Custom Scripts
You can add your own scripts to the checks we have included to further extend the functionality of the penetration test. You store the scripts directly on the Linux server on which the Hacktor is installed.
Add Custom Script
To add a custom script, follow these steps.
1. Navigate to the scripts folder.
cd /opt/enginsight/hacktor/scripts2. **** Create a file for the custom script. The file name must conform to the following pattern: <runtime>_<severity>_name.extension, e.g. python2_critical_CVE1234.py or ruby_ok_my custom script.rb.
Supported Runtimes:
bashpython2python3ruby
Supported Severities:
oklowmediumhighcritical
nano <runtime>_<severity>_name.extension3. Paste your script that you created according to the guidelines.
4. Save and close the file.
5. Make your created file executable for Hacktor.
chmod 755 <filename>6. Restart Hacktor.
systemctl restart ngs-hacktorGuidelines for Custom Scripts
To enable Hacktor to read the result of the custom script, the following exit code convention must be followed.
passed
exit code 0
The check is passed.
error
exit code 1
The check did not work.
skipped
exit code 5
The check is irrelevant for the target system.
failed
exit code 9
The target system is vulnerable.
Any other exit code is treated as error.
Regardless of the check status, stdout and stderr are output in the audit. Above 1024 characters the output is cropped.
The first argument is always the hostname, the second to n (2-n) are always the open ports.
Sample
python2, python3
import sys
print("Host:",sys.argv[1])
print("Ports:",sys.argv[2:])
print("Use 'sys.exit(1)' with error codes (1=error, 5=skipped, 9=failed) to determine check status")
sys.exit(9)import socket
import sys
# This is an example script
# It checks if a host uses an OpenSSH implementation
host = sys.argv[1]
ports = sys.argv[2:]
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if '22' in ports:
addr = (host, 22)
try:
sock.connect(addr)
except:
print >>sys.stderr, 'failed to connect'
sys.exit(1) # check has 'error' status
try:
message = 'SSH-2.0-Hacktor'
sock.sendall(message)
data = sock.recv(256)
print >>sys.stdout, "Banner: %s" % data
if 'OpenSSH' in data:
print >>sys.stdout, "Host uses OpenSSH implementation"
sock.close()
sys.exit(0)
else:
print >>sys.stdout, "Host does not use OpenSSH implementation."
sock.close()
sys.exit(9) # check is 'failed'
finally:
sock.close()
else:
print >>sys.stdout, 'host %s does not use port 22' % host
sys.exit(5) # check is 'skipped'ruby
puts "Host: "+ARGV[0]
puts "Ports: "+ARGV.inspect[0..-1]
puts "Use 'exit(1)' with error codes (1=error, 5=skipped, 9=failed) to determine check status"bash
#!/bin/bash
echo "Host: $1"
shift # remove the first argument
echo "Shift. Then Ports:" "$@"
exit 5 # Use 'exit 1' with error codes (1=error, 5=skipped, 9=failed) to determine chAdd your own title and recommendation text
Optionally, you can store your own title, which will replace your title stored in the file name in the audit. You can also store a recommendation on how to deal with the vulnerability.
1. Open the descriptions.json file.
nano /opt/enginsight/hacktor/scripts/descriptions.jsonInsert the information according to the following pattern:
{
<filenameA>":{
"title":"<check title>",
"recommendation":"<recommendation on how to fix>"
},
"<filenameB>":{
"title":"<check title>",
"recommendation":"<recommendation on how to fix>"
}
}2. Save and close the file.
3. Restart Hacktor.
systemctl restart ngs-hacktorRun Custom Script
To use a custom script for a penetration test, simply add the script to the appropriate Hacktor according to the instructions. Also, be sure to allow custom scripts to run in the advanced settings of the Audit Defintion.
Last updated
Was this helpful?