| Follow @lancinimarco

Reading time ~1 minute

Needle meets Jenkins: how to include Needle in your CI pipeline

The latest 2 releases of Needle were focused on providing features essential for its integration within a CI pipeline.

  • Needle v1.1.0 introduced automatic issue detection: modules will now automatically detect and keep track of issues in the target app. All the issues are going to be stored in an SQLite database contained in the chosen output directory (named issues.db)
  • Needle v1.2.0 introduced non-interactive mode: a new command line interface (needle-cli.py) will now allow to completely script Needle.

These 2 features made it possible to create the PoC below, where needle has been integrated with Jenkins.

PoC

  • Connect a Jailbroken iDevice to the machine running Jenkins (either via USB or WiFi) and start the needle agent (see the Quick Start Guide for details)

  • Create a new Jenkins project:

Image: Jenkins Project.

  • Add an “Execute Shell” step under the Build process:

Image: Execute Shell Script.

First, run needle in non-interactive mode, specifying the output folder, the target app, and all the modules you want to have executed (see Non-Interactive mode on the Wiki for a full list of options):

python ~/needle/needle/needle-cli.py
        -g OUTPUT_FOLDER=/tmp/needle/
        -g SKIP_OUTPUT_FOLDER_CHECK=True
        -g APP=mwr.ios.dvia
        -m binary/info/metadata
        -m binary/info/compilation_checks

As a quick PoC, the “issues.db” database could be checked for the presence of vulnerabilities: if so, the build could be marked as a fail. Note that a more complex logic could be used to determine if the build should be failed.

issues=$(sqlite3 -batch /tmp/needle/issues.db "select * from issues")
if [ -n "$issues" ]; then
    echo "ISSUES IDENTIFIED";
    # Fail the build
    exit 1;
else
    echo "No Issues Identified";
fi
  • When a build is run, the shell script will kick in and run needle against the target app:

Image: Run the build.

Image: Run the build.

Marco Lancini

Marco Lancini
Hi, I'm Marco Lancini. I'm a Security Engineer, mainly interested in cloud native technologies, devops, and network security...  

Currently Working On

Currently, my areas of focus are two: cloud native tech and red teaming. Here is a short list of what I’m currently working on in my spare time.

  1. Cloud Native Tech
    • Cloud Security (AWS, Azure, GCP)
    • Container Security (docker, kubernetes)
      1. So I Heard You Want to Learn Kubernetes -- An attempt to demystify the perception by which Kubernetes is believed to be too hard to even get started, by walking through the journey I undertook to get the basics first, and later to focus on the security aspects.
      2. My Arsenal of Cloud Native (Security) Tools -- A curated list of (security) tools that can help assessing the security of AWS, Docker, Kubernetes, and even Git repositories.
    • Infrastructure-as-Code (Consul, Vault, Packer, Terraform, Ansible)
      1. Docker + Consul + Vault: A Practical Guide -- How to use docker-compose to spin up a Vault instance backed by Consul.
      2. Offensive Infrastructure with Modern Technologies -- An N-part blog post series, to record my journey and the lessons learned while building a secure, disposable, and completely automated infrastructure to be used in offensive operations.
  2. Red Teaming
    • Techniques
      1. Red Teaming Mind Map from The Hacker Playbook 3 -- A high-level mind map to summarize all the techniques/tools covered by Peter Kim’s book.
    • Tooling
      1. Offensive ELK -- Custom Elasticsearch setup, aiming to show how traditional defensive tools can be effectively used for offensive security data analysis, helping your team collaborate and triage scan results.
      2. GoScan -- An interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap.
      3. Robtex-Go -- A library that provides a little wrapper over such APIs, and can be quickly integrated in any other Go codebase.
Continue reading