Skip to content

Commit

Permalink
Bug fix for issue #19
Browse files Browse the repository at this point in the history
  • Loading branch information
pavsorab committed Oct 3, 2023
1 parent d6eb81c commit d7369b1
Show file tree
Hide file tree
Showing 4 changed files with 84 additions and 35 deletions.
105 changes: 73 additions & 32 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,38 +22,78 @@ Latest version of Kali Linux (tested on 64 bits) - https://kali.org/get-kali/

### Build & Run

As root

```
1. git clone https://gitlab.eng.vmware.com/redteam/asfv2.git /opt/asf
2. cd /opt/asf/
3. Generate a .env.prod file or move from backup.env.prod and make necessary changes.
Run `./setup.sh`
```

MongoDB is required for functioning of alerting or reporting.

If you choose to run your own mongodb instance you may use the below command

```
docker run -dp 27017:27017 -v local-mongo:/data/db --name local-mongo --restart=always -e MONGO_INITDB_ROOT_USERNAME=<<>> -e MONGO_INITDB_ROOT_PASSWORD=<<>> mongo
```


And update .env.prod with following details:

```
MONGO_USER=admin
MONGO_PASSWORD=
MONGO_URL=
MONGO_PORT=27017
```


Once the installation is completed ASF will run as service on port 2021, access by browsing to http://127.0.0.1:2021


### Security
Execute the following steps as the `root` user to install and run the Attack Surface Framework.

1. Clone the Repository
- Clone the ASF repository to your `/opt/` directory.
```
git clone https://github.com/vmware-labs/attack-surface-framework.git /opt/asf
```
2. cd `/opt/asf/`
3. Configure Environment File
- Create a `.env.prod` file in the project directory. This is crucial for `setup.sh` to run properly.

**Note**: You can generate a `.env.prod` file or copy from `backup.env.prod`, making the necessary changes to adapt to your environment.
- Example structure of `.env.prod`:

```
# Django settings, don't enable debug on production!
DEBUG=True
DJANGO_ADMIN_ENABLED=True
#LOGIN CONFIGURATIONS
LOGIN_FORM=True
SOCIAL_AUTH_GOOGLE_ENABLED=False
SOCIAL_AUTH_GITHUB_ENABLED=False
DJANGO_SAML2_ENABLED=False #Enable Social Authenticatio with Google.
SAML2_SSO_URL=https://saml2.local
SAML2_ASF_URL=https://atttacksurfaceframework.local
ALLOWED_HOSTS=*,localhost, config('SERVER', default='127.0.0.1')
MONGO_USER=admin
MONGO_PASSWORD=
MONGO_URL=
MONGO_PORT=27017
JIRA_ENABLED=False
JIRA_TOKEN=
JIRA_URL=
JIRA_USER=
JIRA_SEVERITY={"info":"Lowest","low":"Low","medium":"Medium","high":"High","critical":"Highest"}
JIRA_PROJECT=""
WPScan_Default_Severity=medium
```
- Note: MongoDB is necessary for the alerting or reporting functions of ASF.
- If you opt to run your MongoDB instance, use the following command:
```
docker run -dp 27017:27017 -v local-mongo:/data/db --name local-mongo --restart=always -e MONGO_INITDB_ROOT_USERNAME=<<>> -e MONGO_INITDB_ROOT_PASSWORD=<<>> mongo
```
- And update `.env.prod` with following details:
```
MONGO_USER=admin
MONGO_PASSWORD=
MONGO_URL=
MONGO_PORT=27017
```
4. Run `./setup.sh`
For Local Kali Linux Environment: Navigate to http://127.0.0.1:2021 in your web browser to access ASF
### Secure Access to ASF
ASF is not meant to be publicly exposed, assuming you install it on a cloud provider or even on a local instance, we recommend to access it using port forwarding through SSH, here is an example:
Expand All @@ -64,6 +104,7 @@ Then open your browser and go to:
`http://127.0.0.1:2021` - For ASF - user:youruser pass:yourpass (provided in initial setup)
**Security Tip**: Ensure each component, including MongoDB, is securely configured, and that ASF is accessed securely, even internally. Adhering to security best practices is crucial when implementing ASF in your security strategy.
###### Social Login
Expand Down
6 changes: 4 additions & 2 deletions frontend/asfui/app/management/commands/Jira_Conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,9 @@
server = settings.JIRA_URL


jira = JIRA(server=server, basic_auth=(user,apikey))
jira = None
if settings.JIRA_ENABLED:
jira = JIRA(server=server, basic_auth=(user,apikey))


def create_jira(finding_dict):
Expand All @@ -37,7 +39,7 @@ def create_jira(finding_dict):
def jira_status(ticket_num):
issue = jira.issue(ticket_num)
status = issue.fields.status
return status
return status

def create_issue(query):
if settings.JIRA_ENABLED:
Expand Down
1 change: 1 addition & 0 deletions frontend/asfui/core/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'allauth.account.middleware.AccountMiddleware',
]

ROOT_URLCONF = 'core.urls'
Expand Down
7 changes: 6 additions & 1 deletion setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,8 @@ git clone https://github.com/projectdiscovery/nuclei-templates.git /home/nuclei-
#cp -R /opt/asf/tools/graylog /
#cd /graylog
#docker-compose up -d
#Start alertmonitor for sending logs to graylog
mkdir -p /opt/asf/frontend/asfui/logs # create logs directory
#Start alertmonitor for sending logs to graylog
nohup /opt/asf/tools/alertmonitor/alertmon.sh &
cd /opt/asf/frontend/asfui
python3 -m venv ./
Expand Down Expand Up @@ -100,5 +101,9 @@ systemctl enable asf
systemctl enable cleanuptrash.timer
systemctl start cleanuptrash.timer
systemctl restart nginx

# Running systemctl restart ASF service to apply and reflect any changes made during the setup (via setup.sh) in the running instance.
# This step ensures that all configurations, updates, or modifications performed are loaded and utilized by ASF in real-time.
systemctl restart asf
echo "A.S.F. Running on: \
http://127.0.0.1:2021"

0 comments on commit d7369b1

Please sign in to comment.