npm - @intentsolutionsio/penetration-tester - Versions diffs - 2.0.0 → 3.0.4 - Mend

@intentsolutionsio/penetration-tester 2.0.0 → 3.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (112) hide show

package/skills/detecting-directory-listing/scripts/probe_directory_listing.py ADDED Viewed

@@ -0,0 +1,180 @@
+#!/usr/bin/env python3
+"""Directory-listing probe.
+Companion to skill `detecting-directory-listing`. For each candidate
+directory path, appends a trailing slash and sends a GET. If the
+response is 200 and the body matches a framework-specific autoindex
+fingerprint, it's a finding.
+References:
+    OWASP WSTG-CONF-04 Review Old Backup and Unreferenced Files
+    CWE-548 Exposure of Information Through Directory Listing
+    nginx autoindex docs, Apache mod_autoindex docs
+"""
+from __future__ import annotations
+import argparse
+import re
+import sys
+from pathlib import Path
+_PLUGIN_ROOT = Path(__file__).resolve().parents[3]
+if str(_PLUGIN_ROOT) not in sys.path:
+    sys.path.insert(0, str(_PLUGIN_ROOT))
+from lib.authz_check import require_authorization  # noqa: E402
+from lib.finding import Finding, Severity  # noqa: E402
+from lib.http_client import make_session, safe_get  # noqa: E402
+from lib.report import emit, exit_code  # noqa: E402
+SKILL_ID = "detecting-directory-listing"
+# Probe set. Each entry: (path, severity, control)
+PROBES = [
+    # CRITICAL — config + VCS directories
+    ("config/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    ("conf/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    (".config/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    (".git/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    (".git/objects/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    (".svn/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    (".hg/", Severity.CRITICAL, "NIST 800-53 SC-28"),
+    # HIGH — backup / upload / log / dump dirs
+    ("backup/", Severity.HIGH, "CWE-548"),
+    ("backups/", Severity.HIGH, "CWE-548"),
+    ("uploads/", Severity.HIGH, "CWE-548"),
+    ("upload/", Severity.HIGH, "CWE-548"),
+    ("logs/", Severity.HIGH, "CWE-548"),
+    ("log/", Severity.HIGH, "CWE-548"),
+    ("dump/", Severity.HIGH, "CWE-548"),
+    ("dumps/", Severity.HIGH, "CWE-548"),
+    ("tmp/", Severity.HIGH, "CWE-548"),
+    ("temp/", Severity.HIGH, "CWE-548"),
+    ("cache/", Severity.HIGH, "CWE-548"),
+    ("data/", Severity.HIGH, "CWE-548"),
+    ("private/", Severity.HIGH, "CWE-548"),
+    ("internal/", Severity.HIGH, "CWE-548"),
+    ("storage/", Severity.HIGH, "CWE-548"),
+    ("var/", Severity.HIGH, "CWE-548"),
+    ("files/", Severity.HIGH, "CWE-548"),
+    # MEDIUM — asset / public-ish dirs (file enumeration enabled)
+    ("assets/", Severity.MEDIUM, "CWE-548"),
+    ("static/", Severity.MEDIUM, "CWE-548"),
+    ("public/", Severity.MEDIUM, "CWE-548"),
+    ("media/", Severity.MEDIUM, "CWE-548"),
+    ("images/", Severity.MEDIUM, "CWE-548"),
+    ("img/", Severity.MEDIUM, "CWE-548"),
+    ("downloads/", Severity.MEDIUM, "CWE-548"),
+    ("docs/", Severity.MEDIUM, "CWE-548"),
+    ("documentation/", Severity.MEDIUM, "CWE-548"),
+    ("vendor/", Severity.MEDIUM, "CWE-548"),
+    ("node_modules/", Severity.HIGH, "CWE-548"),  # higher: enables specific version-CVE lookup
+    ("bower_components/", Severity.HIGH, "CWE-548"),
+    # MEDIUM — generic root
+    ("", Severity.MEDIUM, "OWASP A05:2021"),  # root itself
+]
+# Framework-specific autoindex fingerprints applied to first 4 KiB of body
+AUTOINDEX_PATTERNS = [
+    (r"<title>Index of /", "Apache mod_autoindex"),
+    (r"<h1>Index of /", "Apache mod_autoindex / nginx fancyindex"),
+    (r"<title>Directory listing for /", "Python http.server"),
+    (r"<title>Directory: /", "Caddy file_server browse"),
+    (r"<table[^>]*class=['\"]listing", "Caddy file_server browse"),
+    (r"<pre><a href=['\"]\.\.['\"]>\.\./</a>", "nginx default autoindex"),
+    (r"<head>\s*<title>Index of [^<]+</title>", "Generic autoindex"),
+    (r"^\s*<\?xml.+<ListBucketResult", "AWS S3 ListBucket XML"),
+    (r"<EnumerationResults", "Azure Blob list-blob XML"),
+    (r"<title>Objects:", "GCS bucket browse"),
+    (r"<h1>Listing", "Rails / Rack::Directory listing"),
+    (r"<title>Index - /", "Lighttpd mod_dirlisting"),
+    (r"^\s*<!DOCTYPE\s+html>[\s\S]+<h1>\s*Index of\s+/", "Variant Index of"),
+]
+def _is_autoindex(body_text: str) -> tuple[bool, str | None]:
+    """Returns (matched, framework_name) — True if body looks like an autoindex page."""
+    sample = (body_text or "")[:4096]
+    for pattern, framework in AUTOINDEX_PATTERNS:
+        if re.search(pattern, sample, re.MULTILINE | re.IGNORECASE):
+            return True, framework
+    return False, None
+def main(argv: list[str] | None = None) -> int:
+    parser = argparse.ArgumentParser(description="Directory-listing probe")
+    parser.add_argument("url")
+    parser.add_argument("--authorized", action="store_true")
+    parser.add_argument("--output", default=None)
+    parser.add_argument("--format", choices=("json", "jsonl", "markdown"), default="markdown")
+    parser.add_argument("--min-severity", choices=("critical", "high", "medium", "low", "info"), default="info")
+    parser.add_argument("--timeout", type=float, default=10.0)
+    parser.add_argument("--paths-file", default=None, help="Custom probe set (one path per line); replaces default")
+    args = parser.parse_args(argv)
+    require_authorization(args.url, args.authorized)
+    sess = make_session(timeout=args.timeout)
+    base = args.url.rstrip("/") + "/"
+    findings: list[Finding] = []
+    probe_set = PROBES
+    if args.paths_file:
+        paths = Path(args.paths_file).read_text().splitlines()
+        probe_set = [(p.strip().rstrip("/") + "/", Severity.MEDIUM, "custom") for p in paths if p.strip()]
+    for path, sev, control in probe_set:
+        url = base + path.lstrip("/")
+        resp = safe_get(sess, url, timeout=args.timeout, allow_redirects=False)
+        if resp is None or resp.status_code != 200:
+            continue
+        body = resp.text or ""
+        ctype = resp.headers.get("Content-Type", "")
+        # Reject application/* responses (e.g. JSON APIs returning a 200) —
+        # those aren't autoindex pages
+        if "html" not in ctype.lower() and "xml" not in ctype.lower():
+            continue
+        matched, framework = _is_autoindex(body)
+        if not matched:
+            continue
+        findings.append(
+            Finding(
+                skill_id=SKILL_ID,
+                title=f"Directory listing exposed at /{path} ({framework})",
+                severity=sev,
+                target=url,
+                detail=(
+                    f"GET {url} returned 200 with HTML body matching the "
+                    f"{framework} autoindex fingerprint. Every file in this "
+                    "directory is enumerable to any external requestor, "
+                    "including files the application never explicitly linked to."
+                ),
+                remediation=(
+                    f"Disable autoindex for {path!r} at the web-server layer. "
+                    "See references/PLAYBOOK.md for per-server snippets "
+                    "(nginx `autoindex off`, Apache `Options -Indexes`, "
+                    "Caddy drop the `file_server browse` directive, S3 "
+                    "remove `s3:ListBucket` from the public bucket policy)."
+                ),
+                cwe_id="CWE-548",
+                affected_control=control,
+                evidence=(
+                    ("framework", framework or "unknown"),
+                    ("content_type", ctype),
+                    ("body_sample_len", len(body)),
+                ),
+            )
+        )
+    floor = Severity(args.min_severity)
+    findings = [f for f in findings if f.severity.numeric >= floor.numeric]
+    emit(findings, args.output, args.format, args.url)
+    return exit_code(findings)
+if __name__ == "__main__":
+    sys.exit(main())

package/skills/detecting-eval-exec-usage/SKILL.md ADDED Viewed

@@ -0,0 +1,128 @@
+---
+name: detecting-eval-exec-usage
+description: |
+  Scan a source tree for dynamic-code-execution APIs that an attacker
+  can hijack: Python eval / exec / compile, JavaScript eval /
+  Function() / setTimeout(string), Ruby eval / instance_eval /
+  class_eval, Java ScriptEngine, PHP eval / assert($str), .NET
+  Activator.CreateInstance / Reflection.Emit with dynamic input.
+  Use when: pre-commit gate on any application that parses
+  user-uploaded code (rule engines, formula evaluators,
+  plugin systems), or post-bug-report when "we run user-supplied
+  expressions."
+  Threshold: any call to eval / exec / Function / similar where the
+  argument is not a string literal.
+  Trigger with: "scan eval", "find dynamic exec", "audit eval calls",
+  "code injection patterns".
+allowed-tools:
+  - Read
+  - Bash(python3:*)
+  - Glob
+  - Grep
+disallowed-tools:
+  - Bash(rm:*)
+  - Bash(curl:*)
+version: 3.0.0-dev
+author: Jeremy Longshore <jeremy@intentsolutions.io>
+license: MIT
+compatibility: Designed for Claude Code
+tags:
+  - security
+  - static-analysis
+  - code-injection
+  - pentest
+---
+# Detecting eval / exec Usage
+## Overview
+Dynamic-code-execution APIs (CWE-95 Eval Injection) let an
+application interpret a string as code at runtime. If the string
+contains anything user-controllable, the application has handed
+the attacker arbitrary code execution.
+The defensive posture: don't use these APIs. The exceptions are
+narrow: rule engines, formula evaluators (spreadsheet `=` formulas),
+plugin systems with explicit sandboxing. For everything else,
+there's almost always a safer alternative.
+## When the skill produces findings
+| Finding | Severity | Threshold | Affected control |
+|---|---|---|---|
+| Python `eval(...)` with non-literal | **CRITICAL** | argument contains var ref | CWE-95 |
+| Python `exec(...)` with non-literal | **CRITICAL** | argument contains var ref | CWE-95 |
+| Python `compile(...)` with non-literal | **HIGH** | source string contains var | CWE-95 |
+| Python `__import__(var)` | **HIGH** | dynamic module loading | CWE-95 |
+| JS `eval(...)` | **CRITICAL** | any | CWE-95 |
+| JS `new Function(str)` | **CRITICAL** | any non-literal | CWE-95 |
+| JS `setTimeout/setInterval(string)` | **HIGH** | string instead of function | CWE-95 |
+| Ruby `eval(...)`/`instance_eval(...)`/`class_eval(...)` | **CRITICAL** | non-literal | CWE-95 |
+| PHP `eval(...)` | **CRITICAL** | always | CWE-95 |
+| PHP `assert($str)` | **CRITICAL** | (legacy code-eval form) | CWE-95 |
+| PHP `create_function` | **CRITICAL** | deprecated, eval-equivalent | CWE-95 |
+| Java `ScriptEngineManager` + eval | **HIGH** | dynamic script execution | CWE-95 |
+| C# `Activator.CreateInstance(Type.GetType(str))` | **HIGH** | type loading from string | CWE-95 |
+## Prerequisites
+- Python 3.9+
+- Source tree on local filesystem
+## Instructions
+### Run
+```bash
+python3 ${CLAUDE_PLUGIN_ROOT}/skills/detecting-eval-exec-usage/scripts/scan_eval.py /path/to/repo
+```
+Options: `--output FILE`, `--format json|jsonl|markdown`,
+`--min-severity`, `--include-tests`, `--languages LIST`.
+### Interpret
+CRITICAL = direct RCE vector. Replace the dynamic execution with
+explicit logic (lookup table, switch statement) or a sandboxed
+expression library (Python `simpleeval`, JavaScript `expr-eval`,
+Ruby `Dentaku`).
+### Remediation
+See `references/PLAYBOOK.md`.
+## Examples
+### Pre-commit
+```bash
+python3 ${CLAUDE_PLUGIN_ROOT}/skills/detecting-eval-exec-usage/scripts/scan_eval.py \
+    --min-severity high $(git diff --name-only main...HEAD | tr '\n' ' ')
+```
+### CI
+```yaml
+- run: |
+    python3 plugins/security/penetration-tester/skills/detecting-eval-exec-usage/scripts/scan_eval.py \
+        . --min-severity high
+```
+## Output
+JSON / JSONL / Markdown. Exit codes: 0 / 1 / 2.
+## Error Handling
+False positive on `eval("'literal'")` — the value is a constant
+string. Verify the regex match by reading the source line.
+## Resources
+- `references/THEORY.md` — Why dynamic-code execution is the
+  highest-impact injection class, sandbox limits, the
+  formula-evaluator design pattern
+- `references/PLAYBOOK.md` — Per-language safe alternatives
+  (Python simpleeval / ast.literal_eval, JS expression-eval
+  libraries, Ruby Dentaku, Java scripting sandboxes)

package/skills/detecting-eval-exec-usage/references/PLAYBOOK.md ADDED Viewed

@@ -0,0 +1,306 @@
+# Eval / Exec Remediation Playbook
+The universal answer: replace dynamic-code execution with explicit
+logic OR a sandboxed expression library. Per-language patterns
+below.
+## Python
+### Before
+```python
+result = eval(user_expression)
+```
+### After (sandboxed expression eval)
+```python
+from simpleeval import simple_eval
+result = simple_eval(user_expression, names={"x": 10, "y": 20})
+```
+### After (literal-only eval)
+```python
+import ast
+# Only safe for literal values, NOT expressions
+parsed = ast.literal_eval(user_input)  # raises on anything non-literal
+```
+### After (lookup table for choice)
+```python
+# Before: eval("function_" + name + "()")
+# After: explicit dispatch
+HANDLERS = {
+    "process_a": process_a,
+    "process_b": process_b,
+}
+handler = HANDLERS.get(name)
+if handler is None:
+    raise ValueError(f"Unknown handler: {name}")
+result = handler()
+```
+### Dynamic class instantiation
+```python
+# Before: cls = eval(class_name); obj = cls()
+# After:
+ALLOWED_CLASSES = {
+    "TypeA": TypeA,
+    "TypeB": TypeB,
+}
+cls = ALLOWED_CLASSES[class_name]
+obj = cls()
+```
+## JavaScript
+### Before
+```javascript
+const result = eval(userInput);
+```
+### After (expression library)
+```javascript
+const { Parser } = require('expr-eval');
+const result = Parser.evaluate(userInput, { x: 10, y: 20 });
+```
+### After (Function constructor → don't)
+```javascript
+// Before:
+const fn = new Function('x', userBody);
+// After: parse the function shape declaratively, never construct from string
+const HANDLERS = {
+    'double': (x) => x * 2,
+    'square': (x) => x * x,
+};
+const fn = HANDLERS[userInput];
+if (!fn) throw new Error('Unknown handler');
+```
+### setTimeout / setInterval — use function reference
+```javascript
+// Before
+setTimeout("doThing()", 1000);
+// After
+setTimeout(doThing, 1000);
+// or
+setTimeout(() => doThing(arg), 1000);
+```
+### JSON parse instead of eval
+```javascript
+// Before
+const data = eval('(' + jsonString + ')');
+// After
+const data = JSON.parse(jsonString);
+```
+## Ruby
+### Before
+```ruby
+result = eval(user_expression)
+```
+### After (Dentaku for expressions)
+```ruby
+require 'dentaku'
+calc = Dentaku::Calculator.new
+result = calc.evaluate(user_expression, x: 10, y: 20)
+```
+### After (avoid instance_eval / class_eval on user strings)
+```ruby
+# Before
+obj.instance_eval(user_code)
+# After: define a narrow DSL, evaluate via method dispatch
+ALLOWED_OPS = {
+    'increment' => :increment,
+    'reset' => :reset,
+}
+op = ALLOWED_OPS[user_input]
+raise 'Unknown op' unless op
+obj.send(op)
+```
+## PHP
+### Before
+```php
+$result = eval($code);
+```
+### After: just don't
+PHP's eval is uniquely dangerous because it injects into the
+current scope. There's no sandboxed-eval alternative in the
+standard library. Replace with explicit logic / dispatch table.
+```php
+$handlers = [
+    'process_a' => 'process_a',
+    'process_b' => 'process_b',
+];
+if (!isset($handlers[$name])) {
+    throw new InvalidArgumentException("Unknown handler: $name");
+}
+$fn = $handlers[$name];
+$result = $fn();
+```
+### assert as eval (legacy)
+```php
+// Before — yes really, this used to work as eval
+assert($userString);
+// After
+// Remove. assert() now is a real assertion in PHP 7+, but old
+// code that relied on the eval-form should be replaced with
+// explicit dispatch as above.
+```
+### create_function — deprecated
+```php
+// Before (deprecated since PHP 7.2, removed PHP 8.0)
+$fn = create_function('$x', $userBody);
+// After: anonymous functions / closures with explicit body
+$multiplier = function ($x) use ($factor) {
+    return $x * $factor;
+};
+```
+## Java — sandboxed scripting
+### Before (Nashorn / GraalJS with full access)
+```java
+ScriptEngine engine = new ScriptEngineManager().getEngineByName("JavaScript");
+Object result = engine.eval(userScript);
+```
+### After (GraalJS with restricted permissions)
+```java
+import org.graalvm.polyglot.*;
+try (Context cx = Context.newBuilder("js")
+        .allowHostAccess(HostAccess.NONE)
+        .allowHostClassLookup(name -> false)
+        .allowIO(false)
+        .allowCreateProcess(false)
+        .allowCreateThread(false)
+        .build()) {
+    Value result = cx.eval("js", userScript);
+}
+```
+### Or: don't use scripting at all
+For most use cases where Java code shells out to a script engine,
+the right answer is to define a domain-specific configuration
+format (JSON / YAML) parsed by your Java code, with the
+operations dispatched via a sealed-class hierarchy.
+## C# / .NET
+### Avoid Type.GetType(str) for dynamic class loading
+### Before
+```csharp
+Type t = Type.GetType(userTypeName);
+object instance = Activator.CreateInstance(t);
+```
+### After
+```csharp
+// Allow-list of permitted types
+static readonly IReadOnlyDictionary<string, Type> ALLOWED_TYPES =
+    new Dictionary<string, Type> {
+        { "TypeA", typeof(TypeA) },
+        { "TypeB", typeof(TypeB) },
+    };
+if (!ALLOWED_TYPES.TryGetValue(userTypeName, out Type t)) {
+    throw new ArgumentException($"Unknown type: {userTypeName}");
+}
+object instance = Activator.CreateInstance(t);
+```
+## Plugin system patterns (safe)
+If you genuinely need to run user-supplied logic:
+### Pattern 1 — WASM plugins
+```rust
+// Host runtime (Rust + Wasmer)
+use wasmer::{Store, Module, Instance, imports};
+let module = Module::new(&store, plugin_wasm_bytes)?;
+let instance = Instance::new(&store, &module, &imports! {})?;
+// Call exported functions; no system access by default
+let result = instance.exports.get_function("process")?.call(&[input.into()])?;
+```
+### Pattern 2 — V8 isolate (Node.js)
+```javascript
+const vm = require('vm');
+const context = vm.createContext({ /* explicit allow-list of globals */ });
+const result = vm.runInContext(userCode, context, {
+    timeout: 1000,  // hard timeout
+    breakOnSigint: true,
+});
+```
+Note: Node's `vm` module is NOT a true sandbox — there are escape
+techniques. For true isolation, use a separate process or
+`isolated-vm` library.
+### Pattern 3 — Containerized worker
+Spawn a Docker container with the user's code, read-only
+filesystem, no network, memory + CPU limits, timeout. The
+boundary is the container runtime, not the application process.
+## Pre-commit / CI
+Same pattern as previous skills:
+```yaml
+- name: eval/exec scan
+  run: |
+    python3 plugins/security/penetration-tester/skills/detecting-eval-exec-usage/scripts/scan_eval.py \
+        . --min-severity high
+```
+## Verification after remediation
+```bash
+python3 ${CLAUDE_PLUGIN_ROOT}/skills/detecting-eval-exec-usage/scripts/scan_eval.py \
+    /path/to/repo --min-severity medium
+```
+Expected: exit 0, zero MEDIUM-or-higher findings. Remaining LOW
+findings (legitimate `ast.literal_eval` calls, GraalJS sandboxed
+eval) are acceptable.