=========================================================== .___ __ __ _________________ __ __ __| _/|__|/ |_ / ___\_` __ \__ \ | | \/ __ | | \\_ __\ / /_/ > | \// __ \| | / /_/ | | || | \___ /|__| (____ /____/\____ | |__||__| /_____/ \/ \/ grep rough audit - static analysis tool v2.8 written by @Wireghoul =================================[justanotherhacker.com]=== yasat-848/plugins/binaries.test-105- do yasat-848/plugins/binaries.test:106: RIGHT_ACTUAL="`stat $STAT_FULL_RIGHT $BIN_TO_TEST`" yasat-848/plugins/binaries.test-107- OSTOTEST="${OS}" ############################################## yasat-848/plugins/binaries.test-113- fi yasat-848/plugins/binaries.test:114: BIN_TO_TEST2="`echo $BIN_TO_TEST | sed 's/lib64\//lib\//'`" yasat-848/plugins/binaries.test:115: RESULTAT=`grep -v '^#' $PLUGINS_REP/binaries.data | grep "$OSTOTEST" | grep "${BIN_TO_TEST2}|"` yasat-848/plugins/binaries.test-116- if [ -z "$RESULTAT" -a "$LINUX_VERSION" = 'CentOS' ] ;then yasat-848/plugins/binaries.test:117: RESULTAT=`grep -v '^#' $PLUGINS_REP/binaries.data | grep "Red Hat" | grep "${BIN_TO_TEST2}|"` yasat-848/plugins/binaries.test-118- fi ############################################## yasat-848/plugins/binaries.test-121- else yasat-848/plugins/binaries.test:122: GOOD_RIGHT=`echo $RESULTAT | cut -d\| -f2` yasat-848/plugins/binaries.test-123- if [ "$RIGHT_ACTUAL" = "$GOOD_RIGHT" ] ;then ############################################## yasat-848/plugins/binaries.test-129- #TODO On Debian Lenny at is daemon:daemon yasat-848/plugins/binaries.test:130: BINARY_FS_OWNER="`stat $STAT_USER $BIN_TO_TEST`" yasat-848/plugins/binaries.test:131: WANT_USER=`echo $RESULTAT | cut -d\| -f4` yasat-848/plugins/binaries.test-132- if [ -z "$WANT_USER" ];then ############################################## yasat-848/plugins/binaries.test-138-#MD5 for common archs (obsolete, aide/tripwire do that better than me) yasat-848/plugins/binaries.test:139:# GOOD_MD5=`echo $RESULTAT | cut -d\| -f4` yasat-848/plugins/binaries.test-140-# if [ ! -z "$GOOD_MD5" ] yasat-848/plugins/binaries.test-141-# then yasat-848/plugins/binaries.test:142:# MD5_ACTUAL="`md5sum $BIN_TO_TEST | cut -d\ -f1`" yasat-848/plugins/binaries.test-143-# if [ "$MD5_ACTUAL" != "$GOOD_MD5" ] ############################################## yasat-848/plugins/binaries.test-151- #TODO some set-uid are not necessary like mount, netstat, ifconfig, traceroute, route and ping (and equivalent for ipv6 ping6 etc..) yasat-848/plugins/binaries.test:152: if [ ! -z "`grep $BIN_TO_TEST ${PLUGINS_REP}/binaries.suid`" ] ; then yasat-848/plugins/binaries.test-153- Display --indent 4 --text "You can remove PERHAPS setuid from $BIN_TO_TEST" --result WARNING --color BLUE --advice BINARIES_REMOVE_SETUID ############################################## yasat-848/plugins/binaries.test-161- if [ $HAVE_POSIX_CAPS_TOOLS -ge 1 ] ;then yasat-848/plugins/binaries.test:162: BIN_TO_TEST_NAME="`basename $BIN_TO_TEST`" yasat-848/plugins/binaries.test:163: POSIX_CAPS="`grep ^${BIN_TO_TEST_NAME}= ${PLUGINS_REP}/binaries.caps`" yasat-848/plugins/binaries.test-164- if [ $HAVE_POSIX_CAPS_TOOLS -eq 1 ] ;then yasat-848/plugins/binaries.test:165: ACTUAL_CAPS="`getcap $BIN_TO_TEST | sed 's/.*= //'`" yasat-848/plugins/binaries.test-166- else yasat-848/plugins/binaries.test:167: ACTUAL_CAPS="`filecap $BIN_TO_TEST | grep ^$BIN_TO_TEST | sed 's/.*[[:space:]]//g'`" yasat-848/plugins/binaries.test-168- fi ############################################## yasat-848/plugins/xinetd.test-74- do yasat-848/plugins/xinetd.test:75: RESULTAT=`grep "^${INETD_SERVICE}|" $PLUGINS_REP/xinetd.data` yasat-848/plugins/xinetd.test-76- if [ -z "$RESULTAT" ] ############################################## yasat-848/plugins/xinetd.test-79- else yasat-848/plugins/xinetd.test:80: INETD_OPT_SERVICES_TEST="`echo "$RESULTAT" | cut -f2 -d\|`" yasat-848/plugins/xinetd.test:81: INETD_OPT_SERVICES_ADVICE="`echo "$RESULTAT" | cut -f3 -d\|`" yasat-848/plugins/xinetd.test-82- case $INETD_OPT_SERVICES_TEST in ############################################## yasat-848/plugins/xinetd.test-126- do yasat-848/plugins/xinetd.test:127: RESULTAT=`grep "^${XINETD_SERVICE}|" $PLUGINS_REP/xinetd.data` yasat-848/plugins/xinetd.test-128- if [ -z "$RESULTAT" ] ############################################## yasat-848/plugins/xinetd.test-136- do yasat-848/plugins/xinetd.test:137: if [ ! -z "`echo $XINETD_SERVICE_LINE | grep -i '^[[:space:]]*service'`" ] yasat-848/plugins/xinetd.test-138- then yasat-848/plugins/xinetd.test:139: NAME_OF_SERVICE=`echo "$XINETD_SERVICE_LINE" | sed 's/^[[:space:]]*service[[:space:]]*//g'` yasat-848/plugins/xinetd.test-140- Display --indent 6 --text "Service $NAME_OF_SERVICE" --result FOUND --color BLUE yasat-848/plugins/xinetd.test-141- fi yasat-848/plugins/xinetd.test:142: if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep 'log_on_failure'`" ] yasat-848/plugins/xinetd.test-143- then ############################################## yasat-848/plugins/xinetd.test-146- fi yasat-848/plugins/xinetd.test:147: if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep 'only_from'`" ] yasat-848/plugins/xinetd.test-148- then ############################################## yasat-848/plugins/xinetd.test-151- fi yasat-848/plugins/xinetd.test:152: if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep 'log_type'`" ] yasat-848/plugins/xinetd.test-153- then ############################################## yasat-848/plugins/xinetd.test-156- fi yasat-848/plugins/xinetd.test:157: if [ ! -z "`echo "$XINETD_SERVICE_LINE" |grep '}'`" ] yasat-848/plugins/xinetd.test-158- then ############################################## yasat-848/plugins/xinetd.test-178- else yasat-848/plugins/xinetd.test:179: XINETD_OPT_SERVICES_TEST="`echo "$RESULTAT" | cut -f2 -d\|`" yasat-848/plugins/xinetd.test:180: XINETD_OPT_SERVICES_ADVICE="`echo "$RESULTAT" | cut -f3 -d\|`" yasat-848/plugins/xinetd.test-181- case $XINETD_OPT_SERVICES_TEST in ############################################## yasat-848/plugins/tomcat.test-47- yasat-848/plugins/tomcat.test:48:if [ "`cat $TMP_RESULT | wc -l`" -eq 0 ] ;then yasat-848/plugins/tomcat.test-49- Display --indent 2 --text "No tomcat found" --result NOTFOUND --color GREEN ############################################## yasat-848/plugins/tomcat.test-55-do yasat-848/plugins/tomcat.test:56: REP_WEBAPPS="`echo $line | sed 's/conf.*/webapps/g'`" yasat-848/plugins/tomcat.test:57: BASE_TOMCAT="`echo $line | sed 's/conf.*//g' | sed 's/\/$//g'`" yasat-848/plugins/tomcat.test-58- SERVERXML="$line/server.xml" yasat-848/plugins/tomcat.test-59- PASSFILE="$line/tomcat-users.xml" yasat-848/plugins/tomcat.test:60: TOMCAT_VERSION="`echo $BASE_TOMCAT | sed 's/^.*tomcat-//g'`" yasat-848/plugins/tomcat.test:61: TOMCAT_MAJOR_VERSION="`echo $TOMCAT_VERSION | sed 's/\.[0-9]*$//g' | grep '^[0-9][0-9.]*'`" yasat-848/plugins/tomcat.test:62: TOMCAT_MINOR_VERSION="`echo $TOMCAT_VERSION | sed 's/^.*\.//g' | grep '^[0-9][0-9]*'`" yasat-848/plugins/tomcat.test:63: if [ -z "`echo $TOMCAT_MAJOR_VERSION |grep '[0-9.]*'`" -o -z "`echo $TOMCAT_MINOR_VERSION |grep '[0-9.]*'`" ] yasat-848/plugins/tomcat.test-64- then ############################################## yasat-848/plugins/tomcat.test-76- do yasat-848/plugins/tomcat.test:77: if [ ! -z "`echo $webapp_line | grep -iE 'balancer|manager|webdav|jsp-examples|servlets-examples|tomcat-docs'`" ] yasat-848/plugins/tomcat.test-78- then ############################################## yasat-848/plugins/tomcat.test-93-# echo " Check $passline" yasat-848/plugins/tomcat.test:94: PASSNAME="`echo $passline | sed 's/^.*name="//g' | sed 's/\".*//g'`" yasat-848/plugins/tomcat.test:95: PASSWORD="`echo $passline | sed 's/^.*password="//g' | sed 's/\".*//g'`" yasat-848/plugins/tomcat.test-96-# echo " NAME=$PASSNAME $PASSWORD" yasat-848/plugins/tomcat.test-97- #known password jonas tomcat admin yasat-848/plugins/tomcat.test:98: if [ ! -z "`echo $PASSWORD | grep -iE 'tomcat|admin|jonas'`" ] yasat-848/plugins/tomcat.test-99- then ############################################## yasat-848/plugins/classique.test-85- else yasat-848/plugins/classique.test:86: NBLINE="`echo $RESULTAT |wc -l`" yasat-848/plugins/classique.test-87- fi ############################################## yasat-848/plugins/classique.test-95- else yasat-848/plugins/classique.test:96: COREVALUE="`cat ${TMP_RESULT} | cut -d\ -f4`" yasat-848/plugins/classique.test-97- if [ $COREVALUE = '0' ] ;then ############################################## yasat-848/plugins/classique.test-126- TESTNAME='YASAT_TEST_CLASSIQUE_COREDUMP_SUID2 NSAG=2.2.4.2.1 Check f coredump for suid is disabled via sysctl' yasat-848/plugins/classique.test:127: SUID_DUMP="`sysctl fs.suid_dumpable 2>> $ERROR_OUTPUT_FILE | sed 's/^.*=[[:space:]]*//'`" yasat-848/plugins/classique.test-128- if [ -z "$SUID_DUMP" ] ; then ############################################## yasat-848/plugins/classique.test-175-do yasat-848/plugins/classique.test:176: if [ ! -z "`echo $directory | grep -viE '^/usr/local/sbin$|^/usr/local/bin$|^/bin$|^/sbin/*$|^/usr/bin/*$|^/usr/sbin/*|/usr/x86_64-pc-linux-gnu/gcc-bin/.*'`" ] ;then yasat-848/plugins/classique.test-177- Display --indent 2 --text "PATH $directory" --result UNKNOWN --color ORANGE --advice PATH_UNKNOWN ############################################## yasat-848/plugins/classique.test-254-find / -nouser 2> /dev/null > $TMP_RESULT yasat-848/plugins/classique.test:255:RESULTAT=`cat $TMP_RESULT | wc -l` yasat-848/plugins/classique.test-256-if [ $RESULTAT -eq 0 ] ;then ############################################## yasat-848/plugins/classique.test-264- do yasat-848/plugins/classique.test:265: Display --indent 4 --text "$line" --result "`stat $STAT_USER $line`" --color RED yasat-848/plugins/classique.test-266- done < $TMP_RESULT ############################################## yasat-848/plugins/classique.test-275-find / -nogroup 2> /dev/null > $TMP_RESULT yasat-848/plugins/classique.test:276:RESULTAT=`cat $TMP_RESULT | wc -l` yasat-848/plugins/classique.test-277-if [ $RESULTAT -eq 0 ] ;then ############################################## yasat-848/plugins/classique.test-285- do yasat-848/plugins/classique.test:286: Display --indent 4 --text "$line" --result "`stat $STAT_GROUP $line`" --color RED yasat-848/plugins/classique.test-287- done < $TMP_RESULT ############################################## yasat-848/plugins/classique.test-296- yasat-848/plugins/classique.test:297:RESULTAT=`cat $TMP_RESULT | wc -l` yasat-848/plugins/classique.test-298-if [ $RESULTAT -eq 0 ] ############################################## yasat-848/plugins/classique.test-307- do yasat-848/plugins/classique.test:308: Display --indent 4 --text "$line" --result "`stat $STAT_RIGHT $line`" --color RED yasat-848/plugins/classique.test-309- done ############################################## yasat-848/plugins/apache_modules.test-28- if [ -x "$SCAN_ROOT/${LOCATION}" ] ;then yasat-848/plugins/apache_modules.test:29: APACHE_BIN="`echo $SCAN_ROOT/${LOCATION} | sed 's,//*,/,g'`" yasat-848/plugins/apache_modules.test-30- fi ############################################## yasat-848/plugins/apache_modules.test-56-#if [ -l $APACHE_BIN ] ; then yasat-848/plugins/apache_modules.test:57:# TMP="`readlink $APACHE_BIN`" yasat-848/plugins/apache_modules.test:58:# if [ -z "`echo $TMP | grep '\.\.'`" ] ; then yasat-848/plugins/apache_modules.test-59-# APACHE_BIN="$TMP" yasat-848/plugins/apache_modules.test-60-# else yasat-848/plugins/apache_modules.test:61:# APACHE_BIN="`basename ${APACHE_BIN}/$TMP`" yasat-848/plugins/apache_modules.test-62-# fi ############################################## yasat-848/plugins/apache_modules.test-130- $APACHE_BIN -l 2>> $ERROR_OUTPUT_FILE > $TMP_RESULT yasat-848/plugins/apache_modules.test:131: if [ -z "`grep -vE '^Compiled|[[:space:]]core.c|worker.c|http_core.c|mod_so.c' $TMP_RESULT`" ] ; then yasat-848/plugins/apache_modules.test-132- Display --indent 2 --text "builtin modules" --result OK --color GREEN ############################################## yasat-848/plugins/apache_modules.test-142-if [ -e "${PLUGINS_REP}/apache_modules.data" ] ; then yasat-848/plugins/apache_modules.test:143: for MODULE in `$APACHE_BIN -M 2>&1 |grep _module | cut -d\ -f2` yasat-848/plugins/apache_modules.test-144- do yasat-848/plugins/apache_modules.test:145: if [ ! -z "`grep -v '^#' ${PLUGINS_REP}/apache_modules.data | grep ^$MODULE`" ] ; then yasat-848/plugins/apache_modules.test-146- Display --indent 2 --text "Module $MODULE necessary ?" --result WARNING --color ORANGE --advice APACHE_MODULE_DISABLE_UNNECESSARY_MODULES ############################################## yasat-848/plugins/apache_modules.test-158- yasat-848/plugins/apache_modules.test:159:APACHEMPM=`$APACHE_BIN -M 2>&1 |grep _module |grep mpm_ | cut -d\ -f2 | cut -d\_ -f2` yasat-848/plugins/apache_modules.test-160-Display --indent 2 --text "MPM " --result "${APACHEMPM}" --color BLUE yasat-848/plugins/apache_modules.test-161- yasat-848/plugins/apache_modules.test:162:#for basefile in `find $APACHE_CONF_REP ! -type d | grep .conf` yasat-848/plugins/apache_modules.test-163-#do ############################################## yasat-848/plugins/apache_modules.test-167- do yasat-848/plugins/apache_modules.test:168: if [ ! -z "`echo $line | grep -i "<IfModule mpm_${APACHEMPM}_module"`" ] ;then yasat-848/plugins/apache_modules.test-169- Display --indent 2 --text "Find $APACHEMPM options" --result FOUND --color GREEN ############################################## yasat-848/plugins/apache_modules.test-171- fi yasat-848/plugins/apache_modules.test:172: if [ ! -z "`echo $line | grep -i '</IfModule>'`" ] ;then yasat-848/plugins/apache_modules.test-173- MPMFOUND=0 ############################################## yasat-848/plugins/apache_modules.test-175- if [ $MPMFOUND -eq 1 ] ;then yasat-848/plugins/apache_modules.test:176: if [ ! -z "`echo $line | grep -i '^[[:space:]]*MaxClients'`" ] ;then yasat-848/plugins/apache_modules.test:177: VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` yasat-848/plugins/apache_modules.test-178- Display --indent 4 --text "MaxClients " --result "$VALUE" --color BLUE yasat-848/plugins/apache_modules.test-179- fi yasat-848/plugins/apache_modules.test:180: if [ ! -z "`echo $line | grep -i '^[[:space:]]*StartServers'`" ] ;then yasat-848/plugins/apache_modules.test:181: VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` yasat-848/plugins/apache_modules.test-182- Display --indent 4 --text "StartServers " --result "$VALUE" --color BLUE yasat-848/plugins/apache_modules.test-183- fi yasat-848/plugins/apache_modules.test:184: if [ ! -z "`echo $line | grep -i '^[[:space:]]*MinSpareServers'`" ] ;then yasat-848/plugins/apache_modules.test:185: VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` yasat-848/plugins/apache_modules.test-186- Display --indent 4 --text "MinSpareServers " --result "$VALUE" --color BLUE yasat-848/plugins/apache_modules.test-187- fi yasat-848/plugins/apache_modules.test:188: if [ ! -z "`echo $line | grep -i '^[[:space:]]*MaxSpareServers'`" ] ;then yasat-848/plugins/apache_modules.test:189: VALUE=`echo $line | sed 's/^[[:space:]]*//g' | cut -d\ -f2` yasat-848/plugins/apache_modules.test-190- Display --indent 4 --text "MaxSpareServers " --result "$VALUE" --color BLUE ############################################## yasat-848/plugins/cups.test-32- yasat-848/plugins/cups.test:33:CUPS_CONF="`dirname $CUPS_CONF`/cupsd.conf" yasat-848/plugins/cups.test-34- ############################################## yasat-848/plugins/cups.test-59-do yasat-848/plugins/cups.test:60: LISTENHOST="`echo $listen | cut -d\: -f1`" yasat-848/plugins/cups.test-61- if [ "${LISTENHOST}" = '127.0.0.1' -o "${LISTENHOST}" = 'localhost' -o "${LISTENHOST}" = '::1' ] ;then ############################################## yasat-848/plugins/nfs.test-50-do yasat-848/plugins/nfs.test:51: EXPORTED_DIR="`echo $line | cut -d\ -f1`" yasat-848/plugins/nfs.test:52: OPTIONS="`echo $line | cut -d\( -f2 | cut -d\) -f1 | sed 's/,/ /g'`" yasat-848/plugins/nfs.test-53- Display --indent 4 --text "$EXPORTED_DIR" --result FOUND --color BLUE ############################################## yasat-848/plugins/nfs.test-55- do yasat-848/plugins/nfs.test:56: option_test="`grep ^${option} ${PLUGINS_REP}/nfs.data`" yasat-848/plugins/nfs.test-57- if [ -z "$option_test" ] ; then ############################################## yasat-848/plugins/nfs.test-59- else yasat-848/plugins/nfs.test:60: advice="`echo $option_test | cut -d\, -f2`" yasat-848/plugins/nfs.test-61- if [ -z "$advice" ] ; then ############################################## yasat-848/plugins/nfs.test-99- do yasat-848/plugins/nfs.test:100: IMPORTED_DIR="`echo $line | cut -d\ -f1 | cut -d\: -f2`" yasat-848/plugins/nfs.test:101: OPTIONS="`echo $line | sed 's/[[:space:]][[:space:]]*/ /g' | cut -d\ -f4 | sed 's/,/ /g'`" yasat-848/plugins/nfs.test-102- FOUND_INTR='no' ############################################## yasat-848/plugins/nfs.test-105- do yasat-848/plugins/nfs.test:106: option_test="`grep ^${option} ${PLUGINS_REP}/nfs.data`" yasat-848/plugins/nfs.test-107- if [ -z "$option_test" ] ; then ############################################## yasat-848/plugins/nfs.test-109- else yasat-848/plugins/nfs.test:110: advice="`echo $option_test | cut -d\, -f2`" yasat-848/plugins/nfs.test-111- if [ -z "$advice" ] ; then ############################################## yasat-848/plugins/packages.test-239- do yasat-848/plugins/packages.test:240: if [ ! -z "`echo $LISTE_PKG_INSTALLED | grep ^${line}`" ] yasat-848/plugins/packages.test-241- then ############################################## yasat-848/plugins/packages.test-316- do yasat-848/plugins/packages.test:317: if [ ! -z "`echo $LISTE_PKG_INSTALLED | grep -i [[:space:]]${line}`" ] yasat-848/plugins/packages.test-318- then ############################################## yasat-848/plugins/logging.test-32-do yasat-848/plugins/logging.test:33: RESULTAT="`ps aux |grep -i [^[:alpha:]]$LOGGER_TO_TEST |grep -v grep |grep -v supervising`" yasat-848/plugins/logging.test-34- if [ ! -z "$RESULTAT" ] ############################################## yasat-848/plugins/logging.test-65-# echo $line yasat-848/plugins/logging.test:66:# RULENAME="`echo $line | cut -d\ -f2`" yasat-848/plugins/logging.test:67:# REMOTEHOST="`echo $line | cut -d\ -f4`" yasat-848/plugins/logging.test-68- done < $TMP_RESULT ############################################## yasat-848/plugins/logging.test-92-# echo $line yasat-848/plugins/logging.test:93:# RULENAME="`echo $line | cut -d\ -f2`" yasat-848/plugins/logging.test:94:# REMOTEHOST="`echo $line | cut -d\ -f4`" yasat-848/plugins/logging.test-95- done < $TMP_RESULT ############################################## yasat-848/plugins/logging.test-118-# echo $line yasat-848/plugins/logging.test:119:# RULENAME="`echo $line | cut -d\ -f2`" yasat-848/plugins/logging.test:120:# REMOTEHOST="`echo $line | cut -d\ -f4`" yasat-848/plugins/logging.test-121- done < $TMP_RESULT ############################################## yasat-848/plugins/apache_vhosts.test-89- if [ -x "$SCAN_ROOT/${APABIN_LOCATION}" ] ;then yasat-848/plugins/apache_vhosts.test:90: APACHE_BIN="`echo $SCAN_ROOT/${APABIN_LOCATION} | sed 's,//*,/,g'`" yasat-848/plugins/apache_vhosts.test-91- fi ############################################## yasat-848/plugins/apache_vhosts.test-144-do yasat-848/plugins/apache_vhosts.test:145: KEYWORD="`echo $line | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-146-# echo "Check $KEYWORD" yasat-848/plugins/apache_vhosts.test:147:# BASIC_CONF_MATCH=`grep ^${KEYWORD}\| ${PLUGINS_REP}/apache_conf.data` yasat-848/plugins/apache_vhosts.test:148: if [ ! -z "`echo $KEYWORD |grep -i 'LoadModule'`" ];then yasat-848/plugins/apache_vhosts.test-149- #check if this module is our list yasat-848/plugins/apache_vhosts.test:150: MODULE_NAME="`echo $line | sed 's,[[:space:]][[:space:]]*, ,g' | cut -d\ -f2`" yasat-848/plugins/apache_vhosts.test-151-# echo " check module $MODULE_NAME" yasat-848/plugins/apache_vhosts.test:152: if [ ! -z "`grep $MODULE_NAME ${PLUGINS_REP}/apache_modules.data`" ];then yasat-848/plugins/apache_vhosts.test-153- Display --indent 2 --text "Module $MODULE_NAME necessary ?" --result WARNING --color ORANGE --advice APACHE_MODULE_DISABLE_UNNECESSARY_MODULES ############################################## yasat-848/plugins/apache_vhosts.test-159-################################################################################ yasat-848/plugins/apache_vhosts.test:160: elif [ ! -z "`echo $KEYWORD |grep -i 'SSLCertificateFile'`" ];then yasat-848/plugins/apache_vhosts.test:161: key="`echo $line | cut -d\ -f2-`" yasat-848/plugins/apache_vhosts.test-162- check_certificate $key 2 'apache' ############################################## yasat-848/plugins/apache_vhosts.test-165-################################################################################ yasat-848/plugins/apache_vhosts.test:166: elif [ ! -z "`echo $KEYWORD |grep -i 'SSLCertificateKeyFile'`" ];then yasat-848/plugins/apache_vhosts.test:167: key="`echo $line | cut -d\ -f2-`" yasat-848/plugins/apache_vhosts.test-168- check_private_key $key 2 'apache' ############################################## yasat-848/plugins/apache_vhosts.test-174-#http://lwn.net/Articles/441551/ yasat-848/plugins/apache_vhosts.test:175: elif [ ! -z "`echo $KEYWORD |grep -i 'SSLCipherSuite'`" ];then yasat-848/plugins/apache_vhosts.test:176: RESULTAT="`echo $line | cut -d\ -f2-`" yasat-848/plugins/apache_vhosts.test-177- for ciphers in $RESULTAT ############################################## yasat-848/plugins/apache_vhosts.test-184-################################################################################ yasat-848/plugins/apache_vhosts.test:185: elif [ ! -z "`echo $KEYWORD |grep -i 'SSLProtocol'`" ];then yasat-848/plugins/apache_vhosts.test:186: SSL_PROTOCOL_LIST="`echo $line | cut -d\ -f2-`" yasat-848/plugins/apache_vhosts.test-187- check_ssl_protocol_openssl 2 "$SSL_PROTOCOL_LIST" ############################################## yasat-848/plugins/apache_vhosts.test-191-################################################################################ yasat-848/plugins/apache_vhosts.test:192: elif [ ! -z "`echo $KEYWORD |grep -i 'SSLEngine'`" ];then yasat-848/plugins/apache_vhosts.test-193- Display --indent 2 --text "SSLEngine enabled " --result FOUND --color GREEN ############################################## yasat-848/plugins/apache_vhosts.test-198-# echo " We got something $BASIC_CONF_MATCH" yasat-848/plugins/apache_vhosts.test:199: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*<Proxy'`" ] ; then yasat-848/plugins/apache_vhosts.test-200- get_path_from_apache_directives "$line" ############################################## yasat-848/plugins/apache_vhosts.test-202- echo " Found Proxy $CONF_PROXY" yasat-848/plugins/apache_vhosts.test:203: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*<Directory'`" ] ; then yasat-848/plugins/apache_vhosts.test-204- get_path_from_apache_directives "$line" ############################################## yasat-848/plugins/apache_vhosts.test-207- echo " Found Directory $DIRECTORY" yasat-848/plugins/apache_vhosts.test:208: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*<Location'`" ] ; then yasat-848/plugins/apache_vhosts.test-209- get_path_from_apache_directives "$line" ############################################## yasat-848/plugins/apache_vhosts.test-211- echo " Found Location $LOCATION" yasat-848/plugins/apache_vhosts.test:212: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*<VirtualHost'`" ] ; then yasat-848/plugins/apache_vhosts.test-213- get_path_from_apache_directives "$line" ############################################## yasat-848/plugins/apache_vhosts.test-216- echo "VHOST=$VIRTUALHOST" >> $OUTPUT_RESULT yasat-848/plugins/apache_vhosts.test:217: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*</Directory'`" ] ; then yasat-848/plugins/apache_vhosts.test-218- ##### /Directory ======================= ############################################## yasat-848/plugins/apache_vhosts.test-270- OPTION_CGI=0 yasat-848/plugins/apache_vhosts.test:271: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*</Location'`" ] ; then yasat-848/plugins/apache_vhosts.test-272- ##### /Location ======================= ############################################## yasat-848/plugins/apache_vhosts.test-328- OPTION_CGI=0 yasat-848/plugins/apache_vhosts.test:329: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*</VirtualHost'`" ] ; then yasat-848/plugins/apache_vhosts.test-330- ##### /Virtualhost ======================= ############################################## yasat-848/plugins/apache_vhosts.test-356- SSLEngine=0 yasat-848/plugins/apache_vhosts.test:357: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*ServerName'`" ];then yasat-848/plugins/apache_vhosts.test-358- ##### ServerName =========================================== yasat-848/plugins/apache_vhosts.test:359: VHOST_SERVER_NAME="`echo $line | sed 's/^[[:space:]]*[a-zA-Z0-9][a-zA-Z0-9]*[[:space:]]*//g' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-360- Display --indent 4 --text "$VIRTUALHOST has ServerName $VHOST_SERVER_NAME" --result FOUND --color GREEN yasat-848/plugins/apache_vhosts.test-361- echo "SERVERNAME=$VHOST_SERVER_NAME" >> $OUTPUT_RESULT yasat-848/plugins/apache_vhosts.test:362: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*</Proxy'`" ] ;then yasat-848/plugins/apache_vhosts.test-363- ##### /Proxy ======================= ############################################## yasat-848/plugins/apache_vhosts.test-392- AUTH_FILE='' yasat-848/plugins/apache_vhosts.test:393: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*configLog'`" ];then yasat-848/plugins/apache_vhosts.test-394- ##### Logs ======================= yasat-848/plugins/apache_vhosts.test:395: ACCESSLOG=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]//g' | cut -d\ -f1` yasat-848/plugins/apache_vhosts.test:396: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*CustomLog'`" ];then yasat-848/plugins/apache_vhosts.test:397: ACCESSLOG=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1` yasat-848/plugins/apache_vhosts.test-398- yasat-848/plugins/apache_vhosts.test:399: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*ErrorLog'`" ];then yasat-848/plugins/apache_vhosts.test:400: ERRORLOG=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1` yasat-848/plugins/apache_vhosts.test-401- yasat-848/plugins/apache_vhosts.test:402: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*order'`" ] ;then yasat-848/plugins/apache_vhosts.test-403- ##### /Order ====================================== ############################################## yasat-848/plugins/apache_vhosts.test-406- ORDER=1 yasat-848/plugins/apache_vhosts.test:407: if [ ! -z "`echo $line | grep -i '^[[:space:]]*order deny,allow'`" ] yasat-848/plugins/apache_vhosts.test-408- then ############################################## yasat-848/plugins/apache_vhosts.test-411- yasat-848/plugins/apache_vhosts.test:412: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*deny from all'`" ];then yasat-848/plugins/apache_vhosts.test-413- DENY_FROM_ALL=1 yasat-848/plugins/apache_vhosts.test-414- yasat-848/plugins/apache_vhosts.test:415: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*require valid-user'`" ];then yasat-848/plugins/apache_vhosts.test-416- REQUIRE_VALID_USER=1 yasat-848/plugins/apache_vhosts.test-417- yasat-848/plugins/apache_vhosts.test:418: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*require group'`" ];then yasat-848/plugins/apache_vhosts.test-419- REQUIRE_VALID_USER=1 yasat-848/plugins/apache_vhosts.test-420- yasat-848/plugins/apache_vhosts.test:421: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*require user'`" ];then yasat-848/plugins/apache_vhosts.test-422- REQUIRE_VALID_USER=1 ############################################## yasat-848/plugins/apache_vhosts.test-426- ##### docroot =========================================== yasat-848/plugins/apache_vhosts.test:427: elif [ ! -z "`echo $line | grep -i '^[[:space:]]*documentroot'`" ] ; then yasat-848/plugins/apache_vhosts.test:428: DOCROOT=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | sed 's/^\"//g' | sed 's/\"[[:space:]]*$//g'` yasat-848/plugins/apache_vhosts.test-429- Display --indent 4 --text "Docroot $DOCROOT" --result FOUND --color GREEN ############################################## yasat-848/plugins/apache_vhosts.test-450-# echo " $LOC_LINE" yasat-848/plugins/apache_vhosts.test:451: LOC_LOC=`echo $LOC_LINE | cut -f1 -d\|` yasat-848/plugins/apache_vhosts.test:452: LOC_ADVICE=`echo $LOC_LINE | cut -f3 -d\|` yasat-848/plugins/apache_vhosts.test-453- if [ -e "${DOCROOT}${LOC_LOC}" ] ; then ############################################## yasat-848/plugins/apache_vhosts.test-468- ##### alias =========================================== yasat-848/plugins/apache_vhosts.test:469: if [ ! -z "`echo $line | grep -i '^[[:space:]]*Alias[[:space:]]'`" ];then yasat-848/plugins/apache_vhosts.test:470: ALIAS="`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test:471: DEST_ALIAS="`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f2 | sed 's/^"//' | sed 's/"$//'`" yasat-848/plugins/apache_vhosts.test-472- Display --indent 4 --text "$ALIAS -> $DEST_ALIAS" --result FOUND --color BLUE ############################################## yasat-848/plugins/apache_vhosts.test-484- ##### override =========================================== yasat-848/plugins/apache_vhosts.test:485: if [ ! -z "`echo $line | grep -i '^[[:space:]]*AllowOverride'`" ] ; then yasat-848/plugins/apache_vhosts.test:486: OVERRIDE=`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | cut -d\ -f1` yasat-848/plugins/apache_vhosts.test-487- if [ "$OVERRIDE" != "None" ];then ############################################## yasat-848/plugins/apache_vhosts.test-491- ##### php_admin_value =========================================== yasat-848/plugins/apache_vhosts.test:492: if [ ! -z "`echo $line | grep -i '^[[:space:]]*php_admin_value'`" ] ; then yasat-848/plugins/apache_vhosts.test:493: PHP_ADMIN_VALUE=`echo $line | sed 's/^[[:space:]]*php_admin_value[[:space:]]*//g'` yasat-848/plugins/apache_vhosts.test-494- Display --indent 4 --text "$VIRTUALHOST has php_admin_value $PHP_ADMIN_VALUE" --result WARNING --color BLUE ############################################## yasat-848/plugins/apache_vhosts.test-497- ##### php_admin_flag =========================================== yasat-848/plugins/apache_vhosts.test:498: if [ ! -z "`echo $line | grep -i '^[[:space:]]*php_admin_flag'`" ] ; then yasat-848/plugins/apache_vhosts.test:499: PHP_ADMIN_FLAG=`echo $line | sed 's/^[[:space:]]*php_admin_flag[[:space:]]*//g'` yasat-848/plugins/apache_vhosts.test-500- Display --indent 4 --text "$VIRTUALHOST has php_admin_flag $PHP_ADMIN_FLAG" --result WARNING --color BLUE ############################################## yasat-848/plugins/apache_vhosts.test-506- ##### authfile =========================================== yasat-848/plugins/apache_vhosts.test:507: if [ ! -z "`echo $line | grep -i '^[[:space:]]*AuthUserFile'`" ];then yasat-848/plugins/apache_vhosts.test:508: AUTH_FILE="`echo $line | sed 's/^[[:space:]]*[a-zA-Z][a-zA-Z]*[[:space:]]*//g' | sed 's/^"//' | sed 's/"$//'`" yasat-848/plugins/apache_vhosts.test-509- if [ -e "$AUTH_FILE" ];then yasat-848/plugins/apache_vhosts.test-510- Display --indent 2 --text "Authfile $AUTH_FILE" --result FOUND --color GREEN yasat-848/plugins/apache_vhosts.test:511: if [ "`stat $STAT_GROUP $AUTH_FILE`" != $APACHE_GROUP ];then yasat-848/plugins/apache_vhosts.test:512: Display --indent 2 --text "debug Authfile $AUTH_FILE incorrect permission" --result "`stat $STAT_GROUP $AUTH_FILE`" --color RED yasat-848/plugins/apache_vhosts.test-513- fi yasat-848/plugins/apache_vhosts.test:514: if [ "`stat $STAT_USER $AUTH_FILE`" = $APACHE_USER ];then yasat-848/plugins/apache_vhosts.test:515: Display --indent 2 --text "debug Authfile $AUTH_FILE incorrect owner" --result "`stat $STAT_USER $AUTH_FILE`" --color RED yasat-848/plugins/apache_vhosts.test-516- fi ############################################## yasat-848/plugins/apache_vhosts.test-523- ##### options =========================================== yasat-848/plugins/apache_vhosts.test:524: if [ ! -z "`echo $line | grep -i '^[[:space:]]*options'`" ];then yasat-848/plugins/apache_vhosts.test-525- TOPRINT='' ############################################## yasat-848/plugins/apache_vhosts.test-535- #[[:space:]] is here for be sure that there not a - sign yasat-848/plugins/apache_vhosts.test:536: if [ ! -z "`echo $line | grep -i '[[:space:]]indexes'`" ];then yasat-848/plugins/apache_vhosts.test-537- Display --indent 4 --text "$TOPRINT has option indexes" --result FOUND --color ORANGE --advice APACHE_VHOSTS_OPTIONS_INDEXES ############################################## yasat-848/plugins/apache_vhosts.test-539- fi yasat-848/plugins/apache_vhosts.test:540: if [ ! -z "`echo $line | grep -i '[[:space:]]ExecCGI'`" ];then yasat-848/plugins/apache_vhosts.test-541- Display --indent 4 --text "$TOPRINT has option ExecCGI" --result FOUND --color ORANGE --advice APACHE_VHOSTS_OPTIONS_EXECCGI ############################################## yasat-848/plugins/apache_vhosts.test-546- ##### jkmount =========================================== yasat-848/plugins/apache_vhosts.test:547: if [ ! -z "`echo $line | grep -i '^[[:space:]]*JKmount'`" ] ; then yasat-848/plugins/apache_vhosts.test:548: JKMOUNT_SRC="`echo \"$line\" | sed 's/^[[:space:]]*JKmount[[:space:]]*//gI' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-549- Display --indent 4 --text "$VIRTUALHOST has JKmount $JKMOUNT_SRC" --result FOUND --color BLUE ############################################## yasat-848/plugins/apache_vhosts.test-552- ##### ProxyPASS =========================================== yasat-848/plugins/apache_vhosts.test:553: if [ ! -z "`echo $line | grep -i '^[[:space:]]*ProxyPASS'`" ] yasat-848/plugins/apache_vhosts.test-554- then yasat-848/plugins/apache_vhosts.test:555:# ProxyPASS_SRC="`echo \"$line\" | sed 's/^[[:space:]]*ProxyPASS[[:space:]]*//gI' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-556- get_value_in_string ProxyPASS "$line" ############################################## yasat-848/plugins/apache_vhosts.test-561- #AddOutputFilterByType yasat-848/plugins/apache_vhosts.test:562: if [ ! -z "`echo $line | grep -i '^[[:space:]]*SetOutputFilter'`" ] yasat-848/plugins/apache_vhosts.test-563- then yasat-848/plugins/apache_vhosts.test:564: OUTPUT_FILTER_TYPE="`echo \"$line\" | sed 's/^[[:space:]]*SetOutputFilter[[:space:]]*//gI' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-565- Display --indent 4 --text "$VIRTUALHOST has SetOutputFilter" --result FOUND --color BLUE ############################################## yasat-848/plugins/apache_vhosts.test-567- fi yasat-848/plugins/apache_vhosts.test:568: if [ ! -z "`echo $line | grep -i '^[[:space:]]*AddOutputFilterByType'`" ] yasat-848/plugins/apache_vhosts.test-569- then ############################################## yasat-848/plugins/apache_vhosts.test-573- fi yasat-848/plugins/apache_vhosts.test:574: OUTPUT_FILTER_TYPE="`echo \"$line\" | sed 's/^[[:space:]]*AddOutputFilterByType[[:space:]]*//gI' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test:575: OUTPUT_FILTER_AFFECTED="`echo \"$line\" | sed 's/^[[:space:]]*AddOutputFilterByType[[:space:]]*//gI' | cut -d\ -f2-`" yasat-848/plugins/apache_vhosts.test-576- Display --indent 4 --text "$VIRTUALHOST has AddOutputFilterByType $OUTPUT_FILTER_TYPE" --result FOUND --color BLUE ############################################## yasat-848/plugins/apache_vhosts.test-589- ##### SSL options =========================================== http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html yasat-848/plugins/apache_vhosts.test:590: if [ ! -z "`echo $line | grep -i '^[[:space:]]*SSLCertificateKeyFile'`" ] ; then yasat-848/plugins/apache_vhosts.test:591:# SSLCertKeyFile="`echo \"$line\" | sed 's/^[[:space:]]*SSLCertificateKeyFile[[:space:]]*//gI' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-592- get_value_in_string SSLCertificateKeyFile "$line" ############################################## yasat-848/plugins/apache_vhosts.test-596- fi yasat-848/plugins/apache_vhosts.test:597: if [ ! -z "`echo $line | grep -i '^[[:space:]]*SSLCertificateFile'`" ] ; then yasat-848/plugins/apache_vhosts.test:598:# SSLCertFile="`echo \"$line\" | sed 's/^[[:space:]]*SSLCertificateFile[[:space:]]*//gI' | cut -d\ -f1`" yasat-848/plugins/apache_vhosts.test-599- get_value_in_string SSLCertificateFile "$line" ############################################## yasat-848/plugins/process.test-36-do yasat-848/plugins/process.test:37: PROCESS="`echo $lineuser | cut -d\ -f3`" yasat-848/plugins/process.test:38: USERPROCESS="`echo $lineuser | cut -d\ -f1`" yasat-848/plugins/process.test-39- if [ $USERPROCESS = "root" ] ############################################## yasat-848/plugins/process.test-54-do yasat-848/plugins/process.test:55: PROCESS="`echo $line | cut -d\ -f3`" yasat-848/plugins/process.test:56: USERPROCESS="`echo $line | cut -d\ -f1`" yasat-848/plugins/process.test:57: PROCESSTYPE="`grep -v '^#' $PLUGINS_REP/process.data |grep -v '^$' |grep ^${PROCESS}= | cut -d\= -f2`" yasat-848/plugins/process.test-58- if [ -z "$PROCESSTYPE" ] ############################################## yasat-848/plugins/process.test-101- then yasat-848/plugins/process.test:102: PROCESS_FS_OWNER="`stat $STAT_USER $PROCESS`" yasat-848/plugins/process.test-103-# echo "debug $PROCESS $PROCESS_FS_OWNER" ############################################## yasat-848/plugins/partition.test-32-if [ "${OS}" = 'OpenBSD' ] ;then yasat-848/plugins/partition.test:33: SWAP_ENCRYPT="`$BSD_SYSCTL vm.swapencrypt.enable | cut -d\= -f2`" yasat-848/plugins/partition.test-34- if [ $SWAP_ENCRYPT -eq 1 ] ;then ############################################## yasat-848/plugins/partition.test-62-#check_partition '/usr' yasat-848/plugins/partition.test:63:# if [ -z "`echo $RESULTAT | grep -i nodev`" ] yasat-848/plugins/partition.test-64-# then ############################################## yasat-848/plugins/kernel.test-26- TESTNAME='YASAT_TEST_KERNEL_OPENBSD_SECURELEVEL Check if Secure level is used' yasat-848/plugins/kernel.test:27: SECURELEVEL="`$BSD_SYSCTL kern.securelevel | cut -d\= -f2`" yasat-848/plugins/kernel.test-28- if [ $SECURELEVEL -ge 0 ];then ############################################## yasat-848/plugins/kernel.test-54- do yasat-848/plugins/kernel.test:55: if [ ! -z "`grep ^$usbmodule[[:space:]] $TMP_RESULT`" ] ; then yasat-848/plugins/kernel.test-56- Display --indent 2 --text "USB module $usbmodule" --result FOUND --color ORANGE --advice KERNEL_USB_MODULES ############################################## yasat-848/plugins/kernel.test-79- do yasat-848/plugins/kernel.test:80: if [ ! -z "`grep ^$firemodule[[:space:]] $TMP_RESULT`" ] ; then yasat-848/plugins/kernel.test-81- Display --indent 2 --text "Firewire module $firemodule" --result FOUND --color ORANGE --advice KERNEL_FIREWIRE_MODULES ############################################## yasat-848/plugins/kernel.test-157-#/proc/sys/kernel/randomize_va_space yasat-848/plugins/kernel.test:158:RANDOM_VA_SPACE="`$SYSCTL kernel.randomize_va_space 2>> $ERROR_OUTPUT_FILE`" yasat-848/plugins/kernel.test-159-if [ $? -eq 0 ] ; then yasat-848/plugins/kernel.test:160: RANDOM_VA_SPACE="`$SYSCTL kernel.randomize_va_space | sed 's/^.*=[[:space:]]*//'`" yasat-848/plugins/kernel.test-161- if [ "$RANDOM_VA_SPACE" -eq 2 ] ; then ############################################## yasat-848/plugins/kernel.test-297- if [ "$HARDWARE" = 'x86_64' ];then yasat-848/plugins/kernel.test:298: if [ ! -z "`grep 'CONFIG_IA32_EMULATION=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-299- Display --indent 2 --text "CONFIG_IA32_EMULATION" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_IA32_EMULATION --comp 'KO' 'kernel' ############################################## yasat-848/plugins/kernel.test-307- TESTNAME='YASAT_TEST_KERNEL_COMPAT_BRK Check if COMPAT_BRK is enabled' yasat-848/plugins/kernel.test:308: if [ ! -z "`grep 'CONFIG_COMPAT_BRK=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-309- Display --indent 2 --text "CONFIG_COMPAT_BRK" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_COMPAT_BRK --comp 'KO' 'kernel' ############################################## yasat-848/plugins/kernel.test-314- TESTNAME='YASAT_TEST_KERNEL_COMPAT_VDSO Check if COMPAT_VDSO is enabled' yasat-848/plugins/kernel.test:315: if [ ! -z "`grep 'CONFIG_COMPAT_VDSO=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-316- Display --indent 2 --text "CONFIG_COMPAT_VDSO" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_COMPAT_VDSO --comp 'KO' 'kernel' ############################################## yasat-848/plugins/kernel.test-321- TESTNAME='YASAT_TEST_KERNEL_DEVKMEM Check if DEVKMEM is enabled' yasat-848/plugins/kernel.test:322: if [ ! -z "`grep 'CONFIG_DEVKMEM=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-323- Display --indent 2 --text "CONFIG_DEVKMEM" --result ENABLED --color ORANGE --advice KERNEL_CONFIG_DEVKMEM --comp 'KO' 'kernel' ############################################## yasat-848/plugins/kernel.test-328- TESTNAME='YASAT_TEST_KERNEL_STRICT_DEVMEM Check if STRICT_DEVMEM is enabled' yasat-848/plugins/kernel.test:329: if [ -z "`grep 'CONFIG_STRICT_DEVMEM=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-330- Display --indent 2 --text "CONFIG_STRICT_DEVMEM" --result DISABLED --color ORANGE --advice KERNEL_CONFIG_STRICT_DEVMEM --comp 'KO' 'kernel' ############################################## yasat-848/plugins/kernel.test-351- if [ "$HARDWARE_GEN" = 'x86' -o "$HARDWARE_GEN" = 'x86_64' ];then yasat-848/plugins/kernel.test:352: if [ ! -z "`grep 'CONFIG_X86_MCE=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-353- Display --indent 2 --text "CONFIG_X86_MCE" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/kernel.test-368- TESTNAME='YASAT_TEST_KERNEL_PAX Check if PAX is enabled' yasat-848/plugins/kernel.test:369: if [ ! -z "`grep 'CONFIG_PAX=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-370- Display --indent 2 --text "CONFIG_PAX" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/kernel.test-375- TESTNAME='YASAT_TEST_KERNEL_GRKERNSEC Check if grsecurity is enabled' yasat-848/plugins/kernel.test:376: if [ ! -z "`grep 'CONFIG_GRKERNSEC=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-377- Display --indent 2 --text "CONFIG_GRKERNSEC" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/kernel.test-382- TESTNAME='YASAT_TEST_KERNEL_SELINUX check if SELINUX is enabled' yasat-848/plugins/kernel.test:383: if [ ! -z "`grep 'CONFIG_SECURITY_SELINUX=y' ${TEMPYASATDIR}/kernel_config`" ];then yasat-848/plugins/kernel.test-384- Display --indent 2 --text "CONFIG_SECURITY_SELINUX" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/kernel.test-389- TESTNAME='YASAT_TEST_KERNEL_RONX check if RONX is enabled' yasat-848/plugins/kernel.test:390: if [ ! -z "`grep 'CONFIG_DEBUG_SET_MODULE_RONX=y' ${TEMPYASATDIR}/kernel_config`" ] ;then yasat-848/plugins/kernel.test-391- Display --indent 2 --text "CONFIG_DEBUG_SET_MODULE_RONX" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/kernel.test-396- TESTNAME='YASAT_TEST_KERNEL_RODATA check if RODATA is enabled' yasat-848/plugins/kernel.test:397: if [ ! -z "`grep 'CONFIG_DEBUG_RODATA=y' ${TEMPYASATDIR}/kernel_config`" ] ;then yasat-848/plugins/kernel.test-398- Display --indent 2 --text "CONFIG_DEBUG_RODATA" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/kernel.test-403- TESTNAME='YASAT_TEST_KERNEL_STRICT_USER_COPY_CHECKS Check if STRICT_USER_COPY_CHECKS is enabled' yasat-848/plugins/kernel.test:404: if [ ! -z "`grep 'CONFIG_DEBUG_STRICT_USER_COPY_CHECKS=y' ${TEMPYASATDIR}/kernel_config`" ] ;then yasat-848/plugins/kernel.test-405- Display --indent 2 --text "CONFIG_DEBUG_STRICT_USER_COPY_CHECKS" --result ENABLED --color GREEN --comp 'OK' 'kernel' ############################################## yasat-848/plugins/logrotate.test-35-do yasat-848/plugins/logrotate.test:36: RESULT=`grep -ri $line /etc/logrotate.*` yasat-848/plugins/logrotate.test-37- if [ -z "${RESULT}" ] ############################################## yasat-848/plugins/logrotate.test-44- do yasat-848/plugins/logrotate.test:45: LOGROTATE_WILDS_DEFINE="`echo $wilds | cut -d\: -f1`" yasat-848/plugins/logrotate.test:46: LOGROTATE_WILDS_LOGS=`echo $wilds | cut -d\: -f2` yasat-848/plugins/logrotate.test-47-# echo "$LOGROTATE_WILDS_DEFINE $LOGROTATE_WILDS_LOGS" yasat-848/plugins/logrotate.test:48: LOGROTATE_WILDS_ALLLOG=`echo $LOGROTATE_WILDS_LOGS` yasat-848/plugins/logrotate.test:49: for wild in `echo $LOGROTATE_WILDS_ALLLOG` yasat-848/plugins/logrotate.test-50- do yasat-848/plugins/logrotate.test:51: if [ ! -z "`echo $line | grep $wild`" ] yasat-848/plugins/logrotate.test-52- then yasat-848/plugins/logrotate.test:53: Display --indent 2 --text "$line by `echo $LOGROTATE_WILDS_DEFINE | cut -d\: -f1`" --result FOUND --color GREEN yasat-848/plugins/logrotate.test-54- DEFINED_IN_WILD=1 ############################################## yasat-848/plugins/logrotate.test-62- else yasat-848/plugins/logrotate.test:63: Display --indent 2 --text "$line by `echo $RESULT | cut -d\: -f1`" --result FOUND --color GREEN yasat-848/plugins/logrotate.test-64- fi ############################################## yasat-848/plugins/network.test-48-fi yasat-848/plugins/network.test:49:for i in `grep -v ^# $PLUGINS_REP/network.data` yasat-848/plugins/network.test-50-do yasat-848/plugins/network.test:51: ldirective=`echo $i | cut -f1 -d\|` yasat-848/plugins/network.test:52: lparam=`echo $i | cut -f2 -d\|` yasat-848/plugins/network.test:53: loption=`echo $i | cut -f3 -d\|` yasat-848/plugins/network.test:54: ladvice=`echo $i | cut -f4 -d\|` yasat-848/plugins/network.test:55: lnsag=`echo $i | cut -f5 -d\|` yasat-848/plugins/network.test:56: lcce=`echo $i | cut -f6 -d\|` yasat-848/plugins/network.test-57- if [ -z "$lnsag" ];then ############################################## yasat-848/plugins/network.test-62- fi yasat-848/plugins/network.test:63: EL_PATH=`echo "/proc/sys/$ldirective" | sed 's/\./\//g'` yasat-848/plugins/network.test-64- if [ -e "$EL_PATH" ] ;then yasat-848/plugins/network.test:65: VALUE="`cat $EL_PATH`" yasat-848/plugins/network.test-66- case $loption in ############################################## yasat-848/plugins/network.test-92- else yasat-848/plugins/network.test:93: VALUE=`grep "^[[:space:]]*$ldirective" /etc/sysctl.conf | sed 's/^.*=[[:space:]]*//g'` yasat-848/plugins/network.test-94- case $loption in ############################################## yasat-848/plugins/ntp.test-32-do yasat-848/plugins/ntp.test:33: RESULTAT="`ps aux |grep -i $NTPD_TO_TEST |grep -v grep`" yasat-848/plugins/ntp.test-34- if [ ! -z "$RESULTAT" ] ############################################## yasat-848/plugins/cyrus.test-74-#check for TLS in cyrus.conf and certificate yasat-848/plugins/cyrus.test:75:if [ -z "`grep '[[:space:]]*imaps' $CYRUS_CONF`" ] yasat-848/plugins/cyrus.test-76-then ############################################## yasat-848/plugins/repo.test-55- do yasat-848/plugins/repo.test:56: REPOFILE=`basename $repo` yasat-848/plugins/repo.test-57- Display --indent 4 --text "$REPOFILE" --result FOUND --color BLUE ############################################## yasat-848/plugins/repo.test-59- do yasat-848/plugins/repo.test:60: if [ ! -z "`echo $line |grep '^gpgcheck='`" ] ; then yasat-848/plugins/repo.test:61: REPO_GPG=`echo $line | cut -d\= -f2` yasat-848/plugins/repo.test-62- fi yasat-848/plugins/repo.test:63: if [ ! -z "`echo $line |grep '^enabled='`" ] ; then yasat-848/plugins/repo.test:64: REPO_ENABLED=`echo $line | cut -d\= -f2` yasat-848/plugins/repo.test-65- fi yasat-848/plugins/repo.test:66: if [ ! -z "`echo $line |grep '^\['`" ] ; then yasat-848/plugins/repo.test-67- if [ ! -z "$REPONAME" ] ; then ############################################## yasat-848/plugins/repo.test-76- fi yasat-848/plugins/repo.test:77: REPONAME="`echo $line | cut -d\[ -f2 | cut -d\] -f1`" yasat-848/plugins/repo.test-78- Display --indent 6 --text "$REPONAME" --result FOUND --color BLUE ############################################## yasat-848/plugins/repo.test-116- cat $APT_SOURCELISTD/*.list >> $TMP_SRCLIST 2> /dev/null yasat-848/plugins/repo.test:117: if [ -z "`grep '^deb http://security.debian.org/' $TMP_SRCLIST`" ] ; then yasat-848/plugins/repo.test-118- Display --indent 4 --text "security mirror" --result DISABLED --color RED ############################################## yasat-848/plugins/system_rights.test-31-if [ -f $PLUGINS_REP/$CONF_FILE ] ;then yasat-848/plugins/system_rights.test:32: for i in `grep -v '^#' $PLUGINS_REP/$CONF_FILE |grep -v "!$OS_NICKNAME" | grep -v "!$LINUX_VERSION" | sed 's/#.*//g'` yasat-848/plugins/system_rights.test-33- do yasat-848/plugins/system_rights.test-34-# echo "TEST ==== $i" yasat-848/plugins/system_rights.test:35: lepath="`echo $i | cut -f1 -d\|`" yasat-848/plugins/system_rights.test-36- if [ "$SCAN_ROOT" != '/' ] ; then yasat-848/plugins/system_rights.test:37: lepath="$SCAN_ROOT/`echo $i | cut -f1 -d\|`" yasat-848/plugins/system_rights.test-38- fi yasat-848/plugins/system_rights.test:39: lesdroits=`echo $i | cut -f2 -d\|` yasat-848/plugins/system_rights.test:40: luser=`echo $i | cut -f3 -d\|` yasat-848/plugins/system_rights.test:41: lgroup=`echo $i | cut -f4 -d\|` yasat-848/plugins/system_rights.test:42: loption=`echo $i | cut -f5 -d\|` yasat-848/plugins/system_rights.test:43: ldistrib=`echo $i | cut -f6 -d\|` yasat-848/plugins/system_rights.test:44: loption2=`echo $i | cut -f7 -d\|` yasat-848/plugins/system_rights.test:45: nsag_id_o=`echo $i | cut -f8 -d\|` yasat-848/plugins/system_rights.test:46: cceid_o=`echo $i | cut -f9 -d\|` yasat-848/plugins/system_rights.test:47: nsag_id_g=`echo $i | cut -f10 -d\|` yasat-848/plugins/system_rights.test:48: cceid_g=`echo $i | cut -f11 -d\|` yasat-848/plugins/system_rights.test:49: nsag_id_r=`echo $i | cut -f12 -d\|` yasat-848/plugins/system_rights.test:50: cceid_r=`echo $i | cut -f13 -d\|` yasat-848/plugins/system_rights.test-51- if [ -z "$cceid_o" ] ;then cceid_o=0;fi ############################################## yasat-848/plugins/system_rights.test-85- TESTNAME="YASAT_TEST_SYSTEMRIGHT_GENERIC Check if $lepath is chmod $lesdroits" yasat-848/plugins/system_rights.test:86: RIGHT="`stat $STAT_RIGHT $lepath`" yasat-848/plugins/system_rights.test-87- if [ $RIGHT != "$lesdroits" ] ;then ############################################## yasat-848/plugins/system_rights.test-95- if [ "$loption2" != "gw" ] ;then yasat-848/plugins/system_rights.test:96: RESULTAT="`find $lepath ! -type l -perm $PERM_GW`" yasat-848/plugins/system_rights.test-97- if [ ! -z "$RESULTAT" ] ;then ############################################## yasat-848/plugins/system_rights.test-101- do yasat-848/plugins/system_rights.test:102: Display --indent 4 --text "$line" --result "`stat $STAT_RIGHT $line`" --color RED yasat-848/plugins/system_rights.test-103- done ############################################## yasat-848/plugins/system_rights.test-108- TESTNAME="YASAT_TEST_SYSTEMRIGHT_GENERIC Check if $lepath is owned by $luser" yasat-848/plugins/system_rights.test:109: RESULTATUSER="`find $lepath ! -user $luser -ls`" yasat-848/plugins/system_rights.test-110- if [ ! -z "$RESULTATUSER" ] ;then ############################################## yasat-848/plugins/system_rights.test-115- do yasat-848/plugins/system_rights.test:116: Display --indent 4 --text "$line" --result "`stat $STAT_USER $line`" --color RED yasat-848/plugins/system_rights.test-117- done ############################################## yasat-848/plugins/system_rights.test-119- else yasat-848/plugins/system_rights.test:120: Display --indent 4 --text "$lepath owner `stat $STAT_USER $lepath`" --result GOOD --color GREEN yasat-848/plugins/system_rights.test-121- Compliance --result 'OK' --plugin "system_rights_own_$lepath" --nsag $nsag_id_o --cce $cceid_o ############################################## yasat-848/plugins/system_rights.test-124- TESTNAME="YASAT_TEST_SYSTEMRIGHT_GENERIC Check if $lepath is owned by group $lgroup" yasat-848/plugins/system_rights.test:125: RESULTATGROUPE="`find $lepath ! -group $lgroup`" yasat-848/plugins/system_rights.test-126- if [ ! -z "$RESULTATGROUPE" ] ;then ############################################## yasat-848/plugins/system_rights.test-131- do yasat-848/plugins/system_rights.test:132: Display --indent 4 --text "$line" --result "`stat $STAT_GROUP $line`" --color RED yasat-848/plugins/system_rights.test-133- done ############################################## yasat-848/plugins/system_rights.test-135- else yasat-848/plugins/system_rights.test:136: Display --indent 4 --text "$lepath group `stat $STAT_GROUP $lepath`" --result GOOD --color GREEN yasat-848/plugins/system_rights.test-137- Compliance --result 'OK' --plugin "system_rights_grp_$lepath" --nsag $nsag_id_g --cce $cceid_g ############################################## yasat-848/plugins/system_rights.test-143- TESTNAME="YASAT_TEST_SYSTEMRIGHT_GENERIC Check if $lepath is chmod $lesdroits" yasat-848/plugins/system_rights.test:144: ACTUAL_RIGHT="`stat $STAT_RIGHT $lepath`" yasat-848/plugins/system_rights.test:145: if [ "${ACTUAL_RIGHT}" != $lesdroits -o `stat $STAT_GROUP $lepath` != $lgroup -o `stat $STAT_USER $lepath` != $luser ] ;then yasat-848/plugins/system_rights.test-146- #check for stricter right than we want (example we want 640 but local have 600) ############################################## yasat-848/plugins/ssl.test-21-#Red Hat have PKI under /etc/pki yasat-848/plugins/ssl.test:22:SSL_REP="`echo ${SCAN_ROOT}/etc/ssl | sed 's,//*,/,g'`" yasat-848/plugins/ssl.test-23- ############################################## yasat-848/plugins/ssl.test-30- if [ -e "$SCAN_ROOT/etc/pki" ] ; then yasat-848/plugins/ssl.test:31: SSL_REP="`echo $SCAN_ROOT/etc/pki | sed 's,//*,/,g'`" yasat-848/plugins/ssl.test-32- fi ############################################## yasat-848/plugins/ssl.test-37- yasat-848/plugins/ssl.test:38: RESULTAT=`find $SSL_REP ! -user root -exec ls {} \;` yasat-848/plugins/ssl.test-39- if [ ! -z "$RESULTAT" ] ; then ############################################## yasat-848/plugins/ssl.test-76- if [ -e "$homedir/.mozilla/firefox/profiles.ini" ] ; then yasat-848/plugins/ssl.test:77: for profile in `grep '^Path=' "${homedir}/.mozilla/firefox/profiles.ini" | sed 's/^Path=//'` yasat-848/plugins/ssl.test-78- do ############################################## yasat-848/plugins/ssl.test-83- if [ -e "$homedir/.thunderbird/profiles.ini" ] ; then yasat-848/plugins/ssl.test:84: for profile in `grep '^Path=' "${homedir}/.thunderbird/profiles.ini" | sed 's/^Path=//'` yasat-848/plugins/ssl.test-85- do ############################################## yasat-848/plugins/mysql.test-62- #I dont use getent because I think that mysql will be never on LDAP or such yasat-848/plugins/mysql.test:63: MYSQLSHELL=`grep "$RESULTAT" /etc/passwd | cut -d\: -f7` yasat-848/plugins/mysql.test:64: if [ `echo $MYSQLSHELL |grep 'sh' ` ] yasat-848/plugins/mysql.test-65- then ############################################## yasat-848/plugins/mysql.test-75-#my.cnf is used by other client app than mysqld, so perhaps 644 is needed yasat-848/plugins/mysql.test:76:#MYSQL_CONF_RIGHT="`stat $STAT_RIGHT $MYSQL_CONF`" yasat-848/plugins/mysql.test-77-#if [ "$MYSQL_CONF_RIGHT" -ge 640 ] ############################################## yasat-848/plugins/mysql.test-84-then yasat-848/plugins/mysql.test:85:MYSQL_CONF_RIGHT="`stat $STAT_RIGHT /etc/mysql/debian.cnf`" yasat-848/plugins/mysql.test-86- if [ "$MYSQL_CONF_RIGHT" -gt 600 ] ############################################## yasat-848/plugins/mysql.test-129-FindValueOfEqual $MYSQL_CONF log-bin JUSTTEST yasat-848/plugins/mysql.test:130:if [ ! -z "`cat $MYSQL_CONF | grep '^log-bin$' `" ] yasat-848/plugins/mysql.test-131-then ############################################## yasat-848/plugins/mysql.test-136- Display --indent 2 --text "log-bin" --result $RESULTAT --color BLUE --advice MYSQL_CONF_BINLOGS yasat-848/plugins/mysql.test:137: if [ -z "`cat $MYSQL_CONF | grep '^expire_logs_days' `" ] yasat-848/plugins/mysql.test-138- then ############################################## yasat-848/plugins/storage.test-38- if [ -e sys/block/${hdd_base}${i}/queue/read_ahead_kb ] ;then yasat-848/plugins/storage.test:39: READ_AHEAD="`cat /sys/block/${hdd_base}${i}/queue/read_ahead_kb`" yasat-848/plugins/storage.test-40- #on some server I saw a read_ahead of 4096 that is too high ############################################## yasat-848/plugins/storage.test-49- if [ -e /sys/block/${hdd_base}${i}/device/queue_depth ] ;then yasat-848/plugins/storage.test:50: QUEUE_DEPTH="`cat /sys/block/${hdd_base}${i}/device/queue_depth`" yasat-848/plugins/storage.test-51- Display --indent 4 --text "queue_depth of /dev/${hdd_base}${i}" --result "$QUEUE_DEPTH" --color BLUE yasat-848/plugins/storage.test-52- fi yasat-848/plugins/storage.test:53: MAX_SECTOR="`cat /sys/block/${hdd_base}${i}/queue/max_sectors_kb`" yasat-848/plugins/storage.test-54- Display --indent 4 --text "max_sector_kb of /dev/${hdd_base}${i}" --result "$MAX_SECTOR" --color BLUE yasat-848/plugins/storage.test-55- if [ -e /sys/block/${hdd_base}${i}/queue/scheduler ] ;then yasat-848/plugins/storage.test:56: SCHEDULER="`cat /sys/block/${hdd_base}${i}/queue/scheduler`" yasat-848/plugins/storage.test-57- Display --indent 4 --text "scheduler of /dev/${hdd_base}${i}" --result "$SCHEDULER" --color BLUE ############################################## yasat-848/plugins/system_user.test-42-my_getent yasat-848/plugins/system_user.test:43:ALLUSER=`grep -v '^#' ${MY_PASSWD} | cut -d\: -f1` yasat-848/plugins/system_user.test-44-for iuser in $ALLUSER yasat-848/plugins/system_user.test-45-do yasat-848/plugins/system_user.test:46: #HOMEUSER=`grep "^${iuser}:" /etc/passwd | cut -d\: -f6` yasat-848/plugins/system_user.test:47: HOMEUSER=`grep "^${iuser}:" ${MY_PASSWD} | cut -d\: -f6` yasat-848/plugins/system_user.test:48: #USERSHELL=`grep "^${iuser}:" /etc/passwd | cut -d\: -f7` yasat-848/plugins/system_user.test:49: USERSHELL=`grep "^${iuser}:" ${MY_PASSWD} | cut -d\: -f7` yasat-848/plugins/system_user.test:50: PRIMARYGROUP="`id -gn ${iuser}`" yasat-848/plugins/system_user.test-51- if [ ! -e "${HOMEUSER}" ] ;then ############################################## yasat-848/plugins/system_user.test-62- if [ -e "${HOMEUSER}/.bashrc" ] ;then yasat-848/plugins/system_user.test:63: UMASK="`grep 'umask 027' ${HOMEUSER}/.bashrc`" yasat-848/plugins/system_user.test-64- if [ -z "$UMASK" ] ;then ############################################## yasat-848/plugins/system_user.test-70- if [ -e "$PASSFILE" ] ; then yasat-848/plugins/system_user.test:71: PASSWORD=`grep ^${iuser}\: $PASSFILE | cut -d\: -f2` yasat-848/plugins/system_user.test-72- yasat-848/plugins/system_user.test-73- if [ "$PASSWORD" = '*' ] ;then yasat-848/plugins/system_user.test:74: if [ ! -z "`echo $USERSHELL | grep -v 'nologin' |grep -v 'bin/false'`" ] yasat-848/plugins/system_user.test-75- then ############################################## yasat-848/plugins/system_user.test-79- if [ "$PASSWORD" = '!' ] ;then yasat-848/plugins/system_user.test:80: if [ ! -z "`echo $USERSHELL | grep -v 'nologin' |grep -v 'bin/false'`" ] yasat-848/plugins/system_user.test-81- then ############################################## yasat-848/plugins/system_user.test-93- TESTNAME="YASAT_TEST_HOMEUSER_SSH_RIGHT Check if .ssh directory have correct unix rights" yasat-848/plugins/system_user.test:94: if [ `stat $STAT_RIGHT ${HOMEUSER}/.ssh/` != '700' ];then yasat-848/plugins/system_user.test-95- Display --indent 4 --text "${HOMEUSER}/.ssh is not 700" --result WARNING --color RED --advice SYSTEM_USER_DOTDIR ############################################## yasat-848/plugins/system_user.test-109- if [ -e "${HOMEUSER}/.ssh/id_rsa" -o -e "${HOMEUSER}/.ssh/id_rsa.pub" ] ;then yasat-848/plugins/system_user.test:110: KEY_SIZE="`ssh-keygen -l -f ${HOMEUSER}/.ssh/id_rsa | cut -d\ -f1`" yasat-848/plugins/system_user.test-111- Display --indent 4 --text "RSA keys found ($KEY_SIZE bits)" --result OK --color GREEN ############################################## yasat-848/plugins/system_user.test-115- #I have read somewhere that DSA is only 1024, so perhaps reading keysize is useless yasat-848/plugins/system_user.test:116: KEY_SIZE="`ssh-keygen -l -f ${HOMEUSER}/.ssh/id_dsa | cut -d\ -f1`" yasat-848/plugins/system_user.test-117- Display --indent 4 --text "DSA keys found ($KEY_SIZE bits)" --result OK --color GREEN ############################################## yasat-848/plugins/system_user.test-120- yasat-848/plugins/system_user.test:121: if [ `stat $STAT_USER ${HOMEUSER}/.ssh/` != $iuser ];then yasat-848/plugins/system_user.test-122- Display --indent 4 --text "Error ${HOMEUSER}/.ssh/ is not $iuser owned" --result ERROR --color RED ############################################## yasat-848/plugins/system_user.test-127- if [ -e "${HOMEUSER}/.gnupg/" ];then yasat-848/plugins/system_user.test:128: if [ `stat $STAT_RIGHT ${HOMEUSER}/.gnupg/` != '700' ];then yasat-848/plugins/system_user.test-129- Display --indent 4 --text "$BASEHOME/$iuser/.gnupg is not 700" --result WARNING --color RED --advice SYSTEM_USER_DOTDIR ############################################## yasat-848/plugins/system_user.test-138- then yasat-848/plugins/system_user.test:139: if [ `stat $STAT_RIGHT ${HOMEUSER}/.my.cnf` != '600' ] yasat-848/plugins/system_user.test-140- then ############################################## yasat-848/plugins/system_user.test-154- then yasat-848/plugins/system_user.test:155: DOTFILERIGHT="`stat $STAT_RIGHT ${HOMEUSER}/$DOT_FILE`" yasat-848/plugins/system_user.test-156- if [ "${DOTFILERIGHT}" != '600' -a "${DOTFILERIGHT}" != '400' ] ############################################## yasat-848/plugins/system_user.test-164- #check only "normal" users for the moment yasat-848/plugins/system_user.test:165: if [ ! -z "`echo ${HOMEUSER} |grep $BASEHOME`" ];then yasat-848/plugins/system_user.test-166- TESTNAME='YASAT_TEST_CHECK_HOME_OTHERS' ############################################## yasat-848/plugins/system_user.test-180- do yasat-848/plugins/system_user.test:181: COMMAND_TO_CHECK="`echo $line_of_command | sed 's/[[:space:]].*//g'`" yasat-848/plugins/system_user.test-182- which $COMMAND_TO_CHECK > /dev/null 2> /dev/null ############################################## yasat-848/plugins/system_user.test-189-# cat $bash_h |grep ldap | grep -E '\-y|\-t|\-T' yasat-848/plugins/system_user.test:190: NBLINE="`cat $TMP_LEAK_PASSWORD_FILE | wc -l`" yasat-848/plugins/system_user.test-191- if [ $NBLINE -eq 0 ] ############################################## yasat-848/plugins/system_user.test-211- done yasat-848/plugins/system_user.test:212: NBLINE="`cat $TMP_LEAK_PASSWORD_FILE | wc -l`" yasat-848/plugins/system_user.test-213- if [ $NBLINE -eq 0 ] ############################################## yasat-848/plugins/system_user.test-227- #get profiles yasat-848/plugins/system_user.test:228: for profile in `grep '^Path=' "${HOMEUSER}/.mozilla/firefox/profiles.ini" | sed 's/^Path=//'` yasat-848/plugins/system_user.test-229- do ############################################## yasat-848/plugins/system_user.test-235- do yasat-848/plugins/system_user.test:236: FIREFOX_STRING="`echo $firefox_test | cut -d, -f1`" yasat-848/plugins/system_user.test:237: FIREFOX_ADVICE="`echo $firefox_test | cut -d, -f2`" yasat-848/plugins/system_user.test:238: if [ ! -z "`grep $FIREFOX_STRING $PATH_TO_PREFJS`" ] ; then yasat-848/plugins/system_user.test-239- Display --indent 6 --text "$FIREFOX_STRING" --result FOUND --color BLUE --advice "$FIREFOX_ADVICE" ############################################## yasat-848/plugins/system_user.test-269- USER_ONLY_ONE_UID0=1 yasat-848/plugins/system_user.test:270: USER_UID0="`echo $line | cut -d\: -f1`" yasat-848/plugins/system_user.test-271- Display --indent 2 --text "Found user $USER_UID0 with UID=0" --result FOUND --color RED --advice SYSTEM_USER_USER_wITH_UID0 ############################################## yasat-848/plugins/system_user.test-283-do yasat-848/plugins/system_user.test:284: USER_STRANGE="`echo $line | cut -d\: -f1`" yasat-848/plugins/system_user.test-285- Display --indent 2 --text "Found anormal $USER_STRANGE" --result FOUND --color RED --advice TODO ############################################## yasat-848/plugins/samba.test-33- yasat-848/plugins/samba.test:34:SAMBA_CONF="`dirname $SAMBA_CONF`/smb.conf" yasat-848/plugins/samba.test-35- ############################################## yasat-848/plugins/accounting.test-106-if [ -e "$SCAN_ROOT/etc/pam.d" ] ; then yasat-848/plugins/accounting.test:107: if [ ! -z "`grep -r ^password.*sha512 $SCAN_ROOT/etc/pam.d`" ] ; then yasat-848/plugins/accounting.test-108- DEFAULT_CRYPT_METHOD='sha512' ############################################## yasat-848/plugins/accounting.test-110- fi yasat-848/plugins/accounting.test:111: if [ ! -z "`grep -r ^password.*md5 $SCAN_ROOT/etc/pam.d`" ] ; then yasat-848/plugins/accounting.test-112- DEFAULT_CRYPT_METHOD='MD5' ############################################## yasat-848/plugins/accounting.test-117- grep -r 'pam_cracklib.so' $SCAN_ROOT/etc/pam.d |grep -v '^#' > $pamtmp yasat-848/plugins/accounting.test:118: if [ -z "`cat $pamtmp`" ] ; then yasat-848/plugins/accounting.test-119- Display --indent 2 --text "cracklib" --result NOTFOUND --color BLUE ############################################## yasat-848/plugins/accounting.test-138-#YASAT_TEST_SHADOW_PASSWORD Check the real hash method used in /etc/shadow yasat-848/plugins/accounting.test:139:SHADOW_FILE="`echo $SCAN_ROOT/etc/shadow |sed 's,//*,/,g'`" yasat-848/plugins/accounting.test-140-if [ "${OS_TYPE}" = "BSD" ] ;then ############################################## yasat-848/plugins/accounting.test-144- Display --indent 2 --text "$SHADOW_FILE not found, trying /etc/passwd" --result NOSHADOW --color BLUE yasat-848/plugins/accounting.test:145: SHADOW_FILE="`echo $SCAN_ROOT/etc/passwd |sed 's,//*,/,g'`" yasat-848/plugins/accounting.test-146-fi ############################################## yasat-848/plugins/accounting.test-152- do yasat-848/plugins/accounting.test:153: HASH_METHOD="`echo $line |cut -d\: -f2 | cut -c1,2`" yasat-848/plugins/accounting.test:154: USER="`echo $line |cut -d\: -f1`" yasat-848/plugins/accounting.test-155- KNOW_HASH_METHOD=0 ############################################## yasat-848/plugins/accounting.test-247-TESTNAME='YASAT_TEST_AUDITD_1 NSAG=2.6.2 Test for a running auditd daemon' yasat-848/plugins/accounting.test:248:if [ "`ps aux |grep [[:space:]]$PROCESS_NAME[[:space:]]*$`" ] ; then yasat-848/plugins/accounting.test-249- AUDITD_PRESENT=1 ############################################## yasat-848/plugins/sensors.test-53- #TODO test ret value of ipmitool yasat-848/plugins/sensors.test:54: IPMI_SNMP_COMM="`grep -i snmp $IPMI_TMP | cut -d\: -f2- | sed 's/[[:space:]]*//g'`" yasat-848/plugins/sensors.test-55- if [ -z "$IPMI_SNMP_COMM" ];then ############################################## yasat-848/plugins/apache_conf.test-54-if [ -e "${PLUGINS_REP}/apache_conf.data" ] ;then yasat-848/plugins/apache_conf.test:55: for i in `grep -v '^\#' $PLUGINS_REP/apache_conf.data` yasat-848/plugins/apache_conf.test-56- do yasat-848/plugins/apache_conf.test:57: ldirective=`echo $i | cut -f1 -d\|` yasat-848/plugins/apache_conf.test:58: lparam=`echo $i | cut -f2 -d\|` yasat-848/plugins/apache_conf.test:59: loption=`echo $i | cut -f3 -d\|` yasat-848/plugins/apache_conf.test:60: ltestoptional=`echo $i | cut -f4 -d\|` yasat-848/plugins/apache_conf.test-61- OPT_ADVICE='' yasat-848/plugins/apache_conf.test:62: OPT_ADVICE="`echo $i | cut -f5 -d\|`" yasat-848/plugins/apache_conf.test:63: lnsagid="`echo $i | cut -f6 -d\|`" yasat-848/plugins/apache_conf.test:64: lcceid="`echo $i | cut -f7 -d\|`" yasat-848/plugins/apache_conf.test-65- if [ -z "$lnsagid" ] ; then ############################################## yasat-848/plugins/apache_conf.test-180- TESTNAME='YASAT_TEST_APACHE_USER Check if apache user have a shell' yasat-848/plugins/apache_conf.test:181: APACHESHELL="`getent passwd ${RESULTAT} | cut -d\: -f7`" yasat-848/plugins/apache_conf.test:182: if [ `echo $APACHESHELL |grep 'sh' ` ] yasat-848/plugins/apache_conf.test-183- then ############################################## yasat-848/plugins/apache_conf.test-194- yasat-848/plugins/apache_conf.test:195:RESULTAT=`find $APACHE_CONF_REP ! -type l ! -user root -exec ls {} \;` yasat-848/plugins/apache_conf.test-196-if [ ! -z "$RESULTAT" ] ############################################## yasat-848/plugins/apache_conf.test-218- yasat-848/plugins/apache_conf.test:219:RESULTAT=`find $APACHE_CONF_REP ! -type l ! -user root -exec ls {} \;` yasat-848/plugins/apache_conf.test-220-if [ ! -z "$RESULTAT" ];then ############################################## yasat-848/plugins/syslogng.test-46- yasat-848/plugins/syslogng.test:47:SYSLOGNGCONFRIGHT="`stat $STAT_RIGHT $SYSLOGNG_CONF`" yasat-848/plugins/syslogng.test-48-if [ "$SYSLOGNGCONFRIGHT=" != '640' -a "$SYSLOGNGCONFRIGHT" != '600' ] ############################################## yasat-848/plugins/syslogng.test-54- yasat-848/plugins/syslogng.test:55:if [ "`stat $STAT_USER $SYSLOGNG_CONF`" != 'root' ] yasat-848/plugins/syslogng.test-56-then ############################################## yasat-848/plugins/syslogng.test-61- yasat-848/plugins/syslogng.test:62:if [ "`stat $STAT_GROUP $SYSLOGNG_CONF`" != "$ROOTGROUP" ] yasat-848/plugins/syslogng.test-63-then ############################################## yasat-848/plugins/syslogng.test-69-#TODO check use_dns yasat-848/plugins/syslogng.test:70:#if [ `grep -v '^#*' $SYSLOGNG_CONF | grep 'use_dns'` ] yasat-848/plugins/syslogng.test-71-#then ############################################## yasat-848/plugins/squid.test-32- yasat-848/plugins/squid.test:33:SQUID_CONF="`dirname $SQUID_CONF`/squid.conf" yasat-848/plugins/squid.test-34- ############################################## yasat-848/plugins/squid.test-42-SQUIDUSER='squid' yasat-848/plugins/squid.test:43:SQUID_SHELL="`getent passwd $SQUIDUSER | cut -d\: -f7`" yasat-848/plugins/squid.test:44:if [ ! -z "`echo $SQUID_SHELL |grep 'sh'`" ] yasat-848/plugins/squid.test-45-then ############################################## yasat-848/plugins/squid.test-149-# echo "$line" yasat-848/plugins/squid.test:150: KEY="`echo $line | cut -d\ -f1`" yasat-848/plugins/squid.test-151-# if [ "$KEY" = 'allow' -o "$KEY" = 'deny' ] yasat-848/plugins/squid.test-152-# then yasat-848/plugins/squid.test:153: ACLNAME="`echo $line | cut -d\ -f2`" yasat-848/plugins/squid.test-154- NEGATION=0 yasat-848/plugins/squid.test:155: if [ ! -z "`echo $ACLNAME |grep '^!'`" ] yasat-848/plugins/squid.test-156- then yasat-848/plugins/squid.test:157: ACLNAME="`echo $line | cut -d\! -f2`" yasat-848/plugins/squid.test-158- NEGATION=1 ############################################## yasat-848/plugins/squid.test-174-# echo " FOUND acl=$lineacl" yasat-848/plugins/squid.test:175: ACL_TYPE="`echo $lineacl | cut -d\ -f2`" yasat-848/plugins/squid.test-176-# echo " TYPE=$ACL_TYPE" ############################################## yasat-848/plugins/squid.test-178- then yasat-848/plugins/squid.test:179: PORT="`echo $lineacl | cut -d\ -f3`" yasat-848/plugins/squid.test-180-# echo " $lineacl port=$PORT" yasat-848/plugins/squid.test-181- #we dont want allow for port 280 yasat-848/plugins/squid.test:182: if [ ! -z "`grep ^$PORT,$KEY ${PLUGINS_REP}/squid.ports`" ] yasat-848/plugins/squid.test-183- then ############################################## yasat-848/plugins/squid.test-191- #we dont want that localhost is accessible yasat-848/plugins/squid.test:192:# DEST="`echo $lineacl | cut -d\ -f3`" yasat-848/plugins/squid.test-193-# echo " $lineacl dest=$DEST" ############################################## yasat-848/plugins/php_conf.test-70-if [ -e "${PLUGINS_REP}/php_conf.data" ] ; then yasat-848/plugins/php_conf.test:71: for i in `grep -v '^\#' $PLUGINS_REP/php_conf.data` yasat-848/plugins/php_conf.test-72- do yasat-848/plugins/php_conf.test:73: ldirective=`echo $i | cut -f1 -d\|` yasat-848/plugins/php_conf.test:74: lparam=`echo $i | cut -f2 -d\|` yasat-848/plugins/php_conf.test:75: loption=`echo $i | cut -f3 -d\|` yasat-848/plugins/php_conf.test:76: ltestoptional=`echo $i | cut -f4 -d\|` yasat-848/plugins/php_conf.test-77- OPT_ADVICE='' yasat-848/plugins/php_conf.test:78: OPT_ADVICE="`echo $i | cut -f5 -d\|`" yasat-848/plugins/php_conf.test-79- if [ -z $OPT_ADVICE ] ; then ############################################## yasat-848/plugins/php_conf.test-98- s)#string equal casse insensitive yasat-848/plugins/php_conf.test:99: VAL=`echo $RESULTAT | tr A-Z a-z` yasat-848/plugins/php_conf.test-100- if [ "$VAL" != "$lparam" ] ;then ############################################## yasat-848/plugins/php_conf.test-106- snot)#not string casse insensitive yasat-848/plugins/php_conf.test:107: VAL=`echo $RESULTAT | tr A-Z a-z` yasat-848/plugins/php_conf.test-108- if [ "$VAL" = "$lparam" ] ;then ############################################## yasat-848/plugins/php_conf.test-131- RESULTAT="beginline, $RESULTAT, endline" yasat-848/plugins/php_conf.test:132: if [ -z "`echo $RESULTAT |grep [,[:space:]]$lparam[,[:space:]]`" ] ;then yasat-848/plugins/php_conf.test-133- Display --indent 4 --text "$ldirective without $lparam" --result NOTFOUND --color RED --advice $OPT_ADVICE ############################################## yasat-848/plugins/php_conf.test-150- else yasat-848/plugins/php_conf.test:151: REPLOG="`dirname $RESULTAT`" yasat-848/plugins/php_conf.test-152- Display --indent 4 --text "error_log $RESULTAT" --result DEFINED --color GREEN ############################################## yasat-848/plugins/php_conf.test-167- #check rights of apache on $REPLOG yasat-848/plugins/php_conf.test:168: if [ `stat $STAT_GROUP $REPLOG` = $RESULTAT ] ; then yasat-848/plugins/php_conf.test-169- Display --indent 8 --text "rights of $REPLOG " --result "$RESULTAT" --color GREEN ############################################## yasat-848/plugins/php_conf.test-185-do yasat-848/plugins/php_conf.test:186: check_php_ini `dirname $php_ini_one` yasat-848/plugins/php_conf.test-187-done ############################################## yasat-848/plugins/gpg.test-89- #check for signature yasat-848/plugins/gpg.test:90: if [ ! -z "`grep -A 2 signature $GPG_TMP|grep 'digest algo 1,'`" ];then yasat-848/plugins/gpg.test-91- Display --indent 4 --text "Self signatures with MD5" --result FOUND --color ORANGE ############################################## yasat-848/plugins/gpg.test-94- fi yasat-848/plugins/gpg.test:95: if [ ! -z "`grep -A 2 signature $GPG_TMP|grep 'digest algo 2,'`" ];then yasat-848/plugins/gpg.test-96- Display --indent 4 --text "Self signatures with SHA1" --result FOUND --color ORANGE ############################################## yasat-848/plugins/gpg.test-116-my_getent yasat-848/plugins/gpg.test:117:ALLUSER=`grep -v '^#' ${MY_PASSWD} | cut -d\: -f6` yasat-848/plugins/gpg.test-118-for ihome in $ALLUSER ############################################## yasat-848/plugins/firewall.test-55- pfctl -s rules > $YASAT_FW_TMP 2>> $ERROR_OUTPUT_FILE yasat-848/plugins/firewall.test:56: if [ -z "`cat $YASAT_FW_TMP`" ] yasat-848/plugins/firewall.test-57- then ############################################## yasat-848/plugins/firewall.test-91-#On my SELinux enabled machine, iptables can output nothing (permission denied) yasat-848/plugins/firewall.test:92:if [ "`cat $YASAT_FW_TMP | wc -l`" -eq 0 ] ; then yasat-848/plugins/firewall.test-93- Display --indent 2 --text "iptables error, stopping tests" --result WARNING --color RED --advice FIREWALL_TEST_ERROR ############################################## yasat-848/plugins/firewall.test-97- yasat-848/plugins/firewall.test:98:POLICY_INPUT="`grep 'Chain INPUT .*policy' $YASAT_FW_TMP | cut -d\ -f4`" yasat-848/plugins/firewall.test-99-if [ "$POLICY_INPUT" = 'DROP' ];then ############################################## yasat-848/plugins/firewall.test-104- yasat-848/plugins/firewall.test:105:POLICY_FORWARD="`grep 'Chain FORWARD.*policy' $YASAT_FW_TMP | cut -d\ -f4`" yasat-848/plugins/firewall.test-106-if [ "$POLICY_FORWARD" = 'DROP' ] ############################################## yasat-848/plugins/firewall.test-112- yasat-848/plugins/firewall.test:113:POLICY_OUTPUT="`grep 'Chain OUTPUT.*policy' $YASAT_FW_TMP | cut -d\ -f4`" yasat-848/plugins/firewall.test-114-if [ "$POLICY_OUTPUT" = 'DROP' ] ############################################## yasat-848/plugins/firewall.test-165- yasat-848/plugins/firewall.test:166:POLICY_INPUT="`grep 'Chain INPUT.*policy' $YASAT_FW_TMP | cut -d\ -f4`" yasat-848/plugins/firewall.test-167-if [ "$POLICY_INPUT" = 'DROP' ];then ############################################## yasat-848/plugins/firewall.test-172- yasat-848/plugins/firewall.test:173:POLICY_FORWARD="`grep 'Chain FORWARD.*policy' $YASAT_FW_TMP | cut -d\ -f4`" yasat-848/plugins/firewall.test-174-if [ "$POLICY_FORWARD" = 'DROP' ];then ############################################## yasat-848/plugins/firewall.test-179- yasat-848/plugins/firewall.test:180:POLICY_OUTPUT="`grep 'Chain OUTPUT.*policy' $YASAT_FW_TMP | cut -d\ -f4`" yasat-848/plugins/firewall.test-181-if [ "$POLICY_OUTPUT" = 'DROP' ];then ############################################## yasat-848/plugins/ldap.test-31- yasat-848/plugins/ldap.test:32:OPENSLAPD_CONF="`dirname $OPENLDAP_CONF`/slapd.conf" yasat-848/plugins/ldap.test-33- ############################################## yasat-848/plugins/ldap.test-90- yasat-848/plugins/ldap.test:91:if [ ! -z "`grep '^[[:space:]]*allow[[:space:]]bind_v2' $OPENSLAPD_CONF`" ] ; then yasat-848/plugins/ldap.test-92- Display --indent 2 --text "allow bind_v2" --result FOUND --color ORANGE --advice LDAP_BINDV2 ############################################## yasat-848/plugins/ldap.test-94- yasat-848/plugins/ldap.test:95:if [ -z "`grep '^[[:space:]]*disallow[[:space:]]bind_anon' $OPENSLAPD_CONF`" ] ; then yasat-848/plugins/ldap.test-96- Display --indent 2 --text "disallow bind_anon" --result NOTFOUND --color ORANGE --advice LDAP_BIND_ANON ############################################## yasat-848/plugins/ldap.test-99-fi yasat-848/plugins/ldap.test:100:if [ -z "`grep '^[[:space:]]*require[[:space:]]authc' $OPENSLAPD_CONF`" ] ; then yasat-848/plugins/ldap.test-101- Display --indent 2 --text "require authc" --result NOTFOUND --color ORANGE --advice LDAP_REQUIRE_AUTHC ############################################## yasat-848/plugins/ldap.test-112- FOUND=0 yasat-848/plugins/ldap.test:113: PASS=`echo $line | sed 's/^.*rootpw[[:space:]]*//g'` yasat-848/plugins/ldap.test:114: if [ `echo $PASS |grep '{SHA}'` ] ; then yasat-848/plugins/ldap.test-115- Display --indent 2 --text "rootpw $PASS" --result SHA --color GREEN ############################################## yasat-848/plugins/ldap.test-117- fi yasat-848/plugins/ldap.test:118: if [ `echo $PASS |grep '{SSHA}'` ] ; then yasat-848/plugins/ldap.test-119- Display --indent 2 --text "rootpw $PASS" --result SSHA --color GREEN ############################################## yasat-848/plugins/ldap.test-122- yasat-848/plugins/ldap.test:123: if [ `echo $PASS |grep '{MD5}'` ] ; then yasat-848/plugins/ldap.test-124- Display --indent 2 --text "rootpw $PASS" --result MD5 --color GREEN ############################################## yasat-848/plugins/ldap.test-126- fi yasat-848/plugins/ldap.test:127: if [ `echo $PASS |grep '{SMD5}'` ] ; then yasat-848/plugins/ldap.test-128- Display --indent 2 --text "rootpw $PASS" --result SMD5 --color GREEN ############################################## yasat-848/plugins/ldap.test-130- fi yasat-848/plugins/ldap.test:131: if [ `echo $PASS |grep '{CLEARTEXT}'` ] ; then yasat-848/plugins/ldap.test-132- Display --indent 2 --text "rootpw $PASS" --result CLEARTEXT --color RED --advice LDAP_PASSWD_CLEAR ############################################## yasat-848/plugins/ldap.test-134- fi yasat-848/plugins/ldap.test:135: if [ `echo $PASS |grep '{CRYPT}'` ] ; then yasat-848/plugins/ldap.test-136- Display --indent 2 --text "rootpw $PASS" --result CRYPT --color GREEN ############################################## yasat-848/plugins/dns.test-39- NAMED_USER=`grep 'OPTIONS=' /etc/default/bind9 | cut -d\" -f2 |sed 's,.*-u,,g' | cut -d\ -f2` yasat-848/plugins/dns.test:40: NAMED_GROUP_ID="`grep ^${NAMED_USER}: /etc/passwd|cut -d\: -f4`" yasat-848/plugins/dns.test-41- if [ ! -z $NAMED_GROUP_ID ];then yasat-848/plugins/dns.test:42: NAMED_GROUP="`grep :${NAMED_GROUP_ID}: /etc/group | cut -d\: -f1`" yasat-848/plugins/dns.test-43- fi ############################################## yasat-848/plugins/dns.test-74- BIND_CONF="${SCAN_ROOT}${BIND_CHROOT_DIR}${LOCATION}" yasat-848/plugins/dns.test:75: BIND_CONF_DIR="`dirname $BIND_CONF`" yasat-848/plugins/dns.test-76- fi ############################################## yasat-848/plugins/dns.test-202-RECURSION=0 yasat-848/plugins/dns.test:203:for i in `cat $BIND_CONF_LOCATION_TO_TEST` yasat-848/plugins/dns.test-204-do ############################################## yasat-848/plugins/puppet.test-31- yasat-848/plugins/puppet.test:32:PUPPET_CONF="`dirname $PUPPET_CONF`/puppet.conf" yasat-848/plugins/puppet.test-33- ############################################## yasat-848/plugins/snmpd.test-41-# echo " $line" | sed 's/[[:space:]]/\ /g' yasat-848/plugins/snmpd.test:42: SECNAME=`echo $line | cut -d\ -f2` yasat-848/plugins/snmpd.test:43: SOURCE=`echo $line | cut -d\ -f3` yasat-848/plugins/snmpd.test:44: COMMUNITY="`echo $line | cut -d\ -f4`" yasat-848/plugins/snmpd.test:45: if [ -z "`echo $COMMUNITY | grep -iE 'public|private|snmp'`" ] ; then yasat-848/plugins/snmpd.test-46- Display --indent 4 --text "COMMUNITY" --result "$COMMUNITY" --color GREEN ############################################## yasat-848/plugins/snmpd.test-60- echo " $line" | sed 's/[[:space:]]/\ /g' yasat-848/plugins/snmpd.test:61: SECMODEL=`echo $line | cut -d\ -f3` yasat-848/plugins/snmpd.test-62- if [ "$SECMODEL" != "v1" ] ############################################## yasat-848/plugins/snmpd.test-73- echo " $line" | sed 's/[[:space:]]/\ /g' yasat-848/plugins/snmpd.test:74: LEVEL=`echo $line | cut -d\ -f4` yasat-848/plugins/snmpd.test:75: WRITE=`echo $line | cut -d\ -f8` yasat-848/plugins/snmpd.test-76- if [ "$LEVEL" != "any" -a $LEVEL != "v1" ] ############################################## yasat-848/plugins/logwatch.test-42- if [ $? -eq 0 ]; then yasat-848/plugins/logwatch.test:43: EXEC_FILE=`which $FILE` yasat-848/plugins/logwatch.test-44- fi ############################################## yasat-848/plugins/logwatch.test-61-if [ -z "$CONFIG_FILE" ]; then yasat-848/plugins/logwatch.test:62: for FILE in `find $CONFIG_PATH | grep 'logwatch.conf$'`; do yasat-848/plugins/logwatch.test-63- if [ -f "$FILE" ]; then ############################################## yasat-848/plugins/logwatch.test-92-FindValueOf $CONFIG_FILE tmpdir JUSTTEST INSENSITIVE yasat-848/plugins/logwatch.test:93:RESULTAT=`echo $RESULTAT | tr -d " ="` yasat-848/plugins/logwatch.test-94- ############################################## yasat-848/plugins/logwatch.test-106-if [ -d $TMP_DIR ]; then yasat-848/plugins/logwatch.test:107: OCTAL_RIGHTS=`stat -c %a $TMP_DIR` yasat-848/plugins/logwatch.test-108- compare_right $OCTAL_RIGHTS 750 YES ############################################## yasat-848/plugins/logwatch.test-122-FindValueOf $CONFIG_FILE save JUSTTEST INSENSITIVE yasat-848/plugins/logwatch.test:123:RESULTAT=`echo $RESULTAT | tr -d " ="` yasat-848/plugins/logwatch.test-124-if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:125: RESULTAT=`dirname $RESULTAT` yasat-848/plugins/logwatch.test-126- if [ -d "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:127: OCTAL_RIGHTS=`stat -c %a $RESULTAT` yasat-848/plugins/logwatch.test-128- compare_right $OCTAL_RIGHTS 750 YES ############################################## yasat-848/plugins/logwatch.test-147-FindValueOf $CONFIG_FILE detail JUSTTEST INSENSITIVE yasat-848/plugins/logwatch.test:148:RESULTAT=`echo $RESULTAT | tr -d " ="` yasat-848/plugins/logwatch.test-149-if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:150: RESULTAT=`echo $RESULTAT | tr '[:upper:]' '[:lower:]'` yasat-848/plugins/logwatch.test-151- case $RESULTAT in ############################################## yasat-848/plugins/logwatch.test-173-FindValueOf $CONFIG_FILE range JUSTTEST INSENSITIVE yasat-848/plugins/logwatch.test:174:RESULTAT=`echo $RESULTAT | tr -d " ="` yasat-848/plugins/logwatch.test-175-if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:176: RESULTAT=`echo $RESULTAT | tr '[:upper:]' '[:lower:]'` yasat-848/plugins/logwatch.test-177- case $RESULTAT in ############################################## yasat-848/plugins/logwatch.test-203- yasat-848/plugins/logwatch.test:204:LINES=`grep -i '^service' $CONFIG_FILE | sed 's/#.*//'` yasat-848/plugins/logwatch.test-205- yasat-848/plugins/logwatch.test-206-for line in $LINES; do yasat-848/plugins/logwatch.test:207: line=`echo "$line" | tr '[:upper:]' '[:lower:]' | sed 's/service//' | tr -d " =\""` yasat-848/plugins/logwatch.test-208- ############################################## yasat-848/plugins/logwatch.test-243-if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:244: LOGDIR=`echo $RESULTAT | tr -d " ="` yasat-848/plugins/logwatch.test-245- if [ ! -d $LOGDIR ]; then ############################################## yasat-848/plugins/logwatch.test-249- yasat-848/plugins/logwatch.test:250: OCTAL_RIGHTS=`stat -c %a $LOGDIR` yasat-848/plugins/logwatch.test-251- compare_right $OCTAL_RIGHTS 755 YES ############################################## yasat-848/plugins/logwatch.test-268- if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:269: RESULTAT=`echo $RESULTAT | tr -d ' ='` yasat-848/plugins/logwatch.test:270: LOGFILE=`echo ${LOGDIR}/${RESULTAT} | sed 's/\/\//\//'` yasat-848/plugins/logwatch.test-271- Display --indent 2 --text "Only $LOGFILE is checked." --result WARNING --color ORANGE --advice LOGWATCH_ONLY_ONE_LOGFILE ############################################## yasat-848/plugins/logwatch.test-282-if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:283: RESULTAT=`echo $RESULTAT | tr -d ' ='` yasat-848/plugins/logwatch.test-284- case $RESULTAT in ############################################## yasat-848/plugins/logwatch.test-305-if [ ! -z "$RESULTAT" ]; then yasat-848/plugins/logwatch.test:306: RESULTAT=`echo $RESULTAT | tr -d ' ='` yasat-848/plugins/logwatch.test-307- ############################################## yasat-848/plugins/openvpn.test-45-TESTNAME='YASAT_TEST_OPENVPN1 Check that openvpn configuration file is owned by root' yasat-848/plugins/openvpn.test:46:RESULTAT=`find $OPENVPN_CONF_REP ! -type l ! -user root -exec ls {} \;` yasat-848/plugins/openvpn.test-47-if [ ! -z "$RESULTAT" ] ;then ############################################## yasat-848/plugins/openvpn.test-53- yasat-848/plugins/openvpn.test:54:#RESULTAT=`find $OPENVPN_CONF_REP ! -type l ! -group $ROOTGROUP -exec ls {} \;` yasat-848/plugins/openvpn.test-55-#if [ ! -z "$RESULTAT" ] ############################################## yasat-848/plugins/openvpn.test-62- yasat-848/plugins/openvpn.test:63:#RESULTAT=`find $OPENVPN_CONF_REP ! -type l -perm $ORWX -exec ls {} \;` yasat-848/plugins/openvpn.test-64-#if [ ! -z "$RESULTAT" ] ############################################## yasat-848/plugins/openvpn.test-79-#TODO check that there some .conf file yasat-848/plugins/openvpn.test:80:OPENVPN_CONF_LIST=`ls ${OPENVPN_CONF_REP}/*.conf` yasat-848/plugins/openvpn.test-81-for i in $OPENVPN_CONF_LIST ############################################## yasat-848/yasat-179- shift yasat-848/yasat:180: for TEST in `echo $1 | sed 's/,/\n/g'`; yasat-848/yasat-181- do ############################################## yasat-848/yasat-486- echo "Skipped tests" yasat-848/yasat:487: for TEST in `echo $SKIPPED_TESTS`; do yasat-848/yasat-488- echo " $TEST" ############################################## yasat-848/yasat-502- echo "<i>Generated by YASAT $YASAT_VERSION </i>" >> "${HTML_OUTPUT}" yasat-848/yasat:503: cp "${YASAT_ROOT}/yasat.css" "`dirname ${HTML_OUTPUT}`" yasat-848/yasat-504-fi ############################################## yasat-848/yasat-506-if [ -d "$PLUGINS_REP" ] ; then yasat-848/yasat:507: LISTE_ADVICE="`ls $PLUGINS_REP/*.advice`" yasat-848/yasat-508- cat $LISTE_ADVICE | grep $ADVICELANG > ${YASAT_ROOT}/yasat.advices ############################################## yasat-848/yasat-512- if [ -z "$SKIPPED_TESTS" ] ; then yasat-848/yasat:513: LISTE_PLUGINS=`ls $PLUGINS_REP/*test` yasat-848/yasat-514- else yasat-848/yasat:515: SKIPPED_TESTS=`echo $SKIPPED_TESTS | tr " " "|"` yasat-848/yasat:516: LISTE_PLUGINS=`ls $PLUGINS_REP/*test | grep -Ev $SKIPPED_TESTS` yasat-848/yasat-517- fi ############################################## yasat-848/common-92- if [ -z "$suffix" ];then yasat-848/common:93: TMP_FILE="`mktemp --suffix=$suffix`" yasat-848/common-94- else ############################################## yasat-848/common-191- #clean possible double slash yasat-848/common:192: TEXT="`echo $1 | sed 's,//,/,g'`" yasat-848/common-193- if [ $HIDESR -ge 1 ];then yasat-848/common-194- #I use | because it is the only separator that I will be sure to be not present yasat-848/common:195: TEXT=`echo $1 | sed "s|$SCAN_ROOT||"` yasat-848/common-196- fi ############################################## yasat-848/common-217- else yasat-848/common:218: ADVICEVALUE="`grep ${ADVICE}= ${YASAT_ROOT}/yasat.advices | cut -d\= -f2-`" yasat-848/common-219- if [ -z "$ADVICEVALUE" ] ;then ############################################## yasat-848/common-221- fi yasat-848/common:222:# if [ -z "`echo ${RESULT} | grep -vEi 'warning$|found$'`" ] ;then yasat-848/common-223-# echo "= ${TEXT}" >> $REPORT_OUTPUT ############################################## yasat-848/common-247- # Display yasat-848/common:248: LINESIZE=`echo "${TEXT}" | wc -c | tr -d ' '` yasat-848/common:249: #SPACES=`expr ${MAXLINESIZE} - ${INDENT} - ${LINESIZE}` yasat-848/common-250- SPACES=$((${MAXLINESIZE}-${INDENT}-${LINESIZE})) yasat-848/common-251- if [ "$SPACES" -le 0 ] ;then yasat-848/common:252: TEXT1=`echo ${TEXT} | cut -b -50` yasat-848/common:253: LINESIZE=`echo "${TEXT1}" | wc -c | tr -d ' '` yasat-848/common:254: #SPACES=`expr ${MAXLINESIZE} - ${INDENT} - ${LINESIZE}` yasat-848/common-255- SPACES=$((${MAXLINESIZE}-${INDENT}-${LINESIZE})) yasat-848/common-256- ${ECHOCMD} "\033[${INDENT}C${TEXT1}\033[${SPACES}C${RESULTPART}\t${ADVICEVALUE}" yasat-848/common:257: TEXT2=`echo ${TEXT} | cut -b 51-` yasat-848/common-258- ${ECHOCMD} "!!\033[${INDENT}C${TEXT2}" yasat-848/common-259- else yasat-848/common:260: #SPACES=`expr ${MAXLINESIZE} - ${INDENT} - ${LINESIZE}` yasat-848/common-261- SPACES=$((${MAXLINESIZE}-${INDENT}-${LINESIZE})) ############################################## yasat-848/common-265- else yasat-848/common:266: ADVICE_LINE_SIZE=`echo "${ADVICEVALUE}" | wc -c | tr -d ' '` yasat-848/common:267: #FULLLINESIZE=`expr ${ADVICE_LINE_SIZE} + 80` yasat-848/common-268- FULLLINESIZE=$((${ADVICE_LINE_SIZE}+80)) ############################################## yasat-848/common-304- -i) yasat-848/common:305: tmp=`echo $cmp | tr 'A-Z' 'a-z'` yasat-848/common-306- #echo "DEBUG: $cmp to $tmp" ############################################## yasat-848/common-315- fi yasat-848/common:316: tmp=`echo $cmp | sed "s,$1,,g"` yasat-848/common-317- #echo "DEBUG: $cmp to $tmp" ############################################## yasat-848/common-366-# echo "" >> $3 yasat-848/common:367:# echo "== `cat yasat.advices |grep $ADVICE | cut -d\= -f2-` ==" >> $3 yasat-848/common-368-# echo "" >> $3 ############################################## yasat-848/common-374- ADVICEFOUND=0 yasat-848/common:375: LISTE_ADVICE="`ls ${PLUGINS_REP}/*.advice`" yasat-848/common-376- cat $LISTE_ADVICE | ############################################## yasat-848/common-382- #temporary yasat-848/common:383: if [ ! -z "`echo $line |grep ^${ADVICELANG},`" ];then yasat-848/common-384- ADVICEFOUND=0 ############################################## yasat-848/common-396- yasat-848/common:397: if [ ! -z "`echo $line |grep ${ADVICELANG},$1`" ];then yasat-848/common-398- ADVICEFOUND=1 ############################################## yasat-848/common-422- yasat-848/common:423:if [ "`echo $2 | cut -b1`" = '$' ] ;then yasat-848/common-424- Display --indent 2 --text "Apache user is a variable" --result INFO --color BLUE ############################################## yasat-848/common-458- yasat-848/common:459:if [ "`echo $2 | cut -b1`" = '$' ] ; then yasat-848/common-460- Display --indent 2 --text "Apache group is a variable" --result INFO --color BLUE ############################################## yasat-848/common-512-if [ $DO_INSENSITIVE -ge 1 ] ; then yasat-848/common:513: TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]" $1 |grep -v '^[[:space:]]*#' |tr '[:upper:]' '[:lower:]' |sed "s/^[[:space:]]*$2[[:space:]]*//g" |sed 's/#.*//g'|sed 's,[[:space:]]*,,'` yasat-848/common-514-else yasat-848/common:515: TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]" $1 |grep -v '^[[:space:]]*#' |sed "s/^[[:space:]]*$2[[:space:]]*//g" |sed 's/#.*//g'|sed 's,[[:space:]]*,,'` yasat-848/common-516-fi ############################################## yasat-848/common-527-fi yasat-848/common:528:if [ `echo "$TEMP" | wc -l` -ge 2 ];then yasat-848/common-529- if [ "$3" = 'MULTIPLE' ] ; then yasat-848/common:530:# export RESULTAT="`echo $TEMP | sed "s/[[:space:]]*$2[[:space:]]*//g"`" yasat-848/common-531- export RESULTAT="$TEMP" ############################################## yasat-848/common-540- FINDERROR='MULTIPLE' yasat-848/common:541: RESULTAT=`echo "$TEMP" | sort | uniq | head -n 1 |sed "s/^[[:space:]]*$2[[:space:]]*//g" | sed 's/#.*//g'` yasat-848/common-542- return 3; ############################################## yasat-848/common-544- yasat-848/common:545:if [ `echo "$TEMP" | wc -l` -eq 0 ] ; then yasat-848/common-546- if [ -z "$3" ] ;then ############################################## yasat-848/common-551- yasat-848/common:552:if [ `echo "$TEMP" | wc -l` -eq 1 ] ;then yasat-848/common:553:# export RESULTAT=`echo "${TEMP}" | sed "s/^[[:space:]]*[a-zA-Z0-9][a-zA-Z0-9]*[[:space:]]*//g" | sed 's/#.*//g'` yasat-848/common:554:# export RESULTAT=`echo "${TEMP}" | sed "s/^[[:space:]]*$2[[:space:]]*//g" | sed 's/#.*//g'` yasat-848/common-555- export RESULTAT="${TEMP}" ############################################## yasat-848/common-581-Debug "cherche la valeur de $2 dans $1" yasat-848/common:582:TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]*=" $1` yasat-848/common-583- ############################################## yasat-848/common-591-fi yasat-848/common:592:if [ `echo "$TEMP" | wc -l` -ge 2 ] yasat-848/common-593-then ############################################## yasat-848/common-597- yasat-848/common:598:if [ `echo "$TEMP" | wc -l` -eq 0 ] yasat-848/common-599-then ############################################## yasat-848/common-606- yasat-848/common:607:if [ `echo "$TEMP" | wc -l` -eq 1 ] yasat-848/common-608-then yasat-848/common:609: export RESULTAT=`echo $TEMP | sed "s/^[[:space:]]*$2[[:space:]]*=[[:space:]]*//g" | sed 's/[#;].*//g'` yasat-848/common-610-fi ############################################## yasat-848/common-635-Debug "cherche la valeur de $2 dans $1" yasat-848/common:636:TEMP=`grep -rih "^[[:space:]]*$2[[:space:]]*:" $1` yasat-848/common-637- ############################################## yasat-848/common-645-fi yasat-848/common:646:if [ `echo "$TEMP" | wc -l` -ge 2 ] yasat-848/common-647-then ############################################## yasat-848/common-651- yasat-848/common:652:if [ `echo "$TEMP" | wc -l` -eq 0 ] yasat-848/common-653-then ############################################## yasat-848/common-660- yasat-848/common:661:if [ `echo "$TEMP" | wc -l` -eq 1 ] yasat-848/common-662-then yasat-848/common:663: export RESULTAT=`echo $TEMP | sed "s/^[[:space:]]*$2[[:space:]]*:[[:space:]]*//g" | sed 's/#.*//g'` yasat-848/common-664-fi ############################################## yasat-848/common-695-Debug "cherche si $2 est dans $1" yasat-848/common:696:TEMP=`grep -rih "^ *$2" $1` yasat-848/common-697- ############################################## yasat-848/common-704-fi yasat-848/common:705:if [ `echo "$TEMP" | wc -l` -ge 2 ] yasat-848/common-706-then ############################################## yasat-848/common-709- yasat-848/common:710:if [ `echo "$TEMP" | wc -l` -eq 0 ] yasat-848/common-711-then ############################################## yasat-848/common-717- yasat-848/common:718:if [ `echo "$TEMP" | wc -l` -eq 1 ] yasat-848/common-719-then yasat-848/common:720: export RESULTAT=`echo $TEMP | sed "s/^.*$2\ //g" | cut -d\ -f1` yasat-848/common-721-## echo "=>$RESULTAT<=" ############################################## yasat-848/common-856- fi yasat-848/common:857: WANT_U="`echo $2 | cut -c1`" yasat-848/common:858: TEST_U="`echo $1 | cut -c1`" yasat-848/common:859: WANT_G="`echo $2 | cut -c2`" yasat-848/common:860: TEST_G="`echo $1 | cut -c2`" yasat-848/common:861: WANT_O="`echo $2 | cut -c3`" yasat-848/common:862: TEST_O="`echo $1 | cut -c3`" yasat-848/common-863-# echo "$WANT_U vs $TEST_U" ############################################## yasat-848/common-898- fi yasat-848/common:899: FINGERPRINT="` openssl x509 -in \"$1\" -fingerprint -noout | cut -d\= -f2`" yasat-848/common:900: if [ -z "`grep $FINGERPRINT certdata.txt`" ];then yasat-848/common-901- echo "$FINGERPRINT $1 $line" >> xp-cert.out ############################################## yasat-848/common-907- openssl x509 -in "$1" -text > $TMPF yasat-848/common:908: CERT_CN="`grep 'Subject:.*CN=' $TMPF | sed 's,.*CN=,,' |sed 's/,.*//' |sed 's,/emailAddress=.*,,'`" yasat-848/common-909- if [ ! -z "$CERT_CN" ];then ############################################## yasat-848/common-911- echo "Found xxx${CERT_CN}xxx" yasat-848/common:912: if [ -z "`grep \"CN=${CERT_CN},\" certdata.txt`" ];then yasat-848/common-913- echo "$line" >> xp-cert.out ############################################## yasat-848/common-917- else yasat-848/common:918: CERT_OU="`grep 'Subject:.*OU=' $TMPF | sed 's,.*\,[[:space:]]*OU=,,' | sed 's,/emailAddress=.*,,'`" yasat-848/common-919- echo "$CERT_OU" >> xp-cert.log yasat-848/common-920- echo "Found xxx${CERT_OU}xxx" yasat-848/common:921: if [ -z "`grep \"OU=${CERT_OU},\" certdata.txt`" ];then yasat-848/common-922- echo "$line" >> xp-cert.out ############################################## yasat-848/common-1002- yasat-848/common:1003: SIGN_ALGO="`grep 'Signature Algorithm:' $CERT_TMP_RESULT | cut -d\: -f2 | sort | uniq`" yasat-848/common-1004- if [ ! -z "$SIGN_ALGO" ] ; then ############################################## yasat-848/common-1006- do yasat-848/common:1007: if [ ! -z "`echo $signalgo |grep -iE 'md5WithRSAEncryption|md2WithRSAEncryption'`" ] ; then yasat-848/common-1008- Display --indent $INDENT --text "Signature Algorithm: $signalgo" --result BAD --color RED --advice GLOBAL_UNSECURE_SIGN_ALGO ############################################## yasat-848/common-1019- #get Public-Key: size yasat-848/common:1020: PUBKEYSIZE="`grep 'Public.Key:' $CERT_TMP_RESULT | cut -d\( -f2 | cut -d\ -f1`" yasat-848/common-1021- if [ -z "$PUBKEYSIZE" -a "$SIGN_ALGO" = 'ecdsa-with-SHA384' ] ; then ############################################## yasat-848/common-1065- fi yasat-848/common:1066: if [ -z "`grep ^${SSH_KEYS_GROUP}: $SCAN_ROOT/etc/group`" ];then yasat-848/common-1067- SSH_KEYS_GROUP="$ROOTGROUP" ############################################## yasat-848/common-1074- fi yasat-848/common:1075: if [ ! -z "`grep 'SSH PRIVATE KEY FILE FORMAT 1.1' $1`" ];then yasat-848/common-1076- # I do not found a way to easily found informations stored in this format ############################################## yasat-848/common-1086- #for the moment, I just test for this Proc-Type: 4,ENCRYPTED to know if a private key is password protected yasat-848/common:1087: if [ -z "`grep 'Proc-Type: 4,ENCRYPTED' $1`" ] ; then yasat-848/common-1088- PASSWORD_PROTECTED='no' ############################################## yasat-848/common-1091- #check for encryption type yasat-848/common:1092: ENCRYPT_METHOD="`grep '^DEK-Info:' $1 |cut -d\ -f2 | cut -d\, -f1`" yasat-848/common-1093- if [ "$ENCRYPT_METHOD" = 'DES-CBC' ];then ############################################## yasat-848/common-1108- TMP_RESULT="${TEMPYASATDIR}/ssl.out" yasat-848/common:1109: KEYTYPE="`grep 'BEGIN.*PRIVATE KEY-----' $1 | cut -d\ -f2`" yasat-848/common-1110- if [ "$KEYTYPE" = 'PRIVATE' ] ; then ############################################## yasat-848/common-1115- fi yasat-848/common:1116: if [ ! -z "`grep -i rsa $TMP_RESULT`" ] ; then yasat-848/common-1117- KEYTYPE='RSA' ############################################## yasat-848/common-1124- if [ $? -eq 0 ] ; then yasat-848/common:1125: KEYSIZE="`grep 'Private-Key' $TMP_RESULT |cut -d\ -f2 | cut -d\( -f2`" yasat-848/common-1126- if [ $KEYSIZE -lt 2048 ] ; then ############################################## yasat-848/common-1182-# echo "$line" yasat-848/common:1183: RESULTAT=`echo $line | awk '{print $7 }'` yasat-848/common-1184- if [ ! -z "$RESULTAT" ] yasat-848/common-1185- then yasat-848/common:1186: TMP_CRONUSER=`echo $line | awk '{print $6 }'` yasat-848/common-1187- echo "$line" ############################################## yasat-848/common-1228- if [ "$3" != 'NULL' ] ; then yasat-848/common:1229: USER="`stat $STAT_USER $1`" yasat-848/common-1230- if [ "$USER" != "$3" ] ; then ############################################## yasat-848/common-1235- if [ "$4" != 'NULL' ] ; then yasat-848/common:1236: GROUP="`stat $STAT_GROUP $1`" yasat-848/common-1237- if [ "$GROUP" != "$4" ] ; then ############################################## yasat-848/common-1242- if [ "$5" != 'NULL' ] ; then yasat-848/common:1243: RIGHT="`stat $STAT_RIGHT $1`" yasat-848/common-1244- compare_right $RIGHT $5 YES ############################################## yasat-848/common-1289- if [ -L $1 ] ; then yasat-848/common:1290: TARGET="`readlink $1`" yasat-848/common:1291:# if [ "$TARGET" = "`basename $TARGET`" ] ; then yasat-848/common:1292: if [ ! -z "`echo $TARGET |grep '\./' `" ] ; then yasat-848/common:1293: BINARY_TO_CHECK="`dirname $1`/`readlink $1`" yasat-848/common-1294- else ############################################## yasat-848/common-1299- GOOD=1 yasat-848/common:1300: USER="`stat $STAT_USER $BINARY_TO_CHECK`" yasat-848/common:1301: GROUP="`stat $STAT_GROUP $BINARY_TO_CHECK`" yasat-848/common:1302: RIGHT="`stat $STAT_RIGHT $BINARY_TO_CHECK`" yasat-848/common:1303: RIGHT_L="`echo $RIGHT | wc -c`" yasat-848/common-1304- if [ "$USER" != 'root' ] ; then ############################################## yasat-848/common-1325- #not common right yasat-848/common:1326: RIGHT_O="`echo $RIGHT | cut -b 4`" yasat-848/common-1327- Display --indent $2 --text "$BINARY_TO_CHECK is a spetial binary (suid etc)" --result WARNING --color RED ############################################## yasat-848/common-1330- #common right yasat-848/common:1331: RIGHT_O="`echo $RIGHT | cut -b 3`" yasat-848/common-1332- case $3 in ############################################## yasat-848/common-1359- else yasat-848/common:1360: if [ -z "`readelf -h $BINARY_TO_CHECK 2>/dev/null| grep 'Type:'`" ] ; then yasat-848/common-1361- Display --indent $2 --text "$BINARY_TO_CHECK isnt a binary according to readelf" --result BAD --color ORANGE ############################################## yasat-848/common-1429- find "$1" ! -user $2 > $3 yasat-848/common:1430: RESULTAT=`cat $3 | wc -l` yasat-848/common-1431- if [ $RESULTAT -eq 0 ];then ############################################## yasat-848/common-1474- find "$1" ! -group "$2" > "$3" yasat-848/common:1475: RESULTAT=`cat "$3" | wc -l` yasat-848/common-1476- if [ $RESULTAT -eq 0 ] ;then ############################################## yasat-848/common-1522- find "$1" ! -type l -perm $ORWX > $2 yasat-848/common:1523: RESULTAT=`cat $2 | wc -l` yasat-848/common-1524- if [ $RESULTAT -eq 0 ] ;then ############################################## yasat-848/common-1564- find "$1" ! -type l -perm $PERM_GW > $3 yasat-848/common:1565: RESULTAT=`cat $3 | wc -l` yasat-848/common-1566- if [ $RESULTAT -eq 0 ] ############################################## yasat-848/common-1621- if [ -e "$SCAN_ROOT/${LOCATION}/apache.conf" -o -e "$SCAN_ROOT/${LOCATION}/httpd.conf" -o "$SCAN_ROOT/${LOCATION}/apache2.conf" ] ;then yasat-848/common:1622: export APACHE_CONF_REP="`echo $SCAN_ROOT/${LOCATION} | sed 's,//*,/,g'`" yasat-848/common-1623- return 0; ############################################## yasat-848/common-1637- fi yasat-848/common:1638: if [ `cat $TEMPYASATDIR/apache_list | wc -l` -ge 2 ];then yasat-848/common-1639- Display --indent 2 --text "I will scan only the first apache" --result WARN --color ORANGE yasat-848/common-1640- fi yasat-848/common:1641: export APACHE_CONF_REP=`head -n1 $TEMPYASATDIR/apache_list | sed 's,//*,/,g'` yasat-848/common-1642-} ############################################## yasat-848/common-1714- else yasat-848/common:1715: SERVERROOT=`echo $RESULTAT | sed 's/^\"//' | sed 's/\"$//'` yasat-848/common-1716- fi ############################################## yasat-848/common-1720- do yasat-848/common:1721:# TMP_FILES="`echo \"$line\" | sed 's/^[[:space:]]*include[[:space:]]*//gI'`" yasat-848/common-1722-# echo "$TMP_FILES" yasat-848/common-1723- #Check for relative files yasat-848/common:1724: FIRST_CHAR=`echo $TMP_FILES | cut -b 1` yasat-848/common-1725- if [ "$FIRST_CHAR" != "/" ];then ############################################## yasat-848/common-1779- if [ $? -eq 0 ];then yasat-848/common:1780: #if [ ! -z `echo "$line" | grep '/\*'` ];then yasat-848/common-1781- #echo "MATCH begin $line" ############################################## yasat-848/common-1787- echo "$line" | grep -q '\*/' yasat-848/common:1788: #if [ ! -z "`echo $line | grep '\*/'`" ];then yasat-848/common-1789- if [ $? -eq 0 ];then ############################################## yasat-848/common-1826- if [ ! -z "$RESULTAT" ];then yasat-848/common:1827: bind_base_dir="${BIND_CHROOT_DIR}`echo $RESULTAT | sed 's,\",,g'| sed 's,;,,'`" yasat-848/common-1828- fi ############################################## yasat-848/common-1833- do yasat-848/common:1834: local FIRST_CHAR=`echo $bind_conf_include | cut -b 1` yasat-848/common-1835- if [ "$FIRST_CHAR" != "/" ];then ############################################## yasat-848/common-1891- do yasat-848/common:1892: for include_file in `ls $2/$dovecot_conf_include` yasat-848/common-1893- do ############################################## yasat-848/common-1939- #Check for relative files yasat-848/common:1940: FIRST_CHAR=`echo $TMP_FILES | cut -b 1` yasat-848/common-1941- if [ "$FIRST_CHAR" != "/" ] ############################################## yasat-848/common-1978- RESULTAT='' yasat-848/common:1979: EL_MOUNT=`grep -v '^#' ${SCAN_ROOT}/etc/fstab |grep "$1/*[[:space:]]"` yasat-848/common-1980- if [ "$2" = 'SEPARATE' ] ; then ############################################## yasat-848/common-1997- fi yasat-848/common:1998: RESULTAT=`echo $EL_MOUNT | sed 's/[[:space:]]/ /g' | cut -d\ -f4` yasat-848/common-1999- if [ $# -ge 3 ] ; then ############################################## yasat-848/common-2033- fi yasat-848/common:2034: if [ -z "`echo $RESULTAT | grep -i $wflag`" ] ;then yasat-848/common-2035- Display --indent 4 --text "$PART_NAME dont have $wflag" --result NOTFOUND --color ORANGE --advice $PART_ADV ############################################## yasat-848/common-2054- fi yasat-848/common:2055: RESULTAT=`echo $EL_MOUNT | sed 's/[[:space:]]/ /g' | cut -d\ -f4` yasat-848/common-2056-# Display --indent 2 --text "$1 is on a separate partition" --result FOUND --color GREEN ############################################## yasat-848/common-2077-then yasat-848/common:2078: RESULTAT=`stat -f %Mp%Lp $1` yasat-848/common-2079-else yasat-848/common:2080: RESULTAT=`stat --format=%a $1` yasat-848/common-2081-fi ############################################## yasat-848/common-2103-then yasat-848/common:2104: RESULTAT=`stat -f %Lp $1` yasat-848/common-2105-else yasat-848/common:2106: RESULTAT=`stat --format=%a $1` yasat-848/common-2107-fi ############################################## yasat-848/common-2129-# echo $line yasat-848/common:2130: if [ ! -z "`echo $line | grep -i '^VHOST'`" ] yasat-848/common-2131- then ############################################## yasat-848/common-2134- fi yasat-848/common:2135: if [ ! -z "`echo $line | grep -i '^ENDHOST'`" ] yasat-848/common-2136- then ############################################## yasat-848/common-2139- fi yasat-848/common:2140: if [ ! -z "`echo $line | grep -i '^ALIAS'`" ] yasat-848/common-2141- then ############################################## yasat-848/common-2148- fi yasat-848/common:2149: if [ ! -z "`echo $line | grep -i '^PASSWORD'`" ] yasat-848/common-2150- then ############################################## yasat-848/common-2157- fi yasat-848/common:2158: if [ ! -z "`echo $line | grep -i '^DENYFROMALL'`" ] yasat-848/common-2159- then ############################################## yasat-848/common-2166- fi yasat-848/common:2167: if [ ! -z "`echo $line | grep -i '^AUTHFILE'`" ] yasat-848/common-2168- then ############################################## yasat-848/common-2175- fi yasat-848/common:2176: if [ ! -z "`echo $line | grep -i '^DIRECTORY'`" ] yasat-848/common-2177- then ############################################## yasat-848/common-2184- fi yasat-848/common:2185: if [ ! -z "`echo $line | grep -i '^LOCATION'`" ] yasat-848/common-2186- then ############################################## yasat-848/common-2193- fi yasat-848/common:2194: if [ ! -z "`echo $line | grep -i '^HLOC'`" ] yasat-848/common-2195- then ############################################## yasat-848/common-2202- fi yasat-848/common:2203: if [ ! -z "`echo $line | grep -i '^PROXY'`" ] yasat-848/common-2204- then ############################################## yasat-848/common-2211- fi yasat-848/common:2212: if [ ! -z "`echo $line | grep -i '^JKMOUNT'`" ] yasat-848/common-2213- then ############################################## yasat-848/common-2220- fi yasat-848/common:2221: if [ ! -z "`echo $line | grep -i '^SERVERNAME'`" ] yasat-848/common-2222- then ############################################## yasat-848/common-2229- fi yasat-848/common:2230: if [ ! -z "`echo $line | grep -i '^DEFLATE'`" ] ; then yasat-848/common-2231- if [ $NUMINDENT -ge 2 ] ; then ############################################## yasat-848/common-2236- fi yasat-848/common:2237: if [ ! -z "`echo $line | grep -i '^PHP_ADMIN_VALUE'`" ] ; then yasat-848/common-2238- if [ $NUMINDENT -ge 2 ] ; then ############################################## yasat-848/common-2243- fi yasat-848/common:2244: if [ ! -z "`echo $line | grep -i '^SSL=1'`" ] ; then yasat-848/common-2245- if [ $NUMINDENT -ge 2 ] ; then ############################################## yasat-848/common-2267-#echo "->$1" yasat-848/common:2268:export RESULTAT=`echo $1 | sed 's/^[[:space:]]*<[[:space:]]*[a-zA-Z0-9][a-zA-Z0-9]*[[:space:]]*//g'| sed 's/[[:space:]]*>.*//g' | cut -d\" -f2` yasat-848/common-2269-#echo $1 | sed 's/^[[:space:]]*<[[:space:]]*//g' ############################################## yasat-848/common-2437- if [ "$LIST_PKG" = "dpkg" -o "$LIST_PKG" = "apt-get" ] ;then yasat-848/common:2438: PKGLIST="`dpkg -l |grep ^ii |grep -i $1`" yasat-848/common-2439- if [ -z "$PKGLIST" ] ;then ############################################## yasat-848/common-2447- if [ "$LIST_PKG" = "rpm" ] ;then yasat-848/common:2448: PKGLIST="`rpm -qa |grep ^$1`" yasat-848/common-2449- if [ -z "$PKGLIST" ] ;then ############################################## yasat-848/common-2458- #TODO could be better yasat-848/common:2459: PKGLIST="`equery -C -q l $1`" yasat-848/common-2460- if [ -z "$PKGLIST" ] ;then ############################################## yasat-848/common-2468- if [ "$LIST_PKG" = "pacman" ] ;then yasat-848/common:2469: PKGLIST="`pacman -Q | grep ^$1`" yasat-848/common-2470- if [ -z "$PKGLIST" ] ;then ############################################## yasat-848/common-2478- if [ "$LIST_PKG" = 'pkg_' ];then yasat-848/common:2479: if [ -z "`pkg_info |grep ^${1}-`" ];then yasat-848/common-2480- export RESULTAT='no' ############################################## yasat-848/common-2519- if [ -e "$SCAN_ROOT/etc/rc.d" ] ; then yasat-848/common:2520: if [ -z "`find $SCAN_ROOT/etc/rc.d |grep $1`" ] ;then yasat-848/common-2521- RESULTAT='no' ############################################## yasat-848/common-2531- if [ -e "$SCAN_ROOT/etc/runlevels/" ] ; then yasat-848/common:2532: if [ -z "`find $SCAN_ROOT/etc/runlevels |grep $1`" ] ;then yasat-848/common-2533- RESULTAT='no' ############################################## yasat-848/common-2543- if [ -e "$SCAN_ROOT/etc/rc2.d/" ] ; then yasat-848/common:2544: if [ -z "`find $SCAN_ROOT/etc/rc2.d |grep $1`" ] ;then yasat-848/common-2545- RESULTAT='no' ############################################## yasat-848/common-2572- #could be better yasat-848/common:2573: if [ ! -z "`find /etc/rc* |grep -i $1`" ] yasat-848/common-2574- then ############################################## yasat-848/common-2584- if [ "$LINUX_VERSION" = "Gentoo" ] ; then yasat-848/common:2585:# RUNLEVEL="`rc-update show 2>> $ERROR_OUTPUT_FILE | grep $1 `" yasat-848/common-2586-# if [ $? -ne 0 ] ; then ############################################## yasat-848/common-2601- if [ -e /etc/rc.conf ];then yasat-848/common:2602: if [ ! -z "`grep $1_enable= /etc/rc.conf |grep YES`" ];then yasat-848/common-2603- RESULTAT='yes' ############################################## yasat-848/common-2687- #check if $1 contain a * yasat-848/common:2688: if [ ! -z "`echo $1 |grep '*'`" ] ; then yasat-848/common-2689- return ; ############################################## yasat-848/common-2734- fi yasat-848/common:2735: RES_FILE_WITH_DIRECTIVE="`grep -rli $2 $1 | head -n 1`" yasat-848/common-2736- #manpage said that -l return only one line but it seems false ############################################## yasat-848/common-2814- fi yasat-848/common:2815: export RESULTAT="`echo $2 | sed 's/^[[:space:]]*//' | sed 's,#.*,,' | sed 's,[[:space:]][[:space:]]*, ,g' | cut -d\ -f2`" yasat-848/common-2816-} ############################################## yasat-848/common-2900- do yasat-848/common:2901: if [ -z "`echo $2 | grep -Ei \"!${ciph}(:|$)\"`" ] ; then yasat-848/common-2902- Display --indent $1 --text "Cipher $ciph" --result ACTIVE --color ORANGE ############################################## yasat-848/common-2906- done yasat-848/common:2907:# export RESULTAT="`echo $2 | sed 's/^[[:space:]]*//' | sed 's,#.*,,' | sed 's,[[:space:]][[:space:]]*, ,g' | cut -d\ -f2`" yasat-848/common-2908-} ############################################## yasat-848/common-2950- else yasat-848/common:2951: TESTNAME_ID="`echo $TESTNAME | cut -d\ -f1`" yasat-848/common:2952: TESTNAME_TEXT="`echo $TESTNAME | cut -d\ -f2- | sed 's/[A-Z][A-Z]*ID=[0-9,-]*[[:space:]]//' | sed 's/NSAG=[0-9,\.-]*[[:space:]]//'`" yasat-848/common-2953- fi ############################################## yasat-848/common-3108- echo "<html><head><link href='./yasat.css' rel='stylesheet' type='text/css'></head><table> yasat-848/common:3109: `cat ${HTML_COMPLIANCE_OUTPUT_PREFIX}_NSAG` yasat-848/common-3110- </table>" > ${HTML_COMPLIANCE_OUTPUT_PREFIX}_NSAG.html ############################################## yasat-848/common-3113- echo "<html><head><link href='./yasat.css' rel='stylesheet' type='text/css'></head><table> yasat-848/common:3114: `cat ${HTML_COMPLIANCE_OUTPUT_PREFIX}_YASAT` yasat-848/common-3115- </table>" > ${HTML_COMPLIANCE_OUTPUT_PREFIX}_YASAT.html ############################################## yasat-848/common-3117- yasat-848/common:3118: if [ ! -z "`echo $DO_COMPLIANCE |grep -iE 'CCE|all'`" ];then yasat-848/common:3119: NBCCE=`grep ^CCE $COMPLIANCE_OUTPUT | sort | uniq | wc -l` yasat-848/common:3120: NBCCE_REAL=`grep ^CCE $COMPLIANCE_OUTPUT | grep 'OK,' | sort | uniq | wc -l` yasat-848/common:3121: NBCCE_OK=`grep ^CCE $COMPLIANCE_OUTPUT | grep ',OK,' | sort | uniq | wc -l` yasat-848/common:3122: NBCCE_NOTIMPL=`grep ^CCE $COMPLIANCE_OUTPUT | grep ',NOTIMPL,' | sort | uniq | wc -l` yasat-848/common:3123: NBCCE_NOTTESTED=`grep ^CCE $COMPLIANCE_OUTPUT | grep ',NOTTESTED,' | sort | uniq | wc -l` yasat-848/common-3124- if [ $NBCCE -ge 1 ] ; then ############################################## yasat-848/common-3133- yasat-848/common:3134: if [ ! -z "`echo $DO_COMPLIANCE |grep -iE 'NSA|all'`" ];then yasat-848/common:3135: NBNSAG=`grep ^NSAG $COMPLIANCE_OUTPUT | sort | uniq | wc -l` yasat-848/common:3136: NBNSAG_REAL=`grep ^NSAG $COMPLIANCE_OUTPUT | grep 'OK,' | sort | uniq | wc -l` yasat-848/common:3137: NBNSAG_OK=`grep ^NSAG $COMPLIANCE_OUTPUT | grep ',OK,' | sort | uniq | wc -l` yasat-848/common:3138: NBNSAG_NOK=`grep ^NSAG $COMPLIANCE_OUTPUT | grep ',NOK,' | sort | uniq | wc -l` yasat-848/common:3139: NBNSAG_NOTIMPL=`grep ^NSAG $COMPLIANCE_OUTPUT | grep ',NOTIMPL,' | sort | uniq | wc -l` yasat-848/common:3140: NBNSAG_NOTTESTED=`grep ^NSAG $COMPLIANCE_OUTPUT | grep ',NOTTESTED,' | sort | uniq | wc -l` yasat-848/common-3141- ############################################## yasat-848/common-3173- fi yasat-848/common:3174: if [ ! -z "`echo $DO_COMPLIANCE |grep -iE 'yasat|all'`" ];then yasat-848/common-3175- echo "RED $YASAT_STAT_RED ORANGE $YASAT_STAT_ORANGE GREEN $YASAT_STAT_GREEN" ############################################## yasat-848/common-3196-# echo "<html><head></head><table> yasat-848/common:3197:# `cat $HTML_COMPLIANCE_BODY_OUTPUT` yasat-848/common-3198-# </table> ############################################## yasat-848/common-3217- fi yasat-848/common:3218: RESULTAT="`grep ^$1 $Get_sysctl_tmp | sed 's,^.*=[[:space:]]*,,'`" yasat-848/common-3219- rm "$Get_sysctl_tmp" ############################################## yasat-848/common-3241- fi yasat-848/common:3242: RESULTAT=`grep "$1[[:space:]][[:space:]]*$2" $Get_limits_tmp |sed 's/[[:space:]][[:space:]]*/ /g' | cut -d\ -f4` yasat-848/common-3243- rm "$Get_limits_tmp" ############################################## yasat-848/common-3270- #TODO SCAN_ROOT yasat-848/common:3271: PATH_TO_TOOL="`which $1 2>> $ERROR_OUTPUT_FILE`" yasat-848/common-3272- if [ $? -ne 0 ];then ############################################## yasat-848/common-3277- else yasat-848/common:3278: POSSIBLE_PATH="`echo $PATH | tr \: \ `" yasat-848/common-3279- for ppath in $POSSIBLE_PATH ############################################## yasat-848/common-3353- Display --indent 2 --text "Process $1" --result FOUND --color BLUE yasat-848/common:3354: FIND_PROCESS_USER="`cut -d\ -f1 $TEMPYASATDIR/find_process.tmp`" yasat-848/common-3355- for find_process_user in $FIND_PROCESS_USER ############################################## yasat-848/common-3401- local chroot_tgt yasat-848/common:3402: pid="`cut -d\ -f2 $TEMPYASATDIR/find_process.tmp`" yasat-848/common:3403: chroot_tgt=`readlink /proc/$pid/root` yasat-848/common:3404: inum="`stat --format=%i $chroot_tgt`" yasat-848/common-3405- if [ $? -ne 0 ];then ############################################## yasat-848/osdetection-151- MYSQLD_PACKAGE_NAME='mysql-common' yasat-848/osdetection:152: if [ ! -z `echo $OS_VERSION |grep '^5[\.0-9]*'` ] ;then yasat-848/osdetection-153- OS_NICKNAME="Lenny" ############################################## yasat-848/osdetection-155- fi yasat-848/osdetection:156: if [ ! -z `echo $OS_VERSION |grep '^4[\.0-9]*'` ] ;then yasat-848/osdetection-157- OS_NICKNAME="Etch" ############################################## yasat-848/osdetection-159- fi yasat-848/osdetection:160: if [ ! -z `echo $OS_VERSION |grep '^6[\.0-9]*'` ] ;then yasat-848/osdetection-161- OS_NICKNAME="Squeeze" ############################################## yasat-848/osdetection-163- fi yasat-848/osdetection:164: if [ ! -z "`echo $OS_VERSION |grep '^7[\.0-9]*'`" -o ! -z "`echo $OS_VERSION |grep -i wheezy`" ] ;then yasat-848/osdetection-165- OS_NICKNAME="Wheezy" ############################################## yasat-848/osdetection-167- fi yasat-848/osdetection:168: if [ ! -z `echo $OS_VERSION |grep 'jessie'` ];then yasat-848/osdetection-169- OS_NICKNAME="Jessie" ############################################## yasat-848/osdetection-192- OS_FULLNAME="Debian ${OS_VERSION}" yasat-848/osdetection:193: if [ ! -z `echo $OS_VERSION |grep '^5[\.0-9]*' ` ] ;then yasat-848/osdetection-194- OS_NICKNAME="Lenny" ############################################## yasat-848/osdetection-196- fi yasat-848/osdetection:197: if [ ! -z `echo $OS_VERSION |grep '^4[\.0-9]*' ` ];then yasat-848/osdetection-198- OS_NICKNAME="Etch" ############################################## yasat-848/osdetection-200- fi yasat-848/osdetection:201: if [ ! -z `echo $OS_VERSION |grep 'jessie'` ];then yasat-848/osdetection-202- OS_NICKNAME="Jessie" ############################################## yasat-848/osdetection-211- if [ -e "/etc/gentoo-release" ]; then yasat-848/osdetection:212: OS_FULLNAME=`cat /etc/gentoo-release | awk '{ print $5 }' | cut -d '.' -f1,2`; yasat-848/osdetection-213- LINUX_VERSION="Gentoo" ; ############################################## yasat-848/Makefile-22-#test_space_end: yasat-848/Makefile:23:# @echo "`grep -nri \"[[:space:]][[:space:]]*$\" .`" yasat-848/Makefile-24-