def scan(): php_inis = [ '/etc/php5/apache2/php.ini', '/etc/php5/cli/php.ini', ] if not os.path.isdir('/etc/php5'): return scanner.Result(scanner.NA, 'PHP not found') failed = [] passed = [] for php_ini in php_inis: file(php_ini, 'r').read() # Test file read access. Throws exception if failed. code = "echo(ini_get('display_errors'));" res = tools.cmd('php -c %s -r "%s"' % (php_ini, code)) if res['stderr']: raise scanner.ScanError('%s: %s' % (php_ini, res['stderr'].replace('\n', ''))) elif len(res['stdout']) > 6: raise scanner.ScanError('%s: %s' % (php_ini, res['stdout'].replace('\n', ''))) elif res['stdout'] != '' and res['stdout'] != '0' and res[ 'stdout'] != 'STDOUT': failed.append('%s has display_errors on' % (php_ini)) else: passed.append('%s does not have display_errors on' % (php_ini)) if failed: return scanner.Result(scanner.FAIL, ', '.join(failed)) else: return scanner.Result(scanner.PASS, ', '.join(passed))
def scan(): res = tools.cmd('mysql -u root -h 127.0.0.1 -e "exit" ') if 'access denied' in res['stderr'].lower(): return scanner.Result(scanner.PASS, 'The MySQL root account has a password') return scanner.Result(scanner.FAIL, 'The MySQL root account has no password')
def scan(): php_inis = ["/etc/php5/apache2/php.ini", "/etc/php5/cli/php.ini"] if not os.path.isdir("/etc/php5"): return scanner.Result(scanner.NA, "PHP not found") failed = [] passed = [] for php_ini in php_inis: file(php_ini, "r").read() # Test file read access. Throws exception if failed. code = "echo(ini_get('display_errors'));" res = tools.cmd('php -c %s -r "%s"' % (php_ini, code)) if res["stderr"]: raise scanner.ScanError("%s: %s" % (php_ini, res["stderr"].replace("\n", ""))) elif len(res["stdout"]) > 6: raise scanner.ScanError("%s: %s" % (php_ini, res["stdout"].replace("\n", ""))) elif res["stdout"] != "" and res["stdout"] != "0" and res["stdout"] != "STDOUT": failed.append("%s has display_errors on" % (php_ini)) else: passed.append("%s does not have display_errors on" % (php_ini)) if failed: return scanner.Result(scanner.FAIL, ", ".join(failed)) else: return scanner.Result(scanner.PASS, ", ".join(passed))
def scan(): vm = False vm_detect_map = [ ('lspci', '.*vmware.*', ''), ('lspci', '.*virtualbox.*', 'VBoxService'), ('lscpu', '.*xen.*', ''), ('lscpu', '.*microsoft.*', ''), ] for cmd, regex, agent_proc in vm_detect_map: res = tools.cmd(cmd) match = re.match(regex, res['stdout'], flags=re.IGNORECASE | re.DOTALL) if match: res_pidof = tools.cmd('pidof %s' % (agent_proc)) if res_pidof['exitcode'] != 0: return scanner.Result(scanner.PASS, 'A vm agent is running') else: return scanner.Result(scanner.PASS, 'No vm agent is running') return scanner.Result(scanner.NA, 'This doesn\'t appear to be a vm')
def scan(): tmp_dirs = [ '/tmp', '/var/tmp', ] result = scanner.Result() for tmp_dir in tmp_dirs: path = os.path.join(tmp_dir, 'whatswrong_tmp_tst') try: f = file(path, 'w') f.write('#!/bin/sh\necho "test"') f.close() os.chmod(path, 0755) res = tools.cmd(path) if 'test' in res['stdout']: result.add(scanner.FAIL, 'Executable files possible in: %s' % tmp_dir) except IOError, e: pass if os.path.exists(path): os.unlink(path)
def scan(): tmp_dirs = [ '/tmp', '/var/tmp', ] result = scanner.Result() for tmp_dir in tmp_dirs: path = os.path.join(tmp_dir, 'whatswrong_tmp_tst') try: f = file(path, 'w') f.write('#!/bin/sh\necho "test"') f.close() os.chmod(path, 0755) res = tools.cmd(path) if 'test' in res['stdout']: result.add(scanner.FAIL, 'Executable files possible in: %s' % tmp_dir) except IOError, e: pass if os.path.exists(path): os.unlink(path)
def scan(): res = tools.cmd("pidof ntpd") if res["exitcode"] != 0: return scanner.Result(scanner.FAIL, "NTPd is not running") else: return scanner.Result(scanner.PASS, "NTPd is running")
def scan(): res = tools.cmd('mysql -u root -h 127.0.0.1 -e "exit" ') if 'access denied' in res['stderr'].lower(): return scanner.Result(scanner.PASS, 'The MySQL root account has a password') return scanner.Result(scanner.FAIL, 'The MySQL root account has no password')
def scan(): res = tools.cmd('pidof ntpd') if res['exitcode'] != 0: return scanner.Result(scanner.FAIL, 'NTPd is not running') else: return scanner.Result(scanner.PASS, 'NTPd is running')