gauntlt 0.1.5 → 1.0.5

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    MGRkZWZiMTQ4ZDIyMzFjZmFhODk5ZjQyOTJhZmYwY2Y5NjY0NDdmMA==
+  data.tar.gz: !binary |-
+    MzI0YjBjNTRkMTI4ODAzMWExOWI4MWUyYmFhNjY1ZDg0NzQ2OGY0Mg==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    MWU3MWJkZjI0ZWI1N2Q3M2I0NGI5MjlhM2U2MDFjMzE5ZjRlY2Y1YjFkNjc3
+    NGUwNjk3NzFiYmIyMTdhOTgzNGJiYTI5NGFhY2E0NWYxY2NjNGE2MjQyM2Rj
+    MDY0YmFmM2NiNDExYzZiYTYxMDUzMzhhODQ4NTA4OGQwNTNiZjI=
+  data.tar.gz: !binary |-
+    ODM4MzVjYTM1NGIyYTBlNGZmMjk2MGM3OGRlYWViMTg5MDUwYzhiMGY3ZGQw
+    NGFiY2EyYmI1MmU4YmU2MzAzNWI1NmEzYWFlZTZkMTA4OGI3ZGRkMTBhZGU0
+    MGM1NGUwNWJiMDFlZjM3NmI5NTE3MzBmNjM1YTAzOTUwY2RhYzU=

data/.gitignore

@@ -32,3 +32,6 @@ Gemfile.lock
 #sqlite DB (from scapegoat)
 *.db
 *.$DB
+
+# possible dependency installs
+dirb

data/.travis.yml

@@ -6,10 +6,11 @@ before_install:
   - git submodule update --init --recursive
 before_script:
   - sudo apt-get install nmap
+  - sudo apt-get install wget
   - export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sslyze/sslyze.py"
   - export SQLMAP_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sqlmap/sqlmap.py"
   - 'cd vendor/Garmr && sudo python setup.py install && cd ../..'
-  - 'cd vendor && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ..'
+  - 'cd vendor && wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ..'
   - export DIRB_WORDLISTS="/home/travis/build/gauntlt/gauntlt/vendor/dirb/wordlists"
 
 matrix:

data/README.md

@@ -146,22 +146,22 @@ NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testin
     # on ubuntu:
     #   $ sudo apt-get install libcurl4-openssl-dev
     ```
+4. Run the ready_to_rumble.sh script to make sure you have all the dependencies installed like sqlmap and sslyze.  This is meant to replicate the travis setup for devs. This should be a rake task instead. 
 
-4. Run the cucumber features and rspec examples
+5. Run the cucumber features and rspec examples
 
     ```shell
     $ bundle exec rake
     ```
 
-5. Launch attacks with bin/gauntlt
+6. Launch attacks with bin/gauntlt
 
     ```shell
     $ bin/gauntlt attack
     ```
 
-5. Refer to the features directory for usage examples and please write cucumber features for any new functionality you wish to submit.
+7. Refer to the features directory for usage examples and please write cucumber features for any new functionality you wish to submit.
 
-6. Run the ready_to_rumble.sh script to make sure you have all the dependencies installed like sqlmap and sslyze.  This is meant to replicate the travis setup for devs. This should be a rake task instead. 
 
 ## ROADMAP
 

data/bin/gauntlt

@@ -11,7 +11,7 @@ opts = Trollop::options do
 gauntlt is a ruggedization framework that helps you be mean to your code
 
 Usage:
-       gauntlt <path>+ [--tags TAG_EXPRESSION]
+       gauntlt <path>+ [--tags TAG_EXPRESSION] [--format FORMAT]
 
 Options:
 EOS
@@ -21,8 +21,13 @@ EOS
       :multi => true
 
   opt :list, "List defined attacks"
+  
   opt :steps, "List the gauntlt step definitions that can be used inside of attack files"
+
   opt :allsteps, "List all available step definitions including aruba step definitions which help with file and parsing operations"
+
+  opt :format, "Available formats: html, json, junit, progress",
+      :type => String
 end
 
 opts[:path] = if ARGV.empty?
@@ -45,6 +50,6 @@ elsif opts[:allsteps]
   puts "\nGauntlt Attack Steps"
   puts all_step_defs[:gauntlt].sort
 else
-  Gauntlt.attack( opts[:path], opts[:tags].join(',') )
+  Gauntlt.attack( opts[:path], opts[:tags].join(','), opts[:format] )
 end
 

data/examples/nmap/nmap.attack

@@ -6,17 +6,23 @@ Feature: nmap attacks for scanme.nmap.org and to use this for your tests, change
     And the following profile:
       | name           | value        |
       | hostname       | scanme.nmap.org   |
+      | host           | scanme.nmap.org   |
       | tcp_ping_ports | 22,25,80,443 |
 
+  Scenario: Verify server is open on expected set of ports using the nmap-fast attack step
+    When I launch a "nmap-fast" attack
+    Then the output should match /80.tcp\s+open/
+
   Scenario: Verify server is open on expected set of ports using the nmap fast flag
     When I launch an "nmap" attack with:
       """
       nmap -F <hostname>
       """
-    Then the output should contain:
+    Then the output should match:
       """
-      80/tcp   open  http
+      80/tcp\s+open
       """
+
   Scenario: Verify that there are no unexpected ports open
     When I launch an "nmap" attack with:
       """

data/examples/nmap/simple.attack

@@ -12,5 +12,9 @@ Feature: simple nmap attack (sanity check)
       """
       nmap -p 80,443 <hostname>
       """
-    Then the output should contain "80/tcp  open"
-    And the output should not contain "443/tcp open"
+    Then the output should match /80.tcp\s+open/
+    And the output should not match:
+      """
+      443/tcp\s+open
+      """
+

data/features/attacks/nmap.feature

@@ -8,6 +8,7 @@ Feature: nmap attack
     | simple.attack         |
     | os_detection.attack   |
     | tcp_ping_ports.attack |
+    | nmap.attack |
     | xml_output.attack     |
 
   Scenario: Simple nmap attack
@@ -37,3 +38,9 @@ Feature: nmap attack
       """
       5 steps (5 passed)
       """
+  Scenario: The full nmap attack
+    When I run `gauntlt nmap.attack`
+    Then it should pass with:
+      """
+      17 steps (17 passed)
+      """

data/features/support/aruba.rb

@@ -1,5 +1,5 @@
 require 'aruba/cucumber'
 
 Before do
-  @aruba_timeout_seconds = 5  # Add more time for sloooooowww networks
+  @aruba_timeout_seconds = 10  # Add more time for sloooooowww networks
 end

data/features/support/hooks.rb

@@ -1,9 +1,9 @@
 Before('@slow') do
-  @aruba_timeout_seconds = 30
+  @aruba_timeout_seconds = 45
 end
 
 if RUBY_PLATFORM == 'java'
   Before do
     @aruba_timeout_seconds = 30
   end
-end
+end

data/lib/gauntlt.rb

@@ -17,6 +17,9 @@ module Gauntlt
   ATTACK_ADAPTERS_DIR = File.join(GAUNTLT_DIR, 'attack_adapters')
 
   ATTACK_ADAPTERS_GLOB_PATTERN = ATTACK_ADAPTERS_DIR + '/*.rb'
+  
+  ATTACK_ALIASES_DIR = File.join(GAUNTLT_DIR, 'attack_aliases')
+  ATTACK_ALIASES_GLOB_PATTERN = ATTACK_ALIASES_DIR + '/*.json'
 
   class << self
     def attack_adapters
@@ -29,8 +32,8 @@ module Gauntlt
       end.sort
     end
 
-    def attack(path, tags=[])
-      Attack.new(path, tags).run
+    def attack(path, tags=[], format="")
+      Attack.new(path, tags, format).run
     end
 
     def stepdefs(path, tags=[])

data/lib/gauntlt/attack.rb

@@ -4,12 +4,12 @@ module Gauntlt
   class Attack
     attr_accessor :runtime
 
-    def initialize(path, tags=[])
-      self.runtime = Runtime.new(path, tags)
+    def initialize(path, tags=[], format="")
+      self.runtime = Runtime.new(path, tags, format)
     end
 
     def run
       runtime.execute!
     end
   end
-end
+end

data/lib/gauntlt/attack_adapters/nmap.rb

@@ -1,9 +1,19 @@
 # TODO: figure out if there's a way to namespace these step definitions
-
+#
+#read in JSON
 When /^"nmap" is installed$/ do
   ensure_cli_installed("nmap")
 end
 
 When /^I launch an "nmap" attack with:$/ do |command|
   run_with_profile command
-end
+end
+
+When /^I launch a "nmap-(.*?)" attack$/ do |type|
+  attack_alias = 'nmap-' + type
+  nmap_attack = load_attack_alias(attack_alias)                
+  
+  Kernel.puts "Running a #{attack_alias} attack. This attack has this description:\n #{nmap_attack['description']}"
+  
+  run_with_profile nmap_attack['command']
+end

data/lib/gauntlt/attack_adapters/support/attack_step_helper.rb

@@ -0,0 +1,30 @@
+require "json"
+
+module Gauntlt
+  module Support
+    module AttackAliasHelper
+
+      def gauntlt_attack_aliases
+        @gauntlt_attack_aliases ||= {}
+      end
+      
+      def load_attack_alias(alias_name)
+        @attack_steps = import_attack_aliases
+        @attack_steps[alias_name] || raise("Unknown attack alias #{alias_name}, try gauntlt --list_attack_aliases")
+      end
+
+      def import_attack_aliases
+         @imported_attack_aliases = Hash.new
+         attack_aliases_json = Dir.glob(ATTACK_ALIASES_GLOB_PATTERN)
+         attack_aliases_json.each do |file|
+         @imported_attack_aliases.merge!(JSON.load(File.open(file)))
+         end
+         @imported_attack_aliases
+      end
+
+    end
+  end
+end
+
+World(Gauntlt::Support::AttackAliasHelper)
+

data/lib/gauntlt/attack_aliases/dirb.json

@@ -0,0 +1,5 @@
+{ "dirb-apache-vulns" : { "command" : "dirb --list apache.txt <host>",
+      "description" : "This looks for apache defaults which would suggest the server isnt hardened correctly.",
+      "requires" : [ "<host>" ]
+    }
+}

data/lib/gauntlt/attack_aliases/nmap.json

@@ -0,0 +1,9 @@
+{ "nmap-fast" : { "command" : "nmap -F <host>",
+      "description" : "This is a fast nmap scan that should run in 10 seconds or less on most networks.  It looks for the most common ports and services.",
+      "requires" : [ "<host>" ]
+    },
+  "nmap-single_port" : { "command" : "nmap -p<port> <host>",
+      "description" : "This checks a single port only",
+      "requires" : [ "<host>", "<port>" ]
+    }
+}

data/lib/gauntlt/runtime.rb

@@ -7,19 +7,20 @@ module Gauntlt
     class NoFilesFound < StandardError; end
     class ExecutionFailed < StandardError; end
 
-    attr_accessor :path, :attack_files, :tags
+    attr_accessor :path, :attack_files, :tags, :format
 
-    def initialize(path, tags=[])
+    def initialize(path, tags=[], format="")
       self.path         = path
       self.attack_files = self.class.attack_files_for(path)
       self.tags         = tags
-
+      self.format       = format
       raise NoFilesFound.new("No files found in path: #{path}") if attack_files.empty?
     end
 
     def cuke_cli
       args =  attack_files + ['--strict', '--require', self.class.adapters_dir]
       args += ['--tags', tags] unless tags.empty?
+      args += ['--format', format] unless format.nil?
 
       Cucumber::Cli::Main.new(args)
     end

data/lib/gauntlt/version.rb

@@ -1,3 +1,3 @@
 module Gauntlt
-  VERSION = "0.1.5"
+  VERSION = "1.0.5"
 end

data/ready_to_rumble.sh

@@ -5,41 +5,51 @@
 NMAP=`which nmap`
 GARMR=`which garmr`
 DIRB=`which dirb`
-
-if [ -z $NMAP ] 
-  then
-    echo "nmap is not installed in your path, try installing it and adding it to your path"
-    exit
-fi
+ERRORS=0
 
 if [ -z $SSLYZE_PATH ]
   then
-    echo "SSLYZE_PATH environment variable unset, try setting it to ./vendor/sslyze/sslyze.py if you havent updated the submodules we use in gauntlt, run this first: git submodule update --init --recursive"
-    exit
+    MESSAGE="SSLYZE_PATH environment variable unset, try setting it to ./vendor/sslyze/sslyze.py if you havent updated the submodules we use in gauntlt, run this first: git submodule update --init --recursive"
+    ERRORS=$ERRORS+1 
 fi
 
 if [ -z $SQLMAP_PATH ]
   then
-    echo "SQLMAP_PATH environment variable unset, try setting it to ./vendor/sslyze/sqlmap.py if you havent updated the submodules we use in gauntlt, run this first: git submodule update --init --recursive"
-    exit
+    MESSAGE="SQLMAP_PATH environment variable unset, try setting it to ./vendor/sslyze/sqlmap.py if you havent updated the submodules we use in gauntlt, run this first: git submodule update --init --recursive"
+    ERRORS=$ERRORS+1 
 fi
 
 if [ -z $GARMR ] 
   then
-    echo "garmr is not installed in your path, try installing it 'cd vendor/Garmr && sudo python setup.py install && cd ../..'"
-    exit
+    MESSAGE="garmr is not installed in your path, try installing it 'cd vendor/Garmr && sudo python setup.py install && cd ../..'"
+    ERRORS=$ERRORS+1 
 fi
 
-if [ -z $DIRB ]
+if [ -z $DIRB_WORDLISTS ]
   then 
-    echo "dirb is not installed in your path, try installing it 'wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && cd ..'"
-    exit
+    MESSAGE="DIRB_WORDLISTS environment variable not set, please set it. Usually this is where you extracted dirb in a directory called 'wordlists'"
+    ERRORS=$ERRORS+1 
 fi
 
-if [ -z $DIRB_WORDLISTS ]
+if [ -z $DIRB ]
   then 
-    echo "DIRB_WORDLISTS environment variable not set, please set it. Usually this is where you extracted dirb in a directory called 'wordlists'"
-    exit
+    MESSAGE="dirb is not installed in your path, try installing it 'wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && cd ..'"
+    ERRORS=$ERRORS+1 
 fi
 
-echo "You are ready to rumble!"
+if [ -z $NMAP ] 
+  then
+    MESSAGE="nmap is not installed in your path, try installing it (brew install nmap OR apt-get install nmap) and adding it to your path"
+    ERRORS=$ERRORS+1 
+fi
+
+
+
+if [ $ERRORS -gt 0 ]
+  then
+  echo $MESSAGE
+  ERRORS=$ERRORS-1
+  echo "$ERRORS more things to fix... keep running ./ready_to_rumble.sh until you ARE."
+else
+  echo "You ARE ready to rumble!"
+fi

metadata

@@ -1,8 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gauntlt
 version: !ruby/object:Gem::Version
-  version: 0.1.5
-  prerelease: 
+  version: 1.0.5
 platform: ruby
 authors:
 - James Wickett
@@ -10,12 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-25 00:00:00.000000000 Z
+date: 2013-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cucumber
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -23,7 +21,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -31,7 +28,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: aruba
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -39,7 +35,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -47,7 +42,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -55,7 +49,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -63,7 +56,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -71,7 +63,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -79,7 +70,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: cucumber
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -87,7 +77,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -95,7 +84,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: aruba
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -103,7 +91,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -111,7 +98,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -119,7 +105,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -127,7 +112,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: trollop
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -135,7 +119,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -205,12 +188,15 @@ files:
 - lib/gauntlt/attack_adapters/nmap.rb
 - lib/gauntlt/attack_adapters/sqlmap.rb
 - lib/gauntlt/attack_adapters/sslyze.rb
+- lib/gauntlt/attack_adapters/support/attack_step_helper.rb
 - lib/gauntlt/attack_adapters/support/cli_helper.rb
 - lib/gauntlt/attack_adapters/support/cookie_helper.rb
 - lib/gauntlt/attack_adapters/support/nmap_helper.rb
 - lib/gauntlt/attack_adapters/support/profile_helper.rb
 - lib/gauntlt/attack_adapters/support/python_script_helper.rb
 - lib/gauntlt/attack_adapters/support/xml_helper.rb
+- lib/gauntlt/attack_aliases/dirb.json
+- lib/gauntlt/attack_aliases/nmap.json
 - lib/gauntlt/runtime.rb
 - lib/gauntlt/stepdef.rb
 - lib/gauntlt/version.rb
@@ -221,31 +207,29 @@ files:
 - test/gauntlt_test.rb
 - test/test_helper.rb
 - test/tmf.rb
-- vendor/dirb203.tar.gz
 - vendor/sslyze_output.README
 homepage: https://github.com/gauntlt/gauntlt
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.25
+rubygems_version: 2.0.5
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: behaviour-driven security using cucumber
 test_files:
 - features/attack.feature