update
This commit is contained in:
SechPoint
parent
9983722428
commit
7b16a8c482
2 changed files with 25 additions and 22 deletions
21
README.md
21
README.md
|
|
@ -4,19 +4,10 @@ This repository contains automated scripts to deploy the Wallarm Filtering Node
|
|||
|
||||
**Repository:** `https://git.sechpoint.app/customer-engineering/wallarm`
|
||||
|
||||
---
|
||||
|
||||
## 🚦 Step 1: Mandatory Pre-Flight Diagnostic
|
||||
|
||||
Before attempting any installation, you **must** verify the environment. Banks often have strict egress filters. This script verifies sudo access, required tools, and connectivity to Wallarm Cloud IPs.
|
||||
|
||||
**Run the interactive diagnostic:**
|
||||
|
||||
## Download and run the Deployment Script
|
||||
### for Container (Docker) deployments:
|
||||
```bash
|
||||
# Download and run the pre-flight test
|
||||
curl -sL "[https://git.sechpoint.app/customer-engineering/wallarm/-/raw/main/pre-deployment-test.sh](https://git.sechpoint.app/customer-engineering/wallarm/-/raw/main/pre-deployment-test.sh)" -o pre-deployment-test.sh
|
||||
chmod +x pre-deployment-test.sh
|
||||
./pre-deployment-test.sh
|
||||
|
||||
|
||||
curl -sL "https://git.sechpoint.app/customer-engineering/wallarm/-/raw/main/wallarm-deploy-ct.sh" > wallarm-deploy-ct.sh
|
||||
curl -sL "https://git.sechpoint.app/customer-engineering/wallarm/-/raw/main/wallarm-deploy-ct.sh" > wallarm-deploy-ct.sh
|
||||
chmod +x wallarm-deploy-ct.sh
|
||||
./wallarm-deploy-ct.sh
|
||||
```
|
||||
|
|
@ -191,11 +191,12 @@ EOF
|
|||
fi
|
||||
}
|
||||
|
||||
# --- 5. VERIFICATION ---
|
||||
# --- 5. VERIFICATION & ATTACK TEST ---
|
||||
|
||||
verify_health() {
|
||||
echo -e "\n${YELLOW}⏳ Waiting 15s for handshake...${NC}"
|
||||
sleep 15
|
||||
echo -e "\n${YELLOW}⏳ Waiting 20s for handshake and sync...${NC}"
|
||||
sleep 20
|
||||
|
||||
echo -en "Checking instance status page (port $MONITOR_PORT)... "
|
||||
if curl -s "http://localhost:$MONITOR_PORT/wallarm-status" | grep -q "requests"; then
|
||||
echo -e "${GREEN}SUCCESS${NC}"
|
||||
|
|
@ -204,14 +205,25 @@ verify_health() {
|
|||
echo -e "Check logs with: sudo $ENGINE logs $NODE_NAME"
|
||||
fi
|
||||
|
||||
echo -e "\n${YELLOW}⚔️ Running Attack Test (SQLi & XSS)...${NC}"
|
||||
|
||||
# Test 1: SQL Injection
|
||||
echo -n "Sending SQLi payload to port $TRAFFIC_PORT... "
|
||||
local sqli_res=$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:$TRAFFIC_PORT/?id='OR+1=1+UNION+SELECT+1,2,3--")
|
||||
echo -e "HTTP Status: $sqli_res (Logged)"
|
||||
|
||||
# Test 2: XSS
|
||||
echo -n "Sending XSS payload to port $TRAFFIC_PORT... "
|
||||
local xss_res=$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:$TRAFFIC_PORT/?search=<script>alert('Wallarm_Test')</script>")
|
||||
echo -e "HTTP Status: $xss_res (Logged)"
|
||||
|
||||
echo -e "\n${GREEN}✅ DEPLOYMENT FINISHED${NC}"
|
||||
echo -e "--------------------------------------------------"
|
||||
echo -e "Instance ID: $INSTANCE_NUM"
|
||||
echo -e "Directory: $INSTANCE_DIR"
|
||||
echo -e "Container Name: $NODE_NAME"
|
||||
echo -e "Traffic Port: $TRAFFIC_PORT (Forwarded to $UPSTREAM_IP:$UPSTREAM_PORT)"
|
||||
echo -e "Traffic Port: $TRAFFIC_PORT"
|
||||
echo -e "Monitor Port: $MONITOR_PORT"
|
||||
echo -e "Log File: $LOG_FILE"
|
||||
echo -e "\nCheck your Wallarm Console ($CLOUD_SEL Cloud) now."
|
||||
echo -e "The attacks should appear in the 'Events' section within 1-2 minutes."
|
||||
echo -e "--------------------------------------------------"
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue