feat: migrate to use MCP tools instead of helper scripts
This commit is contained in:
@@ -19,30 +19,11 @@
|
||||
```
|
||||
|
||||
### Step 2: Create Required Deliverable
|
||||
Use the save_deliverable script to create your evidence:
|
||||
Use the save_deliverable MCP tool to create your evidence:
|
||||
|
||||
```bash
|
||||
node save_deliverable.js SSRF_EVIDENCE '# SSRF Exploitation Evidence (Pipeline Test)
|
||||
|
||||
**MCP Server Used:** {{MCP_SERVER}}
|
||||
**Test Site:** https://example.com
|
||||
**Screenshot:** ssrf-exploit-test.png
|
||||
**Status:** Browser isolation test successful
|
||||
|
||||
## Exploitation Results
|
||||
- **Target:** Test SSRF vulnerability
|
||||
- **Method:** Server-Side Request Forgery via URL parameter
|
||||
- **Evidence:** Successfully forced server to make request to internal network
|
||||
- **Impact:** Demonstrated access to internal services and potential data exfiltration
|
||||
- **Proof:** Pipeline testing mode - simulated successful exploitation
|
||||
|
||||
## Technical Details
|
||||
- **Vulnerability ID:** SSRF-VULN-01
|
||||
- **Exploitation Status:** Simulated Success (Pipeline Test)
|
||||
- **MCP Instance:** {{MCP_SERVER}}
|
||||
- **Attack Vector:** URL parameter manipulation
|
||||
- **Target:** Internal network services (localhost:8080)'
|
||||
```
|
||||
Use `save_deliverable` MCP tool with:
|
||||
- `deliverable_type: "SSRF_EVIDENCE"`
|
||||
- `content: "# SSRF Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** ssrf-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test SSRF vulnerability\n- **Method:** Server-Side Request Forgery via URL parameter\n- **Evidence:** Successfully forced server to make request to internal network\n- **Impact:** Demonstrated access to internal services and potential data exfiltration\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** SSRF-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** URL parameter manipulation\n- **Target:** Internal network services (localhost:8080)"`
|
||||
|
||||
This will automatically create `deliverables/ssrf_exploitation_evidence.md`.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user