Update parsing and move files

2023-06-06 16:55:22 +02:00 · 2023-06-06 16:55:22 +02:00 · 7e2c6b3ee8
commit 7e2c6b3ee8
parent 9a4c845f6d
8 changed files with 66 additions and 17 deletions
--- a/config.py
+++ b/config.py
@ -0,0 +1,6 @@
+#!/usr/bin/env python3
+
+# Constantes
+HIGH = "high"
+MEDIUM = "medium"
+LOW = "low"
--- a/issues.py
+++ b/issues.py
@ -0,0 +1,35 @@
+#!/usr/bin/env python3
+
+class Issues:
+    OS = ['Debian', 'Ubuntu', 'Redhat']
+    CATEGORY = ['cve', 'cis']
+
+    def __init__(self, alias, os, severity, priority, component, description, category):
+        self._alias = alias # CVE-xxxx-yyyy
+        self._os = os
+        self._severity = severity
+        self._priority = priority
+        self._component = component
+        self._description = description
+        self._category = category
+
+    def getAlias(self) -> str:
+        return self._alias
+
+    def getOs(self) -> str:
+        return self._os
+
+    def getSeverity(self) -> str:
+        return self._severity
+
+    def getPriority(self) -> str:
+        return self._priority
+
+    def getComponent(self) -> str:
+        return self._component
+
+    def getDescription(self) -> str:
+        return self._description
+
+    def getCategory(self) -> str:
+        return self._category
--- a/issues/init.py
+++ b/issues/init.py
@ -0,0 +1 @@
+#!/usr/bin/env python3
--- a/vulnerabilities/calls.py
+++ b/vulnerabilities/calls.py
--- a/vulnerabilities/sysctl.py
+++ b/vulnerabilities/sysctl.py
@ -9,11 +9,10 @@ def sysctl() -> list:
    sysctl.append({
        "from": "cve",
        "id": "cve-2023-0179",
-        "description": "",
+        "description": "A buffer overflow vulnerability was be found in Linux system. An hacker can allow privilege escalation through Netfilter subsystem",
        "flag": "kernel.unprivileged_userns_clone",
        "value": 0,
        "level": "medium",
-        "recommendation": "You should disable this flag for resolving the issue",
        "affectedSystem": ({
            'linux': "Debian",
            'release': 'buster',
@ -27,9 +26,8 @@ def sysctl() -> list:
        "id": "",
        "description": "Disable IPv4 forwarding",
        "flag": "net.ipv4.conf.all.forwarding",
-        "recommendation": "You should disable this flag for resolving the issue",
        "value": 0,
-        "level": "medium"
+        "level": "medium",
    })

    return sysctl
--- a/vulnerabilities/system.py
+++ b/vulnerabilities/system.py
--- a/parsing/sysctl.py
+++ b/parsing/sysctl.py
@ -24,46 +24,55 @@ class Parsing(ParsingBase):

        self._constructResults(filename='/etc/sysctl.conf')

-        resultsFlag = dict()
+        vulnerabilityFound = dict()

        # I create an array which contains all flag we need to find
        # After that, for each data, I put the number of occurence I found.
        # If the array is empty, no entry found for a flag, otherwise, we check the value
        for obj in self._objects['sysctl']:
-            resultsFlag[obj['flag']] = dict()
-            resultsFlag[obj['flag']]['recommand_value'] = obj['value']
-            resultsFlag[obj['flag']]['occurence'] = 0
+            vulnerabilityFound[obj['flag']] = dict()
+            vulnerabilityFound[obj['flag']]['recommand_value'] = obj['value']
+            vulnerabilityFound[obj['flag']]['occurence'] = 0
+            for item in obj:
+                vulnerabilityFound[obj['flag']][item] = obj[item]
+
+        print("")

        for line in lines:
            line = line.decode("utf-8")

            for obj in self._objects['sysctl']:
-                result = self._parsingFile(line, obj, resultsFlag)
+                result = self._parsingFile(line, obj, vulnerabilityFound)
                if result:
-                    resultsFlag[obj['flag']]['lineNumber'] = numLines
-                    resultsFlag[obj['flag']]['occurence'] += 1 
+                    vulnerabilityFound[obj['flag']]['lineNumber'] = numLines
+                    vulnerabilityFound[obj['flag']]['occurence'] += 1 

            numLines += 1

        # Now, we can check if the value is specified or not
        # And check if the flag is specified and need to put on the sysctl config
-        for entry in resultsFlag:
-            obj = resultsFlag[entry]
+        for entry in vulnerabilityFound:
+            obj = vulnerabilityFound[entry]
            if obj['occurence'] > 0:
                print(entry)
                print(obj)
                if obj['current_value'] != obj['recommand_value']:
+                    self._reports[entry]['result'] = "failed"
                    self._reports[entry]['message'] = \
                            f"You specify this value {obj['current_value']}" \
                            ", you should use this value {obj['recommand_value']}"
+                else:
+                    self._reports[entry]['result'] = "success"
            else:
                # No find the flag, we recommand to enable it
                self._reports[entry]['message'] = ""

        # We can generate the report
        print(self._reports)
+        print("")
+        print(vulnerabilityFound)

-    def _parsingFile(self, line, obj, resultsFlag) -> bool:
+    def _parsingFile(self, line, obj, vulnerabilityFound) -> bool:
        """
            This function parse the line and try to find the item in it
        """
@ -77,7 +86,7 @@ class Parsing(ParsingBase):
                flag = sLine[0].strip()
                value = int(sLine[1].strip())

-                resultsFlag[flag]['current_value'] =  value
+                vulnerabilityFound[flag]['current_value'] =  value

                result = True
                
--- a/sysctl.py
+++ b/sysctl.py
@ -1,8 +1,8 @@
 #!/usr/bin/env python3

 from parsing.sysctl import Parsing
-from vulnerabilities.system import system
-from vulnerabilities.sysctl import sysctl
+from issues.system import system
+from issues.sysctl import sysctl


 class Sysctl: