From 5607ddec5a4c4dbd3d05d66fefb3e0ae2dcde8a3 Mon Sep 17 00:00:00 2001 From: Heiko Kiesel Date: Wed, 26 Jul 2023 09:42:03 +0200 Subject: [PATCH 1/5] Replace helm install with upgrade --install to prevent error if already installed Signed-off-by: Heiko Kiesel --- scanners/ncrack/.helm-docs.gotmpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/ncrack/.helm-docs.gotmpl b/scanners/ncrack/.helm-docs.gotmpl index e7f3eb60a9..b4b1aef6fa 100644 --- a/scanners/ncrack/.helm-docs.gotmpl +++ b/scanners/ncrack/.helm-docs.gotmpl @@ -134,7 +134,7 @@ Now you only need to set the value *encryptPasswords.existingSecret* to the secrets name when installing the scanner ```bash - helm install ncrack secureCodeBox/ncrack --set="encryptPasswords.existingSecret=" + helm upgrade --install ncrack secureCodeBox/ncrack --set="encryptPasswords.existingSecret=" ``` To decrypt a password from a finding use: @@ -156,7 +156,7 @@ Now we created a secret named "ncrack-lists". Before we can use the files, we have to install the Ncrack ScanType: ```bash -cat < Date: Wed, 26 Jul 2023 11:03:09 +0200 Subject: [PATCH 2/5] Replaced deprecated openssl rsautl subcommand Signed-off-by: Heiko Kiesel --- scanners/ncrack/.helm-docs.gotmpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/ncrack/.helm-docs.gotmpl b/scanners/ncrack/.helm-docs.gotmpl index b4b1aef6fa..b9d0417d8c 100644 --- a/scanners/ncrack/.helm-docs.gotmpl +++ b/scanners/ncrack/.helm-docs.gotmpl @@ -140,7 +140,7 @@ secrets name when installing the scanner To decrypt a password from a finding use: ```bash -base64 encryptedPassword -d | openssl rsautl -decrypt -inkey key.pem -out decryptedPassword.txt +base64 encryptedPassword -d | openssl pkeyutl -decrypt -inkey key.pem -out decryptedPassword.txt ``` #### Setup with custom files: @@ -153,7 +153,7 @@ kubectl create secret generic --from-file users.txt --from-file passwords.txt nc IMPORTANT: Use an extra empty line at the end of your files, otherwise the last letter of the last line will be omitted (due to a bug in k8) Now we created a secret named "ncrack-lists". -Before we can use the files, we have to install the Ncrack ScanType: +Before we can use the files, we have to install the Ncrack ScanType from the source code: ```bash cat < Date: Wed, 26 Jul 2023 11:46:26 +0200 Subject: [PATCH 3/5] Replace chart source to not require source files for applying scan Signed-off-by: Heiko Kiesel --- scanners/ncrack/.helm-docs.gotmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/ncrack/.helm-docs.gotmpl b/scanners/ncrack/.helm-docs.gotmpl index b9d0417d8c..2365e1498f 100644 --- a/scanners/ncrack/.helm-docs.gotmpl +++ b/scanners/ncrack/.helm-docs.gotmpl @@ -156,7 +156,7 @@ Now we created a secret named "ncrack-lists". Before we can use the files, we have to install the Ncrack ScanType from the source code: ```bash -cat < Date: Wed, 26 Jul 2023 13:12:09 +0200 Subject: [PATCH 4/5] Add findings.json to dummy-ssh example Signed-off-by: Heiko Kiesel --- .../ncrack/examples/dummy-ssh/findings.json | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 scanners/ncrack/examples/dummy-ssh/findings.json diff --git a/scanners/ncrack/examples/dummy-ssh/findings.json b/scanners/ncrack/examples/dummy-ssh/findings.json new file mode 100644 index 0000000000..23fd09dc80 --- /dev/null +++ b/scanners/ncrack/examples/dummy-ssh/findings.json @@ -0,0 +1,19 @@ +[{ + "name": "Credentials for Service ssh://10.96.117.136:22 discovered via bruteforce.", + "description": "", + "category": "Discovered Credentials", + "location": "ssh://10.96.117.136:22", + "osi_layer": "APPLICATION", + "severity": "HIGH", + "mitigation": "Use a more secure password or disable the service at ssh://10.96.117.136:22", + "attributes": { + "port": "22", + "ip_addresses": ["10.96.117.136"], + "protocol": "tcp", + "service": "ssh", + "username": "root", + "password": "THEPASSWORDYOUCREATED" + }, + "id": "5ac02686-a5a6-4bbd-921f-f0dd05a2915f", + "parsed_at": "2023-07-26T10:03:00.858Z" +}] From 4ad7a91f85392d052ed7dc2c3606b73c8cd6f766 Mon Sep 17 00:00:00 2001 From: Heiko Kiesel Date: Wed, 26 Jul 2023 13:18:17 +0200 Subject: [PATCH 5/5] Adjust ArtifactHub doc to helm doc template Signed-off-by: Heiko Kiesel --- scanners/ncrack/.helm-docs.gotmpl | 2 +- scanners/ncrack/docs/README.ArtifactHub.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scanners/ncrack/.helm-docs.gotmpl b/scanners/ncrack/.helm-docs.gotmpl index 2365e1498f..ba4966a6fb 100644 --- a/scanners/ncrack/.helm-docs.gotmpl +++ b/scanners/ncrack/.helm-docs.gotmpl @@ -153,7 +153,7 @@ kubectl create secret generic --from-file users.txt --from-file passwords.txt nc IMPORTANT: Use an extra empty line at the end of your files, otherwise the last letter of the last line will be omitted (due to a bug in k8) Now we created a secret named "ncrack-lists". -Before we can use the files, we have to install the Ncrack ScanType from the source code: +Before we can use the files, we have to install the Ncrack ScanType: ```bash cat <