Scan Web Application

Scan Web Application mode runs the K2agent, crawls and scans the application completely. It will list all the vulnerable APIs present in the application.

Scan Web Application

scan-web-application command will scan the application for potential exploits using the K2 component. It will provide complete summary of the scan.

scan-web-application will set up the K2 Component if not present .

Options

Note: The options marked with ** are MANDATORY.

Option

Description

**--applicationIdentifier

This is an identifier JSON string that is used to detect the application attachment with the K2 Component. - For applications deployed on host, use this format: {"pid":"application_pid"} - For applications deployed on Docker container, use this format: {"containerid":"application_container_id", "pid":"application_pid"}

--isAuthRequired

Set this to true when application has authenticated routes.

--applicationLoginUrl

Provide the URL of the login page when --isAuthRequired is set to true

**--applicationUrl

The URLs pointing to the application.

--applicationLoginIdentifier

Provide the application login identifier when --isAuthRequired is set to true. How to prepare the application login identifier?

--ignoreUrl

Provide a list of keywords/URLs that will be ignored while crawling.

--allowedDomain

Provide a list of domains that will be considered while crawling.

--k2email

Provide the registered K2 email. The default value is set to installer@k2io.com.

--k2password

Provide the password corresponding to the registered K2 email.

--k2GroupName

Provide the Policy group name. The default is set to IAST.

--k2GroupEnv

Provide the Deployment environment of the policy group name other than PRODUCTION. The default is set to IAST.

--k2Cloud

Provide the K2 cloud URL. By default, it is set to https://k2io.net.

--k2icDirectoryPath

The directory path where you want all the K2 related stuff to be downloaded. Default value is set to ${HOME}/k2-ic

--config

Provide the config file path. How to setup config file?

Commands

Make sure that K2HackBot is setup correctly at this point before running scan-web-application commands.

Command to display the help page:

$ k2hackbot scan-web-application --help

  --applicationLoginUrl TEXT      Provide Login Url for your application.
                                  
                                  Eg. k2hackbot scan-web-application
                                  --applicationLoginUrl
                                  https://myapplication.com/login

  --applicationIdentifier TEXT    [REQUIRED] Provide ContainerID/PID of
                                  Application Hosted in Docker/Host
                                  environment. Provide application Identifier
                                  string within single quotes in given format:
                                  
                                  '{"containerid":"application_container_id","
                                  pid":application_pid}'.
                                  
                                  Eg. k2hackbot scan-web-application
                                  -applicationIdentifier
                                  '{"containerid":"123456789abc","pid":4321}'

  --isAuthRequired BOOLEAN        If your applications requires authentication
                                  using login.
                                  
                                  Eg. k2hackbot scan-web-application
                                  --isAuthRequired true

  --applicationUrl TEXT           [REQUIRED] Provide Application URls to be
                                  crawled.
                                  
                                  Eg. k2hackbot scan-web-application
                                  --applicationUrl http://myapplication.com

  --applicationLoginIdentifier TEXT
                                  If your Application needs a user to be
                                  authenticated using login, we need
                                  identifier to do that ourself. Provide
                                  identifier  for Application form fields in
                                  format as string:   '{"username":
                                  {"identification": "user_field_id","value":
                                  "user_name"},"password": {"identification":
                                  "password_field_id","value":
                                  "password"},"submit": {"identification":
                                  "submit_button_id","value": "Nothing"}}'
                                  
                                  You can find Guide to Do so on following git
                                  repository https://github.com/k2io/K2ADS
                                  
                                  Eg. k2hackbot scan-web-application
                                  --applicationLoginIdentifier '{"username":
                                  {"identification": "user_field_id","value":
                                  "user_name"},"password": {"identification":
                                  "password_field_id","value":
                                  "password"},"submit": {"identification":
                                  "submit_button_id","value": "Nothing"}}'

  --k2email TEXT                  Provide K2 Registered Email
                                  
                                  Eg. k2hackbot scan-web-application --k2email
                                  demo@example.com

  --k2password TEXT               Provide K2 Registered Email's Password
                                  
                                  Eg. k2hackbot scan-web-application
                                  --k2password PASSWORD

  --ignoreUrl TEXT                Provide Application URLs to be skipped for
                                  crawling.
                                  
                                  Eg. k2hackbot scan-web-application
                                  --ignoreUrl
                                  ['http://myapplication.com/contact']

  --allowedDomain TEXT            Application Domains to be used for crawling
                                  
                                  Eg. k2hackbot scan-web-application
                                  --allowedDomain
                                  ['http://myapplication.com/home']

  --k2GroupName TEXT              K2 Group name.
                                  
                                  Eg. k2hackbot scan-web-application
                                  --k2GroupName MY-K2-GROUP

  --k2GroupEnv TEXT               K2 Group deployment Environment
                                  
                                  Eg. k2hackbot scan-web-application
                                  --k2GroupEnv STAGING

  --k2Cloud TEXT                  Provide K2Cloud URL if required
                                  
                                  Eg. k2hackbot scan-web-application --k2Cloud
                                  https://mycloud.com

  --k2icDirectoryPath TEXT        Provide path for k2-ic directory
                                  
                                  Eg. k2hackbot scan-web-application
                                  --k2icDirectoryPath /home/my_k2_dir

  --force TEXT                    Enable Hackbot to take over and execute
                                  forcefully

  --config FILE                   Read configuration from FILE.
  --help                          Show this message and exit.

Command to scan applications without authentication:

k2hackbot scan-web-application --applicationUrl 'https://example.com' --applicationIdentifier '{"containerid":"123456789abc"}'

Command to scan applications with authentication:

k2hackbot scan-web-application --applicationUrl 'https://example.com' --applicationIdentifier '{"containerid":"123456789abc"}' --isAuthRequired true --applicationLoginUrl 'http://my-application.com/login' --applicationLoginIdentifier "{\"username\": {\"identification\": \"name='user'\",\"value\": \"cody\"},\"password\": {\"identification\": \"name='password'\",\"value\": \"cody\"}, \"submit\": {\"identification\": \"type='submit'\",\"value\": \"Nothing\"}}" --k2email "demo@example.com" --k2password "password" --k2Cloud "https://my-k2-cloud.com"

Config File Setup

K2HackBot support two ways to define options:

CLI
Config File

The Hierarchy for reading config is as follows:

CLI > Environment > Configuration file > Default

The config file can be created with any name but it MUST be in JSON format. Below is a sample config file for scan-web-application:

$ cat k2config.json 
{
    "applicationidentifier": {"containerid":"1066f52f02a32c2bd54e6e3fa122152be1e5d3aec44e209596adccc321018d60"},
	"applicationurl": ["https://example.com"],
	"isauthrequired": true,
	"applicationloginurl": "https://example.com/login",
	"applicationloginidentifier": {
		"username": {
			"identification": "name='user'",
			"value": "test"
		},
		"password": {
			"identification": "name='password'",
			"value": "PASSWORD"
		},
		"submit": {
			"identification": "type='submit'",
			"value": "Nothing"
		}
	}
}

Command to run scan-web-application using the config file:

k2hackbot scan-web-application --config k2config.json

PreviousDeploy K2Components NextProbe API

Last updated 4 years ago

Was this helpful?