Cadoles/Jenkins
Cadoles
/
Jenkins
21
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

fixup! Web security audit base pipeline

This commit is contained in:
wpetit 2019-04-15 21:02:07 +02:00
parent 002b1b22a3
commit 828d9ce4e8
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
vars/audit.groovy
View File

@ -43,6 +43,14 @@ def call() {
name: 'authFormCheckString', name: 'authFormCheckString',
description: "Chaine de caractères à rechercher pour vérifier la réussite de l'authentication (si besoin)" description: "Chaine de caractères à rechercher pour vérifier la réussite de l'authentication (si besoin)"
) )
string(
name: 'authFormUsernameField',
description: "Nom du champ 'nom utilisateur' du formulaire d'authentication (si besoin)"
)
string(
name: 'authFormPasswordField',
description: "Nom du champ 'mot de passe' du formulaire d'authentication (si besoin)"
)
string( string(
name: 'authFormDataFormat', name: 'authFormDataFormat',
description: "Patron de formatage des données POST du formulaire d'authentification (si besoin). Exemple: username=%U&password=%P" description: "Patron de formatage des données POST du formulaire d'authentification (si besoin). Exemple: username=%U&password=%P"
@ -54,14 +62,14 @@ def call() {
stage("Check parameters") { stage("Check parameters") {
steps { steps {
script { script {
if (!params.url?.trim()) { if (!params.targetUrl?.trim()) {
error("L'URL cible n'est pas définie !") error("L'URL cible n'est pas définie !")
} }
} }
} }
} }
stage("Test URL") { stage("Run W3AF audit") {
steps { steps {
script { script {
def w3afImage = buildDockerImage() def w3afImage = buildDockerImage()
@ -75,7 +83,8 @@ def call() {
-e W3AF_AUTH_FORM_PASSWORD='${params.authFormPassword}' -e W3AF_AUTH_FORM_PASSWORD='${params.authFormPassword}'
-e W3AF_AUTH_FORM_CHECK_URL='${params.authFormCheckUrl}' -e W3AF_AUTH_FORM_CHECK_URL='${params.authFormCheckUrl}'
-e W3AF_AUTH_FORM_CHECK_STRING='${params.authFormCheckString}' -e W3AF_AUTH_FORM_CHECK_STRING='${params.authFormCheckString}'
-e W3AF_AUTH_FORM_DATA_FORMAT='${params.authFormDataFormat}' -e W3AF_AUTH_FORM_USERNAME_FIELD='${params.authFormUsernameField}'
-e W3AF_AUTH_FORM_PASSWORD_FIELD='${params.authFormPasswordField}'
""" """
w3afImage.inside(dockerArgs) { w3afImage.inside(dockerArgs) {
sh 'mkdir reports' sh 'mkdir reports'