yandex/gixy: Nginx configuration static analyzer

README.md

Mozilla Public License 2.0 Build Status Your feedback is greatly appreciated GitHub issues GitHub pull requests

image

Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection.

Currently supported Python versions are 2.7 and 3.5+.

Disclaimer: Gixy is well tested only on GNU/Linux, other OSs may have some issues.

Right now Gixy can find:

You can find things that Gixy is learning to detect at Issues labeled with "new plugin"

Gixy is distributed on PyPI. The best way to install it is with pip:

pip install gixy

Run Gixy and check results:

By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf.

But you can always specify needed path:

$ gixy /etc/nginx/nginx.conf

==================== Results ===================

Problem: [http_splitting] Possible HTTP-Splitting vulnerability.
Description: Using variables that can contain "\n" may lead to http injection.
Additional info: https://github.com/yandex/gixy/blob/master/docs/ru/plugins/httpsplitting.md
Reason: At least variable "$action" can contain "\n"
Pseudo config:
include /etc/nginx/sites/default.conf;

        server {

                location ~ /v1/((?<action>[^.]*)\.json)?$ {
                        add_header X-Action $action;
                }
        }


==================== Summary ===================
Total issues:
    Unspecified: 0
    Low: 0
    Medium: 0
    High: 1

Or skip some tests:

$ gixy --skips http_splitting /etc/nginx/nginx.conf

==================== Results ===================
No issues found.

==================== Summary ===================
Total issues:
    Unspecified: 0
    Low: 0
    Medium: 0
    High: 0

Or something else, you can find all other gixy arguments with the help command: gixy --help

Docker usage

Gixy is available as a Docker image from the Docker hub. To use it, mount the configuration that you want to analyse as a volume and provide the path to the configuration file when running the Gixy image.

$ docker run --rm -v `pwd`/nginx.conf:/etc/nginx/conf/nginx.conf yandex/gixy /etc/nginx/conf/nginx.conf

If you have an image that already contains your nginx configuration, you can share the configuration with the Gixy container as a volume.

$  docker run --rm --name nginx -d -v /etc/nginx
nginx:alpinef68f2833e986ae69c0a5375f9980dc7a70684a6c233a9535c2a837189f14e905

$  docker run --rm --volumes-from nginx yandex/gixy /etc/nginx/nginx.conf

==================== Results ===================
No issues found.

==================== Summary ===================
Total issues:
    Unspecified: 0
    Low: 0
    Medium: 0
    High: 0


Contributions to Gixy are always welcome! You can help us in different ways:

  • Open an issue with suggestions for improvements and errors you're facing;
  • Fork this repository and submit a pull request;
  • Improve the documentation.

Code guidelines:

  • Python code style should follow pep8 standards whenever possible;
  • Pull requests with new plugins must have unit tests for it.

为您推荐了相关的技术文章:

  1. Linux Post Exploitation Command List · mubix/post-exploitation Wiki · GitHub
  2. The Ultimate Fake Access Point [Walkthrough] - rootsh3ll
  3. austin-taylor/VulnWhisperer: Create actionable data from your Vulnerability Scans
  4. web敏感资产fuzz – Cnnetarmy
  5. Windows Privilege Escalation Guide

原文链接: github.com