From df2611faee204a55dfa36fcbd32631d1591a0b22 Mon Sep 17 00:00:00 2001 From: pavsorab Date: Tue, 3 Oct 2023 21:29:04 +0530 Subject: [PATCH] Bug fix for issue #19 Signed-off-by: pavsorab --- README.md | 105 ++++++++++++------ .../app/management/commands/Jira_Conf.py | 6 +- frontend/asfui/core/settings.py | 1 + setup.sh | 7 +- 4 files changed, 84 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index 590bfb7..78b1993 100644 --- a/README.md +++ b/README.md @@ -22,38 +22,78 @@ Latest version of Kali Linux (tested on 64 bits) - https://kali.org/get-kali/ ### Build & Run -As root - -``` -1. git clone https://gitlab.eng.vmware.com/redteam/asfv2.git /opt/asf -2. cd /opt/asf/ -3. Generate a .env.prod file or move from backup.env.prod and make necessary changes. -Run `./setup.sh` -``` - -MongoDB is required for functioning of alerting or reporting. - -If you choose to run your own mongodb instance you may use the below command - -``` -docker run -dp 27017:27017 -v local-mongo:/data/db --name local-mongo --restart=always -e MONGO_INITDB_ROOT_USERNAME=<<>> -e MONGO_INITDB_ROOT_PASSWORD=<<>> mongo -``` - - -And update .env.prod with following details: - -``` -MONGO_USER=admin -MONGO_PASSWORD= -MONGO_URL= -MONGO_PORT=27017 -``` - - -Once the installation is completed ASF will run as service on port 2021, access by browsing to http://127.0.0.1:2021 - - -### Security +Execute the following steps as the `root` user to install and run the Attack Surface Framework. + +1. Clone the Repository + - Clone the ASF repository to your `/opt/` directory. + ``` + git clone https://github.com/vmware-labs/attack-surface-framework.git /opt/asf + ``` +2. cd `/opt/asf/` +3. Configure Environment File + - Create a `.env.prod` file in the project directory. This is crucial for `setup.sh` to run properly. + + **Note**: You can generate a `.env.prod` file or copy from `backup.env.prod`, making the necessary changes to adapt to your environment. + - Example structure of `.env.prod`: + + ``` + # Django settings, don't enable debug on production! + DEBUG=True + DJANGO_ADMIN_ENABLED=True + + #LOGIN CONFIGURATIONS + LOGIN_FORM=True + SOCIAL_AUTH_GOOGLE_ENABLED=False + SOCIAL_AUTH_GITHUB_ENABLED=False + + + DJANGO_SAML2_ENABLED=False #Enable Social Authenticatio with Google. + SAML2_SSO_URL=https://saml2.local + SAML2_ASF_URL=https://atttacksurfaceframework.local + + + + ALLOWED_HOSTS=*,localhost, config('SERVER', default='127.0.0.1') + + + MONGO_USER=admin + MONGO_PASSWORD= + MONGO_URL= + MONGO_PORT=27017 + + + JIRA_ENABLED=False + JIRA_TOKEN= + JIRA_URL= + JIRA_USER= + JIRA_SEVERITY={"info":"Lowest","low":"Low","medium":"Medium","high":"High","critical":"Highest"} + JIRA_PROJECT="" + WPScan_Default_Severity=medium + ``` + + - Note: MongoDB is necessary for the alerting or reporting functions of ASF. + + - If you opt to run your MongoDB instance, use the following command: + + ``` + docker run -dp 27017:27017 -v local-mongo:/data/db --name local-mongo --restart=always -e MONGO_INITDB_ROOT_USERNAME=<<>> -e MONGO_INITDB_ROOT_PASSWORD=<<>> mongo + ``` + + - And update `.env.prod` with following details: + + ``` + MONGO_USER=admin + MONGO_PASSWORD= + MONGO_URL= + MONGO_PORT=27017 + ``` + +4. Run `./setup.sh` + + +For Local Kali Linux Environment: Navigate to http://127.0.0.1:2021 in your web browser to access ASF + +### Secure Access to ASF ASF is not meant to be publicly exposed, assuming you install it on a cloud provider or even on a local instance, we recommend to access it using port forwarding through SSH, here is an example: @@ -64,6 +104,7 @@ Then open your browser and go to: `http://127.0.0.1:2021` - For ASF - user:youruser pass:yourpass (provided in initial setup) +**Security Tip**: Ensure each component, including MongoDB, is securely configured, and that ASF is accessed securely, even internally. Adhering to security best practices is crucial when implementing ASF in your security strategy. ###### Social Login diff --git a/frontend/asfui/app/management/commands/Jira_Conf.py b/frontend/asfui/app/management/commands/Jira_Conf.py index bd10ae7..04b725a 100644 --- a/frontend/asfui/app/management/commands/Jira_Conf.py +++ b/frontend/asfui/app/management/commands/Jira_Conf.py @@ -12,7 +12,9 @@ server = settings.JIRA_URL -jira = JIRA(server=server, basic_auth=(user,apikey)) +jira = None +if settings.JIRA_ENABLED: + jira = JIRA(server=server, basic_auth=(user,apikey)) def create_jira(finding_dict): @@ -37,7 +39,7 @@ def create_jira(finding_dict): def jira_status(ticket_num): issue = jira.issue(ticket_num) status = issue.fields.status - return status + return status def create_issue(query): if settings.JIRA_ENABLED: diff --git a/frontend/asfui/core/settings.py b/frontend/asfui/core/settings.py index 93123f6..7389a76 100644 --- a/frontend/asfui/core/settings.py +++ b/frontend/asfui/core/settings.py @@ -118,6 +118,7 @@ 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'allauth.account.middleware.AccountMiddleware', ] ROOT_URLCONF = 'core.urls' diff --git a/setup.sh b/setup.sh index 3f04ee0..83facf3 100755 --- a/setup.sh +++ b/setup.sh @@ -6,7 +6,8 @@ git clone https://github.com/projectdiscovery/nuclei-templates.git /home/nuclei- #cp -R /opt/asf/tools/graylog / #cd /graylog #docker-compose up -d -#Start alertmonitor for sending logs to graylog +mkdir -p /opt/asf/frontend/asfui/logs # create logs directory +#Start alertmonitor for sending logs to graylog nohup /opt/asf/tools/alertmonitor/alertmon.sh & cd /opt/asf/frontend/asfui python3 -m venv ./ @@ -100,5 +101,9 @@ systemctl enable asf systemctl enable cleanuptrash.timer systemctl start cleanuptrash.timer systemctl restart nginx + +# Running systemctl restart ASF service to apply and reflect any changes made during the setup (via setup.sh) in the running instance. +# This step ensures that all configurations, updates, or modifications performed are loaded and utilized by ASF in real-time. +systemctl restart asf echo "A.S.F. Running on: \ http://127.0.0.1:2021"