def check_key_executable(self, key):
"""
Log the values of the launch agent/daemon keys in self.check_keys_hash
"""
value = get_plist_key(self.plist_file, key)
if value:
try:
if type(value) in [str, unicode]:
# This should only get triggered by the Program key
self.data[key.lower()] = str(to_ascii(value))
self.data["%s_hash" % key.lower()] = hash_file(
str(to_ascii(value))
)
elif type(value) in [list]:
# This should only get triggered by the
# ProgramArguments key
self.data[key.lower()] = encode(" ".join(value))
self.data["%s_hash" % key.lower()] = hash_file(
str(value[0])
)
except IOError:
self.data["%s_hash" % key.lower()] = "File DNE"
else:
self.data[key.lower()] = "KEY DNE"
self.data["%s_hash" % key.lower()] = "KEY DNE"
def check_firewall_processes(self):
"""
Checks the firewalled processes in the system firewall
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
processes = get_plist_key(alf, "firewall")
if processes:
for key, value in processes.iteritems():
try:
name = key
state = str(value['state'])
process = value['proc']
try:
servicebundleid = value['servicebundleid']
except KeyError:
servicebundleid = "KEY DNE"
self.data.append({
"name": name,
"date": exec_date,
"state": state,
"process": process,
"servicebundleid": servicebundleid
})
except KeyError:
pass
except Exception:
pass
def check_firewall_processes(self):
"""
Checks the firewalled processes in the system firewall
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
processes = get_plist_key(alf, "firewall")
if processes:
for key, value in processes.iteritems():
try:
name = key
state = str(value['state'])
process = value['proc']
try:
servicebundleid = value['servicebundleid']
except KeyError:
servicebundleid = "KEY DNE"
self.data.append({
"name": name,
"date": exec_date,
"state": state,
"process": process,
"servicebundleid": servicebundleid
})
except KeyError:
pass
except Exception:
pass
def check_key(self, key):
"""
Log the values of the launch agent/daemon keys in self.check_keys
"""
value = get_plist_key(self.plist_file, key)
if value:
self.data[key.lower()] = str(to_ascii(value))
else:
self.data[key.lower()] = "KEY DNE"
def check_key(self, key):
"""
Log the values of the launch agent/daemon keys in self.check_keys
"""
value = get_plist_key(self.plist_file, key)
if value:
self.data[key.lower()] = str(to_ascii(value))
else:
self.data[key.lower()] = "KEY DNE"
def check_firewall_keys(self):
"""
Checks the top level keys of com.apple.alf.plist
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
for i in Config.get("firewall_keys"):
key = str(get_plist_key(alf, i))
if key:
self.data.append({
"name": i,
"date": exec_date,
"value": key
})
def check_firewall_keys(self):
"""
Checks the top level keys of com.apple.alf.plist
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
for i in Config.get("firewall_keys"):
key = str(get_plist_key(alf, i))
if key:
self.data.append({
"name": i,
"date": exec_date,
"value": key
})
def check_firewall_explicitauths(self):
"""
Checks the systems firewall explicitauths
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
explicitauths = get_plist_key(alf, "explicitauths")
if explicitauths:
for i in explicitauths:
try:
self.data.append({"name": i['id'], "date": exec_date})
except OSError:
pass
except Exception:
pass
def check_firewall_explicitauths(self):
"""
Checks the systems firewall explicitauths
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
explicitauths = get_plist_key(alf, "explicitauths")
if explicitauths:
for i in explicitauths:
try:
self.data.append({"name": i['id'], "date": exec_date})
except OSError:
pass
except Exception:
pass
def check_firewall_applications(self):
"""
Checks firewalled application state in the systems firewall
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
applications = get_plist_key(alf, "applications")
if applications:
for i in applications:
try:
name = i['bundleid']
state = str(i['state'])
except KeyError:
continue
except Exception:
continue
self.data.append({
"name": name,
"date": exec_date,
"state": state
})
def check_firewall_applications(self):
"""
Checks firewalled application state in the systems firewall
"""
alf = read_plist('/Library/Preferences/com.apple.alf.plist')
if alf:
applications = get_plist_key(alf, "applications")
if applications:
for i in applications:
try:
name = i['bundleid']
state = str(i['state'])
except KeyError:
continue
except Exception:
continue
self.data.append({
"name": name,
"date": exec_date,
"state": state
})
def check_key_executable(self, key):
"""
Log the values of the launch agent/daemon keys in self.check_keys_hash
"""
key = key.lower()
key_hash = "%s_hash" % (key.lower(), )
value = get_plist_key(self.plist_file, key)
if value:
try:
if isinstance(value, basestring):
# This should only get triggered by the Program key
self.data[key] = str(to_ascii(value))
self.data[key_hash] = hash_file(str(to_ascii(value)))
elif isinstance(value, (list, tuple)):
# This should only get triggered by the
# ProgramArguments key
self.data[key] = encode(" ".join(value))
self.data[key_hash] = hash_file(str(value[0]))
except IOError:
self.data[key_hash] = "File DNE"
else:
self.data[key] = "KEY DNE"
self.data[key_hash] = "KEY DNE"
def check_key_executable(self, key):
"""
Log the values of the launch agent/daemon keys in self.check_keys_hash
"""
key = key.lower()
key_hash = "%s_hash" % (key.lower(), )
value = get_plist_key(self.plist_file, key)
if value:
try:
if isinstance(value, basestring):
# This should only get triggered by the Program key
self.data[key] = str(to_ascii(value))
self.data[key_hash] = hash_file(str(to_ascii(value)))
elif isinstance(value, (list, tuple)):
# This should only get triggered by the
# ProgramArguments key
self.data[key] = encode(" ".join(value))
self.data[key_hash] = hash_file(str(value[0]))
except IOError:
self.data[key_hash] = "File DNE"
else:
self.data[key] = "KEY DNE"
self.data[key_hash] = "KEY DNE"
