Update tmpl and parsing apache

2023-09-14 16:30:48 +02:00 · 2023-09-14 16:30:48 +02:00 · 5757ec94ca
commit 5757ec94ca
parent 2758b47f5b
14 changed files with 127 additions and 82 deletions
--- a/audit/system/plugins/grub.py
+++ b/audit/system/plugins/grub.py
@ -6,4 +6,5 @@ def grub() -> dict:
    grub['filename'] = '/boot/grub/grub.cfg'
    grub['value'] = 0o600
    grub['resolve'] = 'chmod 600 /boot/grub/grub.cfg'
+    grub['level'] = 'medium'
    return grub
--- a/audit/system/plugins/localaccount.py
+++ b/audit/system/plugins/localaccount.py
@ -6,6 +6,7 @@ def profile() -> dict:
    profile['flag'] = 'TMOUT'
    profile['value'] = 600
    profile['filename'] = '/etc/profile'
+    profile['level'] = 'low'
    return profile

 def password_quality() -> list:
--- a/core/plugins/apache.py
+++ b/core/plugins/apache.py
@ -28,12 +28,14 @@ class Apache:
    def _runParsing(self):
        # Check if the file exist
        path = f"{self._apache_directory}/sites-available"
-        #if isdir(self._apache_directory):
-        #    for site in listdir(path):
-        #        with open(f"{path}/{site}", 'rb') as f:
-        #            self._parseFile(f)
-        #else:
-        #    self._reports["apache"]["test"] = "No directory found"
+        if isdir(path):
+            self._reports['audit'] = True
+            for site in listdir(path):
+                with open(f"{path}/{site}", 'rb') as f:
+                    self._parseFile(f)
+        else:
+            self._reports['audit'] = False
+            self._reports["msg"] = "No directory found"

    def _parseFile(self, fdata):
        data = fdata.read()
--- a/core/plugins/grub.py
+++ b/core/plugins/grub.py
@ -33,6 +33,7 @@ class Grub:
                else:
                    self._reports['result'] = 'success'
                self._reports['description'] = self._object['description']
+                self._reports['level'] = self._object['level']
                self._reports['current_value'] = permission[2:]
        except FileNotFoundError:
            self._reports['grub']['error'] = \
--- a/core/plugins/localaccount.py
+++ b/core/plugins/localaccount.py
@ -50,12 +50,14 @@ class LocalAccount:
            self._reports['profile']['vulnerabilities'] = dict()
            self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
            self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "success"
+            self._reports['profile']['vulnerabilities'][self._profile['flag']]['level'] = self._profile['level']
            self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
            self._reports['profile']['vulnerabilities'][self._profile['flag']]["flagFound"] = lineFound
        else:
            self._reports['profile']['vulnerabilities'] = dict()
            self._reports['profile']['vulnerabilities'][self._profile['flag']] = dict()
            self._reports['profile']['vulnerabilities'][self._profile['flag']]["result"] = "failed"
+            self._reports['profile']['vulnerabilities'][self._profile['flag']]['level'] = self._profile['level']
            self._reports['profile']['vulnerabilities'][self._profile["flag"]]["recommand_value"] = self._profile["value"]
            self._reports['profile']['vulnerabilities'][self._profile['flag']]["description"] = self._profile['description']
            self._reports['profile']['vulnerabilities'][self._profile['flag']]["flag"] = self._profile['flag']
--- a/core/plugins/postfix.py
+++ b/core/plugins/postfix.py
@ -56,11 +56,13 @@ class Postfix:
                    if res:
                        self._reports["postfix"][obj['flag']] = dict()
                        self._reports["postfix"][obj['flag']]["result"] = "success"
+                        self._reports["postfix"][obj['flag']]["level"] = obj['level']
                        self._reports["postfix"][obj['flag']]["description"] = obj['description']
                        self._reports["postfix"][obj['flag']]["flagFound"] = line
                    else:
                        self._reports["postfix"][obj['flag']] = dict()
                        self._reports["postfix"][obj['flag']]["result"] = "failed"
+                        self._reports["postfix"][obj['flag']]["level"] = obj['level']
                        self._reports["postfix"][obj["flag"]]["recommand_value"] = obj["value"]
                        self._reports["postfix"][obj['flag']]["description"] = obj['description']
                        self._reports["postfix"][obj['flag']]["flag"] = obj['flag']
--- a/core/report.py
+++ b/core/report.py
@ -20,7 +20,6 @@ def generateHtmlReport(data):

    body = str()
    for plugin in data['system']:
-        #print(plugin)
        dataJinja2['plugins'].append(f"{plugin}.html.j2")

    if 'postfix' in data['system']:
@ -39,11 +38,15 @@ def generateHtmlReport(data):
        _generateAccordion(dataJinja2['sysctl']['file']['sysctl'], 'sysctl')

    if 'apache' in data['system']:
-        pass
+        if data['system']['apache']['audit']:
+            dataJinja2['apache'] = data['system']['apache']
+        else:
+            dataJinja2['apache'] = data['system']['apache']

    if 'localaccount' in data['system']:
        if 'profile' in data['system']['localaccount']:
            dataJinja2['profile'] = dict()
+            #dataJinja2['profile']['level'] = data['system']['localaccount']['profile']['level']
            dataJinja2['profile']['filename'] = data['system']['localaccount']['profile']['filename']
            dataJinja2['profile']['vulnerabilities'] = data['system']['localaccount']['profile']['vulnerabilities']

@ -60,11 +63,12 @@ def generateHtmlReport(data):
    dataJinja2['release'] = data['release']
    rdr = tmplIndex.render(data=dataJinja2)

-    with open(f"reports/reports_{today}.html", "w") as f:
+    hostname = data['hostname'].lower()
+    with open(f"reports/reports_{hostname}_{today}.html", "w") as f:
        f.write(rdr)

    print("The report is generated at this location: " \
-            f"reports/reports_{today}.html")
+            f"reports/reports_{hostname}_{today}.html")

 def _generateAccordion(obj, parent):
    index = 1
--- a/reports/reports_2023_06_07.html
+++ b/reports/reports_2023_06_07.html
--- a/reports/reports_2023_06_08.html
+++ b/reports/reports_2023_06_08.html
--- a/reports/templates/apache.html.j2
+++ b/reports/templates/apache.html.j2
@ -1,7 +1,8 @@
 <h3 class="fs-3">Apache</h3>

+{% if data['apache']['audit'] %}
 {% for item in data['postfix']['vulnerabilities'] %}
-<div class="accordion" id="accordionSysctl">
+<div class="accordion" id="accordionApache">
  <div class="accordion-item">
    <h2 class="accordion-header">
      <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}">
@ -22,22 +23,31 @@
 	            <pre tabindex="0" class="chroma"><code class="language-shell">
                {{ data['postfix']['vulnerabilities'][item]['flagFound'] }}
 	            </pre></code>
-	          </div>
-	        </div>
+	          </div> <!-- end .highlight -->
+	        </div> <!-- end .bd-code-snippet -->
        {% else %}
-	    For resolving the issue, add this line in the <strong>{{ data['postfix']['filename'] }}</strong> vulnerabilities:
-	    <div class="bd-example-snippet bd-code-snippet">
-	      <div class="highlight">
-	        <pre tabindex="0" class="chroma"><code class="language-shell">
-            {% for value in data['postfix']['vulnerabilities'][item]['recommand_value'] %}
- 	          {{ data['postfix']['vulnerabilities'][item]['flag'] }} = {{ value }}
-            {% endfor %}
-	        </pre></code>
-	      </div>
-	    </div>
+	        For resolving the issue, add this line in the <strong>{{ data['postfix']['filename'] }}</strong> vulnerabilities:
+	        <div class="bd-example-snippet bd-code-snippet">
+	          <div class="highlight">
+	            <pre tabindex="0" class="chroma"><code class="language-shell">
+                {% for value in data['postfix']['vulnerabilities'][item]['recommand_value'] %}
+ 	              {{ data['postfix']['vulnerabilities'][item]['flag'] }} = {{ value }}
+                {% endfor %}
+	            </pre></code>
+	          </div> <!-- end .highlight -->
+	        </div> <!-- end .bd-code-snippet -->
      {% endif %}
-      </div>
-    </div>
-  </div>
-</div>
+
+      {% if 'id' in data['postfix']['vulnerabilities'][item] %}
+        linked with the <strong>{{ data['postfix']['vulnerabilities'][item]['id'] }}</strong>
+      {% endif %}
+
+      </div> <!-- end .accordion-body -->
+    </div> <!-- end .accordion-collapse -->
+  </div> <!-- end .accordion-item -->
+</div> <!-- end .accordion -->
 {% endfor %}
+
+{% else %}
+{{ data['apache']['msg'] }}
+{% endif %}
--- a/reports/templates/grub.html.j2
+++ b/reports/templates/grub.html.j2
@ -1,15 +1,16 @@
 <h3 class="fs-3">Grub</h3>

-<div class="accordion" id="accordionSysctl">
+<div class="accordion" id="accordionGrub">
  <div class="accordion-item">
    <h2 class="accordion-header">
      <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['grub']['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['grub']['accordion-id'] }}">
-	<strong>Grub</strong> 
-	{% if data['grub']['result'] == 'failed' %}
+	  <strong>Grub</strong> 
+	  {% if data['grub']['result'] == 'failed' %}
 	    <span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['grub']['result'] }}</span>
-	{% elif data['grub']['result'] == 'success' %}
+	  {% elif data['grub']['result'] == 'success' %}
 	    <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['grub']['result'] }}</span>
-	{% endif %}
+	  {% endif %}
+	  <span class="text-bg-primary p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['grub']['level'] }}</span>
      </button>
    </h2>
    <div id="{{ data['grub']['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionGrub">
@ -22,8 +23,8 @@
 	        <pre tabindex="0" class="chroma"><code class="language-shell">
            {{ data['grub']['current_value'] }}
 	        </pre></code>
-	      </div>
-	    </div>
+	      </div> <!-- end .highlight -->
+	    </div> <!-- end .bd-code-snippet -->
        {% else %}
 	    For resolving the issue, change the permission of the file:
 	    <div class="bd-example-snippet bd-code-snippet">
@ -31,10 +32,15 @@
 	        <pre tabindex="0" class="chroma"><code class="language-shell">
 	        {{ data['grub']['resolve'] }}
 	        </pre></code>
-	      </div>
-	    </div>
+	      </div> <!-- end highlight -->
+	    </div> <!-- end bd-code-snippet -->
      {% endif %}
-      </div>
-    </div>
-  </div>
-</div>
+      
+      {% if 'id' in data['grub'] %}
+        linked with the <strong>{{ data['grub']['id'] }}</strong>
+      {% endif %}
+
+      </div> <!-- end .accordion-body -->
+    </div> <!-- end .accordion-collapse -->
+  </div> <!-- end .accordion-item -->
+</div> <!-- end .accordion -->
--- a/reports/templates/localaccount.html.j2
+++ b/reports/templates/localaccount.html.j2
@ -1,29 +1,30 @@
 <h3 class="fs-3">Profile</h3>

 {% for item in data['profile']['vulnerabilities'] %}
-<div class="accordion" id="accordionSysctl">
+<div class="accordion" id="accordionProfile">
  <div class="accordion-item">
    <h2 class="accordion-header">
      <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}">
 	<strong>{{ item }}</strong> 
-	{% if data['profile']['vulnerabilities'][item]['result'] == 'failed' %}
+	  {% if data['profile']['vulnerabilities'][item]['result'] == 'failed' %}
 	    <span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
-	{% elif data['profile']['vulnerabilities'][item]['result'] == 'success' %}
+	  {% elif data['profile']['vulnerabilities'][item]['result'] == 'success' %}
 	    <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['result'] }}</span>
-	{% endif %}
+	  {% endif %}
+	  <span class="text-bg-primary p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['profile']['vulnerabilities'][item]['level'] }}</span>
      </button>
    </h2>
    <div id="{{ data['profile']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionProfile">
      <div class="accordion-body">
        {{ data['profile']['vulnerabilities'][item]['description'] }}. <br />
        {% if data['profile']['vulnerabilities'][item]['result'] == 'success' %}
-	        <div class="bd-example-snippet bd-code-snippet">
-	          <div class="highlight">
-	            <pre tabindex="0" class="chroma"><code class="language-shell">
-                {{ data['profile']['vulnerabilities'][item]['flagFound'] }}
-	            </pre></code>
-	          </div>
-	        </div>
+	       <div class="bd-example-snippet bd-code-snippet">
+	         <div class="highlight">
+	           <pre tabindex="0" class="chroma"><code class="language-shell">
+               {{ data['profile']['vulnerabilities'][item]['flagFound'] }}
+	           </pre></code>
+	         </div> <!-- end highlight -->
+	       </div> <!-- end bd-code-snippet -->
        {% else %}
 	    For resolving the issue, add this line in the <strong>{{ data['filename'] }}</strong> profile:
 	    <div class="bd-example-snippet bd-code-snippet">
@ -31,11 +32,16 @@
 	        <pre tabindex="0" class="chroma"><code class="language-shell">
 	        {{ data['profile']['vulnerabilities'][item]['flag'] }} = {{ data['profile']['vulnerabilities'][item]['recommand_value'] }}
 	        </pre></code>
-	      </div>
-	    </div>
+	      </div> <!-- end highlight -->
+	    </div> <!-- end bd-code-snippet -->
      {% endif %}
-      </div>
-    </div>
-  </div>
-</div>
+
+      {% if 'id' in data['profile']['vulnerabilities']['item'] %}
+        Linked with the <strong>{{ data['profile']['vulnerabilities'][item]['id'] }}</strong>
+      {% endif %}
+
+      </div> <!-- end .accordion-body -->
+    </div> <!-- end .accordion-collapse -->
+  </div> <!-- end .accordion-item -->
+</div> <!-- end .accordion -->
 {% endfor %}
--- a/reports/templates/postfix.html.j2
+++ b/reports/templates/postfix.html.j2
@ -1,16 +1,17 @@
 <h3 class="fs-3">Postfix</h3>

 {% for item in data['postfix']['vulnerabilities'] %}
-<div class="accordion" id="accordionSysctl">
+<div class="accordion" id="accordionPostfix">
  <div class="accordion-item">
    <h2 class="accordion-header">
      <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" aria-expanded="true" aria-controls="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}">
 	<strong>{{ item }}</strong> 
 	{% if data['postfix']['vulnerabilities'][item]['result'] == 'failed' %}
-	    <span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
+      <span class="text-bg-danger p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
 	{% elif data['postfix']['vulnerabilities'][item]['result'] == 'success' %}
-	    <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
+	  <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['result'] }}</span>
 	{% endif %}
+	  <span class="text-bg-primary p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['postfix']['vulnerabilities'][item]['level'] }}</span>
      </button>
    </h2>
    <div id="{{ data['postfix']['vulnerabilities'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionPostfix">
@ -22,8 +23,8 @@
 	            <pre tabindex="0" class="chroma"><code class="language-shell">
                {{ data['postfix']['vulnerabilities'][item]['flagFound'] }}
 	            </pre></code>
-	          </div>
-	        </div>
+	          </div> <!-- end .highlight -->
+	        </div> <!-- end .bd-code-snippet -->
        {% else %}
 	    For resolving the issue, add this line in the <strong>{{ data['postfix']['filename'] }}</strong> vulnerabilities:
 	    <div class="bd-example-snippet bd-code-snippet">
@ -33,11 +34,16 @@
 	          {{ data['postfix']['vulnerabilities'][item]['flag'] }} = {{ value }}
            {% endfor %}
 	        </pre></code>
-	      </div>
-	    </div>
+	      </div> <!-- end .highlight -->
+	    </div> <!-- end .bd-code-snippet -->
      {% endif %}
-      </div>
-    </div>
-  </div>
-</div>
+
+      {% if 'id' in data['postfix']['vulnerabilities'][item] %}
+        linked with the <strong>{{ data['postfix']['vulnerabilities'][item]['id'] }}</strong>
+      {% endif %}
+
+      </div> <!-- end .accordion-body -->
+    </div> <!-- end .accordion-collapse -->
+  </div> <!-- end .accordion-item -->
+</div> <!-- end .accordion -->
 {% endfor %}
--- a/reports/templates/sysctl.html.j2
+++ b/reports/templates/sysctl.html.j2
@ -11,21 +11,27 @@
 	{% elif data['sysctl']['file']['sysctl'][item]['result']['result'] == 'success' %}
 	    <span class="text-bg-success p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['sysctl']['file']['sysctl'][item]['result']['result'] }}</span>
 	{% endif %}
+	    <span class="text-bg-primary p-1" style="padding-left:10pt;padding-right:10pt;margin-left:15pt;">{{ data['sysctl']['file']['sysctl'][item]['level'] }}</span>
      </button>
    </h2>
    <div id="{{ data['sysctl']['file']['sysctl'][item]['accordion-id'] }}" class="accordion-collapse collapse" data-bs-parent="#accordionSysctl">
      <div class="accordion-body">
        {{ data['sysctl']['file']['sysctl'][item]['description'] }}. <br />
-	For resolving the issue, add this line in the <strong>{{ data['sysctl']['file']['filename'] }}</strong> file:
-	<div class="bd-example-snippet bd-code-snippet">
-	  <div class="highlight">
-	    <pre tabindex="0" class="chroma"><code class="language-shell">
- 	    {{ data['sysctl']['file']['sysctl'][item]['flag'] }} = {{ data['sysctl']['file']['sysctl'][item]['value'] }}
-	    </pre></code>
-	  </div>
-	</div>
-      </div>
-    </div>
-  </div>
-</div>
+	    For resolving the issue, add this line in the <strong>{{ data['sysctl']['file']['filename'] }}</strong> file:
+	    <div class="bd-example-snippet bd-code-snippet">
+	      <div class="highlight">
+	        <pre tabindex="0" class="chroma"><code class="language-shell">
+ 	        {{ data['sysctl']['file']['sysctl'][item]['flag'] }} = {{ data['sysctl']['file']['sysctl'][item]['value'] }}
+	        </pre></code>
+	      </div> <!-- end highlight -->
+	    </div> <!-- end bd-code-snippet -->
+
+        {% if 'id' in data['sysctl']['file']['sysctl'][item] %}
+          Linked with the <strong>{{ data['sysctl']['file']['sysctl'][item]['id'] }}</strong>
+        {% endif %}
+
+      </div> <!-- end accordion-body -->
+    </div> <!-- end accordion-collapse -->
+  </div> <!-- end accordion-item -->
+</div> <!-- end .accordion -->
 {% endfor %}