Analyzing profile
This commit is contained in:
parent
7bfb138511
commit
03143c4c0d
@ -2,13 +2,10 @@
|
|||||||
|
|
||||||
def profile() -> dict:
|
def profile() -> dict:
|
||||||
profile = dict()
|
profile = dict()
|
||||||
|
profile['description'] = 'Set timeout for session'
|
||||||
|
profile['flag'] = 'TMOUT'
|
||||||
|
profile['value'] = 600
|
||||||
profile['filename'] = '/etc/profile'
|
profile['filename'] = '/etc/profile'
|
||||||
profile['data'] = list()
|
|
||||||
profile['data'].append({
|
|
||||||
'description': 'Set timeout for session',
|
|
||||||
'flag': 'TMOUT',
|
|
||||||
'value': 600,
|
|
||||||
})
|
|
||||||
return profile
|
return profile
|
||||||
|
|
||||||
def password_quality() -> list:
|
def password_quality() -> list:
|
||||||
|
|||||||
@ -15,16 +15,11 @@ class LocalAccount:
|
|||||||
# Create the report
|
# Create the report
|
||||||
self._constructReports()
|
self._constructReports()
|
||||||
|
|
||||||
# Report
|
|
||||||
#self._reports[""] = self._apache_directory
|
|
||||||
|
|
||||||
def runAudit(self):
|
def runAudit(self):
|
||||||
print("Running test for Local account")
|
print("Running test for Local account")
|
||||||
self._analyzingProfile()
|
self._analyzingProfile()
|
||||||
self._analyzingPasswordQuality()
|
self._analyzingPasswordQuality()
|
||||||
|
|
||||||
print(self._reports)
|
|
||||||
|
|
||||||
def getReports(self) -> dict:
|
def getReports(self) -> dict:
|
||||||
return self._reports
|
return self._reports
|
||||||
|
|
||||||
@ -41,14 +36,29 @@ class LocalAccount:
|
|||||||
def _parseFile(self, fdata):
|
def _parseFile(self, fdata):
|
||||||
data = fdata.read()
|
data = fdata.read()
|
||||||
lines = data.splitlines()
|
lines = data.splitlines()
|
||||||
|
lineFound = None
|
||||||
|
found = False
|
||||||
|
|
||||||
for line in lines:
|
for line in lines:
|
||||||
line = line.decode('utf-8')
|
line = line.decode('utf-8')
|
||||||
|
|
||||||
for obj in self._profile['data']:
|
grFlag = re.search(f"^{self._profile['flag']}", line)
|
||||||
grFlag = re.search(f"^{obj['flag']}", line)
|
if grFlag:
|
||||||
if grFlag:
|
found = True
|
||||||
print(line)
|
lineFound = line
|
||||||
|
if found:
|
||||||
|
self._reports['profile']['vulnerabilities'] = dict()
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "success"
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']]["flagFound"] = lineFound
|
||||||
|
else:
|
||||||
|
self._reports['profile']['vulnerabilities'] = dict()
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "failed"
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile["flag"]]["recommand_value"] = self._profile["value"]
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
|
||||||
|
self._reports['profile']['vulnerabilities'][self._profile['flag']]["flag"] = self._profile['flag']
|
||||||
|
|
||||||
def _analyzingPasswordQuality(self):
|
def _analyzingPasswordQuality(self):
|
||||||
pass
|
pass
|
||||||
@ -64,6 +74,6 @@ class LocalAccount:
|
|||||||
- description: description of the vulnerability
|
- description: description of the vulnerability
|
||||||
- level: high, medium or low
|
- level: high, medium or low
|
||||||
"""
|
"""
|
||||||
self._reports['localaccount'] = dict()
|
self._reports['profile'] = dict()
|
||||||
self._reports['localaccount']['profile'] = dict()
|
self._reports['profile']['filename'] = self._profile['filename']
|
||||||
self._reports['localaccount']['pwd_quality'] = dict()
|
self._reports['pwd_quality'] = dict()
|
||||||
|
|||||||
@ -28,7 +28,7 @@ def generateHtmlReport(data):
|
|||||||
dataJinja2['postfix']['filename'] = data["system"]["postfix"]["filename"]
|
dataJinja2['postfix']['filename'] = data["system"]["postfix"]["filename"]
|
||||||
dataJinja2['postfix']['vulnerabilities'] = data['system']['postfix']['postfix']
|
dataJinja2['postfix']['vulnerabilities'] = data['system']['postfix']['postfix']
|
||||||
|
|
||||||
_generateAccordion(dataJinja2['postfix']['vulnerabilities'])
|
_generateAccordion(dataJinja2['postfix']['vulnerabilities'], 'postfix')
|
||||||
|
|
||||||
if 'sysctl' in data['system']:
|
if 'sysctl' in data['system']:
|
||||||
dataJinja2['sysctl'] = dict()
|
dataJinja2['sysctl'] = dict()
|
||||||
@ -36,11 +36,21 @@ def generateHtmlReport(data):
|
|||||||
dataJinja2['sysctl']['file']['filename'] = data['system']['sysctl']['file']['filename']
|
dataJinja2['sysctl']['file']['filename'] = data['system']['sysctl']['file']['filename']
|
||||||
dataJinja2['sysctl']['file']['sysctl'] = data['system']['sysctl']['file']['sysctl']
|
dataJinja2['sysctl']['file']['sysctl'] = data['system']['sysctl']['file']['sysctl']
|
||||||
|
|
||||||
_generateAccordion(dataJinja2['sysctl']['file']['sysctl'])
|
_generateAccordion(dataJinja2['sysctl']['file']['sysctl'], 'sysctl')
|
||||||
|
|
||||||
if 'apache' in data['system']:
|
if 'apache' in data['system']:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
if 'localaccount' in data['system']:
|
||||||
|
if 'profile' in data['system']['localaccount']:
|
||||||
|
dataJinja2['profile'] = dict()
|
||||||
|
dataJinja2['profile']['filename'] = data['system']['localaccount']['profile']['filename']
|
||||||
|
dataJinja2['profile']['vulnerabilities'] = data['system']['localaccount']['profile']['vulnerabilities']
|
||||||
|
|
||||||
|
_generateAccordion(dataJinja2['profile']['vulnerabilities'], 'profile')
|
||||||
|
if 'pwd_quality' in data['system']['localaccount']:
|
||||||
|
pass
|
||||||
|
|
||||||
dataJinja2['year'] = '2023'
|
dataJinja2['year'] = '2023'
|
||||||
dataJinja2['hostname'] = data['hostname']
|
dataJinja2['hostname'] = data['hostname']
|
||||||
dataJinja2['kernel'] = data['kernel']
|
dataJinja2['kernel'] = data['kernel']
|
||||||
@ -53,8 +63,8 @@ def generateHtmlReport(data):
|
|||||||
print("The report is generated at this location: " \
|
print("The report is generated at this location: " \
|
||||||
f"reports/reports_{today}.html")
|
f"reports/reports_{today}.html")
|
||||||
|
|
||||||
def _generateAccordion(obj):
|
def _generateAccordion(obj, parent):
|
||||||
index = 1
|
index = 1
|
||||||
for entry in obj:
|
for entry in obj:
|
||||||
obj[entry]['accordion-id'] = f"accordion-{index}"
|
obj[entry]['accordion-id'] = f"accordion-{parent}-{index}"
|
||||||
index += 1
|
index += 1
|
||||||
|
|||||||
@ -1,37 +1,35 @@
|
|||||||
<h3 class="fs-3">Apache</h3>
|
<h3 class="fs-3">Profile</h3>
|
||||||
|
|
||||||
{% for item in data['postfix']['vulnerabilities'] %}
|
{% for item in data['profile']['vulnerabilities'] %}
|
||||||
<div class="accordion" id="accordionSysctl">
|
<div class="accordion" id="accordionSysctl">
|
||||||
<div class="accordion-item">
|
<div class="accordion-item">
|
||||||
<h2 class="accordion-header">
|
<h2 class="accordion-header">
|
||||||
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}">
|
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}">
|
||||||
<strong>{{ item }}</strong>
|
<strong>{{ item }}</strong>
|
||||||
{% if data['postfix']['vulnerabilities'][item]['result'] == 'failed' %}
|
{% if data['profile']['vulnerabilities'][item]['result'] == 'failed' %}
|
||||||
<span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
|
<span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
|
||||||
{% elif data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
|
{% elif data['profile']['vulnerabilities'][item]['result'] == 'success' %}
|
||||||
<span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
|
<span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</button>
|
</button>
|
||||||
</h2>
|
</h2>
|
||||||
<div id="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
|
<div id="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
|
||||||
<div class="accordion-body">
|
<div class="accordion-body">
|
||||||
{{ data['postfix']['vulnerabilities'][item]['description'] }}. <br />
|
{{ data['profile']['vulnerabilities'][item]['description'] }}. <br />
|
||||||
{% if data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
|
{% if data['profile']['vulnerabilities'][item]['result'] == 'success' %}
|
||||||
<div class="bd-example-snippet bd-code-snippet">
|
<div class="bd-example-snippet bd-code-snippet">
|
||||||
<div class="highlight">
|
<div class="highlight">
|
||||||
<pre tabindex="0" class="chroma"><code class="language-shell">
|
<pre tabindex="0" class="chroma"><code class="language-shell">
|
||||||
{{ data['postfix']['vulnerabilities'][item]['flagFound'] }}
|
{{ data['profile']['vulnerabilities'][item]['flagFound'] }}
|
||||||
</pre></code>
|
</pre></code>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{% else %}
|
{% else %}
|
||||||
For resolving the issue, add this line in the <strong>{{ data['postfix']['filename'] }}</strong> vulnerabilities:
|
For resolving the issue, add this line in the <strong>{{ data['filename'] }}</strong> profile:
|
||||||
<div class="bd-example-snippet bd-code-snippet">
|
<div class="bd-example-snippet bd-code-snippet">
|
||||||
<div class="highlight">
|
<div class="highlight">
|
||||||
<pre tabindex="0" class="chroma"><code class="language-shell">
|
<pre tabindex="0" class="chroma"><code class="language-shell">
|
||||||
{% for value in data['postfix']['vulnerabilities'][item]['recommand_value'] %}
|
{{ data['profile']['vulnerabilities'][item]['flag'] }} = {{ data['profile']['vulnerabilities'][item]['recommand_value'] }}
|
||||||
{{ data['postfix']['vulnerabilities'][item]['flag'] }} = {{ value }}
|
|
||||||
{% endfor %}
|
|
||||||
</pre></code>
|
</pre></code>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user