Skip to content

Commit e9d5161

Browse files
Zenith1415Zenith1415
committed
bug fixes
1 parent e0d0e89 commit e9d5161

5 files changed

Lines changed: 98 additions & 27 deletions

File tree

.github/workflows/shieldci.yml

Lines changed: 28 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,11 @@
11
name: ShieldCI Security Scan
22

33
on:
4+
push:
5+
branches: [main, master]
46
pull_request:
57
branches: [main, master]
8+
workflow_dispatch:
69

710
jobs:
811
shieldci-scan:
@@ -13,81 +16,79 @@ jobs:
1316
- name: Checkout target repository
1417
uses: actions/checkout@v4
1518

16-
- name: Get PR metadata
19+
- name: Gather metadata
1720
id: meta
1821
run: |
1922
echo "repo=${{ github.repository }}" >> "$GITHUB_OUTPUT"
20-
echo "branch=${{ github.head_ref }}" >> "$GITHUB_OUTPUT"
21-
echo "commit=${{ github.event.pull_request.head.sha }}" >> "$GITHUB_OUTPUT"
22-
echo "commit_msg=$(git log -1 --pretty=%s 2>/dev/null || echo 'PR scan')" >> "$GITHUB_OUTPUT"
23+
if [ "${{ github.event_name }}" = "pull_request" ]; then
24+
echo "branch=${{ github.head_ref }}" >> "$GITHUB_OUTPUT"
25+
echo "commit=${{ github.event.pull_request.head.sha }}" >> "$GITHUB_OUTPUT"
26+
echo "trigger=PR" >> "$GITHUB_OUTPUT"
27+
else
28+
echo "branch=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
29+
echo "commit=${{ github.sha }}" >> "$GITHUB_OUTPUT"
30+
echo "trigger=${{ github.event_name }}" >> "$GITHUB_OUTPUT"
31+
fi
32+
echo "commit_msg=$(git log -1 --pretty=%s 2>/dev/null || echo 'scan')" >> "$GITHUB_OUTPUT"
2333
2434
- name: Check ShieldCI engine is available
2535
run: |
2636
if [ ! -f "$HOME/Desktop/ShieldCI/target/release/shield-ci" ]; then
27-
echo "ERROR: ShieldCI engine not found at ~/Desktop/ShieldCI/target/release/shield-ci"
28-
echo "Please build the engine first: cd ~/Desktop/ShieldCI && cargo build --release"
37+
echo "ERROR: ShieldCI engine not found"
2938
exit 1
3039
fi
3140
32-
- name: Copy shieldci.yml to engine tests directory
41+
- name: Copy shieldci.yml config
3342
run: |
3443
if [ -f "shieldci.yml" ]; then
3544
cp shieldci.yml "$HOME/Desktop/ShieldCI/tests/shieldci.yml"
36-
echo "Copied shieldci.yml config"
37-
else
38-
echo "No shieldci.yml found in repo root, engine will auto-detect"
3945
fi
4046
41-
- name: Copy target repo to engine tests directory
47+
- name: Copy target repo to engine
4248
run: |
4349
rm -rf "$HOME/Desktop/ShieldCI/tests/repo"
4450
cp -r "$GITHUB_WORKSPACE" "$HOME/Desktop/ShieldCI/tests/repo"
4551
4652
- name: Run ShieldCI engine
4753
id: scan
48-
working-directory: ${{ env.HOME }}/Desktop/ShieldCI/tests
4954
run: |
5055
START_TIME=$(date +%s)
5156
cd "$HOME/Desktop/ShieldCI/tests"
5257
"$HOME/Desktop/ShieldCI/target/release/shield-ci" 2>&1 | tee scan_output.log || true
5358
END_TIME=$(date +%s)
54-
DURATION=$((END_TIME - START_TIME))
55-
echo "duration=${DURATION}s" >> "$GITHUB_OUTPUT"
59+
echo "duration=$((END_TIME - START_TIME))s" >> "$GITHUB_OUTPUT"
5660
5761
- name: Push results to ShieldCI dashboard
5862
if: always()
5963
env:
60-
SHIELDCI_API_URL: ${{ secrets.SHIELDCI_API_URL }}
61-
SHIELDCI_API_KEY: ${{ secrets.SHIELDCI_API_KEY }}
64+
SHIELDCI_API_URL: http://localhost:3000
65+
SHIELDCI_API_KEY: fc09420a3737855a3094ff7831a6219565cee6777a0fbeec
6266
SHIELDCI_REPO: ${{ steps.meta.outputs.repo }}
6367
SHIELDCI_BRANCH: ${{ steps.meta.outputs.branch }}
6468
SHIELDCI_COMMIT: ${{ steps.meta.outputs.commit }}
6569
SHIELDCI_COMMIT_MSG: ${{ steps.meta.outputs.commit_msg }}
6670
SHIELDCI_DURATION: ${{ steps.scan.outputs.duration }}
67-
SHIELDCI_TRIGGERED_BY: PR
68-
SHIELDCI_RESULTS_FILE: ${{ env.HOME }}/Desktop/ShieldCI/tests/shield_results.json
71+
SHIELDCI_TRIGGERED_BY: ${{ steps.meta.outputs.trigger }}
72+
SHIELDCI_RESULTS_FILE: ${{ runner.temp }}/../../../Desktop/ShieldCI/tests/shield_results.json
6973
run: |
74+
export SHIELDCI_RESULTS_FILE="$HOME/Desktop/ShieldCI/tests/shield_results.json"
7075
python3 "$HOME/Desktop/ShieldCI/push_results.py"
7176
7277
- name: Post scan summary as PR comment
73-
if: always()
78+
if: github.event_name == 'pull_request'
7479
uses: actions/github-script@v7
7580
with:
7681
script: |
7782
const fs = require('fs');
78-
const reportPath = `${process.env.HOME}/Desktop/ShieldCI/tests/SHIELD_REPORT.md`;
83+
const reportPath = process.env.HOME + '/Desktop/ShieldCI/tests/SHIELD_REPORT.md';
7984
let report = 'Scan completed but no report was generated.';
8085
try {
8186
report = fs.readFileSync(reportPath, 'utf8');
82-
if (report.length > 60000) {
83-
report = report.substring(0, 60000) + '\n\n... (truncated)';
84-
}
85-
} catch (e) {
86-
report = 'Could not read scan report.';
87-
}
87+
if (report.length > 60000) report = report.substring(0, 60000) + '\n\n... (truncated)';
88+
} catch (e) { report = 'Could not read scan report.'; }
8889
await github.rest.issues.createComment({
8990
issue_number: context.issue.number,
9091
owner: context.repo.owner,
9192
repo: context.repo.repo,
92-
body: `## 🛡️ ShieldCI Security Scan Results\n\n${report}`
93+
body: '## 🛡️ ShieldCI Security Scan Results\n\n' + report
9394
});

run.sh

100644100755
File mode changed.

tests/repo

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Subproject commit 3b1a242503eca3fad343beb1ffb8d063c0ed4dab

tests/scan_output.log

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
🛡️ Booting ShieldCI Orchestrator...
2+
📋 Loaded shieldci.yml configuration
3+
⚙️ Running build: npm install
4+
5+
up to date, audited 192 packages in 780ms
6+
7+
26 packages are looking for funding
8+
run `npm fund` for details
9+
10+
7 vulnerabilities (2 low, 5 high)
11+
12+
To address all issues (including breaking changes), run:
13+
npm audit fix --force
14+
15+
Run `npm audit` for details.
16+
🚀 Launching Node.js server on http://127.0.0.1:3000...
17+
⏳ Waiting for target http://127.0.0.1:3000 to come online...
18+
✅ Target is up and responding!
19+
Recursively flattening codebase for full context...
20+
21+
📋 Test Plan (5 tests):
22+
1. [RECON: Port Scan] nmap_scan → http://host.docker.internal:3000
23+
2. [RECON: Security Headers] check_headers → http://host.docker.internal:3000
24+
3. [VULN SCAN: Web Server] nikto_scan → http://host.docker.internal:3000
25+
4. [DISCOVERY: Hidden Paths] gobuster_scan → http://host.docker.internal:3000
26+
5. [SQLi: GET /login] sqlmap_scan → http://host.docker.internal:3000/login?username=test
27+
28+
--- Test 1/5: RECON: Port Scan ---
29+
🤝 Initiating MCP Handshake & Strike: nmap_scan on http://host.docker.internal:3000
30+
[03/07/26 02:05:52] INFO Processing request of type server.py:720
31+
CallToolRequest
32+
33+
--- Test 2/5: RECON: Security Headers ---
34+
🤝 Initiating MCP Handshake & Strike: check_headers on http://host.docker.internal:3000
35+
[03/07/26 02:05:53] INFO Processing request of type server.py:720
36+
CallToolRequest
37+
38+
--- Test 3/5: VULN SCAN: Web Server ---
39+
🤝 Initiating MCP Handshake & Strike: nikto_scan on http://host.docker.internal:3000
40+
[03/07/26 02:05:54] INFO Processing request of type server.py:720
41+
CallToolRequest
42+
43+
--- Test 4/5: DISCOVERY: Hidden Paths ---
44+
🤝 Initiating MCP Handshake & Strike: gobuster_scan on http://host.docker.internal:3000
45+
[03/07/26 02:06:08] INFO Processing request of type server.py:720
46+
CallToolRequest
47+
48+
--- Test 5/5: SQLi: GET /login ---
49+
🤝 Initiating MCP Handshake & Strike: sqlmap_scan on http://host.docker.internal:3000/login?username=test
50+
[03/07/26 02:06:09] INFO Processing request of type server.py:720
51+
CallToolRequest
52+
53+
--- Adaptive Strike 1 ---
54+
🧠 Invoking local model via Ollama API...
55+
🤝 Initiating MCP Handshake & Strike: sqlmap_scan on http://host.docker.internal:3000/login?username=admin'} OR '1'='1
56+
[03/07/26 02:06:17] INFO Processing request of type server.py:720
57+
CallToolRequest
58+
59+
--- Adaptive Strike 2 ---
60+
🧠 Invoking local model via Ollama API...
61+
🤝 Initiating MCP Handshake & Strike: sqlmap_scan on http://host.docker.internal:3000/login?username=test
62+
[03/07/26 02:06:24] INFO Processing request of type server.py:720
63+
CallToolRequest
64+
📝 Compiling final security assessment...

tests/shield_results.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
{
2+
"status": "Clean",
3+
"vulnerabilities": [],
4+
"report_markdown": "I can assist you in identifying potential security vulnerabilities in the provided code snippets. However, I need you to provide the specific code snippets that you believe are vulnerable. Please paste the relevant code from the provided files, and I'll guide you through the vulnerabilities and suggest corrected versions.\n\nSince you haven't provided any code yet, I'll give you an example of how I would approach this task. Let's say you provide the following code snippet from the `app.js` file:\n\n```javascript\n// 2. 🚨 THE SQL INJECTION VULNERABILITY 🚨\napp.get('/login', (req, res) => {\n const user = req.query.username || '';\n const query = \"SELECT * FROM users WHERE username = '\" + user + \"'\";\n \n db.get(query, (err, row) => {\n if (row) res.send(`Welcome ${row.username}!`);\n else res.status(401).send(\"Invalid\");\n });\n});\n```\n\n**Vulnerability:** SQL Injection\n\n**Description:** The code is vulnerable to SQL injection attacks. The `username` parameter is directly inserted into the SQL query without any sanitization or parameterization. This allows an attacker to inject malicious SQL code by manipulating the `username` query parameter.\n\n**Corrected Version:**\n\n```javascript\n// 2. 🚨 THE SQL INJECTION VULNERABILITY 🚨 (Corrected)\napp.get('/login', (req, res) => {\n const user = req.query.username || '';\n const query = \"SELECT * FROM users WHERE username = ?\";\n \n db.get(query, [user], (err, row) => {\n if (row) res.send(`Welcome ${row.username}!`);\n else res.status(401).send(\"Invalid\");\n });\n});\n```\n\nIn the corrected version, we use a parameterized query with a placeholder (`?`) for the `username` parameter. We then pass the `user` variable as an array to the `db.get()` method. This prevents SQL injection attacks.\n\nPlease provide the specific code snippets you'd like me to review, and I'll guide you through the vulnerabilities and suggest corrected versions."
5+
}

0 commit comments

Comments
 (0)