DeforaNetworks/pentext
DeforaNetworks/pentext
3
0
Fork 0
Code Releases Activity
pentext/chatops/bash/handler_pentest
Peter Mosmans d51dfadae9 Added support for using a different quote source 
The third parameter can be used to specify a different repository to use
as 'base' and pull the client and quote information from.
2016-09-16 17:20:51 +10:00

164 lines
5.6 KiB
Bash
Raw Blame History

#!/bin/bash
# handler_pentest - sets up a pentest repo with PenText based on a quote repo
#
# This script is part of the PenText framework
# https://pentext.org
#
# Copyright (C) 2016 Radically Open Security
# https://www.radicallyopensecurity.com
#
# Author(s): Peter Mosmans
# John Sinteur
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
VERSION=0.9
SAXON=/usr/local/bin/saxon/saxon9he.jar
TEMPLATEREPO=ssh://git@gitlab.local/peter/templates
# These variables should be set environment-specific
[ -z $GITLABCLI ] && GITLABCLI=gitlab
[ -z $GITSERVER ] && GITSERVER=gitlab.local
[ -z $NAMESPACE ] && NAMESPACE=ros
[ -z $NAMESPACEID ] && NAMESPACEID=1
[ -z $PENTEXTREPO ] && PENTEXTREPO=https://github.com/radicallyopensecurity/pentext
TEMPLOC=$(mktemp -d)
pentext=$(echo $PENTEXTREPO|awk -F '/' '{print $5}')
# Read standard 'command line' variables
[[ ! -z $1 ]] && REPO=$1
[[ ! -z $2 ]] && NAMESPACE=$2
[[ ! -z $3 ]] && PREVIOUS=$3
BRANCH=master
TARGET=quote
trap cleanup EXIT QUIT
# Make sure that the temporary files are always removed
cleanup() {
trap '' EXIT INT QUIT
# remove repo if not finished successfully
if [ -z $finished ] && [ ! -z $project_id ]; then
$GITLABCLI project delete --id $project_id
echo "[-] deleted project $project_id"
fi
[ -d $TEMPLOC ] && rm -rf $TEMPLOC &>/dev/null
exit
}
# As quote used to be called offerte or offer,
# this function retains backward compatibility - v0.2
backwards_compatible() {
if [[ $TARGET == "quote" ]] && [ ! -f $TARGET.xml ]; then
TARGET="offerte"
fi
}
# Clones repo using global (!) variables - v0.3
clone_repo() {
pushd $TEMPLOC 1>/dev/null
git clone --depth=1 -q ssh://git@${GITSERVER}/${NAMESPACE}/${REPO}.git &>/dev/null
if [ ! -d $TEMPLOC/$REPO ]; then
echo "[-] could not clone repo ${NAMESPACE}/${REPO}"
exit 1
else
cd $REPO
fi
}
# Preflight checks using global (!) variables
preflight_checks() {
if [ -z $REPO ]; then
echo "[-] repository name needed (without leading pen- or off-)"
exit
fi
if [ ! -f $SAXON ]; then
echo "[-] this script needs saxon ($SAXON)"
fi
}
setup_repo() {
project_id=$($GITLABCLI project create --name $REPO --namespace $NAMESPACEID --issues-enabled true --wiki-enabled true --snippets-enabled true --wall-enabled true --merge-requests-enabled true 2>/dev/null| awk '/id:/{print $2}')
if [ ! -z $project_id ]; then
echo "[+] successfully created gitlab project $REPO with id ${project_id}"
$GITLABCLI project-label create --project-id ${project_id} --name documentation --color "#0000FF" &>/dev/null
$GITLABCLI project-label create --project-id ${project_id} --name finding --color "#00c800" &>/dev/null
$GITLABCLI project-label create --project-id ${project_id} --name lead --color "#e4d700" &>/dev/null
$GITLABCLI project-label create --project-id ${project_id} --name non-finding --color "#c80000" &>/dev/null
$GITLABCLI project-label create --project-id ${project_id} --name future-work --color "#f8b7b2" &>/dev/null
$GITLABCLI project-issue create --project-id ${project_id} --description "Please drop all your positive/negative comments here, so that we can keep on improving our processes. It is important that we learn from <b>what</b>. No need for namecalling, <b>who</b> is unimportant <br /> <h2>Thumbs up</h2> <h2>Improvement</h2><h2>Not project related</h2><h2>Project related</h2>" --title "Retrospective: add your feedback HERE" &> /dev/null
else
echo "[-] could not create repo $NAMESPACE/$REPO"
exit 1
fi
}
# Add standard templates using global (!) variables - v0.2
add_templates() {
[ -d $TEMPLOC/$pentext ] && rm -rf $TEMPLOC/$pentext &>/dev/null
pushd $TEMPLOC 1>/dev/null && git clone --depth=1 $PENTEXTREPO &>/dev/null && popd 1>/dev/null
if [ ! -d $TEMPLOC/$pentext ]; then
echo "[-] could not clone (and therefore add) pentext repo $TEMPLATEREPO"
exit 1
else
clone_repo
# copy the framework
cp -r $TEMPLOC/$pentext/xml/* .
# remove the docs
rm -r doc &>/dev/null
fi
}
grab_offer() {
pushd source &>/dev/null
backwards_compatible
if [ ! -f $TARGET.xml ]; then
echo "[-] could not find $TARGET.xml"
exit
fi
cp client_info.xml $TEMPLOC/client_info.xml &> /dev/null
cp $TARGET.xml $TEMPLOC/quote.xml &> /dev/null
}
convert_report() {
cp $TEMPLOC/quote.xml source/quote.xml &> /dev/null
cp $TEMPLOC/client_info.xml source/client_info.xml &> /dev/null
pushd source &>/dev/null
java -jar $SAXON -s:quote.xml -xsl:../xslt/off2rep.xsl -o:report.xml
if [ ! -f report.xml ]; then
echo "[-] hmmm... failed to convert quote into report.xml"
exit 1
fi
popd &>/dev/null
mkdir -p findings/ &>/dev/null
mkdir -p non-findings/ &>/dev/null
}
add_to_repo() {
git add * &>/dev/null
git commit -q -m "Initialized pentest repository with PenText using ChatOps" &> /dev/null
git push -q > /dev/null
}
preflight_checks
echo "startpentest v${VERSION} - Ready for some ACTION?"
ORIGREPO=$REPO
REPO=off-$ORIGREPO
[[ ! -z $PREVIOUS ]] && $REPO=$PREVIOUS
clone_repo
grab_offer
REPO=pen-${ORIGREPO}
setup_repo
add_templates
convert_report
add_to_repo
echo "[+] listo!"
finished=true
View Git Blame Copy Permalink