Cascading Rules Examples Nmap/Ncrack

SebieF · SebieF · commit 579571c98111 · 2020-10-02T10:30:48.000+02:00
diff --git a/scanners/ncrack/cascading-rules/crackssh.yaml b/scanners/ncrack/cascading-rules/crackssh.yaml
@@ -0,0 +1,22 @@
+apiVersion: "cascading.experimental.securecodebox.io/v1"
+kind: CascadingRule
+metadata:
+  name: "ncrack-ssh"
+  labels:
+    securecodebox.io/invasive: invasive
+    securecodebox.io/intensive: high
+spec:
+  matches:
+    anyOf:
+      - category: "Open Port"
+        attributes:
+          port: 22
+          state: open
+  scanSpec:
+    scanType: "ncrack"
+    parameters:
+      - -v
+      - -d10
+      - --user=root,admin
+      - --pass=abcdef,THEPASSWORDYOUCREATED,12345
+      - ssh://"{{location}}"
diff --git a/scanners/nmap/examples/dummy-ssh-cascade/scan.yaml b/scanners/nmap/examples/dummy-ssh-cascade/scan.yaml
@@ -0,0 +1,16 @@
+apiVersion: "execution.experimental.securecodebox.io/v1"
+kind: Scan
+metadata:
+  name: "nmap-dummy-ssh"
+spec:
+  scanType: "nmap"
+  parameters:
+    # Internal cluster is blocking our ping probes, therefore we skip them
+    - "-Pn"
+    # Service Detection enabled
+    - "-sV"
+    # Actual Service Address will depend on you cluster and namespace configuration. 🤷‍
+    - "dummy-ssh.demo-apps.svc"
+  cascades:
+    matchLabels:
+      securecodebox.io/intensive: high
