2018/8/27 VulsࡇΓ #4 ϥϯαʔζגࣜձࣾ 43&ʗ҆ୡྋ ͋ͩͪ Μ 3෼ؒͰ vuls scanͱreportͰ͖Δͷ͔ νϟϨϯδ!!!

2018/8/27 VulsࡇΓ #4 ࣗݾ঺հ

2018/8/27 VulsࡇΓ #4 ࣗݾ঺հ ɾ҆ୡ ྋ(͋ͩͪΜ) 29sai ɾϥϯαʔζ/SREνʔϜ Πϯϑϥ(AWS)/෼ੳج൫/PHPόʔδϣϯΞοϓ ɾBlog:https://blog.adachin.me ɾTwitterɿ@adachin0817 ɾϥδΦ:https://soundcloud.com/ryo-adachi-3 ɾࣗশΤόϯδΣϦετ/޿ใ/ίϯτϦϏϡʔλʔ ɾVuls৽ػೳ/όάͳͲͷBlog up(20هࣄ)!! ɾVulsRepo initϑΝΠϧରԠ(2017/10) ɾVuls ChatWork௨஌ରԠ(2018/4)

2018/8/27 VulsࡇΓ #4 ݱࡏVulsؔ࿈Ͱௐ͍ࠪͯ͠Δ͜ͱ

7VMTࡇΓ Install with Ansible(security-automation-with-ansible-2) https://github.com/RVIRUS0817/ansible_vuls security-automation-with-ansible-2 ߏங͸Ͱ͖͕ͨɺvuls scan͕Ͱ͖ͳ͍ͬ

2018/8/27 VulsࡇΓ #4 ϥϯαʔζͰͷVulsӡ༻

7VMTࡇΓ ϥϯαʔζͰ੬ऑੑεΩϟφVulsΛಋೖ͠·ͨ͠!!!! https://engineer.blog.lancers.jp/2018/06/lancers-vuls/ ϥϯαʔζͰͷVulsӡ༻ʹ͍ͭͯ͸ಡΜͰ͍ͩ͘͞ʂʂ

2018/8/27 VulsࡇΓ #4 ͱ͍͏Θ͚Ͱ

2018/8/27 VulsࡇΓ #4 ࠓճ͸ॳ৺ऀ޲͚ VulsϋϯζΦϯΛ΍Γ·͢

2018/8/27 VulsࡇΓ #4 ͔͠΋3෼Ͱʂʂʂʂ (खಈͰίϐϖ˕/γΣϧ൓ଇ☓)

2018/8/27 VulsࡇΓ #4 ͜Ε͸·͞ʹʂʂʂʂ

2018/8/27 VulsࡇΓ #4 ʮ3෼ؒ଴ͬͯ΍Δʯ

2018/8/27 VulsࡇΓ #4 ■ࠓճ΍Δ͜ͱ 1.Vuls docker run(ىಈ) 2.ϩʔΧϧϗετΛεΩϟϯ (vuls scan) 3.Slack/ChatWorkʹϨϙʔτ (vuls report) ׻੠!!

2018/8/27 VulsࡇΓ #4 ͷલʹʂʂʂ

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷ આ໌ͤͯ͞ʂʂ

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌ https://blog.adachin.me/archives/8042 ʮ[docker][dev]Vulsͷ։ൃ؀ڥ࡞Γ·͍͍͍͍͍͍ͨͥ͌͠!!ʯ

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌(؀ڥͱdocker run) https://hub.docker.com/r/tvirus17/vuls_centos7/ ■Environment ɾCentOS7 ɾgo version go1.10.1 linux/amd64 ɾvuls v0.4.2 d785fc2 ɾgo-cve-dictionary v0.1.1 c2bcc41 ⇛ ੬ऑੑ৘ใͷσʔλΛDBʹऔΓࠐΈ؅ཧ͢ΔͨΊͷπʔϧ ɾgoval-dictionary 0b28496 (Alpine,redhat/centos,ubuntu) ⇛ OVAL(Open Vulnerability and Assessment Language)XMLͰͰ͖ͯΔ ϩʔΧϧʹίϐʔͯ͠Ϗϧυ͢Δπʔϧ

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌(docker run) ■docker pull/docker run $ docker pull tvirus17/vuls_centos7 $ docker run -h "vuls_centos7" -e TZ=Asia/ Tokyo --privileged -d --name vuls_centos7 tvirus17/vuls_centos7 /sbin/init

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌(ઃఆϑΝΠϧ) ■Vuls files $ docker exec -it vuls_centos7 bash [root@vuls_centos7 /]# sudo su vuls [vuls@vuls_centos7]# cd [vuls@fc4413dce445 vuls]$ ll vuls total 990580 -rw-rw-r-- 1 vuls vuls 148 Apr 2 19:42 config.toml -rw-r--r-- 1 vuls vuls 918818816 Apr 2 17:57 cve.sqlite3 -rw-r--r-- 1 vuls vuls 32768 Apr 2 19:42 cve.sqlite3-shm -rw-r--r-- 1 vuls vuls 0 Apr 2 18:21 cve.sqlite3-wal -rw-r--r-- 1 vuls vuls 95490048 Apr 2 19:41 oval.sqlite3 drwx------ 1 vuls vuls 4096 Apr 2 19:42 results

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌(config.tomlʹ͍ͭͯ) ■config.toml [slack] legacyToken = " "#slack api channel = " "#slackͷνϟϯωϧΛࢦఆ iconEmoji = " "#ֆจࣈ(ͳΜͰ΋) authUser = " "#vuls-user(ͳΜͰ΋) [chatwork] room = " " #URL൪߸ apiToken = " " #Apiࢦఆ [servers] #ࠓճ͸ϩʔΧϧϗετΛࢦఆ [servers.localhost] host = "localhost" port = "local"

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌(ࣗಈόʔδϣϯΞοϓ) ■Vuls Update https://blog.adachin.me/archives/8861

2018/8/27 VulsࡇΓ #4 Vuls։ൃ؀ڥ(Docker)ͷઆ໌(vuls scan,report) ■update goval-dictionary $ goval-dictionary fetch-redhat 5 6 7 ■vuls scan,vuls report $ vuls scan $ vuls report -format-short-text -format-json -to-slack -to- chatwork -lang=ja -ignore-unfixed -cvss-over=7 Ҏ্!!!!!!

2018/8/27 VulsࡇΓ #4 ΍Γ·ͬͤ!!!!!!! ४උ͠·͢(ͪΐΜ·͛͞ΜλΠϜਤͬͯ)

2018/8/27 VulsࡇΓ #4

2018/8/27 VulsࡇΓ #4 ·ͱΊ ɾҙ֎ͱͰ͖ͨ ɾॳ৺ऀ͞Μʹ΋Πϝʔδ͕༙͍ͨ͸ͣ ɾखಈͰscanͱreportΛ͍͕ͯͨ͠γΣϧܳʹ͢Δͷ͕⭕ https://github.com/RVIRUS0817/shellscripts/blob/master/vuls_script/vuls_autoscan.sh ɾ·ͩ·ͩ։ൃ͠ʹ͍͘ίϯςφ(Ϛ΢ϯτͰ͖ͳ͍) ɾdocker-composeͰߏங͢Δʂ ɾΈͳ͞Μ΋OSS׆ಈ͠Α͏ʂ ɾVulsίϯτϦϏϡʔλʔʹͳΖ͏!!!

2018/8/27 VulsࡇΓ #4 ΤϯδχΞٻΉ!!!!!!!!!!!!!!!!!!!!!!! ɾΤϯδχΞٻΉ!!!!!!!!!!!!!!!!!!! https://www.wantedly.com/companies/lancers/projects

2018/8/27 VulsࡇΓ #4 ͝ਗ਼ௌ ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂʂ