129 lines
4.2 KiB
Python
129 lines
4.2 KiB
Python
import re
|
|
from json import dumps
|
|
from parsing.base import ParsingBase
|
|
|
|
class Parsing(ParsingBase):
|
|
def __init__(self, objects, audit):
|
|
self._parsing = dict()
|
|
self._reports = dict()
|
|
self._objects = objects
|
|
self._audit = audit
|
|
|
|
def runParsing(self):
|
|
for audit in self._audit:
|
|
if audit['audit'] == 'file':
|
|
with open(audit['value'], 'rb') as fdata:
|
|
self._parseFile(fdata)
|
|
if audit['audit'] == 'process':
|
|
pass
|
|
|
|
def _parseFile(self, fdata):
|
|
data = fdata.read()
|
|
lines = data.splitlines()
|
|
numLines = 1
|
|
|
|
self._constructResults(filename='/etc/sysctl.conf')
|
|
|
|
resultsFlag = dict()
|
|
|
|
# I create an array which contains all flag we need to find
|
|
# After that, for each data, I put the number of occurence I found.
|
|
# If the array is empty, no entry found for a flag, otherwise, we check the value
|
|
for obj in self._objects['sysctl']:
|
|
resultsFlag[obj['flag']] = list()
|
|
|
|
print(resultsFlag)
|
|
|
|
for line in lines:
|
|
line = line.decode("utf-8")
|
|
|
|
for obj in self._objects['sysctl']:
|
|
result = self._parsingFile(line, obj, resultsFlag)
|
|
if result:
|
|
print(resultsFlag[obj['flag']][
|
|
len(resultsFlag[obj['flag']]) - 1:
|
|
len(resultsFlag[obj['flag']])
|
|
])
|
|
# If not exist, we recommand to put the flag
|
|
#if len(result) == 0:
|
|
# # print("Not find")
|
|
# pass
|
|
## If the flag is found
|
|
#else:
|
|
# # And if the current value is not setted corectly for the vulnerability
|
|
# print(result)
|
|
#
|
|
# self._reports[obj['flag']].append({
|
|
# 'lineNumber': numLines,
|
|
# 'value': obj['value'],
|
|
# 'audit': 'failed' # Or success
|
|
# })
|
|
#
|
|
# #if result['value'] != result['current_value']:
|
|
# # print(f"You must change the value to {obj['value']} for fixing the vulnerabilities")
|
|
|
|
numLines += 1
|
|
print(self._reports)
|
|
|
|
# Now, we can check if the value is specified or not
|
|
# And check if the flag is specified and need to put on the sysctl config
|
|
print("")
|
|
for entry in resultsFlag:
|
|
print(entry)
|
|
print(resultsFlag[entry])
|
|
|
|
# We can generate the report
|
|
|
|
def _parsingFile(self, line, obj, resultsFlag) -> bool:
|
|
"""
|
|
This function parse the line and try to find the item in it
|
|
"""
|
|
result = bool()
|
|
|
|
groupLine = re.search(obj['flag'], line)
|
|
if groupLine:
|
|
# Avoid the comment
|
|
if not line.startswith('#'):
|
|
sLine = line.split('=')
|
|
flag = sLine[0]
|
|
value = int(sLine[1].strip(''))
|
|
result = True
|
|
#print(sLine)
|
|
|
|
resultsFlag[flag].append({
|
|
'current_value': value,
|
|
'value': obj['value']
|
|
})
|
|
#result['found'] = flag
|
|
#result['current_value'] = value
|
|
#result['value'] = obj['value']
|
|
|
|
#if value != obj['value']:
|
|
# print("Need to change the value")
|
|
# print(sLine)
|
|
|
|
return result
|
|
|
|
def _constructResults(self, filename):
|
|
"""
|
|
Construct dictionary for result of the tests
|
|
Each entry contains:
|
|
Key:
|
|
- filename: filename of the test
|
|
- line: line of the test
|
|
- parse: Display the line where the vulnerabilites has been found
|
|
- description: description of the vulnerabilities
|
|
- level: high, medium or low
|
|
"""
|
|
self._reports['filename'] = filename
|
|
|
|
for sysctl in self._objects['sysctl']:
|
|
self._reports[sysctl['flag']] = list()
|
|
print(self._reports)
|
|
print("")
|
|
|
|
def getResults(self) -> dict:
|
|
result = dict()
|
|
|
|
return result
|