fixup! Web security audit base pipeline

resources/com/cadoles/w3af/Dockerfile

@@ -1,3 +1,19 @@
+FROM golang:1.11.4 as envtpl
+
+ARG HTTP_PROXY=
+ARG HTTPS_PROXY=
+ARG http_proxy=
+ARG https_proxy=
+
+RUN apt-get update -y && apt-get install -y git
+
+RUN git clone https://github.com/subfuzion/envtpl /src \
+  && cd /src \
+  && git checkout v1.0.0 \
+  && CGO_ENABLED=0 GOOS=linux go build \
+    -ldflags "-X main.AppVersionMetadata=$(date -u +%s)" \
+    -a -installsuffix cgo -o ./bin/envtpl ./cmd/envtpl/.
+
 FROM alpine:3.9
 
 ARG HTTP_PROXY=
@@ -5,6 +21,8 @@ ARG HTTPS_PROXY=
 ARG http_proxy=
 ARG https_proxy=
 
+COPY --from=envtpl /src/bin/envtpl /usr/local/bin/envtpl
+
 RUN apk --no-cache add \
     build-base \
     git \
@@ -78,4 +96,6 @@ RUN git clone --depth=1 \
 USER w3af
 WORKDIR /home/w3af/w3af
 
+COPY audit.w3af.tmpl audit.w3af.tmpl
+
 CMD ["./w3af_console"]

resources/com/cadoles/w3af/audit.w3af

@@ -1,65 +0,0 @@
-# -----------------------------------------------------------------------------------------------------------
-#                                              W3AF AUDIT SCRIPT FOR WEB APPLICATION
-# -----------------------------------------------------------------------------------------------------------
-#Configure HTTP settings
-http-settings
-set timeout 30
-back
-#Configure scanner global behaviors
-misc-settings
-set max_discovery_time 20
-set fuzz_cookies True
-set fuzz_form_files True
-set fuzz_url_parts True
-set fuzz_url_filenames True
-back
-plugins
-#Configure entry point (CRAWLING) scanner
-crawl web_spider
-crawl config web_spider
-set only_forward False
-set ignore_regex (?i)(logout|disconnect|signout|exit)+
-back
-#Configure vulnerability scanners
-##Specify list of AUDIT plugins type to use
-audit blind_sqli, buffer_overflow, cors_origin, csrf, eval, file_upload, ldapi, lfi, os_commanding, phishing_vector, redos, response_splitting, sqli, xpath, xss, xst
-##Customize behavior of each audit plugin when needed
-audit config file_upload
-set extensions jsp,php,php2,php3,php4,php5,asp,aspx,pl,cfm,rb,py,sh,ksh,csh,bat,ps,exe
-back
-##Specify list of GREP plugins type to use (grep plugin is a type of plugin that can find also vulnerabilities or informations disclosure)
-grep analyze_cookies, click_jacking, code_disclosure, cross_domain_js, csp, directory_indexing, dom_xss, error_500, error_pages, 
-html_comments, objects, path_disclosure, private_ip, strange_headers, strange_http_codes, strange_parameters, strange_reason, url_session, xss_protection_header
-##Specify list of INFRASTRUCTURE plugins type to use (infrastructure plugin is a type of plugin that can find informations disclosure)
-infrastructure server_header, server_status, domain_dot, dot_net_errors
-#Configure target authentication
-auth detailed
-auth config detailed
-set username admin
-set password password
-set method POST
-set auth_url http://pcdom/dvwa/login.php
-set username_field user	
-set password_field pass
-set check_url http://pcdom/dvwa/index.php
-set check_string 'admin'
-set data_format username=%U&password=%P&Login=Login
-back
-#Configure reporting in order to generate an HTML report
-output console, html_file
-output config html_file
-set output_file /tmp/W3afReport.html
-set verbose False
-back
-output config console
-set verbose False
-back
-back
-#Set target informations, do a cleanup and run the scan
-target 
-set target http://pcdom/dvwa
-set target_os windows
-set target_framework php
-back
-cleanup
-start

resources/com/cadoles/w3af/audit.w3af.tmpl

@@ -0,0 +1,72 @@
+# -----------------------------------------------------------------------------------------------------------
+#                                              W3AF AUDIT SCRIPT FOR WEB APPLICATION
+# -----------------------------------------------------------------------------------------------------------
+
+#Configure HTTP settings
+http-settings
+set timeout {{ default 10 .W3AF_TIMEOUT }}
+{{ if .W3AF_BASIC_AUTH_USERNAME }}
+set basic_auth_user {{ .W3AF_BASIC_AUTH_USERNAME }}
+set basic_auth_passwd {{ .W3AF_BASIC_AUTH_PASSWORD }}
+{{if .W3AF_BASIC_AUTH_DOMAIN }}
+set basic_auth_domain {{ .W3AF_BASIC_AUTH_DOMAIN }}
+{{end}}
+{{ end }}
+back
+
+#Configure scanner global behaviors
+misc-settings
+set max_discovery_time {{ default 10 .W3AF_MAX_DISCOVERY_TIME }}
+set fuzz_cookies True
+set fuzz_form_files True
+set fuzz_url_parts True
+set fuzz_url_filenames True
+back
+
+profiles
+use {{ default "audit_high_risk" .W3AF_PROFILE }}
+back
+
+plugins
+
+{{ if .W3AF_AUTH_FORM_URL }}
+#Configure target authentication
+auth detailed
+auth config detailed
+set username {{ .W3AF_AUTH_FORM_USERNAME }}
+set password {{ .W3AF_AUTH_FORM_PASSWORD }}
+set method POST
+set auth_url {{ .W3AF_AUTH_FORM_URL }}
+set username_field {{ default "username" .W3AF_AUTH_FORM_USERNAME_FIELD }}
+set password_field {{ default "password" .W3AF_AUTH_FORM_PASSWORD_FIELD }}
+set data_format {{ default "username=%U&password=%P" .W3AF_AUTH_FORM_DATA_FORMAT }}
+set check_url {{ .W3AF_AUTH_FORM_CHECK_URL }}
+set check_string '{{- default "connected" .W3AF_AUTH_FORM_CHECK_STRING -}}'
+back
+{{end}}
+
+
+#Configure reporting in order to generate an HTML report
+output console, html_file
+output config html_file
+set output_file reports/report{{- if .W3AF_REPORT_SUFFIX -}}_{{- .W3AF_REPORT_SUFFIX -}}{{- end -}}.html
+set verbose {{ default "False" .W3AF_VERBOSE }}
+back
+
+output config console
+set verbose {{ default "False" .W3AF_VERBOSE }}
+back
+back
+
+#Set target informations, do a cleanup and run the scan
+target 
+set target {{ .W3AF_TARGET_URL }}
+set target_os {{ default "unix" .W3AF_TARGET_OS }}
+set target_framework {{ default "unknown" .W3AF_TARGET_FRAMEWORK }}
+back
+
+back
+
+cleanup
+start
+exit