def scan():
php_inis = [
'/etc/php5/apache2/php.ini',
'/etc/php5/cli/php.ini',
]
if not os.path.isdir('/etc/php5'):
return scanner.Result(scanner.NA, 'PHP not found')
failed = []
passed = []
for php_ini in php_inis:
file(php_ini,
'r').read() # Test file read access. Throws exception if failed.
code = "echo(ini_get('display_errors'));"
res = tools.cmd('php -c %s -r "%s"' % (php_ini, code))
if res['stderr']:
raise scanner.ScanError('%s: %s' %
(php_ini, res['stderr'].replace('\n', '')))
elif len(res['stdout']) > 6:
raise scanner.ScanError('%s: %s' %
(php_ini, res['stdout'].replace('\n', '')))
elif res['stdout'] != '' and res['stdout'] != '0' and res[
'stdout'] != 'STDOUT':
failed.append('%s has display_errors on' % (php_ini))
else:
passed.append('%s does not have display_errors on' % (php_ini))
if failed:
return scanner.Result(scanner.FAIL, ', '.join(failed))
else:
return scanner.Result(scanner.PASS, ', '.join(passed))
def scan():
res = tools.cmd('mysql -u root -h 127.0.0.1 -e "exit" ')
if 'access denied' in res['stderr'].lower():
return scanner.Result(scanner.PASS,
'The MySQL root account has a password')
return scanner.Result(scanner.FAIL,
'The MySQL root account has no password')
def scan():
php_inis = ["/etc/php5/apache2/php.ini", "/etc/php5/cli/php.ini"]
if not os.path.isdir("/etc/php5"):
return scanner.Result(scanner.NA, "PHP not found")
failed = []
passed = []
for php_ini in php_inis:
file(php_ini, "r").read() # Test file read access. Throws exception if failed.
code = "echo(ini_get('display_errors'));"
res = tools.cmd('php -c %s -r "%s"' % (php_ini, code))
if res["stderr"]:
raise scanner.ScanError("%s: %s" % (php_ini, res["stderr"].replace("\n", "")))
elif len(res["stdout"]) > 6:
raise scanner.ScanError("%s: %s" % (php_ini, res["stdout"].replace("\n", "")))
elif res["stdout"] != "" and res["stdout"] != "0" and res["stdout"] != "STDOUT":
failed.append("%s has display_errors on" % (php_ini))
else:
passed.append("%s does not have display_errors on" % (php_ini))
if failed:
return scanner.Result(scanner.FAIL, ", ".join(failed))
else:
return scanner.Result(scanner.PASS, ", ".join(passed))
def scan():
vm = False
vm_detect_map = [
('lspci', '.*vmware.*', ''),
('lspci', '.*virtualbox.*', 'VBoxService'),
('lscpu', '.*xen.*', ''),
('lscpu', '.*microsoft.*', ''),
]
for cmd, regex, agent_proc in vm_detect_map:
res = tools.cmd(cmd)
match = re.match(regex, res['stdout'], flags=re.IGNORECASE | re.DOTALL)
if match:
res_pidof = tools.cmd('pidof %s' % (agent_proc))
if res_pidof['exitcode'] != 0:
return scanner.Result(scanner.PASS, 'A vm agent is running')
else:
return scanner.Result(scanner.PASS, 'No vm agent is running')
return scanner.Result(scanner.NA, 'This doesn\'t appear to be a vm')
def scan():
tmp_dirs = [
'/tmp',
'/var/tmp',
]
result = scanner.Result()
for tmp_dir in tmp_dirs:
path = os.path.join(tmp_dir, 'whatswrong_tmp_tst')
try:
f = file(path, 'w')
f.write('#!/bin/sh\necho "test"')
f.close()
os.chmod(path, 0755)
res = tools.cmd(path)
if 'test' in res['stdout']:
result.add(scanner.FAIL, 'Executable files possible in: %s' % tmp_dir)
except IOError, e:
pass
if os.path.exists(path):
os.unlink(path)
def scan():
tmp_dirs = [
'/tmp',
'/var/tmp',
]
result = scanner.Result()
for tmp_dir in tmp_dirs:
path = os.path.join(tmp_dir, 'whatswrong_tmp_tst')
try:
f = file(path, 'w')
f.write('#!/bin/sh\necho "test"')
f.close()
os.chmod(path, 0755)
res = tools.cmd(path)
if 'test' in res['stdout']:
result.add(scanner.FAIL,
'Executable files possible in: %s' % tmp_dir)
except IOError, e:
pass
if os.path.exists(path):
os.unlink(path)
def scan():
res = tools.cmd("pidof ntpd")
if res["exitcode"] != 0:
return scanner.Result(scanner.FAIL, "NTPd is not running")
else:
return scanner.Result(scanner.PASS, "NTPd is running")
def scan():
res = tools.cmd('mysql -u root -h 127.0.0.1 -e "exit" ')
if 'access denied' in res['stderr'].lower():
return scanner.Result(scanner.PASS, 'The MySQL root account has a password')
return scanner.Result(scanner.FAIL, 'The MySQL root account has no password')
def scan():
res = tools.cmd('pidof ntpd')
if res['exitcode'] != 0:
return scanner.Result(scanner.FAIL, 'NTPd is not running')
else:
return scanner.Result(scanner.PASS, 'NTPd is running')
