From 184831c797c282ca90f338dbc57889bc29640c48 Mon Sep 17 00:00:00 2001 From: asa1997 Date: Thu, 13 Jun 2024 11:28:44 +0530 Subject: [PATCH 1/2] Fixed bugs --- playbooks/besman-counterfit-0.0.1-playbook.sh | 48 ++++++++++++------- playbooks/besman-counterfit-0.0.1-steps.ipynb | 6 +-- 2 files changed, 33 insertions(+), 21 deletions(-) diff --git a/playbooks/besman-counterfit-0.0.1-playbook.sh b/playbooks/besman-counterfit-0.0.1-playbook.sh index fce3aa3..c7cc666 100644 --- a/playbooks/besman-counterfit-0.0.1-playbook.sh +++ b/playbooks/besman-counterfit-0.0.1-playbook.sh @@ -47,19 +47,20 @@ function __besman_execute() { read -p "Running playbook on cloud? (y/n):" clinput if [ xx"$clinput" == xx"y" ];then - jupyter notebook --generatge-config 2>1>/dev/null - sed -i "s/c.ServerApp.ip = 'localhost'/c.ServerApp.ip = '0.0.0.0'/g" $HOME/.jupyter/jupyter_notebook_config.py + jupyter notebook --generate-config 2>&1>/dev/null + sed -i "s/# c.ServerApp.ip = 'localhost'/c.ServerApp.ip = '0.0.0.0'/g" $HOME/.jupyter/jupyter_notebook_config.py sed -i "s/# c.ServerApp.open_browser = False/c.ServerApp.open_browser = False/g" $HOME/.jupyter/jupyter_notebook_config.py __besman_echo_cyan "Since playbook is executing on cloud so please follow below steps to execute the steps playbook." - __besman_echo_cyan " 1. Stop and start the jupyter notebook again on the jupyter server." - __besman_echo_cyan " 2. Capture the jupter notebook token from the screen." - __besman_echo_cyan " 3. Enable the jupyter notebook port (usaually port 8888) on security group /firewall settings of cloud provider." - __besman_echo_cyan " 4. Make sure the instance firewall also allowing port of jupter notebook (usually 8888) is allowed." - __besman_echo_cyan " 5. Open the jupyter notebook ui on the browser using the instance public IP and port number used (usually 8888)." - __besman_echo_cyan " 6. Enter the token copied above into the UI and connect." - __besman_echo_cyan " 7. Upload the steps playbook i.e $BESMAN_DIR/tmp/steps to the jupyter notebook ui" - __besman_echo_cyan " 8. Follow the notebook steps in playbook and press \"y\" for below prompt after executing all playbook steps sucessfully." + __besman_echo_cyan " 1. Open a separate terminal using ssh to the cloud instance." + __besman_echo_cyan " 2. Stop and start the jupyter notebook again on the jupyter server." + __besman_echo_cyan " 3. Capture the jupter notebook token from the screen." + __besman_echo_cyan " 4. Enable the jupyter notebook port (usaually port 8888) on security group /firewall settings of cloud provider." + __besman_echo_cyan " 5. Make sure the instance firewall also allowing port of jupter notebook (usually 8888) is allowed." + __besman_echo_cyan " 6. Open the jupyter notebook ui on the browser using the instance public IP and port number used (usually 8888)." + __besman_echo_cyan " 7. Enter the token copied above into the UI and connect." + __besman_echo_cyan " 8. Upload the steps playbook i.e $BESMAN_DIR/tmp/steps to the jupyter notebook ui" + __besman_echo_cyan " 9. Follow the notebook steps in playbook and press \"y\" for below prompt after executing all playbook steps sucessfully." sleep 60 else jupyter notebook "$BESMAN_DIR/tmp/steps" @@ -71,18 +72,29 @@ function __besman_execute() { if [ xx"$userinput" == xx"y" ];then break; else - echo "Steps playbook need to be completed before proceed." + __besman_echo_red "Steps playbook need to be completed before proceed." fi done - [[ -z $COUNTERFIT_ATTACKID ]] && __besman_echo_red "Attack Id is not set. Required. Please set it and try again." && return 1 + [[ ! -f $BESMAN_DIR/tmp/attack_id ]] && __besman_echo_red "Could not find attack_id, please complete the assessment steps of counterfit" && return 1 - [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json ]] && __besman_echo_red "Counterfit result file not found. Execute the playbook to generate the results first." && flag="true" + local attack_id=$(cat $BESMAN_DIR/tmp/attack_id) + + [[ -z $attack_id ]] && __besman_echo_red "Could not find attack_id, please complete the assessment steps of counterfit" && return 1 + + export COUNTERFIT_ATTACKID=$attack_id + + # echo "attack id = $COUNTERFIT_ATTACKID" + # source ~/.bashrc + + # [[ -z $COUNTERFIT_ATTACKID ]] && __besman_echo_red "Attack Id is not set. Required. Please set it and try again." && return 1 + + [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json ]] && __besman_echo_red "Counterfit result file not found. Execute the playbook to generate the results first." && flag="true" duration=$SECONDS export EXECUTION_DURATION=$duration - if [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json ]]; then + if [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json ]]; then export PLAYBOOK_EXECUTION_STATUS=failure return 1 else @@ -95,12 +107,12 @@ function __besman_execute() { } function __besman_prepare() { - echo "preparing data" + __besman_echo_yellow "preparing data" EXECUTION_TIMESTAMP=$(date) export EXECUTION_TIMESTAMP - source ~/.bashrc - cp -f $BESMAN_COUNTERFIT_LOCAL_PATH/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json $DETAILED_REPORT_PATH + mkdir -p "$BESMAN_ASSESSMENT_DATASTORE_DIR/models/$BESMAN_ARTIFACT_NAME/dast" + cp -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json $DETAILED_REPORT_PATH @@ -128,7 +140,7 @@ function __besman_cleanup() { fi done sed -i "/export COUNTERFIT_ATTACKID=/d" ~/.bashrc - deactivate + # source ~/.bashrc } function __besman_launch() { diff --git a/playbooks/besman-counterfit-0.0.1-steps.ipynb b/playbooks/besman-counterfit-0.0.1-steps.ipynb index 2453533..aa87dee 100644 --- a/playbooks/besman-counterfit-0.0.1-steps.ipynb +++ b/playbooks/besman-counterfit-0.0.1-steps.ipynb @@ -75,9 +75,9 @@ "#### 14. Exit \n", "`Exit`\n", "\n", - "#### 15. Export the attack id captured above\n", - "`echo \"export COUNTERFIT_ATTACKID=\" >> ~/.bashrc`\n", - "`source ~/.bashrc`\n" + "#### 15. Saving the attack id captured above\n", + "\n", + "`echo \"\" >> $BESMAN_DIR/tmp/attack_id`\n" ] } ], From de654014b9e0dad227cbcddc874086e84a73d9d9 Mon Sep 17 00:00:00 2001 From: asa1997 Date: Thu, 13 Jun 2024 12:07:35 +0530 Subject: [PATCH 2/2] Updated --- playbooks/besman-counterfit-0.0.1-playbook.sh | 2 +- playbooks/besman-counterfit-0.0.1-steps.ipynb | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/playbooks/besman-counterfit-0.0.1-playbook.sh b/playbooks/besman-counterfit-0.0.1-playbook.sh index c7cc666..c9d690e 100644 --- a/playbooks/besman-counterfit-0.0.1-playbook.sh +++ b/playbooks/besman-counterfit-0.0.1-playbook.sh @@ -139,8 +139,8 @@ function __besman_cleanup() { unset "$var" fi done + [[ -f $BESMAN_DIR/tmp/attack_id ]] && rm "$BESMAN_DIR/tmp/attack_id" sed -i "/export COUNTERFIT_ATTACKID=/d" ~/.bashrc - # source ~/.bashrc } function __besman_launch() { diff --git a/playbooks/besman-counterfit-0.0.1-steps.ipynb b/playbooks/besman-counterfit-0.0.1-steps.ipynb index aa87dee..29851c3 100644 --- a/playbooks/besman-counterfit-0.0.1-steps.ipynb +++ b/playbooks/besman-counterfit-0.0.1-steps.ipynb @@ -15,6 +15,9 @@ "\n", "\n", "### Steps\n", + "\n", + "Open a new terminal in your machine and run the below steps\n", + "\n", "#### 1. Change directory to counterfit\n", "`cd counterfit`\n", "\n", @@ -77,6 +80,8 @@ "\n", "#### 15. Saving the attack id captured above\n", "\n", + "Run the below command in the terminal to save the attack id.\n", + "\n", "`echo \"\" >> $BESMAN_DIR/tmp/attack_id`\n" ] }