Parsing vulnerabilities
This commit is contained in:
		
							parent
							
								
									6cb4cacaf9
								
							
						
					
					
						commit
						9a4c845f6d
					
				| @ -30,9 +30,9 @@ class Parsing(ParsingBase): | ||||
|         # After that, for each data, I put the number of occurence I found. | ||||
|         # If the array is empty, no entry found for a flag, otherwise, we check the value | ||||
|         for obj in self._objects['sysctl']: | ||||
|             resultsFlag[obj['flag']] = list() | ||||
| 
 | ||||
|         print(resultsFlag) | ||||
|             resultsFlag[obj['flag']] = dict() | ||||
|             resultsFlag[obj['flag']]['recommand_value'] = obj['value'] | ||||
|             resultsFlag[obj['flag']]['occurence'] = 0 | ||||
| 
 | ||||
|         for line in lines: | ||||
|             line = line.decode("utf-8") | ||||
| @ -40,39 +40,28 @@ class Parsing(ParsingBase): | ||||
|             for obj in self._objects['sysctl']: | ||||
|                 result = self._parsingFile(line, obj, resultsFlag) | ||||
|                 if result: | ||||
|                     print(resultsFlag[obj['flag']][ | ||||
|                             len(resultsFlag[obj['flag']]) - 1: | ||||
|                             len(resultsFlag[obj['flag']]) | ||||
|                     ]) | ||||
|                 # If not exist, we recommand to put the flag | ||||
|                 #if len(result) == 0: | ||||
|                 #    # print("Not find") | ||||
|                 #    pass | ||||
|                 ## If the flag is found | ||||
|                 #else: | ||||
|                 #    # And if the current value is not setted corectly for the vulnerability | ||||
|                 #    print(result) | ||||
|                 #     | ||||
|                 #    self._reports[obj['flag']].append({ | ||||
|                 #        'lineNumber': numLines, | ||||
|                 #        'value': obj['value'], | ||||
|                 #        'audit': 'failed' # Or success | ||||
|                 #    }) | ||||
|                 #     | ||||
|                 #    #if result['value'] != result['current_value']: | ||||
|                 #    #    print(f"You must change the value to {obj['value']} for fixing the vulnerabilities") | ||||
|                     resultsFlag[obj['flag']]['lineNumber'] = numLines | ||||
|                     resultsFlag[obj['flag']]['occurence'] += 1  | ||||
| 
 | ||||
|             numLines += 1 | ||||
|         print(self._reports) | ||||
| 
 | ||||
|         # Now, we can check if the value is specified or not | ||||
|         # And check if the flag is specified and need to put on the sysctl config | ||||
|         print("") | ||||
|         for entry in resultsFlag: | ||||
|             print(entry) | ||||
|             print(resultsFlag[entry]) | ||||
|             obj = resultsFlag[entry] | ||||
|             if obj['occurence'] > 0: | ||||
|                 print(entry) | ||||
|                 print(obj) | ||||
|                 if obj['current_value'] != obj['recommand_value']: | ||||
|                     self._reports[entry]['message'] = \ | ||||
|                             f"You specify this value {obj['current_value']}" \ | ||||
|                             ", you should use this value {obj['recommand_value']}" | ||||
|             else: | ||||
|                 # No find the flag, we recommand to enable it | ||||
|                 self._reports[entry]['message'] = "" | ||||
| 
 | ||||
|         # We can generate the report | ||||
|         print(self._reports) | ||||
| 
 | ||||
|     def _parsingFile(self, line, obj, resultsFlag) -> bool: | ||||
|         """ | ||||
| @ -85,22 +74,12 @@ class Parsing(ParsingBase): | ||||
|             # Avoid the comment | ||||
|             if not line.startswith('#'): | ||||
|                 sLine = line.split('=') | ||||
|                 flag = sLine[0] | ||||
|                 value = int(sLine[1].strip('')) | ||||
|                 flag = sLine[0].strip() | ||||
|                 value = int(sLine[1].strip()) | ||||
| 
 | ||||
|                 resultsFlag[flag]['current_value'] =  value | ||||
| 
 | ||||
|                 result = True | ||||
|                 #print(sLine) | ||||
| 
 | ||||
|                 resultsFlag[flag].append({ | ||||
|                     'current_value': value, | ||||
|                     'value': obj['value'] | ||||
|                 }) | ||||
|                 #result['found'] = flag | ||||
|                 #result['current_value'] = value | ||||
|                 #result['value'] = obj['value'] | ||||
| 
 | ||||
|                 #if value != obj['value']: | ||||
|                 #    print("Need to change the value") | ||||
|                 #    print(sLine) | ||||
|                  | ||||
|         return result | ||||
| 
 | ||||
| @ -112,15 +91,13 @@ class Parsing(ParsingBase): | ||||
|               - filename: filename of the test | ||||
|               - line: line of the test | ||||
|               - parse: Display the line where the vulnerabilites has been found | ||||
|               - description: description of the vulnerabilities | ||||
|               - description: description of the vulnerability | ||||
|               - level: high, medium or low | ||||
|         """ | ||||
|         self._reports['filename'] = filename | ||||
| 
 | ||||
|         for sysctl in self._objects['sysctl']: | ||||
|             self._reports[sysctl['flag']] = list() | ||||
|         print(self._reports) | ||||
|         print("") | ||||
|             self._reports[sysctl['flag']] = dict() | ||||
| 
 | ||||
|     def getResults(self) -> dict: | ||||
|         result = dict() | ||||
|  | ||||
| @ -1,15 +1,19 @@ | ||||
| #!/usr/bin/env python3 | ||||
| 
 | ||||
| # Define the entry | ||||
| 
 | ||||
| def sysctl() -> list: | ||||
|     sysctl = list() | ||||
| 
 | ||||
|     # https://access.redhat.com/security/sysctl/sysctl-2023-0179 | ||||
|     sysctl.append({ | ||||
|         "cve": "cve-2023-0179", | ||||
|         "from": "cve", | ||||
|         "id": "cve-2023-0179", | ||||
|         "description": "", | ||||
|         "flag": "kernel.unprivileged_userns_clone", | ||||
|         "value": 0, | ||||
|         "level": "medium", | ||||
|         "recommendation": "You should disable this flag for resolving the issue", | ||||
|         "affectedSystem": ({ | ||||
|             'linux': "Debian", | ||||
|             'release': 'buster', | ||||
| @ -19,9 +23,11 @@ def sysctl() -> list: | ||||
| 
 | ||||
|     # Best practice from CIS | ||||
|     sysctl.append({ | ||||
|         "cve": "", | ||||
|         "from": "cis", | ||||
|         "id": "", | ||||
|         "description": "Disable IPv4 forwarding", | ||||
|         "flag": "net.ipv4.conf.all.forwarding", | ||||
|         "recommendation": "You should disable this flag for resolving the issue", | ||||
|         "value": 0, | ||||
|         "level": "medium" | ||||
|     }) | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user