From 36165719d4bf8026ae5b8aecac00e503ee192595 Mon Sep 17 00:00:00 2001
From: William Petit <wpetit@cadoles.com>
Date: Mon, 29 Apr 2019 16:46:17 +0200
Subject: [PATCH] fixup! Web security audit base pipeline

---
 Makefile                                   |  5 +-
 pipelines/w3af-pentest.jenkinsfile         | 87 ----------------------
 resources/com/cadoles/w3af/audit.w3af.tmpl | 18 +++--
 vars/audit.groovy                          | 67 +++++++++++++----
 4 files changed, 66 insertions(+), 111 deletions(-)
 delete mode 100644 pipelines/w3af-pentest.jenkinsfile

diff --git a/Makefile b/Makefile
index 6410bda..9ec9013 100644
--- a/Makefile
+++ b/Makefile
@@ -11,10 +11,7 @@ image-w3af:
 interactive-w3af:
 	docker run \
 		-it --rm \
-		-e HTTP_PROXY=$(HTTP_PROXY) \
-		-e HTTPS_PROXY=$(HTTPS_PROXY) \
-		-e http_proxy=$(http_proxy) \
-		-e https_proxy=$(https_proxy) \
+		--net host \
 		-v "$(PWD)/resources/com/cadoles/w3af/audit.w3af.tmpl:/home/w3af/w3af/audit.w3af.tmpl:ro" \
 		jenkins-w3af:latest \
 		/bin/sh
diff --git a/pipelines/w3af-pentest.jenkinsfile b/pipelines/w3af-pentest.jenkinsfile
deleted file mode 100644
index 47d1b24..0000000
--- a/pipelines/w3af-pentest.jenkinsfile
+++ /dev/null
@@ -1,87 +0,0 @@
-@Library("cadoles") _
-
-pipeline {
-
-    agent {
-        label 'common'
-    }
-
-    parameters {
-        string(
-            name: 'packageName', 
-            description: 'Nom du paquet à installer'
-        )
-        string(
-            name: 'packageVersion', 
-            defaultValue: '', 
-            description: 'Version du paquet à installer'
-        )
-        string(
-            name: 'packageRepository',
-            description: 'Dépôt de paquets à utiliser sur Vulcain'
-        )
-        string(
-            name: 'vmTemplate',
-            description: 'Template OpenNebula de la VM à utiliser pour le test d\'installation'
-        )
-    }
-
-    stages {
-
-        stage("Check parameters") {
-            steps {
-                script {
-                    if (!params.url?.trim()) {
-                        error("L'URL du paquet n'est pas définie !")
-                    }
-                }
-            }
-        }
-
-        stage("Test URL") {
-            steps {
-                script {
-                    def w3afImage = buildDockerImage()
-                    def dockerArgs = """
-                    """
-                    tamarinImage.inside(dockerArgs) {
-                        sh './w3af_console '
-                    }
-                }
-            }
-        }
-    }
-
-    post {
-        failure {
-            wrap([$class: 'BuildUser']) {
-                rocketSend (
-                    avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
-                    message: """
-                    Le test de sécurité sur l'URL `${params.url}` a échoué:
-                    
-                    [Voir le job](${env.RUN_DISPLAY_URL})
-                    
-                    @${env.BUILD_USER_ID ? env.BUILD_USER_ID : 'here'}
-                    """.stripIndent(),
-                    rawMessage: true
-                )
-            }
-        }
-    }
-
-}
-
-def buildDockerImage() {
-    dir ('.w3af') {
-        def dockerfile = libraryResource 'com/cadoles/w3af/Dockerfile'
-        writeFile file:'Dockerfile', text:dockerfile
-
-        def audit = libraryResource 'com/cadoles/w3af/audit.w3af'
-        writeFile file:'audit.w3af', text:audit
-        
-        def safeJobName = URLDecoder.decode(env.JOB_NAME).toLowerCase().replace('/', '-').replace(' ', '-')
-        def imageTag = "${safeJobName}-${env.BUILD_ID}"
-        return docker.build("w3af:${imageTag}", ".")
-    }
-}
\ No newline at end of file
diff --git a/resources/com/cadoles/w3af/audit.w3af.tmpl b/resources/com/cadoles/w3af/audit.w3af.tmpl
index 44f9158..3fda4b2 100644
--- a/resources/com/cadoles/w3af/audit.w3af.tmpl
+++ b/resources/com/cadoles/w3af/audit.w3af.tmpl
@@ -2,7 +2,7 @@
 #                                              W3AF AUDIT SCRIPT FOR WEB APPLICATION
 # -----------------------------------------------------------------------------------------------------------
 
-#Configure HTTP settings
+# Configure HTTP settings
 http-settings
 set timeout {{ default 10 .W3AF_TIMEOUT }}
 {{ if .W3AF_BASIC_AUTH_USERNAME }}
@@ -14,7 +14,7 @@ set basic_auth_domain {{ .W3AF_BASIC_AUTH_DOMAIN }}
 {{ end }}
 back
 
-#Configure scanner global behaviors
+# Configure scanner global behaviors
 misc-settings
 set max_discovery_time {{ default 10 .W3AF_MAX_DISCOVERY_TIME }}
 set fuzz_cookies True
@@ -29,8 +29,16 @@ back
 
 plugins
 
+# Configure rfi plugin
+audit rfi
+audit config rfi
+set listen_address "0.0.0.0"
+set listen_port 44449
+set use_w3af_site True
+back
+
 {{ if .W3AF_AUTH_FORM_URL }}
-#Configure target authentication
+# Configure target authentication
 auth detailed
 auth config detailed
 set username {{ .W3AF_AUTH_FORM_USERNAME }}
@@ -46,7 +54,7 @@ back
 {{end}}
 
 
-#Configure reporting in order to generate an HTML report
+# Configure reporting in order to generate an HTML report
 output console, html_file
 output config html_file
 set output_file reports/report{{- if .W3AF_REPORT_SUFFIX -}}_{{- .W3AF_REPORT_SUFFIX -}}{{- end -}}.html
@@ -58,7 +66,7 @@ set verbose {{ default "False" .W3AF_VERBOSE }}
 back
 back
 
-#Set target informations, do a cleanup and run the scan
+# Set target informations, do a cleanup and run the scan
 target 
 set target {{ .W3AF_TARGET_URL }}
 set target_os {{ default "unix" .W3AF_TARGET_OS }}
diff --git a/vars/audit.groovy b/vars/audit.groovy
index 628db87..9c2447b 100644
--- a/vars/audit.groovy
+++ b/vars/audit.groovy
@@ -86,6 +86,7 @@ def call() {
                         -e W3AF_AUTH_FORM_USERNAME_FIELD='${params.authFormUsernameField}'
                         -e W3AF_AUTH_FORM_PASSWORD_FIELD='${params.authFormPasswordField}'
                         """
+
                         w3afImage.inside(dockerArgs) {
                             sh 'mkdir -p reports'
                             sh 'rm -f reports/*'
@@ -95,6 +96,44 @@ def call() {
                     }
                 }
             }
+
+            stage("Check discovered vulnerabilities") {
+                steps {
+                    script {
+                        
+                        def totalMediumVulnerabilities = sh(
+                            script: "grep 'MEDIUM' report.html | wc -l", 
+                            returnStdout: true
+                        ).toInteger()
+
+                        def totalHighVulnerabilities = sh(
+                            script: "grep 'HIGH' report.html | wc -l", 
+                            returnStdout: true
+                        ).toInteger()
+
+                        if (totalHighVulnerabilities == 0 && totalMediumVulnerabilities == 0) {
+                            return
+                        }
+
+                        wrap([$class: 'BuildUser']) {
+                            rocketSend (
+                                avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
+                                message: """
+                                Des vulnérabilités ont été trouvées lors de l'audit de l'URL `${params.targetUrl}`:
+                                
+                                - Criticité HAUTE: ${totalHighVulnerabilities} vulnérabilité(s) trouvée(s)
+                                - Criticité MOYENNNE: ${totalMediumVulnerabilities} vulnérabilité(s) trouvée(s)
+
+                                [Voir le job](${env.RUN_DISPLAY_URL})
+                                
+                                @${env.BUILD_USER_ID ? env.BUILD_USER_ID : 'here'}
+                                """.stripIndent(),
+                                rawMessage: true
+                            )
+                        }
+                    }
+                }
+            }
         }
 
         post {
@@ -108,21 +147,19 @@ def call() {
                     reportName: "Rapport d'audit"
                 ]
             }
-            // failure {
-            //     wrap([$class: 'BuildUser']) {
-            //         rocketSend (
-            //             avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
-            //             message: """
-            //             Le test de sécurité pour `${params.targetUrl}` a échoué:
-                        
-            //             [Voir le job](${env.RUN_DISPLAY_URL})
-                        
-            //             @${env.BUILD_USER_ID ? env.BUILD_USER_ID : 'here'}
-            //             """.stripIndent(),
-            //             rawMessage: true
-            //         )
-            //     }
-            // }
+            failure {
+                rocketSend (
+                    avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
+                    message: """
+                    Le test de sécurité pour `${params.targetUrl}` a échoué:
+                    
+                    [Voir le job](${env.RUN_DISPLAY_URL})
+                    
+                    @${env.BUILD_USER_ID ? env.BUILD_USER_ID : 'here'}
+                    """.stripIndent(),
+                    rawMessage: true
+                )
+            }
         }
 
     }