WireMCP Secure

# Changelog All notable changes to WireMCP Secure will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [2.0.0] - 2025-12-13 ### 🔐 Security - CRITICAL UPDATES #### Fixed - **CRITICAL**: Command injection vulnerabilities - Complete rewrite using `spawn()` instead of `exec()` - **HIGH**: Path traversal vulnerabilities - Implemented whitelist-based path validation - **HIGH**: Insufficient input validation - Added comprehensive Zod schema validation - **MEDIUM**: Insecure temporary file handling - Implemented cryptographically random filenames - **MEDIUM**: Information disclosure - Added automatic sensitive data sanitization - **MEDIUM**: Unvalidated external API calls - Added TLS validation, timeouts, and size limits ### ✨ Added #### Core Features - Configuration management system with environment variables - Comprehensive input validation for all parameters - Rate limiting with configurable per-client limits - Resource management with concurrent capture limits - Audit logging system with JSON format - Data sanitization for privacy protection - Secure temporary file handling - Threat intelligence caching with TTL #### New Tools - `get_status` - Monitor server status and rate limits #### New Capabilities - Network interface validation against system interfaces - IP address validation with proper range checking - PCAP path validation with directory whitelisting - Automatic cleanup of old temporary files - Graceful shutdown with proper cleanup - Enhanced error messages with security considerations #### Security Features - No shell command execution (uses spawn) - Path traversal protection - Input sanitization - Rate limiting (5 req/min default) - Concurrent limits (3 captures max) - Output size limits (1MB default) - Capture duration limits (60s max) - Secure temp directory creation - TLS certificate validation - Timeout protection #### Configuration - Environment-based configuration - Validation of all config values - Flexible rate limit settings - Configurable file access restrictions - Audit log configuration - Feature toggles for sensitive operations ### 🔄 Changed #### Breaking Changes - Tool signatures now use validated schemas - Error responses are sanitized (less verbose in production) - PCAP files must be in whitelisted directories - Network interfaces must exist on system - Duration and size limits are now enforced #### Improvements - Better error handling throughout - Improved logging and debugging - More informative status messages - Enhanced documentation - Cleaner code structure ### 📚 Documentation - Comprehensive README with security focus - SECURITY.md with deployment guidelines - Configuration examples (env.example.txt) - API documentation for all tools - Troubleshooting guide - Compliance considerations (GDPR, PCI-DSS, HIPAA) ### 🧪 Testing - ESLint configuration with security plugin - Security testing checklist - Manual testing procedures - Recommended penetration testing guidelines ### 📦 Dependencies - Updated to latest secure versions - Added `dotenv` for configuration - Added `zod` for validation - Configured `axios` with security options --- ## [1.0.0] - Original Version ### Features (Original WireMCP) - Basic packet capture functionality - Protocol statistics - Conversation analysis - Threat intelligence (URLhaus) - IP threat checking - PCAP analysis - Credential extraction ### Security Issues (Original) - ❌ Command injection vulnerabilities - ❌ Path traversal vulnerabilities - ❌ Insufficient input validation - ❌ No rate limiting - ❌ No audit logging - ❌ Insecure temp file handling - ❌ No resource limits --- ## Security Advisories ### CVE-None-Yet (WireMCP v1.0.0 - Multiple Critical Issues) **Severity**: Critical (CVSS 9.8) **Affected Versions**: WireMCP < 2.0.0 **Description**: Multiple critical security vulnerabilities including command injection, path traversal, and insufficient input validation. **Solution**: Upgrade to WireMCP Secure v2.0.0 or later **Credit**: Security analysis by AI Assistant --- ## Upgrade Guide: v1.x to v2.0 ### Breaking Changes 1. **Configuration** - Old: Hardcoded values - New: Environment variables (`.env` file) - Action: Create `.env` file from `env.example.txt` 2. **PCAP File Access** - Old: Any file path accepted - New: Must be in whitelisted directories - Action: Set `ALLOWED_PCAP_DIRS` and move files 3. **Network Interfaces** - Old: Any string accepted - New: Must match system interface - Action: Verify interface names 4. **Error Messages** - Old: Verbose with stack traces - New: Sanitized for security - Action: Use development mode for debugging 5. **Credential Extraction** - Old: Always available - New: Disabled by default - Action: Set `ENABLE_CREDENTIAL_EXTRACTION=true` if needed ### Migration Steps 1. **Backup existing configuration** ```bash cp -r WireMCP WireMCP-backup ``` 2. **Install new version** ```bash cd WireMCP-Secure npm install ``` 3. **Configure environment** ```bash cp env.example.txt .env # Edit .env with your settings ``` 4. **Create directories** ```bash mkdir -p ~/wiremcp/pcaps mkdir -p /tmp/wiremcp chmod 700 /tmp/wiremcp ``` 5. **Move PCAP files** ```bash mv ~/old-pcaps/*.pcap ~/wiremcp/pcaps/ ``` 6. **Update MCP configuration** ```json { "mcpServers": { "wiremcp-secure": { "command": "node", "args": ["/path/to/WireMCP-Secure/index.js"] } } } ``` 7. **Test** ```bash # Start server node index.js # Check status using MCP client # Call get_status tool ``` --- ## Future Plans ### v2.1.0 (Planned) - [ ] Authentication and user management - [ ] Multiple threat intelligence sources (IPsum, Emerging Threats) - [ ] Web dashboard for monitoring - [ ] Docker containerization - [ ] Kubernetes deployment examples - [ ] Prometheus metrics export ### v2.2.0 (Planned) - [ ] Distributed capture support - [ ] Real-time streaming analysis - [ ] Machine learning anomaly detection - [ ] Custom protocol analyzers - [ ] GraphQL API - [ ] Plugin system ### v3.0.0 (Future) - [ ] Complete privilege separation architecture - [ ] Hardware security module support - [ ] Advanced threat hunting features - [ ] Integration with SIEM systems - [ ] Mobile app for monitoring --- **For questions or feedback, please open an issue on GitHub.**