Resources
Resources

Step 1 - Create a Script

This script conducts security checks. It could be calling other security tools, open source tools, calling APIs, it can be whatever you need it to be. As long as it can determine security issues, record them as vulnerability objects, and store them back into the system.

Let's dive into what the script does!

The script is going to take some inputs:

arg_options = argparse.ArgumentParser(description="Runs a simple HTTPS redirection test")
arg_options.add_argument('--url', type=str)
arg_options.add_argument('--debug', type=str)
arg_options.add_argument('--output', type=str)
  • --url - the URL to be tested

  • --debug - takes a debug argument to print out additional information

  • --output - where we want the XML vulnerability file to be written to

The main body of the testing tool is very simple as follows where we're stripping out the 's' in 'https' of the URL and trying to find out if a redirect occurs.

#Requests
s = requests.Session()
url_to_use = url.replace('https', 'http')
print(f"Accessing {url_to_use} \n")
Response = s.request("Get", url_to_use, allow_redirects=False)
code = Response.status_code
if code == 300 or code == 301 or code == 302 or code == 303 or code == 304 or code == 307 or code == 308:
print(f"Successfully received a redirect {code} for {url_to_use} \n")
else:

When we run the script we're looking for a vulnerability, which in this case is the absence of a redirect. When we find this, we want to create a vulnerability object as shown in the following code snippet.

# Raise the issue
vuln = Vulnerability (title="No HTTP redirect to HTTPS",
summary="HTTP access to site does not redirect to an HTTPS location",
explanation="In testing, when a request for the HTTP protocol for the site was made, there was not a redirect for the HTTPS location",
recommendation="Update the server configuration to ensure non-secure requests for these pages result in a redirect.",
source=url_to_use,
severity=Severity.HIGH,
cvss='CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N',
md5="a9f54e2a88ede11530aa9d914fe2bbcc" )

To create a vulnerability object we need to supply the following:

  • Title
  • Summary
  • Explanation
  • Recommendation
  • URL - the domain that's created the issue
  • Severity
  • CVSS - to understand the structure and properties of the vulnerability found
  • MD5 - Optional field. If omitted, Uleska will concatenate the first 4 fields of the vulnerability and hash them to provide a unique internal reference to this vulnerability

We then add the vulnerability object into a dictionary, and, as we've also included a Debug flag - Print out extra information about what's been found.

issues_found.append( vuln )
if debug:print ("\n######################### DEBUG #################################")
print ("Issue added to list: Title [" + vuln.title + "], Summary [" + vuln.summary + "]")
print("###################################################################\n\n")

Finally, we use the save_vulns_to_file function to take issues found and store them in an XML file. When this Custom Tool is added to the Uleska platform, you will tell Uleska where this XML will be, and the platform will read in vulnerabilities from it before disposing of the container.

# Save the vulnerabilities to the XML file
save_vulns_to_file(issues_found, vulns_output_location, '1.2')

After you have created your custom tool, you will need to test it to make sure it works.

Run the Python file, give it a sample URL to see if it has an automatic redirect.

If an issue has been raised and you would like to see more information about it, run the same command with “--debug true”.

Confirm that it is able to produce the XML output file with “more ___.xml”, which will show you your title, summary, explanation etc.

You have now created a custom tool which finds issues/vulnerabilities.