Skip to content

Refactor Vagrant scripts and readme for gauntlt #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jun 18, 2019
Merged

Refactor Vagrant scripts and readme for gauntlt #31

merged 6 commits into from
Jun 18, 2019

Conversation

@obscurerichard
Copy link
Member

@obscurerichard obscurerichard commented Apr 3, 2019
edited
Loading

This isolates the installation script, and makes it idempotent.

Always front-load image provisioning stuff so that the newest stuff you are testing goes first.

We should refactor this into Ansible playbooks too and ensure it gets integrated into the image creation process, but that can be a separate PR.

I've tested this with:

time (vagrant destroy -f && vagrant up --provision && vagrant ssh  -c "cd /app/gauntlt && gauntlt")

and it ran the gauntlt scripts as expected.

@rpigu-i rpigu-i self-requested a review April 3, 2019 17:11
@rpigu-i
Copy link
Contributor

rpigu-i commented Apr 3, 2019

Looks good, thanks Richard.

@obscurerichard obscurerichard changed the title WIP: Refactor Vagrant scripts and readme for gauntlt Refactor Vagrant scripts and readme for gauntlt Apr 3, 2019
@obscurerichard
Copy link
Member Author

obscurerichard commented Apr 4, 2019

I tested this before and after changes with this set of commands:

time (vagrant destroy -f && vagrant up --provision && vagrant ssh  -c "cd /app/gauntlt && gauntlt")

It takes about 17 minutes to complete.

In both cases (before & after) the same gauntlt tests are passing and failing. For example:

[DEPRECATION] This gem has been renamed to optimist and will no longer be supported. Please switch to optimist as soon as possible.
Feature: OS detection

  Background:                  # ./os_detection.attack:3
    Given "nmap" is installed  # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:4
    And the following profile: # gauntlt-1.0.13/lib/gauntlt/attack_adapters/gauntlt.rb:9
      | name     | value           |
      | hostname | scanme.nmap.org |

  @slow
  Scenario: Detect OS                    # ./os_detection.attack:10
    When I launch an "nmap" attack with: # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:8
      """
      nmap -sV -p80 -PN <hostname>
      """
    Then the output should contain:      # aruba-0.7.4/lib/aruba/cucumber.rb:182
      """
      Apache
      """

@slow
Feature: nmap attacks for scanme.nmap.org and to use this for your tests, change the value in the profile

  Background:                  # ./nmap.attack:4
    Given "nmap" is installed  # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:4
    And the following profile: # gauntlt-1.0.13/lib/gauntlt/attack_adapters/gauntlt.rb:9
      | name           | value           |
      | hostname       | scanme.nmap.org |
      | host           | scanme.nmap.org |
      | tcp_ping_ports | 22,25,80,443    |

  Scenario: Verify server is open on expected set of ports using the nmap-fast attack step # ./nmap.attack:12
Checking nmap-fast and nmap-fastRunning a nmap-fast attack. This attack has this description:
 This is a fast nmap scan that should run in 10 seconds or less on most networks.  It looks for the most common ports and services.
    When I launch a "nmap-fast" attack                                                     # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:12
    Then the output should match /80.tcp\s+open/                                           # aruba-0.7.4/lib/aruba/cucumber.rb:206

  Scenario: Verify server is open on expected set of ports using the nmap fast flag # ./nmap.attack:16
    When I launch an "nmap" attack with:                                            # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:8
      """
      nmap -F <hostname>
      """
    Then the output should match:                                                   # aruba-0.7.4/lib/aruba/cucumber.rb:210
      """
      80/tcp\s+open
      """

  Scenario: Verify that there are no unexpected ports open # ./nmap.attack:26
    When I launch an "nmap" attack with:                   # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:8
      """
      nmap -F <hostname>
      """
    Then the output should not contain:                    # aruba-0.7.4/lib/aruba/cucumber.rb:186
      """
      22/tcp
      25/tcp
      """

  Scenario: Output to XML                          # ./nmap.attack:37
    When I launch an "nmap" attack with:           # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:8
      """
      nmap -p 80,443 -oX foo.xml <hostname>
      """
The use of "prep_for_fs_check" is deprecated. It will be removed soon.
    And the file "foo.xml" should contain XML:     # gauntlt-1.0.13/lib/gauntlt/attack_adapters/gauntlt.rb:15
 + .g/COMMIT_EDITMSG
      | css                                                         |
      | ports port[protocol="tcp"][portid="80"] state[state="open"] |
The use of "prep_for_fs_check" is deprecated. It will be removed soon.
The use of "prep_for_fs_check" is deprecated. It will be removed soon.
    And the file "foo.xml" should not contain XML: # gauntlt-1.0.13/lib/gauntlt/attack_adapters/gauntlt.rb:21
      | css                                                          |
      | ports port[protocol="tcp"][portid="123"] state[state="open"] |
      | ports port[protocol="tcp"][portid="443"] state[state="open"] |

@slow
Feature: simple nmap attack (sanity check)

  Background:                                # ./simple-env-var.attack:4
    Given "nmap" is installed                # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:4
    And the following environment variables: # gauntlt-1.0.13/lib/gauntlt/attack_adapters/gauntlt.rb:3
      | name     | environment_variable_name |
      | hostname | TEST_HOSTNAME             |
    And the following profile:               # gauntlt-1.0.13/lib/gauntlt/attack_adapters/gauntlt.rb:9
      | name       | value |
      | https_port | 443   |
      | http_port  | 80    |

  Scenario: Verify server is available on standard web ports # ./simple-env-var.attack:16
    When I launch an "nmap" attack with:                     # gauntlt-1.0.13/lib/gauntlt/attack_adapters/nmap.rb:8
      """
      nmap -p <http_port>,<https_port> <hostname>
      """
      no implicit conversion of nil into String (TypeError)
      ./simple-env-var.attack:17:in `When I launch an "nmap" attack with:'
    Then the output should match /80.tcp\s+open/             # aruba-0.7.4/lib/aruba/cucumber.rb:206
    And the output should not match:                         # aruba-0.7.4/lib/aruba/cucumber.rb:219
      """
      443/tcp\s+open
      """

Failing Scenarios:
cucumber ./simple-env-var.attack:16 # Scenario: Verify server is available on standard web ports

6 scenarios (1 failed, 5 passed)
27 steps (1 failed, 2 skipped, 24 passed)
0m11.800s
Connection to 127.0.0.1 closed.

@obscurerichard obscurerichard merged commit 45b0716 into gauntlt Jun 18, 2019
@obscurerichard obscurerichard deleted the gauntlt-refactor-scripts-and-readme branch June 18, 2019 22:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rpigu-i rpigu-i Awaiting requested review from rpigu-i

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@obscurerichard @rpigu-i