diff --git a/audit/system/plugins/localaccount.py b/audit/system/plugins/localaccount.py
index e5018ff..6e59ed1 100644
--- a/audit/system/plugins/localaccount.py
+++ b/audit/system/plugins/localaccount.py
@@ -2,13 +2,10 @@
def profile() -> dict:
profile = dict()
+ profile['description'] = 'Set timeout for session'
+ profile['flag'] = 'TMOUT'
+ profile['value'] = 600
profile['filename'] = '/etc/profile'
- profile['data'] = list()
- profile['data'].append({
- 'description': 'Set timeout for session',
- 'flag': 'TMOUT',
- 'value': 600,
- })
return profile
def password_quality() -> list:
diff --git a/core/plugins/localaccount.py b/core/plugins/localaccount.py
index 953e9c6..e1367f7 100644
--- a/core/plugins/localaccount.py
+++ b/core/plugins/localaccount.py
@@ -15,16 +15,11 @@ class LocalAccount:
# Create the report
self._constructReports()
- # Report
- #self._reports[""] = self._apache_directory
-
def runAudit(self):
print("Running test for Local account")
self._analyzingProfile()
self._analyzingPasswordQuality()
- print(self._reports)
-
def getReports(self) -> dict:
return self._reports
@@ -41,14 +36,29 @@ class LocalAccount:
def _parseFile(self, fdata):
data = fdata.read()
lines = data.splitlines()
+ lineFound = None
+ found = False
for line in lines:
line = line.decode('utf-8')
-
- for obj in self._profile['data']:
- grFlag = re.search(f"^{obj['flag']}", line)
- if grFlag:
- print(line)
+
+ grFlag = re.search(f"^{self._profile['flag']}", line)
+ if grFlag:
+ found = True
+ lineFound = line
+ if found:
+ self._reports['profile']['vulnerabilities'] = dict()
+ self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
+ self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "success"
+ self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
+ self._reports['profile']['vulnerabilities'][self._profile['flag']]["flagFound"] = lineFound
+ else:
+ self._reports['profile']['vulnerabilities'] = dict()
+ self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
+ self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "failed"
+ self._reports['profile']['vulnerabilities'][self._profile["flag"]]["recommand_value"] = self._profile["value"]
+ self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
+ self._reports['profile']['vulnerabilities'][self._profile['flag']]["flag"] = self._profile['flag']
def _analyzingPasswordQuality(self):
pass
@@ -64,6 +74,6 @@ class LocalAccount:
- description: description of the vulnerability
- level: high, medium or low
"""
- self._reports['localaccount'] = dict()
- self._reports['localaccount']['profile'] = dict()
- self._reports['localaccount']['pwd_quality'] = dict()
+ self._reports['profile'] = dict()
+ self._reports['profile']['filename'] = self._profile['filename']
+ self._reports['pwd_quality'] = dict()
diff --git a/core/report.py b/core/report.py
index 1d9f173..207d187 100644
--- a/core/report.py
+++ b/core/report.py
@@ -28,7 +28,7 @@ def generateHtmlReport(data):
dataJinja2['postfix']['filename'] = data["system"]["postfix"]["filename"]
dataJinja2['postfix']['vulnerabilities'] = data['system']['postfix']['postfix']
- _generateAccordion(dataJinja2['postfix']['vulnerabilities'])
+ _generateAccordion(dataJinja2['postfix']['vulnerabilities'], 'postfix')
if 'sysctl' in data['system']:
dataJinja2['sysctl'] = dict()
@@ -36,11 +36,21 @@ def generateHtmlReport(data):
dataJinja2['sysctl']['file']['filename'] = data['system']['sysctl']['file']['filename']
dataJinja2['sysctl']['file']['sysctl'] = data['system']['sysctl']['file']['sysctl']
- _generateAccordion(dataJinja2['sysctl']['file']['sysctl'])
+ _generateAccordion(dataJinja2['sysctl']['file']['sysctl'], 'sysctl')
if 'apache' in data['system']:
pass
+ if 'localaccount' in data['system']:
+ if 'profile' in data['system']['localaccount']:
+ dataJinja2['profile'] = dict()
+ dataJinja2['profile']['filename'] = data['system']['localaccount']['profile']['filename']
+ dataJinja2['profile']['vulnerabilities'] = data['system']['localaccount']['profile']['vulnerabilities']
+
+ _generateAccordion(dataJinja2['profile']['vulnerabilities'], 'profile')
+ if 'pwd_quality' in data['system']['localaccount']:
+ pass
+
dataJinja2['year'] = '2023'
dataJinja2['hostname'] = data['hostname']
dataJinja2['kernel'] = data['kernel']
@@ -53,8 +63,8 @@ def generateHtmlReport(data):
print("The report is generated at this location: " \
f"reports/reports_{today}.html")
-def _generateAccordion(obj):
+def _generateAccordion(obj, parent):
index = 1
for entry in obj:
- obj[entry]['accordion-id'] = f"accordion-{index}"
+ obj[entry]['accordion-id'] = f"accordion-{parent}-{index}"
index += 1
diff --git a/reports/templates/localaccount.html.j2 b/reports/templates/localaccount.html.j2
index a107073..f175a56 100644
--- a/reports/templates/localaccount.html.j2
+++ b/reports/templates/localaccount.html.j2
@@ -1,37 +1,35 @@
-<h3 class="fs-3">Apache</h3>
+<h3 class="fs-3">Profile</h3>
-{% for item in data['postfix']['vulnerabilities'] %}
+{% for item in data['profile']['vulnerabilities'] %}
<div class="accordion" id="accordionSysctl">
<div class="accordion-item">
<h2 class="accordion-header">
- <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}">
+ <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}">
<strong>{{ item }}</strong>
- {% if data['postfix']['vulnerabilities'][item]['result'] == 'failed' %}
- <span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
- {% elif data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
- <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
+ {% if data['profile']['vulnerabilities'][item]['result'] == 'failed' %}
+ <span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
+ {% elif data['profile']['vulnerabilities'][item]['result'] == 'success' %}
+ <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
{% endif %}
</button>
</h2>
- <div id="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
+ <div id="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
<div class="accordion-body">
- {{ data['postfix']['vulnerabilities'][item]['description'] }}. <br />
- {% if data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
+ {{ data['profile']['vulnerabilities'][item]['description'] }}. <br />
+ {% if data['profile']['vulnerabilities'][item]['result'] == 'success' %}
<div class="bd-example-snippet bd-code-snippet">
<div class="highlight">
<pre tabindex="0" class="chroma"><code class="language-shell">
- {{ data['postfix']['vulnerabilities'][item]['flagFound'] }}
+ {{ data['profile']['vulnerabilities'][item]['flagFound'] }}
</pre></code>
</div>
</div>
{% else %}
- For resolving the issue, add this line in the <strong>{{ data['postfix']['filename'] }}</strong> vulnerabilities:
+ For resolving the issue, add this line in the <strong>{{ data['filename'] }}</strong> profile:
<div class="bd-example-snippet bd-code-snippet">
<div class="highlight">
<pre tabindex="0" class="chroma"><code class="language-shell">
- {% for value in data['postfix']['vulnerabilities'][item]['recommand_value'] %}
- {{ data['postfix']['vulnerabilities'][item]['flag'] }} = {{ value }}
- {% endfor %}
+ {{ data['profile']['vulnerabilities'][item]['flag'] }} = {{ data['profile']['vulnerabilities'][item]['recommand_value'] }}
</pre></code>
</div>
</div>