YES, but we don't have enough details in the results !
Getting detailed output
To add more details to the results, we should add more beef to the ls command, let's try with ls -al instead as the default cmd instead:
from secator.runners import Commandfrom secator.decorators import task@task()classls(Command): cmd ='ls -al'
and the output:
$ secator x ls .
ls -al .
total 16
drwxr-xr-x 3 osboxes osboxes 4096 May 2 04:50 .
drwxr-xr-x 4 osboxes osboxes 4096 May 2 04:49 ..
-rw-r--r-- 1 osboxes osboxes 119 May 2 04:51 ls.py
drwxr-xr-x 2 osboxes osboxes 4096 May 2 04:51 __pycache__
🗄 Saved JSON report to ~/.secator/reports/default/tasks/1/report.json
🗄 Saved CSV reports to ~/.secator/reports/default/tasks/1/report_target.cs
Okay, this gives more information already !
YES, but we don't have any structured output ! I can't use -json and pipe the results to my super awesome CLI tool ...
Adding JSON output
For this step we need to parse the ls command line text output by writing the item_loader method.
The item_loader method takes a line as input and returns the desired structured output (dict).
Here is how to implement it for the ls command:
from secator.runners import Commandfrom secator.decorators import task@task()classls(Command): cmd ='ls -al'@staticmethoddefitem_loader(self,line): fields = ['permissions','link_count','owner','group','size','month','day','hour','path'] result = [c for c in line.split(' ')if c]iflen(result)!=len(fields):returnNone data ={}for ix, value inenumerate(result): data[fields[ix]]= valuereturn data
Ok, in a few lines of code we successfully managed to turn the ls output into structured JSON lines.
YES, but we don't have anything in the JSON reports !
Mapping output types
To get some useful results that secator reports understand, we need to map this arbitrary JSON output to one of the existing output type that secator provides. For instance, the Vulnerability output type !
For instance, we could consider as a vulnerability any path that is executable by the public. That's the final w in the permission string.
Let's change the implementation to output objects of type Vulnerability:
from secator.runners import Commandfrom secator.decorators import taskfrom secator.output_types import Vulnerability@task()@task()classls(Command): cmd ='ls -al' output_types = [Vulnerability]@staticmethoddefitem_loader(self,line): fields = ['permissions','link_count','owner','group','size','month','day','hour','path'] result = [c for c in line.split(' ')if c]iflen(result)!=len(fields):returnNone data ={}for ix, value inenumerate(result): data[fields[ix]]= value# Output vulnerabilities permissions = data['permissions'] path = data['path'] full_path = f'{self.input}/{path}'if permissions[-2]=='w':# found a vulnerability !yieldVulnerability( name='World-writeable path', severity='high', confidence='high', provider='ls', matched_at=full_path, extra_data={k: v for k, v in data.items() if k !='path'} )
Let's make the ls.py file world-writeable with chmod a+w ls.py to create a vulnerability, and re-run our command:
$ secator x ls .
ls -al .
total 16
drwxr-xr-x 3 osboxes osboxes 4096 May 2 06:14 .
drwxr-xr-x 4 osboxes osboxes 4096 May 2 04:49 ..
🚨 [World-writeable path 🡕] [high] ./ls.py [permissions:-rw-rw-rw-, link_count:1, owner:osboxes, group:osboxes, size:1015, month:May, day:2, hour:06:14]
drwxr-xr-x 2 osboxes osboxes 4096 May 2 06:14 __pycache__
🗄 Saved JSON report to /home/osboxes/.secator/reports/default/tasks/140/report.json
🗄 Saved CSV reports to
• /home/osboxes/.secator/reports/default/tasks/140/report_target.csv
• /home/osboxes/.secator/reports/default/tasks/140/report_vulnerability.csv
✔ Found 1 vulnerability.
We have successfully integrated the command ls with secator !