Merge pull request #59 from secureCodeBox/feature/nikto-examples

Add Example Nikto Scans

Author: J12934

bin/install-all.sh

@@ -16,6 +16,11 @@ helm upgrade --install zap ./scanners/zap/
 helm upgrade --install wpscan ./scanners/wpscan/
 
 helm upgrade --install dummy-ssh ./demo-apps/dummy-ssh/
+helm upgrade --install juice-shop ./demo-apps/juice-shop/
+helm upgrade --install old-wordpress ./demo-apps/old-wordpress/
+helm upgrade --install bodgeit ./demo-apps/bodgeit/
+helm upgrade --install swagger-petstore ./demo-apps/swagger-petstore/
+helm upgrade --install http-webhook ./demo-apps/http-webhook/
 
 helm upgrade --install aah ./hooks/update-field/
 helm upgrade --install gwh ./hooks/generic-webhook/

bin/uninstall-all.sh

@@ -15,6 +15,11 @@ helm uninstall zap
 helm uninstall wpscan
 
 helm uninstall dummy-ssh
+helm uninstall bodgeit
+helm uninstall http-webhook
+helm uninstall juice-shop
+helm uninstall old-wordpress
+helm uninstall swagger-petstore
 
 helm uninstall aah
 helm uninstall gwh

scanners/nikto/examples/demo-bodgeit/findings.yaml

@@ -0,0 +1,121 @@
+[
+  {
+    "name": "The anti-clickjacking X-Frame-Options header is not present.",
+    "description": null,
+    "category": "X-Frame-Options Header",
+    "location": "http://bodgeit/",
+    "osi_layer": "NETWORK",
+    "severity": "LOW",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "GET",
+      "port": 8080,
+      "niktoId": 999957
+    },
+    "id": "9fc0b231-3a91-4976-ad59-35d59a585a38"
+  },
+  {
+    "name": "The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS",
+    "description": null,
+    "category": "X-XSS-Protection",
+    "location": "http://bodgeit/",
+    "osi_layer": "NETWORK",
+    "severity": "LOW",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "GET",
+      "port": 8080,
+      "niktoId": 999102
+    },
+    "id": "fd763ddc-beaf-4bb0-91f6-334fadfaad03"
+  },
+  {
+    "name": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type",
+    "description": null,
+    "category": "X-Content-Type-Options Header",
+    "location": "http://bodgeit/",
+    "osi_layer": "NETWORK",
+    "severity": "INFORMATIONAL",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "GET",
+      "port": 8080,
+      "niktoId": 999103
+    },
+    "id": "08fc1392-6da9-4d57-beb2-dc7f72bea503"
+  },
+  {
+    "name": "/favicon.ico file identifies this app/server as: Apache Tomcat (possibly 5.5.26 through 8.0.15), Alfresco Community",
+    "description": null,
+    "category": "Identified Software",
+    "location": "http://bodgeit/favicon.ico",
+    "osi_layer": "NETWORK",
+    "severity": "INFORMATIONAL",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "GET",
+      "port": 8080,
+      "niktoId": 500645
+    },
+    "id": "4a6b694c-b0ac-465e-929e-8e67cbded3a8"
+  },
+  {
+    "name": "Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS",
+    "description": null,
+    "category": "Nikto Finding",
+    "location": "http://bodgeit/",
+    "osi_layer": "NETWORK",
+    "severity": "INFORMATIONAL",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "OPTIONS",
+      "port": 8080,
+      "niktoId": 999990
+    },
+    "id": "7fe0661b-1eac-4e7c-ad02-0fa5b293700c"
+  },
+  {
+    "name": "HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.",
+    "description": null,
+    "category": "Nikto Finding",
+    "location": "http://bodgeit/",
+    "osi_layer": "NETWORK",
+    "severity": "INFORMATIONAL",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "GET",
+      "port": 8080,
+      "niktoId": 400001
+    },
+    "id": "f63b2cd6-cb19-43f5-a086-c5084e8b8e2b"
+  },
+  {
+    "name": "HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.",
+    "description": null,
+    "category": "Nikto Finding",
+    "location": "http://bodgeit/",
+    "osi_layer": "NETWORK",
+    "severity": "INFORMATIONAL",
+    "attributes": {
+      "ip_address": "10.105.36.237",
+      "hostname": "bodgeit",
+      "banner": "Apache-Coyote/1.1",
+      "method": "GET",
+      "port": 8080,
+      "niktoId": 400000
+    },
+    "id": "237ff776-7fc1-4509-b51e-d916b3951422"
+  }
+]

scanners/nikto/examples/demo-bodgeit/nikto-results.json

@@ -0,0 +1,57 @@
+{
+  "host": "bodgeit",
+  "ip": "10.105.36.237",
+  "port": "8080",
+  "banner": "Apache-Coyote/1.1",
+  "vulnerabilities": [
+    {
+      "id": "999957",
+      "OSVDB": "0",
+      "method": "GET",
+      "url": "/",
+      "msg": "The anti-clickjacking X-Frame-Options header is not present."
+    },
+    {
+      "id": "999102",
+      "OSVDB": "0",
+      "method": "GET",
+      "url": "/",
+      "msg": "The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS"
+    },
+    {
+      "id": "999103",
+      "OSVDB": "0",
+      "method": "GET",
+      "url": "/",
+      "msg": "The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type"
+    },
+    {
+      "id": "500645",
+      "OSVDB": "39272",
+      "method": "GET",
+      "url": "/favicon.ico",
+      "msg": "/favicon.ico file identifies this app/server as: Apache Tomcat (possibly 5.5.26 through 8.0.15), Alfresco Community"
+    },
+    {
+      "id": "999990",
+      "OSVDB": "0",
+      "method": "OPTIONS",
+      "url": "/",
+      "msg": "Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS "
+    },
+    {
+      "id": "400001",
+      "OSVDB": "397",
+      "method": "GET",
+      "url": "/",
+      "msg": "HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server."
+    },
+    {
+      "id": "400000",
+      "OSVDB": "5646",
+      "method": "GET",
+      "url": "/",
+      "msg": "HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server."
+    }
+  ]
+}

scanners/nikto/examples/demo-bodgeit/scan.yaml

@@ -0,0 +1,15 @@
+apiVersion: 'execution.experimental.securecodebox.io/v1'
+kind: Scan
+metadata:
+  name: 'nikto-bodgeit'
+  labels:
+    organization: 'secureCodeBox'
+spec:
+  scanType: 'nikto'
+  parameters:
+    - '-h'
+    - 'bodgeit'
+    - '-port 8080'
+    - '-Tuning'
+    # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP
+    - '1,2,3,5,7,b'