gbucchino/check_sys
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Analyzing profile

Browse Source
This commit is contained in:
geoffrey 2023-09-11 20:05:51 +02:00
parent 7bfb138511
commit 03143c4c0d
4 changed files with 53 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
audit/system/plugins/localaccount.py
View File

@ -2,13 +2,10 @@
def profile() -> dict:
profile = dict()
profile['description'] = 'Set timeout for session'
profile['flag'] = 'TMOUT'
profile['value'] = 600
profile['filename'] = '/etc/profile'
profile['data'] = list()
profile['data'].append({
'description': 'Set timeout for session',
'flag': 'TMOUT',
'value': 600,
})
return profile
def password_quality() -> list:

36
core/plugins/localaccount.py
View File

@ -15,16 +15,11 @@ class LocalAccount:
# Create the report
self._constructReports()
# Report
#self._reports[""] = self._apache_directory
def runAudit(self):
print("Running test for Local account")
self._analyzingProfile()
self._analyzingPasswordQuality()
print(self._reports)
def getReports(self) -> dict:
return self._reports
@ -41,14 +36,29 @@ class LocalAccount:
def _parseFile(self, fdata):
data = fdata.read()
lines = data.splitlines()
lineFound = None
found = False
for line in lines:
line = line.decode('utf-8')
for obj in self._profile['data']:
grFlag = re.search(f"^{obj['flag']}", line)
if grFlag:
print(line)
grFlag = re.search(f"^{self._profile['flag']}", line)
if grFlag:
found = True
lineFound = line
if found:
self._reports['profile']['vulnerabilities'] = dict()
self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "success"
self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
self._reports['profile']['vulnerabilities'][self._profile['flag']]["flagFound"] = lineFound
else:
self._reports['profile']['vulnerabilities'] = dict()
self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "failed"
self._reports['profile']['vulnerabilities'][self._profile["flag"]]["recommand_value"] = self._profile["value"]
self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
self._reports['profile']['vulnerabilities'][self._profile['flag']]["flag"] = self._profile['flag']
def _analyzingPasswordQuality(self):
pass
@ -64,6 +74,6 @@ class LocalAccount:
- description: description of the vulnerability
- level: high, medium or low
"""
self._reports['localaccount'] = dict()
self._reports['localaccount']['profile'] = dict()
self._reports['localaccount']['pwd_quality'] = dict()
self._reports['profile'] = dict()
self._reports['profile']['filename'] = self._profile['filename']
self._reports['pwd_quality'] = dict()

18
core/report.py
View File

@ -28,7 +28,7 @@ def generateHtmlReport(data):
dataJinja2['postfix']['filename'] = data["system"]["postfix"]["filename"]
dataJinja2['postfix']['vulnerabilities'] = data['system']['postfix']['postfix']
_generateAccordion(dataJinja2['postfix']['vulnerabilities'])
_generateAccordion(dataJinja2['postfix']['vulnerabilities'], 'postfix')
if 'sysctl' in data['system']:
dataJinja2['sysctl'] = dict()
@ -36,11 +36,21 @@ def generateHtmlReport(data):
dataJinja2['sysctl']['file']['filename'] = data['system']['sysctl']['file']['filename']
dataJinja2['sysctl']['file']['sysctl'] = data['system']['sysctl']['file']['sysctl']
_generateAccordion(dataJinja2['sysctl']['file']['sysctl'])
_generateAccordion(dataJinja2['sysctl']['file']['sysctl'], 'sysctl')
if 'apache' in data['system']:
pass
if 'localaccount' in data['system']:
if 'profile' in data['system']['localaccount']:
dataJinja2['profile'] = dict()
dataJinja2['profile']['filename'] = data['system']['localaccount']['profile']['filename']
dataJinja2['profile']['vulnerabilities'] = data['system']['localaccount']['profile']['vulnerabilities']
_generateAccordion(dataJinja2['profile']['vulnerabilities'], 'profile')
if 'pwd_quality' in data['system']['localaccount']:
pass
dataJinja2['year'] = '2023'
dataJinja2['hostname'] = data['hostname']
dataJinja2['kernel'] = data['kernel']
@ -53,8 +63,8 @@ def generateHtmlReport(data):
print("The report is generated at this location: " \
f"reports/reports_{today}.html")
def _generateAccordion(obj):
def _generateAccordion(obj, parent):
index = 1
for entry in obj:
obj[entry]['accordion-id'] = f"accordion-{index}"
obj[entry]['accordion-id'] = f"accordion-{parent}-{index}"
index += 1

28
reports/templates/localaccount.html.j2
View File

@ -1,37 +1,35 @@
<h3 class="fs-3">Apache</h3>
<h3 class="fs-3">Profile</h3>
{% for item in data['postfix']['vulnerabilities'] %}
{% for item in data['profile']['vulnerabilities'] %}
<div class="accordion" id="accordionSysctl">
<div class="accordion-item">
<h2 class="accordion-header">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}">
<strong>{{ item }}</strong>
{% if data['postfix']['vulnerabilities'][item]['result'] == 'failed' %}
<span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
{% elif data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
<span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
{% if data['profile']['vulnerabilities'][item]['result'] == 'failed' %}
<span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
{% elif data['profile']['vulnerabilities'][item]['result'] == 'success' %}
<span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
{% endif %}
</button>
</h2>
<div id="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
<div id="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
<div class="accordion-body">
{{ data['postfix']['vulnerabilities'][item]['description'] }}. <br />
{% if data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
{{ data['profile']['vulnerabilities'][item]['description'] }}. <br />
{% if data['profile']['vulnerabilities'][item]['result'] == 'success' %}
<div class="bd-example-snippet bd-code-snippet">
<div class="highlight">
<pre tabindex="0" class="chroma"><code class="language-shell">
{{ data['postfix']['vulnerabilities'][item]['flagFound'] }}
{{ data['profile']['vulnerabilities'][item]['flagFound'] }}
</pre></code>
</div>
</div>
{% else %}
For resolving the issue, add this line in the <strong>{{ data['postfix']['filename'] }}</strong> vulnerabilities:
For resolving the issue, add this line in the <strong>{{ data['filename'] }}</strong> profile:
<div class="bd-example-snippet bd-code-snippet">
<div class="highlight">
<pre tabindex="0" class="chroma"><code class="language-shell">
{% for value in data['postfix']['vulnerabilities'][item]['recommand_value'] %}
{{ data['postfix']['vulnerabilities'][item]['flag'] }} = {{ value }}
{% endfor %}
{{ data['profile']['vulnerabilities'][item]['flag'] }} = {{ data['profile']['vulnerabilities'][item]['recommand_value'] }}
</pre></code>
</div>
</div>