search

infobyte / faraday_agent_dispatcher

Faraday Agent Dispatcher launches any security tools and send results to Faradaysec Platform.
https://www.faradaysec.com/
GNU General Public License v3.0
39 stars 11 forks source link

Fetch burp result without providing scan #7

Closed Dr4s1l closed 3 years ago

Dr4s1l commented 3 years ago

Is there any way to use the executor to fetch already existing issue from a scan ? Don't want to provide only 1 target at a time and prefer to feed target from CLI. So I have succeeded into creating a new scan,is the dispatcher able to fetch results? Burp plugin here

aenima-x commented 3 years ago

@Dr4s1l No, all the executors work on demand. But what you can do is run the executor from faraday-cli, in that what you could make an automated process.

The other option is to make a script to fetch the data from burp, convert it to xml (this is what the executor does) and then process it with faraday-cli

Dr4s1l commented 3 years ago

Thanks, documentation on faraday-cli integration with agent somewhere ?

aenima-x commented 3 years ago

@Dr4s1l https://docs.faraday-cli.faradaysec.com/commands/#agents

Dr4s1l commented 3 years ago

Getting errors when providing multiple named scan, from what I understand they are stored in array :

while read url;do echo '{"NAMED_CONFIGURATION":"crawl1","NAMED_CONFIGURATION":"audit1","TARGET_URL": "'"$url"'"}' | faraday-cli agent run -a 2 -e Burp --stdin;done <delta_tango.txt

this look like it work but getting unknown error from logs, and looks like the 2 named config does not load, only one of them is read :

2021-09-05 19:42:38,553 - faraday_agent_dispatcher - INFO {MainThread} [dispatcher.py:256 - run_once()]  Parsing data: {"execution_id": 7396, "agent_id": 2, "workspace": "seed", "action": "RUN", "executor": "Burp", "args": {"NAMED_CONFIGURATION": "audit1", "TARGET_URL": "http://example.com"}}
2021-09-05 19:42:38,553 - faraday_agent_dispatcher - INFO {MainThread} [metadata_utils.py:59 - check_commands()]  Dependency check ended. Ready to go
2021-09-05 19:42:38,553 - faraday_agent_dispatcher - INFO {MainThread} [dispatcher.py:415 - run_once()]  Running Burp executor
2021-09-05 19:42:39,742 - faraday_agent_dispatcher - INFO {MainThread} [executor_helper.py:148 - end_f()]  Data sent to bulk create
2021-09-05 19:42:39,742 - faraday_agent_dispatcher - WARNING {MainThread} [dispatcher.py:471 - run_once()]  Executor Burp finished with exit code 1

is there any way to provide more threads ? Need ~130k requests

aenima-x commented 3 years ago

@Dr4s1l you can do as many executions you like, faraday-dispatcher works in async mode. each call to the burp executor receives one NAMED_CONFIGURATION and TARGET_URL

Dr4s1l commented 3 years ago

Would it be possible to add a parameter to add multiple named config? Plus can you provide a way to use burp without api key? I think the error on burp executor is related to this. Have patch code to allow more threads as the executor is very slow.

Dr4s1l commented 3 years ago

Looks like this executor does not work, no more information could be supplied as the exit code 1 is returned by BurpSuite. image

Making requests by hand works far better, how to create new vulnerability using faraday-cli ?

aenima-x commented 3 years ago

Ok, I just realize that configurations can be a list. I will raise this issue. But related to the threads, you dont need it. You can call as many executions as you want, they will run in parallel.

can you run the dispatcher in --debug to try to find the error.

Dr4s1l commented 3 years ago

Debug mode also available with faraday-cli ?:

while read url;do echo '{"NAMED_CONFIGURATION":"audit1","TARGET_URL": "'"$url"'"}' | faraday-cli agent run -a 1 -e Init --stdin;done <delta_tango.txt

this work well :

while read url; do http --timeout=2400 --verbose --ignore-stdin POST http://127.0.0.1:1337/v0.1/scan scan_configuration:='{"name":"audit1","type":"NamedConfiguration"}' urls:='["'"$url"'"]';done<delta_tango.txt
aenima-x commented 3 years ago

No, in the dispatcher. Cli is only the one who triggers it, but you have to put the dispatcher un debug faraday-dispatcher run --debug

Dr4s1l commented 3 years ago

ok that was related to remaining occurence of BURP_KEY while patching. this check looks like not working :

if not BURP_API_KEY:
        log("BURP_API_KEY not provided")
        sys.exit(1)

I'm removing all accurence of API key as they are not needed by me.

2021-09-07 15:32:22,804 - faraday_agent_dispatcher - INFO {MainThread} [dispatcher.py:256 - run_once()]  Parsing data: {"execution_id": 231, "agent_id": 2, "workspace": "seed", "action": "RUN", "executor": "Burp", "args": {"NAMED_CONFIGURATION": "audit1", "TARGET_URL": "http://example.com"}}
2021-09-07 15:32:22,804 - faraday_agent_dispatcher - INFO {MainThread} [metadata_utils.py:59 - check_commands()]  Dependency check ended. Ready to go
2021-09-07 15:32:22,804 - faraday_agent_dispatcher - INFO {MainThread} [dispatcher.py:415 - run_once()]  Running Burp executor
2021-09-07 15:32:22,922 - faraday_agent_dispatcher - DEBUG {MainThread} [executor_helper.py:171 - log()]  Error line: 2021-09-07 13:32:22.922315 - BURP: API gets no response. Status code: 404

Don't know why getting 404 here, a manual task return a OK result :

{
  "task_id": "841",
  "scan_status": "crawling",
  "scan_metrics": {
    "crawl_requests_made": 0,
    "crawl_network_errors": 0,
    "crawl_unique_locations_visited": 0,
    "crawl_requests_queued": 0,
    "audit_queue_items_completed": 0,
    "audit_queue_items_waiting": 0,
    "audit_requests_made": 0,
    "audit_network_errors": 0,
    "issue_events": 0,
    "crawl_and_audit_caption": "Unauthenticated crawl. Estimating time remaining...",
    "crawl_and_audit_progress": 0
  },
  "message": "",
  "issue_events": []
}