack(name, options={})
+      Attack.new(name, options).run
+    end
+  end
 end

data/lib/gauntlt/attack.rb

@@ -0,0 +1,32 @@
+require 'cucumber'
+require 'cucumber/cli/main'
+
+module Gauntlt
+  class Attack
+    class NotFound < Exception; end
+
+    attr_accessor :name, :opts, :attack_file
+
+    def initialize(name, opts={})
+      if opts[:attack_file] && File.exists?( opts[:attack_file] )
+        self.name = name
+        self.opts = opts
+        self.attack_file = opts[:attack_file]
+      else
+        raise NotFound.new("No '#{opts[:attack_file]}' attack found")
+      end
+    end
+
+    def base_dir
+      File.expand_path( File.dirname(__FILE__) )
+    end
+
+    def attacks_dir
+      File.join(base_dir, "attack_adapters")
+    end
+
+    def run
+      Cucumber::Cli::Main.execute([self.attack_file, '--strict', '--require', self.attacks_dir])
+    end
+  end
+end

data/lib/gauntlt/attack_adapters/cookies.rb

@@ -0,0 +1,11 @@
+When /^I launch a "cookies" attack$/ do
+  set_cookies( cookies_for(hostname) )
+end
+
+Then /^the following cookies should be received:$/ do |table|
+  names = table.hashes.map{|h| h['name'] }
+  names.each do |name|
+    cookies.any?{|s| s =~ /^#{name}/}.should be_true
+    # TODO: check other values in table
+  end
+end

data/lib/gauntlt/attack_adapters/curl.rb

@@ -0,0 +1,3 @@
+Then /^the response code should be "(.*?)"$/ do |http_code|
+  @response.response_code.should == http_code.to_i
+end

data/lib/gauntlt/attack_adapters/http_methods.rb

@@ -0,0 +1,12 @@
+When /^"curl" is installed$/ do
+  ensure_cli_installed("curl")
+end
+
+When /^I launch a "curl" attack$/ do
+  @response = Curl::Easy.http_get(hostname)
+end
+
+When /^I launch a "curl" attack with:$/ do |command|
+  command.gsub!('<hostname>', hostname)
+  run command
+end

data/lib/gauntlt/attack_adapters/nmap.rb

@@ -0,0 +1,14 @@
+# TODO: figure out if there's a way to namespace these step definitions
+
+When /^"nmap" is installed$/ do
+  ensure_cli_installed("nmap")
+end
+
+When /^the target hostname is "(.*?)"$/ do |host|
+  set_hostname host
+end
+
+When /^I launch an "nmap" attack with:$/ do |command|
+  command.gsub!('<hostname>', hostname)
+  run command
+end

data/lib/gauntlt/attack_adapters/sqlmap.rb

@@ -0,0 +1,3 @@
+Given /^"sqlmap" is installed$/ do
+  ensure_python_script_installed('sqlmap')
+end

data/lib/gauntlt/attack_adapters/sslyze.rb

@@ -0,0 +1,15 @@
+Given /^"sslyze" is installed$/ do
+  ensure_python_script_installed('sslyze')
+end
+
+When /^I launch an "sslyze" attack with:$/ do |command|
+  sslyze_path = path_to_python_script("sslyze")
+
+  command.gsub!('<hostname>', hostname)
+  command.gsub!('<sslyze_path>', sslyze_path)
+  run command
+end
+
+Then /^the key size should be at least (\d+)$/ do |arg1|
+  pending # express the regexp above with the code you wish you had
+end

data/lib/gauntlt/attack_adapters/support/cli_helper.rb

@@ -0,0 +1,18 @@
+require 'English'
+# English.rb adds human-readable names for things like $?, $!, etc.:
+#   http://www.ruby-doc.org/stdlib-1.9.3/libdoc/English/rdoc/English_rb.html
+
+module Gauntlt
+  module Support
+    module CliHelper
+      def cli_installed?(bin_name)
+        `which #{bin_name}` && $CHILD_STATUS.success?
+      end
+
+      def ensure_cli_installed(bin)
+        raise "#{bin} is not installed or is not in your path" unless cli_installed?(bin)
+      end
+    end
+  end
+end
+World(Gauntlt::Support::CliHelper)

data/lib/gauntlt/attack_adapters/support/cookie_helper.rb

@@ -0,0 +1,27 @@
+require 'curb'
+
+module CookieHelper
+  def cookies_for(url)
+    [].tap do |returner|
+      c = Curl::Easy.perform(url) do |curl|
+        curl.follow_location = true
+        curl.enable_cookies = true
+
+        curl.on_header do |header|
+          returner << "#{$1}=#{$2}" if header =~ /^Set-Cookie: ([^=]+)=([^;]+;)/
+        end
+      end
+    end
+  end
+
+  def cookies
+    raise "No cookies set" if @cookies.nil?
+
+    @cookies
+  end
+
+  def set_cookies(a)
+    @cookies = a
+  end
+end
+World(CookieHelper)

data/lib/gauntlt/attack_adapters/support/env.rb

@@ -0,0 +1 @@
+require 'aruba/cucumber'

data/lib/gauntlt/attack_adapters/support/hooks.rb

@@ -0,0 +1,3 @@
+Before('@slow') do
+  @aruba_timeout_seconds = 10
+end

data/lib/gauntlt/attack_adapters/support/nmap_helper.rb

@@ -0,0 +1,13 @@
+require 'aruba'
+
+module NmapHelper
+  def run_nmap_attack(host, opts)
+    args = opts.map{|k,v| "#{k} #{v}"}
+
+    command = "nmap #{args.join(' ')} #{host}"
+
+    # run is from aruba
+    run command
+  end
+end
+World(NmapHelper)

data/lib/gauntlt/attack_adapters/support/profile_helper.rb

@@ -0,0 +1,12 @@
+module ProfileHelper
+  def hostname
+    raise "No host defined" if @hostname.nil?
+
+    @hostname
+  end
+
+  def set_hostname(s)
+    @hostname = s
+  end
+end
+World(ProfileHelper)

data/lib/gauntlt/attack_adapters/support/python_script_helper.rb

@@ -0,0 +1,70 @@
+# TODO: get this explicit require to work
+# require 'gauntlt/support/cli_helper'
+
+module Gauntlt
+  module Support
+    module PythonScriptHelper
+      DOWNLOAD_URLS = {
+        'sslyze' => 'https://github.com/iSECPartners/sslyze',
+        'sqlmap' => 'https://github.com/sqlmapproject/sqlmap'
+      }
+
+      def python_installed?
+        cli_installed?('python')
+      end
+
+      def shell_variable_name_for(script_name)
+        script_name.upcase + '_PATH'
+      end
+
+      def path_to_python_script(script_name)
+        shell_variable_name = shell_variable_name_for(script_name)
+        ENV[shell_variable_name]
+      end
+
+      def script_exists?(script_name)
+        path = path_to_python_script(script_name)
+        File.exists?(path) if path
+      end
+
+      def python_script_installed?(script_name)
+        python_installed? && script_exists?(script_name)
+      end
+
+      def ensure_python_script_installed(script_name, debug=false)
+        python_script_installed?(script_name) || begin
+          shell_variable_name = '$' + shell_variable_name_for(script_name)
+
+          msg = <<-EOS
+    #{script_name}.py not installed or #{shell_variable_name} not set!
+
+    1. Download #{script_name} from: #{DOWNLOAD_URLS[script_name]}
+    2. In your .zshrc or .bash_profile (or whatever), set #{shell_variable_name}
+
+       export #{shell_variable_name.gsub('$', '')}=/path/to/#{script_name}.py
+
+    3. Make sure you have python installed:
+
+       $ which python
+
+
+EOS
+
+          if debug
+            msg += <<-EOS
+            python installed : #{python_installed?}
+            script_exists? : #{script_exists?(script_name)}
+            shell_variable_name: #{shell_variable_name_for(script_name)}
+            path:   #{path_to_python_script(script_name)}
+            path_via_echo: #{`echo #{'$'+shell_variable_name_for(script_name)}`}
+EOS
+          end
+
+          raise msg
+
+        end
+      end
+    end
+  end
+end
+World(Gauntlt::Support::PythonScriptHelper)