From 6cb4cacaf94ae9f21f19c1e789a8cff2def997c6 Mon Sep 17 00:00:00 2001 From: gbucchino Date: Mon, 5 Jun 2023 16:39:18 +0200 Subject: [PATCH] Update project --- .gitignore | 1 + parsing/sysctl.py | 89 ++++++++++++++++++++++++++++++++--------------- 2 files changed, 61 insertions(+), 29 deletions(-) diff --git a/.gitignore b/.gitignore index bc171d5..8ac3823 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ __pycache__/ __pycache__/** +**.swp diff --git a/parsing/sysctl.py b/parsing/sysctl.py index b5b8f76..954569d 100644 --- a/parsing/sysctl.py +++ b/parsing/sysctl.py @@ -5,7 +5,7 @@ from parsing.base import ParsingBase class Parsing(ParsingBase): def __init__(self, objects, audit): self._parsing = dict() - self._results = dict() + self._reports = dict() self._objects = objects self._audit = audit @@ -24,35 +24,61 @@ class Parsing(ParsingBase): self._constructResults(filename='/etc/sysctl.conf') + resultsFlag = dict() + + # I create an array which contains all flag we need to find + # After that, for each data, I put the number of occurence I found. + # If the array is empty, no entry found for a flag, otherwise, we check the value + for obj in self._objects['sysctl']: + resultsFlag[obj['flag']] = list() + + print(resultsFlag) + for line in lines: line = line.decode("utf-8") for obj in self._objects['sysctl']: - result = self._parsingFile(line, obj) - if len(result) == 0: - pass - # If the flag is found - else: - # And if the current value is not setted corectly for the vulnerability - print(result) - - self._results[obj['flag']].append({ - 'lineNumber': numLines, - 'value': obj['value'], - 'audit': 'failed' # Or success - }) - - if result['value'] != result['current_value']: - print(f"You must change the value to {obj['value']} for fixing the vulnerabilities") + result = self._parsingFile(line, obj, resultsFlag) + if result: + print(resultsFlag[obj['flag']][ + len(resultsFlag[obj['flag']]) - 1: + len(resultsFlag[obj['flag']]) + ]) + # If not exist, we recommand to put the flag + #if len(result) == 0: + # # print("Not find") + # pass + ## If the flag is found + #else: + # # And if the current value is not setted corectly for the vulnerability + # print(result) + # + # self._reports[obj['flag']].append({ + # 'lineNumber': numLines, + # 'value': obj['value'], + # 'audit': 'failed' # Or success + # }) + # + # #if result['value'] != result['current_value']: + # # print(f"You must change the value to {obj['value']} for fixing the vulnerabilities") numLines += 1 - print(self._results) + print(self._reports) - def _parsingFile(self, line, obj) -> dict: + # Now, we can check if the value is specified or not + # And check if the flag is specified and need to put on the sysctl config + print("") + for entry in resultsFlag: + print(entry) + print(resultsFlag[entry]) + + # We can generate the report + + def _parsingFile(self, line, obj, resultsFlag) -> bool: """ This function parse the line and try to find the item in it """ - result = dict() + result = bool() groupLine = re.search(obj['flag'], line) if groupLine: @@ -61,15 +87,20 @@ class Parsing(ParsingBase): sLine = line.split('=') flag = sLine[0] value = int(sLine[1].strip('')) + result = True #print(sLine) - result['found'] = flag - result['current_value'] = value - result['value'] = obj['value'] + resultsFlag[flag].append({ + 'current_value': value, + 'value': obj['value'] + }) + #result['found'] = flag + #result['current_value'] = value + #result['value'] = obj['value'] - if value != obj['value']: - print("Need to change the value") - print(sLine) + #if value != obj['value']: + # print("Need to change the value") + # print(sLine) return result @@ -84,11 +115,11 @@ class Parsing(ParsingBase): - description: description of the vulnerabilities - level: high, medium or low """ - self._results['filename'] = filename + self._reports['filename'] = filename for sysctl in self._objects['sysctl']: - self._results[sysctl['flag']] = list() - print(self._results) + self._reports[sysctl['flag']] = list() + print(self._reports) print("") def getResults(self) -> dict: