Added ncrack test

jorgestiga · jorgestiga · commit 2d191cfd5fcf · 2020-01-20T16:18:30.000+01:00
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -155,6 +155,20 @@ services:
       - ENGINE_BASIC_AUTH_USER=${ENGINE_SCANNERSERVICES_USER}
       - ENGINE_BASIC_AUTH_PASSWORD=${ENGINE_SCANNERSERVICES_PASSWORD}
 
+  scanner-infrastructure-ncrack:
+    image: securecodebox/ncrack:${DEFAULT_TAG}
+    depends_on:
+      engine:
+        condition: service_healthy 
+    networks:
+      - scanner
+    labels:
+      container_group: scanner
+    environment:
+      - ENGINE_ADDRESS=http://engine:8080
+      - ENGINE_BASIC_AUTH_USER=${ENGINE_SCANNERSERVICES_USER}
+      - ENGINE_BASIC_AUTH_PASSWORD=${ENGINE_SCANNERSERVICES_PASSWORD}
+
   persistence-elasticsearch:
     image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.1
     ports:
diff --git a/test/ncrack.test.js b/test/ncrack.test.js
@@ -0,0 +1,34 @@
+const { startSecurityTest, Time } = require('./sdk');
+
+test(
+  'bruteforce scan juiceshop',
+  async () => {
+    const securityTest = await startSecurityTest({
+      context: 'BruteforceScanJuiceShop',
+      metaData: {},
+      name: 'ncrack',
+      target: {
+        name: 'JuiceShop Container',
+        location: 'juice-shop',
+        attributes: {
+          NCRACK_PARAMETER: '--user admin --pass 1234',
+        },
+      },
+    });
+
+    const { report } = securityTest;
+
+    const [finding1, ...otherFindings] = report.findings.map(
+      ({ description, category, name, osi_layer, severity }) => ({
+        description,
+        category,
+        name,
+        osi_layer,
+        severity,
+      })
+    );
+
+    expect(finding1).toEqual([]);
+  },
+  1 * Time.Minute
+);
