68 lines
1.9 KiB
Python
68 lines
1.9 KiB
Python
#!/usr/bin/env python3
|
|
|
|
import re
|
|
from os import listdir
|
|
from os.path import isdir
|
|
from audit.system.plugins.apache.apache import apache
|
|
|
|
|
|
class Apache:
|
|
def __init__(self, arguments):
|
|
self._objects = apache()
|
|
self._reports = dict()
|
|
self._apache_directory = arguments["apache_directory"]
|
|
|
|
# Create the report
|
|
self._constructReports()
|
|
|
|
# Report
|
|
self._reports["directory"] = self._apache_directory
|
|
|
|
def runAudit(self):
|
|
print("Running test for Apache")
|
|
self._runParsing()
|
|
|
|
def getReports(self) -> dict:
|
|
return self._reports
|
|
|
|
def _runParsing(self):
|
|
# Check if the file exist
|
|
path = f"{self._apache_directory}/sites-available"
|
|
if isdir(self._apache_directory):
|
|
for site in listdir(path):
|
|
with open(f"{path}/{site}", 'rb') as f:
|
|
self._parseFile(f)
|
|
else:
|
|
self._reports["apache"]["test"] = "No directory found"
|
|
|
|
def _parseFile(self, fdata):
|
|
data = fdata.read()
|
|
lines = data.splitlines()
|
|
|
|
for line in lines:
|
|
line = line.decode('utf-8')
|
|
|
|
# check if SSL is enable for the VirtualHost
|
|
grSSLEngine = re.search("SSLEngine on", line)
|
|
if grSSLEngine:
|
|
print(line)
|
|
|
|
def _check_value_exist(self, line, value) -> bool:
|
|
grValue = re.search(value, line)
|
|
if grValue:
|
|
return True
|
|
return False
|
|
|
|
def _constructReports(self):
|
|
"""
|
|
Construct dictionary for result of the tests
|
|
Each entry contains:
|
|
Key:
|
|
- filename: filename of the test
|
|
- line: line of the test
|
|
- parse: Display the line where the vulnerabilites has been found
|
|
- description: description of the vulnerability
|
|
- level: high, medium or low
|
|
"""
|
|
self._reports['apache'] = dict()
|