Parsing vulnerabilities

parsing/sysctl.py

@@ -30,9 +30,9 @@ class Parsing(ParsingBase):
         # After that, for each data, I put the number of occurence I found.
         # If the array is empty, no entry found for a flag, otherwise, we check the value
         for obj in self._objects['sysctl']:
-            resultsFlag[obj['flag']] = list()
-
-        print(resultsFlag)
+            resultsFlag[obj['flag']] = dict()
+            resultsFlag[obj['flag']]['recommand_value'] = obj['value']
+            resultsFlag[obj['flag']]['occurence'] = 0
 
         for line in lines:
             line = line.decode("utf-8")
@@ -40,39 +40,28 @@ class Parsing(ParsingBase):
             for obj in self._objects['sysctl']:
                 result = self._parsingFile(line, obj, resultsFlag)
                 if result:
-                    print(resultsFlag[obj['flag']][
-                            len(resultsFlag[obj['flag']]) - 1:
-                            len(resultsFlag[obj['flag']])
-                    ])
-                # If not exist, we recommand to put the flag
-                #if len(result) == 0:
-                #    # print("Not find")
-                #    pass
-                ## If the flag is found
-                #else:
-                #    # And if the current value is not setted corectly for the vulnerability
-                #    print(result)
-                #    
-                #    self._reports[obj['flag']].append({
-                #        'lineNumber': numLines,
-                #        'value': obj['value'],
-                #        'audit': 'failed' # Or success
-                #    })
-                #    
-                #    #if result['value'] != result['current_value']:
-                #    #    print(f"You must change the value to {obj['value']} for fixing the vulnerabilities")
+                    resultsFlag[obj['flag']]['lineNumber'] = numLines
+                    resultsFlag[obj['flag']]['occurence'] += 1 
 
             numLines += 1
-        print(self._reports)
 
         # Now, we can check if the value is specified or not
         # And check if the flag is specified and need to put on the sysctl config
-        print("")
         for entry in resultsFlag:
-            print(entry)
-            print(resultsFlag[entry])
+            obj = resultsFlag[entry]
+            if obj['occurence'] > 0:
+                print(entry)
+                print(obj)
+                if obj['current_value'] != obj['recommand_value']:
+                    self._reports[entry]['message'] = \
+                            f"You specify this value {obj['current_value']}" \
+                            ", you should use this value {obj['recommand_value']}"
+            else:
+                # No find the flag, we recommand to enable it
+                self._reports[entry]['message'] = ""
 
         # We can generate the report
+        print(self._reports)
 
     def _parsingFile(self, line, obj, resultsFlag) -> bool:
         """
@@ -85,23 +74,13 @@ class Parsing(ParsingBase):
             # Avoid the comment
             if not line.startswith('#'):
                 sLine = line.split('=')
-                flag = sLine[0]
-                value = int(sLine[1].strip(''))
+                flag = sLine[0].strip()
+                value = int(sLine[1].strip())
+
+                resultsFlag[flag]['current_value'] =  value
+
                 result = True
-                #print(sLine)
-
-                resultsFlag[flag].append({
-                    'current_value': value,
-                    'value': obj['value']
-                })
-                #result['found'] = flag
-                #result['current_value'] = value
-                #result['value'] = obj['value']
-
-                #if value != obj['value']:
-                #    print("Need to change the value")
-                #    print(sLine)
-
+                
         return result
 
     def _constructResults(self, filename):
@@ -112,15 +91,13 @@ class Parsing(ParsingBase):
               - filename: filename of the test
               - line: line of the test
               - parse: Display the line where the vulnerabilites has been found
-              - description: description of the vulnerabilities
+              - description: description of the vulnerability
               - level: high, medium or low
         """
         self._reports['filename'] = filename
 
         for sysctl in self._objects['sysctl']:
-            self._reports[sysctl['flag']] = list()
-        print(self._reports)
-        print("")
+            self._reports[sysctl['flag']] = dict()
 
     def getResults(self) -> dict:
         result = dict()

vulnerabilities/sysctl.py

@@ -1,15 +1,19 @@
 #!/usr/bin/env python3
 
+# Define the entry
+
 def sysctl() -> list:
     sysctl = list()
 
     # https://access.redhat.com/security/sysctl/sysctl-2023-0179
     sysctl.append({
-        "cve": "cve-2023-0179",
+        "from": "cve",
+        "id": "cve-2023-0179",
         "description": "",
         "flag": "kernel.unprivileged_userns_clone",
         "value": 0,
         "level": "medium",
+        "recommendation": "You should disable this flag for resolving the issue",
         "affectedSystem": ({
             'linux': "Debian",
             'release': 'buster',
@@ -19,9 +23,11 @@ def sysctl() -> list:
 
     # Best practice from CIS
     sysctl.append({
-        "cve": "",
+        "from": "cis",
+        "id": "",
         "description": "Disable IPv4 forwarding",
         "flag": "net.ipv4.conf.all.forwarding",
+        "recommendation": "You should disable this flag for resolving the issue",
         "value": 0,
         "level": "medium"
     })