Parsing vulnerabilities
This commit is contained in:
		
							parent
							
								
									6cb4cacaf9
								
							
						
					
					
						commit
						9a4c845f6d
					
				| @ -30,9 +30,9 @@ class Parsing(ParsingBase): | |||||||
|         # After that, for each data, I put the number of occurence I found. |         # After that, for each data, I put the number of occurence I found. | ||||||
|         # If the array is empty, no entry found for a flag, otherwise, we check the value |         # If the array is empty, no entry found for a flag, otherwise, we check the value | ||||||
|         for obj in self._objects['sysctl']: |         for obj in self._objects['sysctl']: | ||||||
|             resultsFlag[obj['flag']] = list() |             resultsFlag[obj['flag']] = dict() | ||||||
| 
 |             resultsFlag[obj['flag']]['recommand_value'] = obj['value'] | ||||||
|         print(resultsFlag) |             resultsFlag[obj['flag']]['occurence'] = 0 | ||||||
| 
 | 
 | ||||||
|         for line in lines: |         for line in lines: | ||||||
|             line = line.decode("utf-8") |             line = line.decode("utf-8") | ||||||
| @ -40,39 +40,28 @@ class Parsing(ParsingBase): | |||||||
|             for obj in self._objects['sysctl']: |             for obj in self._objects['sysctl']: | ||||||
|                 result = self._parsingFile(line, obj, resultsFlag) |                 result = self._parsingFile(line, obj, resultsFlag) | ||||||
|                 if result: |                 if result: | ||||||
|                     print(resultsFlag[obj['flag']][ |                     resultsFlag[obj['flag']]['lineNumber'] = numLines | ||||||
|                             len(resultsFlag[obj['flag']]) - 1: |                     resultsFlag[obj['flag']]['occurence'] += 1  | ||||||
|                             len(resultsFlag[obj['flag']]) |  | ||||||
|                     ]) |  | ||||||
|                 # If not exist, we recommand to put the flag |  | ||||||
|                 #if len(result) == 0: |  | ||||||
|                 #    # print("Not find") |  | ||||||
|                 #    pass |  | ||||||
|                 ## If the flag is found |  | ||||||
|                 #else: |  | ||||||
|                 #    # And if the current value is not setted corectly for the vulnerability |  | ||||||
|                 #    print(result) |  | ||||||
|                 #     |  | ||||||
|                 #    self._reports[obj['flag']].append({ |  | ||||||
|                 #        'lineNumber': numLines, |  | ||||||
|                 #        'value': obj['value'], |  | ||||||
|                 #        'audit': 'failed' # Or success |  | ||||||
|                 #    }) |  | ||||||
|                 #     |  | ||||||
|                 #    #if result['value'] != result['current_value']: |  | ||||||
|                 #    #    print(f"You must change the value to {obj['value']} for fixing the vulnerabilities") |  | ||||||
| 
 | 
 | ||||||
|             numLines += 1 |             numLines += 1 | ||||||
|         print(self._reports) |  | ||||||
| 
 | 
 | ||||||
|         # Now, we can check if the value is specified or not |         # Now, we can check if the value is specified or not | ||||||
|         # And check if the flag is specified and need to put on the sysctl config |         # And check if the flag is specified and need to put on the sysctl config | ||||||
|         print("") |  | ||||||
|         for entry in resultsFlag: |         for entry in resultsFlag: | ||||||
|             print(entry) |             obj = resultsFlag[entry] | ||||||
|             print(resultsFlag[entry]) |             if obj['occurence'] > 0: | ||||||
|  |                 print(entry) | ||||||
|  |                 print(obj) | ||||||
|  |                 if obj['current_value'] != obj['recommand_value']: | ||||||
|  |                     self._reports[entry]['message'] = \ | ||||||
|  |                             f"You specify this value {obj['current_value']}" \ | ||||||
|  |                             ", you should use this value {obj['recommand_value']}" | ||||||
|  |             else: | ||||||
|  |                 # No find the flag, we recommand to enable it | ||||||
|  |                 self._reports[entry]['message'] = "" | ||||||
| 
 | 
 | ||||||
|         # We can generate the report |         # We can generate the report | ||||||
|  |         print(self._reports) | ||||||
| 
 | 
 | ||||||
|     def _parsingFile(self, line, obj, resultsFlag) -> bool: |     def _parsingFile(self, line, obj, resultsFlag) -> bool: | ||||||
|         """ |         """ | ||||||
| @ -85,22 +74,12 @@ class Parsing(ParsingBase): | |||||||
|             # Avoid the comment |             # Avoid the comment | ||||||
|             if not line.startswith('#'): |             if not line.startswith('#'): | ||||||
|                 sLine = line.split('=') |                 sLine = line.split('=') | ||||||
|                 flag = sLine[0] |                 flag = sLine[0].strip() | ||||||
|                 value = int(sLine[1].strip('')) |                 value = int(sLine[1].strip()) | ||||||
|  | 
 | ||||||
|  |                 resultsFlag[flag]['current_value'] =  value | ||||||
|  | 
 | ||||||
|                 result = True |                 result = True | ||||||
|                 #print(sLine) |  | ||||||
| 
 |  | ||||||
|                 resultsFlag[flag].append({ |  | ||||||
|                     'current_value': value, |  | ||||||
|                     'value': obj['value'] |  | ||||||
|                 }) |  | ||||||
|                 #result['found'] = flag |  | ||||||
|                 #result['current_value'] = value |  | ||||||
|                 #result['value'] = obj['value'] |  | ||||||
| 
 |  | ||||||
|                 #if value != obj['value']: |  | ||||||
|                 #    print("Need to change the value") |  | ||||||
|                 #    print(sLine) |  | ||||||
|                  |                  | ||||||
|         return result |         return result | ||||||
| 
 | 
 | ||||||
| @ -112,15 +91,13 @@ class Parsing(ParsingBase): | |||||||
|               - filename: filename of the test |               - filename: filename of the test | ||||||
|               - line: line of the test |               - line: line of the test | ||||||
|               - parse: Display the line where the vulnerabilites has been found |               - parse: Display the line where the vulnerabilites has been found | ||||||
|               - description: description of the vulnerabilities |               - description: description of the vulnerability | ||||||
|               - level: high, medium or low |               - level: high, medium or low | ||||||
|         """ |         """ | ||||||
|         self._reports['filename'] = filename |         self._reports['filename'] = filename | ||||||
| 
 | 
 | ||||||
|         for sysctl in self._objects['sysctl']: |         for sysctl in self._objects['sysctl']: | ||||||
|             self._reports[sysctl['flag']] = list() |             self._reports[sysctl['flag']] = dict() | ||||||
|         print(self._reports) |  | ||||||
|         print("") |  | ||||||
| 
 | 
 | ||||||
|     def getResults(self) -> dict: |     def getResults(self) -> dict: | ||||||
|         result = dict() |         result = dict() | ||||||
|  | |||||||
| @ -1,15 +1,19 @@ | |||||||
| #!/usr/bin/env python3 | #!/usr/bin/env python3 | ||||||
| 
 | 
 | ||||||
|  | # Define the entry | ||||||
|  | 
 | ||||||
| def sysctl() -> list: | def sysctl() -> list: | ||||||
|     sysctl = list() |     sysctl = list() | ||||||
| 
 | 
 | ||||||
|     # https://access.redhat.com/security/sysctl/sysctl-2023-0179 |     # https://access.redhat.com/security/sysctl/sysctl-2023-0179 | ||||||
|     sysctl.append({ |     sysctl.append({ | ||||||
|         "cve": "cve-2023-0179", |         "from": "cve", | ||||||
|  |         "id": "cve-2023-0179", | ||||||
|         "description": "", |         "description": "", | ||||||
|         "flag": "kernel.unprivileged_userns_clone", |         "flag": "kernel.unprivileged_userns_clone", | ||||||
|         "value": 0, |         "value": 0, | ||||||
|         "level": "medium", |         "level": "medium", | ||||||
|  |         "recommendation": "You should disable this flag for resolving the issue", | ||||||
|         "affectedSystem": ({ |         "affectedSystem": ({ | ||||||
|             'linux': "Debian", |             'linux': "Debian", | ||||||
|             'release': 'buster', |             'release': 'buster', | ||||||
| @ -19,9 +23,11 @@ def sysctl() -> list: | |||||||
| 
 | 
 | ||||||
|     # Best practice from CIS |     # Best practice from CIS | ||||||
|     sysctl.append({ |     sysctl.append({ | ||||||
|         "cve": "", |         "from": "cis", | ||||||
|  |         "id": "", | ||||||
|         "description": "Disable IPv4 forwarding", |         "description": "Disable IPv4 forwarding", | ||||||
|         "flag": "net.ipv4.conf.all.forwarding", |         "flag": "net.ipv4.conf.all.forwarding", | ||||||
|  |         "recommendation": "You should disable this flag for resolving the issue", | ||||||
|         "value": 0, |         "value": 0, | ||||||
|         "level": "medium" |         "level": "medium" | ||||||
|     }) |     }) | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user