diff --git a/login_resources/login_instructions.txt b/login_resources/login_instructions.txt index 8a0e7bb..5f481be 100644 --- a/login_resources/login_instructions.txt +++ b/login_resources/login_instructions.txt @@ -15,8 +15,8 @@ Execute the login flow based on the login_type specified in the configuration: 1. Navigate to the specified login_url using Playwright 2. Execute each step in the login_flow array sequentially: - Replace $username with the provided username credential - - Replace $password with the provided password credential - - Replace $totp with generated code using the TOTP script in the repo root: `node generate-totp.mjs --secret "{{totp_secret}}"` + - Replace $password with the provided password credential + - Replace $totp with generated code using the `generate_totp` MCP tool with the TOTP secret: {{totp_secret}} - Perform the specified actions (type text, click buttons, etc.) 3. Wait for page navigation/loading to complete after each critical step 4. Handle any consent dialogs or "Continue as [user]" prompts by clicking appropriate buttons @@ -30,7 +30,7 @@ Execute the login flow based on the login_type specified in the configuration: - Handle account selection if prompted - Replace $username with the provided username credential in provider login - Replace $password with the provided password credential in provider login - - Replace $totp with generated code using the TOTP script in the repo root: `node generate-totp.mjs --secret "{{totp_secret}}"` + - Replace $totp with generated code using the `generate_totp` MCP tool with the TOTP secret: {{totp_secret}} - Handle OAuth consent screens by clicking "Allow", "Accept", or "Continue", and hitting check boxes as needed. - Handle "Continue as [username]" dialogs by clicking "Continue" 3. Wait for OAuth callback and final redirect to complete diff --git a/mcp-server/package-lock.json b/mcp-server/package-lock.json new file mode 100644 index 0000000..68803f2 --- /dev/null +++ b/mcp-server/package-lock.json @@ -0,0 +1,254 @@ +{ + "name": "@shannon/mcp-server", + "version": "1.0.0", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "@shannon/mcp-server", + "version": "1.0.0", + "dependencies": { + "@anthropic-ai/claude-code": "^1.0.96", + "zod": "^3.22.4" + } + }, + "node_modules/@anthropic-ai/claude-code": { + "version": "1.0.128", + "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.128.tgz", + "integrity": "sha512-uUg5cFMJfeQetQzFw76Vpbro6DAXst2Lpu8aoZWRFSoQVYu5ZSAnbBoxaWmW/IgnHSqIIvtMwzCoqmcA9j9rNQ==", + "license": "SEE LICENSE IN README.md", + "bin": { + "claude": "cli.js" + }, + "engines": { + "node": ">=18.0.0" + }, + "optionalDependencies": { + "@img/sharp-darwin-arm64": "^0.33.5", + "@img/sharp-darwin-x64": "^0.33.5", + "@img/sharp-linux-arm": "^0.33.5", + "@img/sharp-linux-arm64": "^0.33.5", + "@img/sharp-linux-x64": "^0.33.5", + "@img/sharp-win32-x64": "^0.33.5" + } + }, + "node_modules/@img/sharp-darwin-arm64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.33.5.tgz", + "integrity": "sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==", + "cpu": [ + "arm64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-darwin-arm64": "1.0.4" + } + }, + "node_modules/@img/sharp-darwin-x64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.33.5.tgz", + "integrity": "sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-darwin-x64": "1.0.4" + } + }, + "node_modules/@img/sharp-libvips-darwin-arm64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.0.4.tgz", + "integrity": "sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==", + "cpu": [ + "arm64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "darwin" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-darwin-x64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.0.4.tgz", + "integrity": "sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "darwin" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-arm": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.0.5.tgz", + "integrity": "sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==", + "cpu": [ + "arm" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-arm64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.0.4.tgz", + "integrity": "sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==", + "cpu": [ + "arm64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-x64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.0.4.tgz", + "integrity": "sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-linux-arm": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.33.5.tgz", + "integrity": "sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==", + "cpu": [ + "arm" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-arm": "1.0.5" + } + }, + "node_modules/@img/sharp-linux-arm64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.33.5.tgz", + "integrity": "sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==", + "cpu": [ + "arm64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-arm64": "1.0.4" + } + }, + "node_modules/@img/sharp-linux-x64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.33.5.tgz", + "integrity": "sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-x64": "1.0.4" + } + }, + "node_modules/@img/sharp-win32-x64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.33.5.tgz", + "integrity": "sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/zod": { + "version": "3.25.76", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", + "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } + } + } +} diff --git a/mcp-server/package.json b/mcp-server/package.json new file mode 100644 index 0000000..09fd3e3 --- /dev/null +++ b/mcp-server/package.json @@ -0,0 +1,13 @@ +{ + "name": "@shannon/mcp-server", + "version": "1.0.0", + "type": "module", + "main": "./src/index.js", + "scripts": { + "clean": "rm -rf dist" + }, + "dependencies": { + "@anthropic-ai/claude-agent-sdk": "^0.1.0", + "zod": "^3.22.4" + } +} diff --git a/mcp-server/src/index.js b/mcp-server/src/index.js new file mode 100644 index 0000000..699f313 --- /dev/null +++ b/mcp-server/src/index.js @@ -0,0 +1,45 @@ +/** + * Shannon Helper MCP Server + * + * In-process MCP server providing save_deliverable and generate_totp tools + * for Shannon penetration testing agents. + * + * Replaces bash script invocations with native tool access. + */ + +import { createSdkMcpServer } from '@anthropic-ai/claude-agent-sdk'; +import { saveDeliverableTool } from './tools/save-deliverable.js'; +import { generateTotpTool } from './tools/generate-totp.js'; + +/** + * Create Shannon Helper MCP Server with target directory context + * + * @param {string} targetDir - The target repository directory where deliverables should be saved + * @returns {Object} MCP server instance + */ +export function createShannonHelperServer(targetDir) { + // Store target directory for tool access + global.__SHANNON_TARGET_DIR = targetDir; + + return createSdkMcpServer({ + name: 'shannon-helper', + version: '1.0.0', + tools: [saveDeliverableTool, generateTotpTool], + }); +} + +/** + * Legacy export for backward compatibility + * @deprecated Use createShannonHelperServer(targetDir) instead + */ +export const shannonHelperServer = createSdkMcpServer({ + name: 'shannon-helper', + version: '1.0.0', + tools: [saveDeliverableTool, generateTotpTool], +}); + +// Export tools for direct usage if needed +export { saveDeliverableTool, generateTotpTool }; + +// Export types for external use +export * from './types/index.js'; diff --git a/mcp-server/src/tools/generate-totp.js b/mcp-server/src/tools/generate-totp.js new file mode 100644 index 0000000..ac850f6 --- /dev/null +++ b/mcp-server/src/tools/generate-totp.js @@ -0,0 +1,137 @@ +/** + * generate_totp MCP Tool + * + * Generates 6-digit TOTP codes for authentication. + * Replaces tools/generate-totp-standalone.mjs bash script. + * Based on RFC 6238 (TOTP) and RFC 4226 (HOTP). + */ + +import { tool } from '@anthropic-ai/claude-agent-sdk'; +import { createHmac } from 'crypto'; +import { z } from 'zod'; +import { createToolResult } from '../types/tool-responses.js'; +import { base32Decode, validateTotpSecret } from '../validation/totp-validator.js'; +import { createCryptoError, createGenericError } from '../utils/error-formatter.js'; + +/** + * Input schema for generate_totp tool + */ +export const GenerateTotpInputSchema = z.object({ + secret: z + .string() + .min(1) + .regex(/^[A-Z2-7]+$/i, 'Must be base32-encoded') + .describe('Base32-encoded TOTP secret'), +}); + +/** + * Generate HOTP code (RFC 4226) + * Ported from generate-totp-standalone.mjs (lines 74-99) + * + * @param {string} secret - Base32-encoded secret + * @param {number} counter - Counter value + * @param {number} [digits=6] - Number of digits in OTP + * @returns {string} OTP code + */ +function generateHOTP(secret, counter, digits = 6) { + const key = base32Decode(secret); + + // Convert counter to 8-byte buffer (big-endian) + const counterBuffer = Buffer.alloc(8); + counterBuffer.writeBigUInt64BE(BigInt(counter)); + + // Generate HMAC-SHA1 + const hmac = createHmac('sha1', key); + hmac.update(counterBuffer); + const hash = hmac.digest(); + + // Dynamic truncation + const offset = hash[hash.length - 1] & 0x0f; + const code = + ((hash[offset] & 0x7f) << 24) | + ((hash[offset + 1] & 0xff) << 16) | + ((hash[offset + 2] & 0xff) << 8) | + (hash[offset + 3] & 0xff); + + // Generate digits + const otp = (code % Math.pow(10, digits)).toString().padStart(digits, '0'); + return otp; +} + +/** + * Generate TOTP code (RFC 6238) + * Ported from generate-totp-standalone.mjs (lines 101-106) + * + * @param {string} secret - Base32-encoded secret + * @param {number} [timeStep=30] - Time step in seconds + * @param {number} [digits=6] - Number of digits in OTP + * @returns {string} OTP code + */ +function generateTOTP(secret, timeStep = 30, digits = 6) { + const currentTime = Math.floor(Date.now() / 1000); + const counter = Math.floor(currentTime / timeStep); + return generateHOTP(secret, counter, digits); +} + +/** + * Get seconds until TOTP code expires + * + * @param {number} [timeStep=30] - Time step in seconds + * @returns {number} Seconds until expiration + */ +function getSecondsUntilExpiration(timeStep = 30) { + const currentTime = Math.floor(Date.now() / 1000); + return timeStep - (currentTime % timeStep); +} + +/** + * generate_totp tool implementation + * + * @param {Object} args + * @param {string} args.secret - Base32-encoded TOTP secret + * @returns {Promise} Tool result + */ +export async function generateTotp(args) { + try { + const { secret } = args; + + // Validate secret (throws on error) + validateTotpSecret(secret); + + // Generate TOTP code + const totpCode = generateTOTP(secret); + const expiresIn = getSecondsUntilExpiration(); + const timestamp = new Date().toISOString(); + + // Success response + const successResponse = { + status: 'success', + message: 'TOTP code generated successfully', + totpCode, + timestamp, + expiresIn, + }; + + return createToolResult(successResponse); + } catch (error) { + // Check if it's a validation/crypto error + if (error instanceof Error && (error.message.includes('base32') || error.message.includes('TOTP'))) { + const errorResponse = createCryptoError(error.message, false); + return createToolResult(errorResponse); + } + + // Generic error + const errorResponse = createGenericError(error, false); + return createToolResult(errorResponse); + } +} + +/** + * Tool definition for MCP server - created using SDK's tool() function + */ +export const generateTotpTool = tool( + 'generate_totp', + 'Generates 6-digit TOTP code for authentication. Secret must be base32-encoded.', + GenerateTotpInputSchema.shape, + generateTotp +); diff --git a/mcp-server/src/tools/index.js b/mcp-server/src/tools/index.js new file mode 100644 index 0000000..7d50008 --- /dev/null +++ b/mcp-server/src/tools/index.js @@ -0,0 +1,6 @@ +/** + * MCP Tools barrel export + */ + +export * from './save-deliverable.js'; +export * from './generate-totp.js'; diff --git a/mcp-server/src/tools/save-deliverable.js b/mcp-server/src/tools/save-deliverable.js new file mode 100644 index 0000000..cc00d7b --- /dev/null +++ b/mcp-server/src/tools/save-deliverable.js @@ -0,0 +1,85 @@ +/** + * save_deliverable MCP Tool + * + * Saves deliverable files with automatic validation. + * Replaces tools/save_deliverable.js bash script. + */ + +import { tool } from '@anthropic-ai/claude-agent-sdk'; +import { z } from 'zod'; +import { DeliverableType, DELIVERABLE_FILENAMES, isQueueType } from '../types/deliverables.js'; +import { createToolResult } from '../types/tool-responses.js'; +import { validateQueueJson } from '../validation/queue-validator.js'; +import { saveDeliverableFile } from '../utils/file-operations.js'; +import { createValidationError, createGenericError } from '../utils/error-formatter.js'; + +/** + * Input schema for save_deliverable tool + */ +export const SaveDeliverableInputSchema = z.object({ + deliverable_type: z.nativeEnum(DeliverableType).describe('Type of deliverable to save'), + content: z.string().min(1).describe('File content (markdown for analysis/evidence, JSON for queues)'), +}); + +/** + * save_deliverable tool implementation + * + * @param {Object} args + * @param {string} args.deliverable_type - Type of deliverable to save + * @param {string} args.content - File content + * @returns {Promise} Tool result + */ +export async function saveDeliverable(args) { + try { + const { deliverable_type, content } = args; + + // Validate queue JSON if applicable + if (isQueueType(deliverable_type)) { + const queueValidation = validateQueueJson(content); + if (!queueValidation.valid) { + const errorResponse = createValidationError( + queueValidation.message, + true, + { + deliverableType: deliverable_type, + expectedFormat: '{"vulnerabilities": [...]}', + } + ); + return createToolResult(errorResponse); + } + } + + // Get filename and save file + const filename = DELIVERABLE_FILENAMES[deliverable_type]; + const filepath = saveDeliverableFile(filename, content); + + // Success response + const successResponse = { + status: 'success', + message: `Deliverable saved successfully: ${filename}`, + filepath, + deliverableType: deliverable_type, + validated: isQueueType(deliverable_type), + }; + + return createToolResult(successResponse); + } catch (error) { + const errorResponse = createGenericError( + error, + false, + { deliverableType: args.deliverable_type } + ); + + return createToolResult(errorResponse); + } +} + +/** + * Tool definition for MCP server - created using SDK's tool() function + */ +export const saveDeliverableTool = tool( + 'save_deliverable', + 'Saves deliverable files with automatic validation. Queue files must have {"vulnerabilities": [...]} structure.', + SaveDeliverableInputSchema.shape, + saveDeliverable +); diff --git a/mcp-server/src/types/deliverables.js b/mcp-server/src/types/deliverables.js new file mode 100644 index 0000000..bbc0c2f --- /dev/null +++ b/mcp-server/src/types/deliverables.js @@ -0,0 +1,107 @@ +/** + * Deliverable Type Definitions + * + * Maps deliverable types to their filenames and defines validation requirements. + * Must match the exact mappings from tools/save_deliverable.js. + */ + +/** + * @typedef {Object} DeliverableType + * @property {string} CODE_ANALYSIS + * @property {string} RECON + * @property {string} INJECTION_ANALYSIS + * @property {string} INJECTION_QUEUE + * @property {string} XSS_ANALYSIS + * @property {string} XSS_QUEUE + * @property {string} AUTH_ANALYSIS + * @property {string} AUTH_QUEUE + * @property {string} AUTHZ_ANALYSIS + * @property {string} AUTHZ_QUEUE + * @property {string} SSRF_ANALYSIS + * @property {string} SSRF_QUEUE + * @property {string} INJECTION_EVIDENCE + * @property {string} XSS_EVIDENCE + * @property {string} AUTH_EVIDENCE + * @property {string} AUTHZ_EVIDENCE + * @property {string} SSRF_EVIDENCE + */ + +export const DeliverableType = { + // Pre-recon agent + CODE_ANALYSIS: 'CODE_ANALYSIS', + + // Recon agent + RECON: 'RECON', + + // Vulnerability analysis agents + INJECTION_ANALYSIS: 'INJECTION_ANALYSIS', + INJECTION_QUEUE: 'INJECTION_QUEUE', + + XSS_ANALYSIS: 'XSS_ANALYSIS', + XSS_QUEUE: 'XSS_QUEUE', + + AUTH_ANALYSIS: 'AUTH_ANALYSIS', + AUTH_QUEUE: 'AUTH_QUEUE', + + AUTHZ_ANALYSIS: 'AUTHZ_ANALYSIS', + AUTHZ_QUEUE: 'AUTHZ_QUEUE', + + SSRF_ANALYSIS: 'SSRF_ANALYSIS', + SSRF_QUEUE: 'SSRF_QUEUE', + + // Exploitation agents + INJECTION_EVIDENCE: 'INJECTION_EVIDENCE', + XSS_EVIDENCE: 'XSS_EVIDENCE', + AUTH_EVIDENCE: 'AUTH_EVIDENCE', + AUTHZ_EVIDENCE: 'AUTHZ_EVIDENCE', + SSRF_EVIDENCE: 'SSRF_EVIDENCE', +}; + +/** + * Hard-coded filename mappings from agent prompts + * Must match tools/save_deliverable.js exactly + */ +export const DELIVERABLE_FILENAMES = { + [DeliverableType.CODE_ANALYSIS]: 'code_analysis_deliverable.md', + [DeliverableType.RECON]: 'recon_deliverable.md', + [DeliverableType.INJECTION_ANALYSIS]: 'injection_analysis_deliverable.md', + [DeliverableType.INJECTION_QUEUE]: 'injection_exploitation_queue.json', + [DeliverableType.XSS_ANALYSIS]: 'xss_analysis_deliverable.md', + [DeliverableType.XSS_QUEUE]: 'xss_exploitation_queue.json', + [DeliverableType.AUTH_ANALYSIS]: 'auth_analysis_deliverable.md', + [DeliverableType.AUTH_QUEUE]: 'auth_exploitation_queue.json', + [DeliverableType.AUTHZ_ANALYSIS]: 'authz_analysis_deliverable.md', + [DeliverableType.AUTHZ_QUEUE]: 'authz_exploitation_queue.json', + [DeliverableType.SSRF_ANALYSIS]: 'ssrf_analysis_deliverable.md', + [DeliverableType.SSRF_QUEUE]: 'ssrf_exploitation_queue.json', + [DeliverableType.INJECTION_EVIDENCE]: 'injection_exploitation_evidence.md', + [DeliverableType.XSS_EVIDENCE]: 'xss_exploitation_evidence.md', + [DeliverableType.AUTH_EVIDENCE]: 'auth_exploitation_evidence.md', + [DeliverableType.AUTHZ_EVIDENCE]: 'authz_exploitation_evidence.md', + [DeliverableType.SSRF_EVIDENCE]: 'ssrf_exploitation_evidence.md', +}; + +/** + * Queue types that require JSON validation + */ +export const QUEUE_TYPES = [ + DeliverableType.INJECTION_QUEUE, + DeliverableType.XSS_QUEUE, + DeliverableType.AUTH_QUEUE, + DeliverableType.AUTHZ_QUEUE, + DeliverableType.SSRF_QUEUE, +]; + +/** + * Type guard to check if a deliverable type is a queue + * @param {string} type - Deliverable type to check + * @returns {boolean} True if the type is a queue type + */ +export function isQueueType(type) { + return QUEUE_TYPES.includes(type); +} + +/** + * @typedef {Object} VulnerabilityQueue + * @property {Array} vulnerabilities - Array of vulnerability objects + */ diff --git a/mcp-server/src/types/index.js b/mcp-server/src/types/index.js new file mode 100644 index 0000000..38dacd8 --- /dev/null +++ b/mcp-server/src/types/index.js @@ -0,0 +1,6 @@ +/** + * Type definitions barrel export + */ + +export * from './deliverables.js'; +export * from './tool-responses.js'; diff --git a/mcp-server/src/types/tool-responses.js b/mcp-server/src/types/tool-responses.js new file mode 100644 index 0000000..24de306 --- /dev/null +++ b/mcp-server/src/types/tool-responses.js @@ -0,0 +1,58 @@ +/** + * Tool Response Type Definitions + * + * Defines structured response formats for MCP tools to ensure + * consistent error handling and success reporting. + */ + +/** + * @typedef {Object} ErrorResponse + * @property {'error'} status + * @property {string} message + * @property {string} errorType - ValidationError, FileSystemError, CryptoError, etc. + * @property {boolean} retryable + * @property {Record} [context] + */ + +/** + * @typedef {Object} SuccessResponse + * @property {'success'} status + * @property {string} message + */ + +/** + * @typedef {Object} SaveDeliverableResponse + * @property {'success'} status + * @property {string} message + * @property {string} filepath + * @property {string} deliverableType + * @property {boolean} validated - true if queue JSON was validated + */ + +/** + * @typedef {Object} GenerateTotpResponse + * @property {'success'} status + * @property {string} message + * @property {string} totpCode + * @property {string} timestamp + * @property {number} expiresIn - seconds until expiration + */ + +/** + * Helper to create tool result from response + * MCP tools should return this format + * + * @param {ErrorResponse | SaveDeliverableResponse | GenerateTotpResponse} response + * @returns {{ content: Array<{ type: string; text: string }>; isError: boolean }} + */ +export function createToolResult(response) { + return { + content: [ + { + type: 'text', + text: JSON.stringify(response, null, 2), + }, + ], + isError: response.status === 'error', + }; +} diff --git a/mcp-server/src/utils/error-formatter.js b/mcp-server/src/utils/error-formatter.js new file mode 100644 index 0000000..d811e51 --- /dev/null +++ b/mcp-server/src/utils/error-formatter.js @@ -0,0 +1,89 @@ +/** + * Error Formatting Utilities + * + * Helper functions for creating structured error responses. + */ + +/** + * @typedef {Object} ErrorResponse + * @property {'error'} status + * @property {string} message + * @property {string} errorType + * @property {boolean} retryable + * @property {Record} [context] + */ + +/** + * Create a validation error response + * + * @param {string} message + * @param {boolean} [retryable=true] + * @param {Record} [context] + * @returns {ErrorResponse} + */ +export function createValidationError(message, retryable = true, context) { + return { + status: 'error', + message, + errorType: 'ValidationError', + retryable, + context, + }; +} + +/** + * Create a file system error response + * + * @param {string} message + * @param {boolean} [retryable=false] + * @param {Record} [context] + * @returns {ErrorResponse} + */ +export function createFileSystemError(message, retryable = false, context) { + return { + status: 'error', + message, + errorType: 'FileSystemError', + retryable, + context, + }; +} + +/** + * Create a crypto error response + * + * @param {string} message + * @param {boolean} [retryable=false] + * @param {Record} [context] + * @returns {ErrorResponse} + */ +export function createCryptoError(message, retryable = false, context) { + return { + status: 'error', + message, + errorType: 'CryptoError', + retryable, + context, + }; +} + +/** + * Create a generic error response + * + * @param {unknown} error + * @param {boolean} [retryable=false] + * @param {Record} [context] + * @returns {ErrorResponse} + */ +export function createGenericError(error, retryable = false, context) { + const message = error instanceof Error ? error.message : String(error); + const errorType = error instanceof Error ? error.constructor.name : 'UnknownError'; + + return { + status: 'error', + message, + errorType, + retryable, + context, + }; +} diff --git a/mcp-server/src/utils/file-operations.js b/mcp-server/src/utils/file-operations.js new file mode 100644 index 0000000..b030489 --- /dev/null +++ b/mcp-server/src/utils/file-operations.js @@ -0,0 +1,35 @@ +/** + * File Operations Utilities + * + * Handles file system operations for deliverable saving. + * Ported from tools/save_deliverable.js (lines 117-130). + */ + +import { writeFileSync, mkdirSync } from 'fs'; +import { join } from 'path'; + +/** + * Save deliverable file to deliverables/ directory + * + * @param {string} filename - Name of the file to save + * @param {string} content - Content to write to the file + * @returns {string} Full path to the saved file + */ +export function saveDeliverableFile(filename, content) { + // Use target directory from global context (set by createShannonHelperServer) + const targetDir = global.__SHANNON_TARGET_DIR || process.cwd(); + const deliverablesDir = join(targetDir, 'deliverables'); + const filepath = join(deliverablesDir, filename); + + // Ensure deliverables directory exists + try { + mkdirSync(deliverablesDir, { recursive: true }); + } catch (error) { + // Directory might already exist, ignore + } + + // Write file (atomic write - single operation) + writeFileSync(filepath, content, 'utf8'); + + return filepath; +} diff --git a/mcp-server/src/utils/index.js b/mcp-server/src/utils/index.js new file mode 100644 index 0000000..cdf4357 --- /dev/null +++ b/mcp-server/src/utils/index.js @@ -0,0 +1,6 @@ +/** + * Utilities barrel export + */ + +export * from './file-operations.js'; +export * from './error-formatter.js'; diff --git a/mcp-server/src/validation/index.js b/mcp-server/src/validation/index.js new file mode 100644 index 0000000..adf3caa --- /dev/null +++ b/mcp-server/src/validation/index.js @@ -0,0 +1,6 @@ +/** + * Validation layer barrel export + */ + +export * from './queue-validator.js'; +export * from './totp-validator.js'; diff --git a/mcp-server/src/validation/queue-validator.js b/mcp-server/src/validation/queue-validator.js new file mode 100644 index 0000000..1fdcd84 --- /dev/null +++ b/mcp-server/src/validation/queue-validator.js @@ -0,0 +1,51 @@ +/** + * Queue Validator + * + * Validates JSON structure for vulnerability queue files. + * Ported from tools/save_deliverable.js (lines 56-75). + */ + +/** + * @typedef {Object} ValidationResult + * @property {boolean} valid + * @property {string} [message] + * @property {Object} [data] + */ + +/** + * Validate JSON structure for queue files + * Queue files must have a 'vulnerabilities' array + * + * @param {string} content - JSON string to validate + * @returns {ValidationResult} ValidationResult with valid flag, optional error message, and parsed data + */ +export function validateQueueJson(content) { + try { + const parsed = JSON.parse(content); + + // Queue files must have a 'vulnerabilities' array + if (!parsed.vulnerabilities) { + return { + valid: false, + message: `Invalid queue structure: Missing 'vulnerabilities' property. Expected: {"vulnerabilities": [...]}`, + }; + } + + if (!Array.isArray(parsed.vulnerabilities)) { + return { + valid: false, + message: `Invalid queue structure: 'vulnerabilities' must be an array. Expected: {"vulnerabilities": [...]}`, + }; + } + + return { + valid: true, + data: parsed, + }; + } catch (error) { + return { + valid: false, + message: `Invalid JSON: ${error instanceof Error ? error.message : String(error)}`, + }; + } +} diff --git a/mcp-server/src/validation/totp-validator.js b/mcp-server/src/validation/totp-validator.js new file mode 100644 index 0000000..2deb486 --- /dev/null +++ b/mcp-server/src/validation/totp-validator.js @@ -0,0 +1,71 @@ +/** + * TOTP Validator + * + * Validates TOTP secrets and provides base32 decoding. + * Ported from tools/generate-totp-standalone.mjs (lines 43-72). + */ + +/** + * Base32 decode function + * Ported from generate-totp-standalone.mjs + * + * @param {string} encoded - Base32 encoded string + * @returns {Buffer} Buffer containing decoded bytes + */ +export function base32Decode(encoded) { + const alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'; + const cleanInput = encoded.toUpperCase().replace(/[^A-Z2-7]/g, ''); + + if (cleanInput.length === 0) { + return Buffer.alloc(0); + } + + const output = []; + let bits = 0; + let value = 0; + + for (const char of cleanInput) { + const index = alphabet.indexOf(char); + if (index === -1) { + throw new Error(`Invalid base32 character: ${char}`); + } + + value = (value << 5) | index; + bits += 5; + + if (bits >= 8) { + output.push((value >>> (bits - 8)) & 255); + bits -= 8; + } + } + + return Buffer.from(output); +} + +/** + * Validate TOTP secret + * Must be base32-encoded string + * + * @param {string} secret - Secret to validate + * @returns {boolean} true if valid, throws Error if invalid + */ +export function validateTotpSecret(secret) { + if (!secret || secret.length === 0) { + throw new Error('TOTP secret cannot be empty'); + } + + // Check if it's valid base32 (only A-Z and 2-7, case-insensitive) + const base32Regex = /^[A-Z2-7]+$/i; + if (!base32Regex.test(secret.replace(/[^A-Z2-7]/gi, ''))) { + throw new Error('TOTP secret must be base32-encoded (characters A-Z and 2-7)'); + } + + // Try to decode to ensure it's valid + try { + base32Decode(secret); + } catch (error) { + throw new Error(`Invalid TOTP secret: ${error instanceof Error ? error.message : String(error)}`); + } + + return true; +} diff --git a/package-lock.json b/package-lock.json index 8b784ca..b3777f8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,6 +8,7 @@ "name": "shannon", "version": "1.0.0", "dependencies": { + "@anthropic-ai/claude-agent-sdk": "^0.1.0", "@anthropic-ai/claude-code": "^1.0.96", "ajv": "^8.12.0", "ajv-formats": "^2.1.1", @@ -16,12 +17,33 @@ "figlet": "^1.9.3", "gradient-string": "^3.0.0", "js-yaml": "^4.1.0", + "zod": "^3.22.4", "zx": "^8.0.0" }, "bin": { "shannon": "shannon.mjs" } }, + "node_modules/@anthropic-ai/claude-agent-sdk": { + "version": "0.1.25", + "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk/-/claude-agent-sdk-0.1.25.tgz", + "integrity": "sha512-qwuydYaA3uamz4ivDzYXfL2PBjGwc0+beeIyo3nvtZQOtFLjH7xPdBK2w3+9KnB3L6V7VooAMdTXPpQyxCwcOg==", + "license": "SEE LICENSE IN README.md", + "engines": { + "node": ">=18.0.0" + }, + "optionalDependencies": { + "@img/sharp-darwin-arm64": "^0.33.5", + "@img/sharp-darwin-x64": "^0.33.5", + "@img/sharp-linux-arm": "^0.33.5", + "@img/sharp-linux-arm64": "^0.33.5", + "@img/sharp-linux-x64": "^0.33.5", + "@img/sharp-win32-x64": "^0.33.5" + }, + "peerDependencies": { + "zod": "^3.24.1" + } + }, "node_modules/@anthropic-ai/claude-code": { "version": "1.0.96", "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.96.tgz", @@ -64,6 +86,28 @@ "@img/sharp-libvips-darwin-arm64": "1.0.4" } }, + "node_modules/@img/sharp-darwin-x64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.33.5.tgz", + "integrity": "sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-darwin-x64": "1.0.4" + } + }, "node_modules/@img/sharp-libvips-darwin-arm64": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.0.4.tgz", @@ -80,6 +124,155 @@ "url": "https://opencollective.com/libvips" } }, + "node_modules/@img/sharp-libvips-darwin-x64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.0.4.tgz", + "integrity": "sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "darwin" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-arm": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.0.5.tgz", + "integrity": "sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==", + "cpu": [ + "arm" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-arm64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.0.4.tgz", + "integrity": "sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==", + "cpu": [ + "arm64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-x64": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.0.4.tgz", + "integrity": "sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-linux-arm": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.33.5.tgz", + "integrity": "sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==", + "cpu": [ + "arm" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-arm": "1.0.5" + } + }, + "node_modules/@img/sharp-linux-arm64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.33.5.tgz", + "integrity": "sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==", + "cpu": [ + "arm64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-arm64": "1.0.4" + } + }, + "node_modules/@img/sharp-linux-x64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.33.5.tgz", + "integrity": "sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-x64": "1.0.4" + } + }, + "node_modules/@img/sharp-win32-x64": { + "version": "0.33.5", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.33.5.tgz", + "integrity": "sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, "node_modules/@types/tinycolor2": { "version": "1.4.6", "resolved": "https://registry.npmjs.org/@types/tinycolor2/-/tinycolor2-1.4.6.tgz", @@ -462,6 +655,15 @@ "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, + "node_modules/zod": { + "version": "3.25.76", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", + "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } + }, "node_modules/zx": { "version": "8.8.1", "resolved": "https://registry.npmjs.org/zx/-/zx-8.8.1.tgz", diff --git a/package.json b/package.json index da20d42..055af80 100644 --- a/package.json +++ b/package.json @@ -8,6 +8,7 @@ }, "dependencies": { "@anthropic-ai/claude-code": "^1.0.96", + "@anthropic-ai/claude-agent-sdk": "^0.1.0", "ajv": "^8.12.0", "ajv-formats": "^2.1.1", "boxen": "^8.0.1", @@ -15,6 +16,7 @@ "figlet": "^1.9.3", "gradient-string": "^3.0.0", "js-yaml": "^4.1.0", + "zod": "^3.22.4", "zx": "^8.0.0" }, "bin": { diff --git a/prompts/exploit-auth.txt b/prompts/exploit-auth.txt index 1830080..7f3c68f 100644 --- a/prompts/exploit-auth.txt +++ b/prompts/exploit-auth.txt @@ -158,9 +158,12 @@ You are the **Identity Compromise Specialist** - proving tangible impact of brok - **{{MCP_SERVER}} (Playwright):** Essential for interacting with multi-step authentication flows, injecting stolen session cookies, and verifying account takeover in a real browser context. -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to replay tokens and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script. - - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your evidence report:** `node save_deliverable.js AUTH_EVIDENCE 'your complete evidence report'` +- **save_deliverable (MCP Tool):** Saves exploitation evidence files. + - **Parameters:** + - `deliverable_type`: "AUTH_EVIDENCE" (required) + - `content`: Your complete evidence report (markdown) (required) + - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **Task Agent:** Mandatory coder-executor for brute force batches, credential stuffing, token replay automation, and any scripted workflow. - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow. - **Read tool:** To read false positives from your tracking file at `workspace/auth_false_positives.md`. @@ -418,7 +421,7 @@ If [blocker] were bypassed/removed: COMPLETION REQUIREMENTS (ALL must be satisfied): 1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool. 2. Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script: - - Evidence report: `node save_deliverable.js AUTH_EVIDENCE 'your evidence report'` + - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_EVIDENCE"` and your evidence report as `content` CRITICAL WARNING: Announcing completion before every item in deliverables/auth_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure. diff --git a/prompts/exploit-authz.txt b/prompts/exploit-authz.txt index 48971c0..029a4fc 100644 --- a/prompts/exploit-authz.txt +++ b/prompts/exploit-authz.txt @@ -145,9 +145,12 @@ You are the **Privilege Escalation Specialist** - proving tangible impact of bro - **{{MCP_SERVER}} (Playwright):** Essential for interacting with complex authorization flows, testing role-based access controls in browser contexts, and verifying privilege escalation through UI elements. -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to test IDOR vulnerabilities and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script. - - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your evidence report:** `node save_deliverable.js AUTHZ_EVIDENCE 'your complete evidence report'` +- **save_deliverable (MCP Tool):** Saves exploitation evidence files. + - **Parameters:** + - `deliverable_type`: "AUTHZ_EVIDENCE" (required) + - `content`: Your complete evidence report (markdown) (required) + - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **Task Agent:** Mandatory coder-executor for IDOR sweeps, role escalation loops, and workflow bypass automation. - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow. - **Read tool:** To read false positives from your tracking file at `workspace/authz_false_positives.md`. @@ -420,7 +423,7 @@ If [blocker] were bypassed/removed: COMPLETION REQUIREMENTS (ALL must be satisfied): 1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool. 2. Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script: - - Evidence report: `node save_deliverable.js AUTHZ_EVIDENCE 'your evidence report'` + - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_EVIDENCE"` and your evidence report as `content` CRITICAL WARNING: Announcing completion before every item in deliverables/authz_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure. diff --git a/prompts/exploit-injection.txt b/prompts/exploit-injection.txt index 10c6c65..ac95ab6 100644 --- a/prompts/exploit-injection.txt +++ b/prompts/exploit-injection.txt @@ -126,9 +126,12 @@ You are the **Proof-of-Impact Generator** - converting theoretical injection fla - **{{MCP_SERVER}} (Playwright):** For testing injection vulnerabilities through browser interactions when needed. -- **Bash tool:** Your primary tool for executing shell commands. Use it for attacks with `curl` and automated tools like `sqlmap` and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script. - - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your evidence report:** `node save_deliverable.js INJECTION_EVIDENCE 'your complete evidence report'` +- **save_deliverable (MCP Tool):** Saves exploitation evidence files. + - **Parameters:** + - `deliverable_type`: "INJECTION_EVIDENCE" (required) + - `content`: Your complete evidence report (markdown) (required) + - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **Task Agent:** Mandatory coder-executor for any custom scripting beyond single ad-hoc commands. - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow. - **Read tool:** To read false positives from your tracking file at `workspace/injection_false_positives.md`. @@ -445,8 +448,8 @@ If [blocker] were bypassed/removed: COMPLETION REQUIREMENTS (ALL must be satisfied): 1. **Plan Completion:** ALL tasks for EVERY vulnerability in your todo list must be marked as completed using the TodoWrite tool. **No vulnerability or task can be left unaddressed.** -2. **Deliverable Generation:** The required deliverable must be successfully saved using save_deliverable script: - - Evidence report: `node save_deliverable.js INJECTION_EVIDENCE 'your evidence report'` +2. **Deliverable Generation:** The required deliverable must be successfully saved using save_deliverable MCP tool: + - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_EVIDENCE"` and your evidence report as `content` **CRITICAL WARNING:** Announcing completion before every item in `deliverables/injection_exploitation_queue.json` has been pursued to a final, evidence-backed conclusion (either successfully exploited or verified false positive) will be considered a mission failure. Superficial testing is not acceptable. diff --git a/prompts/exploit-ssrf.txt b/prompts/exploit-ssrf.txt index 93b5f57..d0b84a1 100644 --- a/prompts/exploit-ssrf.txt +++ b/prompts/exploit-ssrf.txt @@ -144,9 +144,12 @@ You are the **Network Boundary Breaker** - proving tangible impact of SSRF vulne -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting HTTP requests with `curl` to exploit SSRF vulnerabilities and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script. - - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your evidence report:** `node save_deliverable.js SSRF_EVIDENCE 'your complete evidence report'` +- **save_deliverable (MCP Tool):** Saves exploitation evidence files. + - **Parameters:** + - `deliverable_type`: "SSRF_EVIDENCE" (required) + - `content`: Your complete evidence report (markdown) (required) + - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **{{MCP_SERVER}} (Playwright):** Useful for complex multi-step SSRF exploitation that requires browser context or JavaScript execution. - **Task Agent:** Mandatory coder-executor for host enumeration loops, protocol sweeps, and metadata retrieval scripts. - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow. @@ -497,7 +500,7 @@ If [blocker] were bypassed/removed: COMPLETION REQUIREMENTS (ALL must be satisfied): 1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool. 2. Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script: - - Evidence report: `node save_deliverable.js SSRF_EVIDENCE 'your evidence report'` + - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_EVIDENCE"` and your evidence report as `content` CRITICAL WARNING: Announcing completion before every item in deliverables/ssrf_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure. diff --git a/prompts/exploit-xss.txt b/prompts/exploit-xss.txt index 7d92182..2b5f799 100644 --- a/prompts/exploit-xss.txt +++ b/prompts/exploit-xss.txt @@ -147,9 +147,12 @@ You are the **Client-Side Impact Demonstrator** - converting theoretical XSS fla - **{{MCP_SERVER}} (Playwright):** Your primary tool for testing DOM-based and Stored XSS, confirming script execution in a real browser context, and interacting with the application post-exploitation. -- **Bash tool:** Your primary tool for executing shell commands. Use it for testing Reflected XSS with `curl` and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script. - - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your evidence report:** `node save_deliverable.js XSS_EVIDENCE 'your complete evidence report'` +- **save_deliverable (MCP Tool):** Saves exploitation evidence files. + - **Parameters:** + - `deliverable_type`: "XSS_EVIDENCE" (required) + - `content`: Your complete evidence report (markdown) (required) + - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **Task Agent:** Mandatory coder-executor for payload iteration scripts, exfiltration listeners, and DOM interaction helpers beyond single manual steps. - **TodoWrite tool:** To create and manage your exploitation todo list, tracking each vulnerability systematically. - **Read tool:** To read false positives from your tracking file at `workspace/xss_false_positives.md`. @@ -436,8 +439,8 @@ If [blocker] were bypassed/removed: COMPLETION REQUIREMENTS (ALL must be satisfied): - Todo List Completion: ALL vulnerabilities from the exploitation queue must have been processed and marked as completed in your todo list. -- Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script: - - Evidence report: `node save_deliverable.js XSS_EVIDENCE 'your evidence report'` +- Deliverable Generation: The required deliverable must be successfully saved using save_deliverable MCP tool: + - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "XSS_EVIDENCE"` and your evidence report as `content` **CRITICAL WARNING:** Announcing completion before every item in `deliverables/xss_exploitation_queue.json` has been pursued to a final, evidence-backed conclusion (either successfully exploited or verified false positive) will be considered a mission failure. Superficial testing is not acceptable. diff --git a/prompts/pipeline-testing/exploit-auth.txt b/prompts/pipeline-testing/exploit-auth.txt index 3ee6e07..7c8e4fe 100644 --- a/prompts/pipeline-testing/exploit-auth.txt +++ b/prompts/pipeline-testing/exploit-auth.txt @@ -19,30 +19,11 @@ ``` ### Step 2: Create Required Deliverable -Use the save_deliverable script to create your evidence: +Use the save_deliverable MCP tool to create your evidence: -```bash -node save_deliverable.js AUTH_EVIDENCE '# Authentication Exploitation Evidence (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.com -**Screenshot:** auth-exploit-test.png -**Status:** Browser isolation test successful - -## Exploitation Results -- **Target:** Test authentication vulnerability -- **Method:** Authentication bypass via parameter manipulation -- **Evidence:** Successfully bypassed login using admin=true parameter -- **Impact:** Demonstrated unauthorized access to protected resources -- **Proof:** Pipeline testing mode - simulated successful exploitation - -## Technical Details -- **Vulnerability ID:** AUTH-VULN-01 -- **Exploitation Status:** Simulated Success (Pipeline Test) -- **MCP Instance:** {{MCP_SERVER}} -- **Attack Vector:** Parameter-based authentication bypass -- **Bypass Method:** URL parameter manipulation' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "AUTH_EVIDENCE"` +- `content: "# Authentication Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** auth-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test authentication vulnerability\n- **Method:** Authentication bypass via parameter manipulation\n- **Evidence:** Successfully bypassed login using admin=true parameter\n- **Impact:** Demonstrated unauthorized access to protected resources\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** AUTH-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Parameter-based authentication bypass\n- **Bypass Method:** URL parameter manipulation"` This will automatically create `deliverables/auth_exploitation_evidence.md`. diff --git a/prompts/pipeline-testing/exploit-authz.txt b/prompts/pipeline-testing/exploit-authz.txt index 3360e3f..aded0f9 100644 --- a/prompts/pipeline-testing/exploit-authz.txt +++ b/prompts/pipeline-testing/exploit-authz.txt @@ -19,30 +19,11 @@ ``` ### Step 2: Create Required Deliverable -Use the save_deliverable script to create your evidence: +Use the save_deliverable MCP tool to create your evidence: -```bash -node save_deliverable.js AUTHZ_EVIDENCE '# Authorization Exploitation Evidence (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.com -**Screenshot:** authz-exploit-test.png -**Status:** Browser isolation test successful - -## Exploitation Results -- **Target:** Test authorization vulnerability -- **Method:** Privilege escalation via direct object reference -- **Evidence:** Successfully accessed admin panel with user-level privileges -- **Impact:** Demonstrated unauthorized access to privileged functionality -- **Proof:** Pipeline testing mode - simulated successful exploitation - -## Technical Details -- **Vulnerability ID:** AUTHZ-VULN-01 -- **Exploitation Status:** Simulated Success (Pipeline Test) -- **MCP Instance:** {{MCP_SERVER}} -- **Attack Vector:** Insecure Direct Object Reference (IDOR) -- **Escalation Method:** User ID manipulation in API calls' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "AUTHZ_EVIDENCE"` +- `content: "# Authorization Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** authz-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test authorization vulnerability\n- **Method:** Privilege escalation via direct object reference\n- **Evidence:** Successfully accessed admin panel with user-level privileges\n- **Impact:** Demonstrated unauthorized access to privileged functionality\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** AUTHZ-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Insecure Direct Object Reference (IDOR)\n- **Escalation Method:** User ID manipulation in API calls"` This will automatically create `deliverables/authz_exploitation_evidence.md`. diff --git a/prompts/pipeline-testing/exploit-injection.txt b/prompts/pipeline-testing/exploit-injection.txt index 0423b73..0439ee4 100644 --- a/prompts/pipeline-testing/exploit-injection.txt +++ b/prompts/pipeline-testing/exploit-injection.txt @@ -19,28 +19,11 @@ ``` ### Step 2: Create Required Deliverable -Use the save_deliverable script to create your evidence: +Use the save_deliverable MCP tool to create your evidence: -```bash -node save_deliverable.js INJECTION_EVIDENCE '# Injection Exploitation Evidence (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.com -**Screenshot:** injection-exploit-test.png -**Status:** Browser isolation test successful - -## Exploitation Results -- **Target:** Test injection vulnerability -- **Method:** SQL injection via query parameter -- **Evidence:** Successfully executed test payload `'"'"'; DROP TABLE users; --` -- **Impact:** Demonstrated ability to manipulate database queries -- **Proof:** Pipeline testing mode - simulated successful exploitation - -## Technical Details -- **Vulnerability ID:** INJ-VULN-01 -- **Exploitation Status:** Simulated Success (Pipeline Test) -- **MCP Instance:** {{MCP_SERVER}}' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "INJECTION_EVIDENCE"` +- `content: "# Injection Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** injection-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test injection vulnerability\n- **Method:** SQL injection via query parameter\n- **Evidence:** Successfully executed test payload `'; DROP TABLE users; --`\n- **Impact:** Demonstrated ability to manipulate database queries\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** INJ-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}"` This will automatically create `deliverables/injection_exploitation_evidence.md`. diff --git a/prompts/pipeline-testing/exploit-ssrf.txt b/prompts/pipeline-testing/exploit-ssrf.txt index c487e69..4a0cc0a 100644 --- a/prompts/pipeline-testing/exploit-ssrf.txt +++ b/prompts/pipeline-testing/exploit-ssrf.txt @@ -19,30 +19,11 @@ ``` ### Step 2: Create Required Deliverable -Use the save_deliverable script to create your evidence: +Use the save_deliverable MCP tool to create your evidence: -```bash -node save_deliverable.js SSRF_EVIDENCE '# SSRF Exploitation Evidence (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.com -**Screenshot:** ssrf-exploit-test.png -**Status:** Browser isolation test successful - -## Exploitation Results -- **Target:** Test SSRF vulnerability -- **Method:** Server-Side Request Forgery via URL parameter -- **Evidence:** Successfully forced server to make request to internal network -- **Impact:** Demonstrated access to internal services and potential data exfiltration -- **Proof:** Pipeline testing mode - simulated successful exploitation - -## Technical Details -- **Vulnerability ID:** SSRF-VULN-01 -- **Exploitation Status:** Simulated Success (Pipeline Test) -- **MCP Instance:** {{MCP_SERVER}} -- **Attack Vector:** URL parameter manipulation -- **Target:** Internal network services (localhost:8080)' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "SSRF_EVIDENCE"` +- `content: "# SSRF Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** ssrf-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test SSRF vulnerability\n- **Method:** Server-Side Request Forgery via URL parameter\n- **Evidence:** Successfully forced server to make request to internal network\n- **Impact:** Demonstrated access to internal services and potential data exfiltration\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** SSRF-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** URL parameter manipulation\n- **Target:** Internal network services (localhost:8080)"` This will automatically create `deliverables/ssrf_exploitation_evidence.md`. diff --git a/prompts/pipeline-testing/exploit-xss.txt b/prompts/pipeline-testing/exploit-xss.txt index 6d6d199..0ee9cbe 100644 --- a/prompts/pipeline-testing/exploit-xss.txt +++ b/prompts/pipeline-testing/exploit-xss.txt @@ -19,29 +19,11 @@ ``` ### Step 2: Create Required Deliverable -Use the save_deliverable script to create your evidence: +Use the save_deliverable MCP tool to create your evidence: -```bash -node save_deliverable.js XSS_EVIDENCE '# XSS Exploitation Evidence (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.com -**Screenshot:** xss-exploit-test.png -**Status:** Browser isolation test successful - -## Exploitation Results -- **Target:** Test XSS vulnerability -- **Method:** Reflected XSS via search parameter -- **Evidence:** Successfully executed payload `` -- **Impact:** Demonstrated JavaScript code execution in user context -- **Proof:** Pipeline testing mode - simulated successful exploitation - -## Technical Details -- **Vulnerability ID:** XSS-VULN-01 -- **Exploitation Status:** Simulated Success (Pipeline Test) -- **MCP Instance:** {{MCP_SERVER}} -- **Attack Vector:** Reflected XSS in search functionality' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "XSS_EVIDENCE"` +- `content: "# XSS Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** xss-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test XSS vulnerability\n- **Method:** Reflected XSS via search parameter\n- **Evidence:** Successfully executed payload ``\n- **Impact:** Demonstrated JavaScript code execution in user context\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** XSS-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Reflected XSS in search functionality"` This will automatically create `deliverables/xss_exploitation_evidence.md`. diff --git a/prompts/pipeline-testing/pre-recon-code.txt b/prompts/pipeline-testing/pre-recon-code.txt index 0171c6a..3911d8a 100644 --- a/prompts/pipeline-testing/pre-recon-code.txt +++ b/prompts/pipeline-testing/pre-recon-code.txt @@ -1,6 +1 @@ -Run this command and do nothing else: - -```bash -node save_deliverable.js CODE_ANALYSIS 'Pre-recon analysis complete' -``` -Then say "Done". \ No newline at end of file +Use the save_deliverable MCP tool with `deliverable_type: "CODE_ANALYSIS"` and `content: "Pre-recon analysis complete"`. Then say "Done". \ No newline at end of file diff --git a/prompts/pipeline-testing/recon.txt b/prompts/pipeline-testing/recon.txt index cd485c4..ee8fd92 100644 --- a/prompts/pipeline-testing/recon.txt +++ b/prompts/pipeline-testing/recon.txt @@ -1,6 +1 @@ -Run this command and do nothing else: - -```bash -node save_deliverable.js RECON 'Reconnaissance analysis complete' -``` -Then say "Done". \ No newline at end of file +Use the save_deliverable MCP tool with `deliverable_type: "RECON"` and `content: "Reconnaissance analysis complete"`. Then say "Done". \ No newline at end of file diff --git a/prompts/pipeline-testing/vuln-auth.txt b/prompts/pipeline-testing/vuln-auth.txt index 443310d..afc5116 100644 --- a/prompts/pipeline-testing/vuln-auth.txt +++ b/prompts/pipeline-testing/vuln-auth.txt @@ -19,38 +19,19 @@ ``` ### Step 2: Create Required Deliverables -Use the save_deliverable script to create both deliverables: +Use the save_deliverable MCP tool to create both deliverables: **1. Analysis Report:** -```bash -node save_deliverable.js AUTH_ANALYSIS '# Auth Analysis Complete (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.net -**Screenshot:** auth-agent-test.png -**Status:** Browser isolation test successful' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "AUTH_ANALYSIS"` +- `content: "# Auth Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.net\n**Screenshot:** auth-agent-test.png\n**Status:** Browser isolation test successful"` **2. Exploitation Queue:** -```bash -node save_deliverable.js AUTH_QUEUE '{ - "vulnerabilities": [ - { - "ID": "AUTH-VULN-01", - "verdict": "vulnerable", - "confidence": "high", - "notes": "Test auth vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", - "vulnerability_type": "Authentication_Bypass", - "endpoint": "/api/login", - "flaw_type": "Missing token validation", - "exploit_hypothesis": "Empty or invalid token allows access to protected resources", - "witness_payload": "Authorization: Bearer invalid_token" - } - ] -}' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "AUTH_QUEUE"` +- `content: {"vulnerabilities": [{"ID": "AUTH-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test auth vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Authentication_Bypass", "endpoint": "/api/login", "flaw_type": "Missing token validation", "exploit_hypothesis": "Empty or invalid token allows access to protected resources", "witness_payload": "Authorization: Bearer invalid_token"}]}` -These commands will automatically create the correct files in `deliverables/`. +These tools will automatically create the correct files in `deliverables/`. ### Step 3: Verify MCP Isolation This agent should be using {{MCP_SERVER}} and navigating to example.net independently of other parallel agents. \ No newline at end of file diff --git a/prompts/pipeline-testing/vuln-authz.txt b/prompts/pipeline-testing/vuln-authz.txt index 4218006..5f42cc0 100644 --- a/prompts/pipeline-testing/vuln-authz.txt +++ b/prompts/pipeline-testing/vuln-authz.txt @@ -19,37 +19,19 @@ ``` ### Step 2: Create Required Deliverables -Use the save_deliverable script to create both deliverables: +Use the save_deliverable MCP tool to create both deliverables: **1. Analysis Report:** -```bash -node save_deliverable.js AUTHZ_ANALYSIS '# Authorization Analysis Complete (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://jsonplaceholder.typicode.com -**Screenshot:** authz-agent-test.png -**Status:** Browser isolation test successful' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "AUTHZ_ANALYSIS"` +- `content: "# Authorization Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://jsonplaceholder.typicode.com\n**Screenshot:** authz-agent-test.png\n**Status:** Browser isolation test successful"` **2. Exploitation Queue:** -```bash -node save_deliverable.js AUTHZ_QUEUE '{ - "vulnerabilities": [ - { - "ID": "AUTHZ-VULN-01", - "verdict": "vulnerable", - "confidence": "high", - "notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", - "vulnerability_type": "Vertical", - "endpoint": "/admin/users", - "actual_access": "Regular users can access admin functions", - "witness_payload": "GET /admin/users with regular user token" - } - ] -}' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "AUTHZ_QUEUE"` +- `content: {"vulnerabilities": [{"ID": "AUTHZ-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Vertical", "endpoint": "/admin/users", "actual_access": "Regular users can access admin functions", "witness_payload": "GET /admin/users with regular user token"}]}` -These commands will automatically create the correct files in `deliverables/`. +These tools will automatically create the correct files in `deliverables/`. ### Step 3: Verify MCP Isolation This agent should be using {{MCP_SERVER}} and navigating to jsonplaceholder.typicode.com independently of other parallel agents. \ No newline at end of file diff --git a/prompts/pipeline-testing/vuln-injection.txt b/prompts/pipeline-testing/vuln-injection.txt index a40a455..9b0c842 100644 --- a/prompts/pipeline-testing/vuln-injection.txt +++ b/prompts/pipeline-testing/vuln-injection.txt @@ -19,40 +19,19 @@ ``` ### Step 2: Create Required Deliverables -Use the save_deliverable script to create both deliverables: +Use the save_deliverable MCP tool to create both deliverables: **1. Analysis Report:** -```bash -node save_deliverable.js INJECTION_ANALYSIS '# Injection Analysis Complete (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.com -**Screenshot:** injection-agent-test.png -**Status:** Browser isolation test successful' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "INJECTION_ANALYSIS"` +- `content: "# Injection Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** injection-agent-test.png\n**Status:** Browser isolation test successful"` **2. Exploitation Queue:** -```bash -node save_deliverable.js INJECTION_QUEUE '{ - "vulnerabilities": [ - { - "ID": "INJ-VULN-01", - "verdict": "vulnerable", - "confidence": "high", - "notes": "Test vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", - "vulnerability_type": "SQLi", - "source": "query parameter at app.js:15", - "path": "controller → db.query", - "sink_call": "db.query at app.js:20", - "slot_type": "SQL-val", - "mismatch_reason": "User input directly concatenated into SQL query", - "witness_payload": "'"'"'; DROP TABLE users; --" - } - ] -}' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "INJECTION_QUEUE"` +- `content: {"vulnerabilities": [{"ID": "INJ-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "SQLi", "source": "query parameter at app.js:15", "path": "controller → db.query", "sink_call": "db.query at app.js:20", "slot_type": "SQL-val", "mismatch_reason": "User input directly concatenated into SQL query", "witness_payload": "'; DROP TABLE users; --"}]}` -These commands will automatically create the correct files in `deliverables/`. +These tools will automatically create the correct files in `deliverables/`. ### Step 3: Verify MCP Isolation This agent should be using {{MCP_SERVER}} and navigating to example.com independently of other parallel agents. \ No newline at end of file diff --git a/prompts/pipeline-testing/vuln-ssrf.txt b/prompts/pipeline-testing/vuln-ssrf.txt index 0ce118b..9198edd 100644 --- a/prompts/pipeline-testing/vuln-ssrf.txt +++ b/prompts/pipeline-testing/vuln-ssrf.txt @@ -19,37 +19,19 @@ ``` ### Step 2: Create Required Deliverables -Use the save_deliverable script to create both deliverables: +Use the save_deliverable MCP tool to create both deliverables: **1. Analysis Report:** -```bash -node save_deliverable.js SSRF_ANALYSIS '# SSRF Analysis Complete (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://httpbin.org -**Screenshot:** ssrf-agent-test.png -**Status:** Browser isolation test successful' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "SSRF_ANALYSIS"` +- `content: "# SSRF Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://httpbin.org\n**Screenshot:** ssrf-agent-test.png\n**Status:** Browser isolation test successful"` **2. Exploitation Queue:** -```bash -node save_deliverable.js SSRF_QUEUE '{ - "vulnerabilities": [ - { - "ID": "SSRF-VULN-01", - "verdict": "vulnerable", - "confidence": "high", - "notes": "Test SSRF vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", - "vulnerability_type": "URL_Manipulation", - "source": "url parameter in /api/fetch", - "outbound_call": "fetch() at api.js:45", - "witness_payload": "http://internal.localhost/admin" - } - ] -}' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "SSRF_QUEUE"` +- `content: {"vulnerabilities": [{"ID": "SSRF-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test SSRF vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "URL_Manipulation", "source": "url parameter in /api/fetch", "outbound_call": "fetch() at api.js:45", "witness_payload": "http://internal.localhost/admin"}]}` -These commands will automatically create the correct files in `deliverables/`. +These tools will automatically create the correct files in `deliverables/`. ### Step 3: Verify MCP Isolation This agent should be using {{MCP_SERVER}} and navigating to httpbin.org independently of other parallel agents. \ No newline at end of file diff --git a/prompts/pipeline-testing/vuln-xss.txt b/prompts/pipeline-testing/vuln-xss.txt index 450bb2d..23c4f0e 100644 --- a/prompts/pipeline-testing/vuln-xss.txt +++ b/prompts/pipeline-testing/vuln-xss.txt @@ -19,39 +19,19 @@ ``` ### Step 2: Create Required Deliverables -Use the save_deliverable script to create both deliverables: +Use the save_deliverable MCP tool to create both deliverables: **1. Analysis Report:** -```bash -node save_deliverable.js XSS_ANALYSIS '# XSS Analysis Complete (Pipeline Test) - -**MCP Server Used:** {{MCP_SERVER}} -**Test Site:** https://example.org -**Screenshot:** xss-agent-test.png -**Status:** Browser isolation test successful' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "XSS_ANALYSIS"` +- `content: "# XSS Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.org\n**Screenshot:** xss-agent-test.png\n**Status:** Browser isolation test successful"` **2. Exploitation Queue:** -```bash -node save_deliverable.js XSS_QUEUE '{ - "vulnerabilities": [ - { - "ID": "XSS-VULN-01", - "verdict": "vulnerable", - "confidence": "high", - "notes": "Test XSS vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", - "vulnerability_type": "Reflected", - "source": "search parameter", - "sink_function": "template.render at search.js:25", - "render_context": "HTML_BODY", - "mismatch_reason": "User input rendered without HTML encoding", - "witness_payload": "" - } - ] -}' -``` +Use `save_deliverable` MCP tool with: +- `deliverable_type: "XSS_QUEUE"` +- `content: {"vulnerabilities": [{"ID": "XSS-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test XSS vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Reflected", "source": "search parameter", "sink_function": "template.render at search.js:25", "render_context": "HTML_BODY", "mismatch_reason": "User input rendered without HTML encoding", "witness_payload": ""}]}` -These commands will automatically create the correct files in `deliverables/`. +These tools will automatically create the correct files in `deliverables/`. ### Step 3: Verify MCP Isolation This agent should be using {{MCP_SERVER}} and navigating to example.org independently of other parallel agents. \ No newline at end of file diff --git a/prompts/pre-recon-code.txt b/prompts/pre-recon-code.txt index 4599251..8ff2c41 100644 --- a/prompts/pre-recon-code.txt +++ b/prompts/pre-recon-code.txt @@ -78,9 +78,13 @@ You are the **Code Intelligence Gatherer** and **Architectural Foundation Builde **Available Tools:** - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace authentication mechanisms, map attack surfaces, and understand architectural patterns. MANDATORY for all source code analysis. - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create todo items for each phase and agent that needs execution. Mark items as "in_progress" when working on them and "completed" when done. -- **Bash tool:** Your primary tool for executing shell commands. Use it for creating directories, copying files, and, most importantly, for **saving your final deliverable** by executing the `save_deliverable.js` script. - - **Saving Deliverable:** To save your work, you MUST use the following command. The script handles correct naming and validates output. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your analysis report:** `node save_deliverable.js CODE_ANALYSIS 'your complete markdown report'` +- **save_deliverable (MCP Tool):** Saves your final deliverable file with automatic validation. + - **Parameters:** + - `deliverable_type`: "CODE_ANALYSIS" (required) + - `content`: Your complete markdown report (required) + - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure + - **Usage:** Call the tool with your complete markdown report. The tool handles correct naming and file validation automatically. +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. @@ -123,7 +127,7 @@ After Phase 1 completes, launch all three vulnerability-focused agents in parall - Create the `outputs/schemas/` directory using mkdir -p - Copy all discovered schema files to `outputs/schemas/` with descriptive names - Include schema locations in your attack surface analysis -- Save complete analysis using: `node save_deliverable.js CODE_ANALYSIS 'your complete markdown report'` +- Save complete analysis using the `save_deliverable` MCP tool with `deliverable_type: "CODE_ANALYSIS"` and your complete markdown report as the `content` **EXECUTION PATTERN:** 1. **Use TodoWrite to create task list** tracking: Phase 1 agents, Phase 2 agents, and report synthesis @@ -381,7 +385,7 @@ A component is **out-of-scope** if it **cannot** be invoked through the running - Phase 3: Synthesis and report generation completed 2. **Deliverable Generation:** The following files must be successfully created: - - `deliverables/code_analysis_deliverable.md` (Created using save_deliverable script with CODE_ANALYSIS type) + - `deliverables/code_analysis_deliverable.md` (Created using save_deliverable MCP tool with CODE_ANALYSIS type) - `outputs/schemas/` directory with all discovered schema files copied (if any schemas found) 3. **TodoWrite Completion:** All tasks in your todo list must be marked as completed diff --git a/prompts/recon.txt b/prompts/recon.txt index 85407b2..348c9f2 100644 --- a/prompts/recon.txt +++ b/prompts/recon.txt @@ -60,9 +60,12 @@ Please use these tools for the following use cases: - Task tool: **MANDATORY for ALL source code analysis.** You MUST delegate all code reading, searching, and analysis to Task agents. DO NOT use Read, Glob, or Grep tools for source code. - {{MCP_SERVER}} (Playwright): To interact with the live web application at the target. - **CRITICAL RULE:** For all browser interactions, you MUST use the {{MCP_SERVER}} (Playwright). -- Bash tool: Your primary tool for executing shell commands. Use it for simple, non-intrusive commands and, most importantly, for **saving your final deliverable** by executing the `save_deliverable.js` script. - - **Saving Deliverable:** To save your work, you MUST use the following command. The script handles correct naming and validates output. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your reconnaissance report:** `node save_deliverable.js RECON 'your complete markdown report'` +- **save_deliverable (MCP Tool):** Saves your reconnaissance deliverable file. + - **Parameters:** + - `deliverable_type`: "RECON" (required) + - `content`: Your complete markdown report (required) + - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. **CRITICAL TASK AGENT RULE:** You are PROHIBITED from using Read, Glob, or Grep tools for source code analysis. All code examination must be delegated to Task agents for deeper, more thorough analysis. @@ -388,5 +391,5 @@ Vulnerability Sources by Type -Once you have saved the complete deliverable using the save_deliverable script (`node save_deliverable.js RECON 'your report'`), your phase is complete. Announce "RECONNAISSANCE COMPLETE" and await further instructions. +Once you have saved the complete deliverable using the save_deliverable MCP tool with `deliverable_type: "RECON"` and your complete report as the `content`, your phase is complete. Announce "RECONNAISSANCE COMPLETE" and await further instructions. diff --git a/prompts/vuln-auth.txt b/prompts/vuln-auth.txt index 05f6154..bdbe71b 100644 --- a/prompts/vuln-auth.txt +++ b/prompts/vuln-auth.txt @@ -78,10 +78,13 @@ An **exploitable vulnerability** is a logical flaw in the code that represents a **Available Tools:** - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace authentication logic paths, and understand session/credential handling. MANDATORY for all source code analysis. -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe endpoint behavior and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script. - - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your analysis report:** `node save_deliverable.js AUTH_ANALYSIS 'your complete markdown report'` - - **For your exploitation queue:** `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": [...]}'` +- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation. + - **Parameters:** + - `deliverable_type`: "AUTH_ANALYSIS" or "AUTH_QUEUE" (required) + - `content`: Your markdown report or JSON queue (required) + - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure + - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically. +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows like password reset or registration. - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each endpoint/flow that needs analysis. Mark items as "in_progress" when working on them and "completed" when done. @@ -238,9 +241,9 @@ These components were analyzed and found to have robust defenses. They are low-p **Exploitation Queue (MANDATORY)** -Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script: -- **If vulnerabilities found:** Use `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": [...]}'` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. -- **If no vulnerabilities found:** Use `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": []}'`. +Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool: +- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_QUEUE"` and `content: {"vulnerabilities": [...]}` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. +- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_QUEUE"` and `content: {"vulnerabilities": []}`. - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access. This file serves as the handoff mechanism and must always be created to signal completion. @@ -249,9 +252,9 @@ This file serves as the handoff mechanism and must always be created to signal c **COMPLETION REQUIREMENTS (ALL must be satisfied):** 1. **Systematic Analysis:** ALL relevant API endpoints and user-facing features identified in the reconnaissance deliverable must be analyzed for AuthN/AuthZ flaws. -2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script: - - Analysis report: `node save_deliverable.js AUTH_ANALYSIS 'your report'` - - Exploitation queue: `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": [...]}'` +2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool: + - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_ANALYSIS"` and your report as `content` + - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_QUEUE"` and `content: {"vulnerabilities": [...]}` **ONLY AFTER** both systematic analysis AND successful deliverable generation, announce "**AUTH ANALYSIS COMPLETE**" and stop. diff --git a/prompts/vuln-authz.txt b/prompts/vuln-authz.txt index 0002f23..cf4dfb4 100644 --- a/prompts/vuln-authz.txt +++ b/prompts/vuln-authz.txt @@ -82,10 +82,13 @@ An **exploitable vulnerability** is a logical flaw in the code that represents a **Available Tools:** - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace authorization logic paths, and understand permission models. MANDATORY for all source code analysis. -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe endpoint behavior and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script. - - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your analysis report:** `node save_deliverable.js AUTHZ_ANALYSIS 'your complete markdown report'` - - **For your exploitation queue:** `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": [...]}'` +- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation. + - **Parameters:** + - `deliverable_type`: "AUTHZ_ANALYSIS" or "AUTHZ_QUEUE" (required) + - `content`: Your markdown report or JSON queue (required) + - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure + - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically. +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows and role-based access controls. - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each endpoint that needs authorization analysis. Mark items as "in_progress" when working on them and "completed" when done. @@ -342,9 +345,9 @@ examples: **Exploitation Queue (MANDATORY)** -Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script: -- **If vulnerabilities found:** Use `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": [...]}'` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. -- **If no vulnerabilities found:** Use `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": []}'`. +Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool: +- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_QUEUE"` and `content: {"vulnerabilities": [...]}` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. +- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_QUEUE"` and `content: {"vulnerabilities": []}`. - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access. This file serves as the handoff mechanism and must always be created to signal completion. @@ -353,9 +356,9 @@ This file serves as the handoff mechanism and must always be created to signal c **COMPLETION REQUIREMENTS (ALL must be satisfied):** 1. **Todo Completion:** ALL tasks in your TodoWrite list must be marked as "completed" -2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script: - - Analysis report: `node save_deliverable.js AUTHZ_ANALYSIS 'your report'` - - Exploitation queue: `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": [...]}'` +2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool: + - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_ANALYSIS"` and your report as `content` + - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_QUEUE"` and `content: {"vulnerabilities": [...]}` **ONLY AFTER** both todo completion AND successful deliverable generation, announce "**AUTHORIZATION ANALYSIS COMPLETE**" and stop. diff --git a/prompts/vuln-injection.txt b/prompts/vuln-injection.txt index b1c67ca..e1f182d 100644 --- a/prompts/vuln-injection.txt +++ b/prompts/vuln-injection.txt @@ -84,10 +84,13 @@ An **exploitable vulnerability** is a confirmed source-to-sink path where the en **Available Tools:** - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, map query/command construction paths, and verify sanitization coverage. MANDATORY for all source code analysis. -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe injection surfaces and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script. - - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your analysis report:** `node save_deliverable.js INJECTION_ANALYSIS 'your complete markdown report'` - - **For your exploitation queue:** `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'` +- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation. + - **Parameters:** + - `deliverable_type`: "INJECTION_ANALYSIS" or "INJECTION_QUEUE" (required) + - `content`: Your markdown report or JSON queue (required) + - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure + - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically. +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows like password reset or registration. - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each injection source that needs analysis. Mark items as "in_progress" when working on them and "completed" when done. @@ -361,10 +364,10 @@ These input vectors were traced and confirmed to have robust, context-appropriat **Exploitation Queue (MANDATORY)** -Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script: +Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool: -- **If vulnerabilities found:** Use `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'` with each exploitable injection vulnerability (verdict: "vulnerable") following the exploitation_queue_format -- **If no vulnerabilities found:** Use `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": []}'` +- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": [...]}` with each exploitable injection vulnerability (verdict: "vulnerable") following the exploitation_queue_format +- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": []}` This file serves as the handoff mechanism to the Exploitation phase and must always be created to signal completion of your analysis. @@ -373,9 +376,9 @@ This file serves as the handoff mechanism to the Exploitation phase and must alw **COMPLETION REQUIREMENTS (ALL must be satisfied):** 1. **Todo Completion:** ALL tasks in your TodoWrite list must be marked as "completed" -2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script: - - Analysis report: `node save_deliverable.js INJECTION_ANALYSIS 'your report'` - - Exploitation queue: `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'` +2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool: + - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_ANALYSIS"` and your report as `content` + - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": [...]}` **ONLY AFTER** both todo completion AND successful deliverable generation, announce "**INJECTION ANALYSIS COMPLETE**" and stop. diff --git a/prompts/vuln-ssrf.txt b/prompts/vuln-ssrf.txt index 0c89ea3..f347df4 100644 --- a/prompts/vuln-ssrf.txt +++ b/prompts/vuln-ssrf.txt @@ -77,10 +77,13 @@ An **exploitable vulnerability** is a data flow where user-controlled input infl **Available Tools:** - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace data flows, and understand HTTP client usage. MANDATORY for all source code analysis. -- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual HTTP requests with `curl` to test endpoint behavior and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script. - - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your analysis report:** `node save_deliverable.js SSRF_ANALYSIS 'your complete markdown report'` - - **For your exploitation queue:** `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": [...]}'` +- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation. + - **Parameters:** + - `deliverable_type`: "SSRF_ANALYSIS" or "SSRF_QUEUE" (required) + - `content`: Your markdown report or JSON queue (required) + - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure + - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically. +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows that might involve URL redirection or proxy functionality. - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each SSRF sink that needs analysis. Mark items as "in_progress" when working on them and "completed" when done. @@ -285,9 +288,9 @@ These components were analyzed and found to have robust defenses. They are low-p **Exploitation Queue (MANDATORY)** -Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script: -- **If vulnerabilities found:** Use `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": [...]}'` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. -- **If no vulnerabilities found:** Use `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": []}'`. +Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool: +- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_QUEUE"` and `content: {"vulnerabilities": [...]}` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. +- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_QUEUE"` and `content: {"vulnerabilities": []}`. - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access. This file serves as the handoff mechanism and must always be created to signal completion. @@ -296,9 +299,9 @@ This file serves as the handoff mechanism and must always be created to signal c **COMPLETION REQUIREMENTS (ALL must be satisfied):** 1. **Systematic Analysis:** ALL relevant API endpoints and request-making features identified in the reconnaissance deliverable must be analyzed for SSRF vulnerabilities. -2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script: - - Analysis report: `node save_deliverable.js SSRF_ANALYSIS 'your report'` - - Exploitation queue: `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": [...]}'` +2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool: + - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_ANALYSIS"` and your report as `content` + - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_QUEUE"` and `content: {"vulnerabilities": [...]}` **ONLY AFTER** both systematic analysis AND successful deliverable generation, announce "**SSRF ANALYSIS COMPLETE**" and stop. diff --git a/prompts/vuln-xss.txt b/prompts/vuln-xss.txt index dcc4041..50a26b6 100644 --- a/prompts/vuln-xss.txt +++ b/prompts/vuln-xss.txt @@ -82,10 +82,13 @@ An **exploitable vulnerability** is a confirmed source-to-sink path where the en - **Terminal (curl):** MANDATORY for testing HTTP-based XSS vectors and observing raw HTML responses. Use for reflected XSS testing and JSONP injection testing. - **{{MCP_SERVER}} (Playwright):** MANDATORY for testing DOM-based XSS and form submission vectors. Use for stored XSS testing and client-side payload execution verification. - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each sink you need to analyze. -- **Bash tool:** Your primary tool for executing shell commands. Use it for testing XSS vectors with `curl` and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script. - - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure. - - **For your analysis report:** `node save_deliverable.js XSS_ANALYSIS 'your complete markdown report'` - - **For your exploitation queue:** `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": [...]}'` +- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation. + - **Parameters:** + - `deliverable_type`: "XSS_ANALYSIS" or "XSS_QUEUE" (required) + - `content`: Your markdown report or JSON queue (required) + - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure + - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically. +- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed. @@ -268,13 +271,13 @@ These input vectors were traced and confirmed to have robust, context-appropriat ## Exploitation Queue (MANDATORY) -Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script. +Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool. - **If exploitable vulnerabilities found:** - Use `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": [...]}'` with each exploitable XSS vulnerability (verdict: "vulnerable") following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. + Use `save_deliverable` MCP tool with `deliverable_type: "XSS_QUEUE"` and `content: {"vulnerabilities": [...]}` with each exploitable XSS vulnerability (verdict: "vulnerable") following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access. - **If no exploitable vulnerabilities found:** - Use `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": []}'` + Use `save_deliverable` MCP tool with `deliverable_type: "XSS_QUEUE"` and `content: {"vulnerabilities": []}` - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access. @@ -285,9 +288,9 @@ This file is the mandatory handoff to the Exploitation phase. COMPLETION REQUIREMENTS (ALL must be satisfied): 1. Systematic Analysis: ALL input vectors identified from the reconnaissance deliverable must be analyzed. -2. Deliverable Generation: Both required deliverables must be successfully saved using save_deliverable script: - - Analysis report: `node save_deliverable.js XSS_ANALYSIS 'your report'` - - Exploitation queue: `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": [...]}'` +2. Deliverable Generation: Both required deliverables must be successfully saved using save_deliverable MCP tool: + - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "XSS_ANALYSIS"` and your report as `content` + - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "XSS_QUEUE"` and `content: {"vulnerabilities": [...]}` ONLY AFTER both systematic analysis AND successful deliverable generation, announce "XSS ANALYSIS COMPLETE" and stop. diff --git a/src/ai/claude-executor.js b/src/ai/claude-executor.js index d4c92b9..947ee30 100644 --- a/src/ai/claude-executor.js +++ b/src/ai/claude-executor.js @@ -1,15 +1,49 @@ import { $, fs, path } from 'zx'; import chalk from 'chalk'; -import { query } from '@anthropic-ai/claude-code'; +import { query } from '@anthropic-ai/claude-agent-sdk'; +import { fileURLToPath } from 'url'; +import { dirname } from 'path'; import { isRetryableError, getRetryDelay, PentestError } from '../error-handling.js'; import { ProgressIndicator } from '../progress-indicator.js'; import { timingResults, costResults, Timer, formatDuration } from '../utils/metrics.js'; import { createGitCheckpoint, commitGitSuccess, rollbackGitWorkspace } from '../utils/git-manager.js'; -import { AGENT_VALIDATORS } from '../constants.js'; +import { AGENT_VALIDATORS, MCP_AGENT_MAPPING } from '../constants.js'; import { filterJsonToolCalls, getAgentPrefix } from '../utils/output-formatter.js'; import { generateSessionLogPath } from '../session-manager.js'; import { AuditSession } from '../audit/index.js'; +import { createShannonHelperServer } from '../../mcp-server/src/index.js'; + +const __filename = fileURLToPath(import.meta.url); +const __dirname = dirname(__filename); + +/** + * Convert agent name to prompt name for MCP_AGENT_MAPPING lookup + * + * @param {string} agentName - Agent name (e.g., 'xss-vuln', 'injection-exploit') + * @returns {string} Prompt name (e.g., 'vuln-xss', 'exploit-injection') + */ +function agentNameToPromptName(agentName) { + // Special cases + if (agentName === 'pre-recon') return 'pre-recon-code'; + if (agentName === 'report') return 'report-executive'; + if (agentName === 'recon') return 'recon'; + + // Pattern: {type}-vuln → vuln-{type} + const vulnMatch = agentName.match(/^(.+)-vuln$/); + if (vulnMatch) { + return `vuln-${vulnMatch[1]}`; + } + + // Pattern: {type}-exploit → exploit-{type} + const exploitMatch = agentName.match(/^(.+)-exploit$/); + if (exploitMatch) { + return `exploit-${exploitMatch[1]}`; + } + + // Default: return as-is + return agentName; +} // Simplified validation using direct agent name mapping async function validateAgentOutput(result, agentName, sourceDir) { @@ -57,7 +91,7 @@ async function validateAgentOutput(result, agentName, sourceDir) { // - Output validation // - Prompt snapshotting for debugging // - Git checkpoint/rollback safety -async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context = '', description = 'Claude analysis', colorFn = chalk.cyan, sessionMetadata = null, auditSession = null, attemptNumber = 1) { +async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context = '', description = 'Claude analysis', agentName = null, colorFn = chalk.cyan, sessionMetadata = null, auditSession = null, attemptNumber = 1) { const timer = new Timer(`agent-${description.toLowerCase().replace(/\s+/g, '-')}`); const fullPrompt = context ? `${context}\n\n${prompt}` : prompt; let totalCost = 0; @@ -95,12 +129,50 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context console.log(chalk.blue(` 🤖 Running Claude Code: ${description}...`)); } + // Declare variables that need to be accessible in both try and catch blocks + let turnCount = 0; + try { + // Create MCP server with target directory context + const shannonHelperServer = createShannonHelperServer(sourceDir); + + // Look up agent's assigned Playwright MCP server + // Convert agent name (e.g., 'xss-vuln') to prompt name (e.g., 'vuln-xss') + let playwrightMcpName = null; + if (agentName) { + const promptName = agentNameToPromptName(agentName); + playwrightMcpName = MCP_AGENT_MAPPING[promptName]; + + if (playwrightMcpName) { + console.log(chalk.gray(` 🎭 Assigned ${agentName} → ${playwrightMcpName}`)); + } + } + + // Configure MCP servers: shannon-helper (SDK) + playwright-agentN (stdio) + const mcpServers = { + 'shannon-helper': shannonHelperServer, + }; + + // Add Playwright MCP server if this agent needs browser automation + if (playwrightMcpName) { + const userDataDir = `/tmp/${playwrightMcpName}`; + mcpServers[playwrightMcpName] = { + type: 'stdio', + command: 'npx', + args: ['@playwright/mcp@latest', '--isolated', '--user-data-dir', userDataDir], + env: { + ...process.env, + PLAYWRIGHT_HEADLESS: 'true', // Ensure headless mode for security and CI compatibility + }, + }; + } + const options = { model: 'claude-sonnet-4-5-20250929', // Use latest Claude 4.5 Sonnet maxTurns: 10_000, // Maximum turns for autonomous work cwd: sourceDir, // Set working directory using SDK option permissionMode: 'bypassPermissions', // Bypass all permission checks for pentesting + mcpServers, }; // SDK Options only shown for verbose agents (not clean output) @@ -110,7 +182,6 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context let result = null; let messages = []; - let turnCount = 0; let apiErrorDetected = false; // Start progress indicator for clean output agents @@ -118,9 +189,15 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context progressIndicator.start(); } - for await (const message of query({ prompt: fullPrompt, options })) { + + let messageCount = 0; + try { + for await (const message of query({ prompt: fullPrompt, options })) { + messageCount++; + if (message.type === "assistant") { turnCount++; + const content = Array.isArray(message.message.content) ? message.message.content.map(c => c.text || JSON.stringify(c)).join('\n') : message.message.content; @@ -290,6 +367,9 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context // Log any other message types we might not be handling console.log(chalk.gray(` 💬 ${message.type}: ${JSON.stringify(message, null, 2)}`)); } + } + } catch (queryError) { + throw queryError; // Re-throw to outer catch } const duration = timer.stop(); @@ -467,7 +547,7 @@ export async function runClaudePromptWithRetry(prompt, sourceDir, allowedTools = } try { - const result = await runClaudePrompt(prompt, sourceDir, allowedTools, retryContext, description, colorFn, sessionMetadata, auditSession, attempt); + const result = await runClaudePrompt(prompt, sourceDir, allowedTools, retryContext, description, agentName, colorFn, sessionMetadata, auditSession, attempt); // Validate output after successful run if (result.success) { diff --git a/src/setup/environment.js b/src/setup/environment.js index dbee8f7..ccd90a5 100644 --- a/src/setup/environment.js +++ b/src/setup/environment.js @@ -109,37 +109,8 @@ export async function setupLocalRepo(repoPath) { // Non-fatal - continue without Git setup } - // Copy tools to local repository for agent accessibility - try { - const toolsDir = path.join(import.meta.dirname, '..', '..', 'tools'); - - // Copy TOTP generation script - const totpScriptSource = path.join(toolsDir, 'generate-totp-standalone.mjs'); - const totpScriptDest = path.join(sourceDir, 'generate-totp.mjs'); - - if (await fs.pathExists(totpScriptSource)) { - await fs.copy(totpScriptSource, totpScriptDest); - await fs.chmod(totpScriptDest, '755'); // Make executable - console.log(chalk.green('✅ TOTP generation script copied to target repository')); - } else { - console.log(chalk.yellow('⚠️ TOTP script not found, authentication may fail if TOTP is required')); - } - - // Copy save_deliverable tool - const saveDeliverableSource = path.join(toolsDir, 'save_deliverable.js'); - const saveDeliverableDest = path.join(sourceDir, 'save_deliverable.js'); - - if (await fs.pathExists(saveDeliverableSource)) { - await fs.copy(saveDeliverableSource, saveDeliverableDest); - await fs.chmod(saveDeliverableDest, '755'); // Make executable - console.log(chalk.green('✅ save_deliverable tool copied to target repository')); - } else { - console.log(chalk.yellow('⚠️ save_deliverable tool not found, deliverable creation may fail')); - } - } catch (toolError) { - console.log(chalk.yellow(`⚠️ Failed to copy tools: ${toolError.message}`)); - // Non-fatal - continue without tools - } + // MCP tools (save_deliverable, generate_totp) are now available natively via shannon-helper MCP server + // No need to copy bash scripts to target repository return sourceDir; } catch (error) { diff --git a/tools/generate-totp-standalone.mjs b/tools/deprecated/generate-totp-standalone.mjs similarity index 100% rename from tools/generate-totp-standalone.mjs rename to tools/deprecated/generate-totp-standalone.mjs diff --git a/tools/save_deliverable.js b/tools/deprecated/save_deliverable.js similarity index 100% rename from tools/save_deliverable.js rename to tools/deprecated/save_deliverable.js