AMADEUS is a framework solution to enable and help the automatic analysis and testing of cybersecurity vulnerabilities of configuration systems based on feature models. AMADEUS can automatically analyse the organisation infrastructure determining the vulnerabilities by querying vulnerability repositories.
The minimum software requirements to run AMADEUS are:
- Python 3
- An Internet connection
In addition, if you plan to run automatic network-based vulnerability tests, you may need to install Nmap in your system and configure your path properly.
This step involves the process of retrieving and installing required dependencies (modules) that AMADEUS requires. To proceed, open a new shell interpreter and simply run the following commands:
$ cd /path/to/amadeus
$ pip install -r requirements.txt
AMADEUS supports two types of execution. In either of those, you can type the command --help
to display the following explanatory dialog.
$ python main.py -h
usage: main.py [-h] [-k KEYWORD] [-e] [-a] [-t TARGET]
optional arguments:
-h, --help show this help message and exit
-k KEYWORD, --keyword KEYWORD
Keyword used to perform a manual CVE search on NVD
-e If the results from NVD must be an EXACT match of the
keywords or just contain them
-a Launches NMAP to perform an automatic search of
vulnerabilities
-t TARGET, --target TARGET
CIDR block or host target of the automatic analysis
By running the program in this mode, AMADEUS will launch a Nmap analysis to the specified IP (or CIDR block) and identify relevant information of the target system. These details will be used to retrieve potentially related CVE flaws and vector attacks on an online vulnerability database (NVD).
In order to perform an automatic analysis to a specific network, you may run the following command:
$ python main.py -a -t 192.168.1.1
Target (-t/--target
) can also be a CIDR block:
$ python main.py -a -t 192.168.1.1/24
By running the program in this mode, AMADEUS will use provided keywords to retrieve potentially related CVE flaws and vector attacks on an online vulnerability database (NVD).
To provide your own keywords and perform a search based on them:
$ python main.py -k "YOUR_KEYWORD"
-
Optionally, you can set the flag
-e
in both approaches to ensure that results obtained from NVD do not only contain the keywords, but they appear in the exact same order. -
Models generated by AMADEUS and their respective constraints (if applicable) may be found under the directory fm/models .
Feature models inferred by AMADEUS are expressed using the FaMa formatting. A tool compatible with this kind of format can be then used to perform a series of operations over these models.
In order to stage a running example, let's suppose we have discover that the Nginx server of our organization is running version 1.7. To obtain related vulnerable configurations (or attack vectors) we may instruct AMADEUS to derive a model from that information:
This operation will effectively create some models with the vulnerabilities detected under the path fm/models. Now, lets try to load the model with a FaMa compatible tool (like FaMaShell-Docker) and apply some operations over it: