[hntool] push by hugodoria - Some code refactoring. on 2010-08-31 13:51 GMT

0 views

Skip to first unread message

hnt...@googlecode.com

unread,

Aug 31, 2010, 9:51:55 AM8/31/10

to hnt...@googlegroups.com

Revision: a6aecc0be6
Author: Hugo Doria <hugo...@gmail.com>
Date: Mon Aug 30 10:28:56 2010
Log: Some code refactoring.
http://code.google.com/p/hntool/source/detail?r=a6aecc0be6

Modified:
/.hgignore
/HnTool/modules/apache.py
/HnTool/modules/proftpd.py
/HnTool/modules/ssh.py
/HnTool/modules/system-wide.py
/HnTool/output/terminal.py

=======================================
--- /.hgignore Sun Apr 4 11:35:35 2010
+++ /.hgignore Mon Aug 30 10:28:56 2010
@@ -1,5 +1,6 @@
syntax: glob

+*.tmproj
*.pyc
*.pyo
*.bak
=======================================
--- /HnTool/modules/apache.py Sun Aug 22 07:48:58 2010
+++ /HnTool/modules/apache.py Mon Aug 30 10:28:56 2010
@@ -25,6 +25,7 @@
import stat
from HnTool.modules.rule import MasterRule

+# Review this module. Improve the code
class Rule(MasterRule):
def __init__(self, options):
MasterRule.__init__(self, options)
=======================================
--- /HnTool/modules/proftpd.py Sun Aug 22 07:48:58 2010
+++ /HnTool/modules/proftpd.py Mon Aug 30 10:28:56 2010
@@ -41,20 +41,20 @@
proftpd_conf_file_found = True

# Checking if ProFTPd is using the default port
- if 'Port' in lines:
- if int(lines['Port']) == 21:
+ if lines.has_key('Port'):
+ if int(lines.get('Port')) == 21:
check_results['info'].append('ProFTPd is running under default port
(21)')
- elif int(lines['Port']) != 21:
+ else:
check_results['info'].append('ProFTPd is running under port ' +
- lines['Port'])
+ lines.get('Port'))
else: # if we didn't found 'Ports' in lines than ProFTPd uses the
default one
check_results['info'].append('ProFTPd is running under default port
(21)')

# Checking if ProFTPd allows more than 3 login attempts
- if 'MaxLoginAttempts' in lines:
- if int(lines['MaxLoginAttempts']) > 3:
+ if lines.has_key('MaxLoginAttempts'):
+ if int(lines.get('MaxLoginAttempts')) > 3:
check_results['medium'].append('ProFTPd allows more than 3 login
attempts')
- elif int(lines['MaxLoginAttempts']) <= 3:
+ else:
check_results['ok'].append('ProFTPd does not allows more than 3
login attempts')
else:
# if we didn't found 'MaxLoginAttempts' in lines than ProFTPd uses the
@@ -62,10 +62,10 @@
check_results['medium'].append('ProFTPd allows more than 3 login
attempts')

# Checking if ProFTPd allows root login
- if 'RootLogin' in lines:
- if lines['RootLogin'] == 'on':
+ if lines.has_key('RootLogin'):
+ if lines.get('RootLogin') == 'on':
check_results['medium'].append('ProFTPd allows root login')
- elif lines['RootLogin'] == 'off':
+ else:
check_results['ok'].append('ProFTPd does not allows root login')
else:
# if we didn't found 'RootLogin' in lines than ProFTPd uses the
@@ -73,23 +73,24 @@
check_results['ok'].append('ProFTPd does not allows root login')

# Checking if ProFTPd allows footprinting
- if 'ServerIdent' in lines:
- if lines['ServerIdent'] == 'on':
+ if lines.has_key('ServerIdent'):
+ if lines.get('ServerIdent') == 'on':
check_results['medium'].append('ProFTPd allows footprinting')
- elif lines['ServerIdent'] == 'off':
+ else:
check_results['ok'].append('ProFTPd does not allows footprinting')
else:
- check_results['ok'].append('ProFTPd allows footprinting')
+ check_results['medium'].append('ProFTPd allows footprinting')

# Checking if we chroot users into the ftp users' home directory
- if 'DefaultRoot' in lines:
- if lines['DefaultRoot'] != '~':
+ if lines.has_keys('DefaultRoot'):
+ if lines.get('DefaultRoot') != '~':
check_results['medium'].append('ProFTPd does not chroot users')
- elif lines['DefaultRoot'] != '~':
+ else:
check_results['ok'].append('ProFTPd chroot users')
else:
check_results['medium'].append('ProFTPd does not chroot users')

+#TODO: remove this line and use the requires method
if not proftpd_conf_file_found:
check_results['info'].append('Could not find a proftpd.conf file')

=======================================
--- /HnTool/modules/ssh.py Sun Aug 22 07:48:58 2010
+++ /HnTool/modules/ssh.py Mon Aug 30 10:28:56 2010
@@ -43,8 +43,8 @@
lines = HnTool.modules.util.hntool_conf_parser(sshd_conf)

# Checking if SSH is using the default port
- if 'Port' in lines:
- if int(lines['Port']) == 22:
+ if lines.has_key('Ports'):
+ if int(lines.get('Port')) == 22:
check_results['low'].append('SSH is using the
default port')
else:
check_results['ok'].append('SSH is not using the
default port')
@@ -52,8 +52,8 @@
check_results['low'].append('SSH is using the default
port')

# Checking if the Root Login is allowed
- if 'PermitRootLogin' in lines:
- if lines['PermitRootLogin'] == 'yes':
+ if lines.has_key('PermitRootLogin'):
+ if lines.get('PermitRootLogin') == 'yes':
check_results['medium'].append('Root access
allowed')
else:
check_results['ok'].append('Root access is not
allowed')
@@ -61,8 +61,8 @@
check_results['medium'].append('Root access is
allowed')

# Checking if SSH is using protocol v2 (recommended)
- if 'Protocol' in lines:
- if int(lines['Protocol']) == 2:
+ if lines.has_key('Protocol'):
+ if int(lines.get('Protocol')) == 2:
check_results['ok'].append('SSH is using protocol
v2')
else:
check_results['high'].append('SSH is not using
protocol v2')
@@ -70,8 +70,8 @@
check_results['high'].append('SSH is not using
protocol v2')

# Checking if empty password are allowed (shouldn't)
- if 'PermitEmptyPasswords' in lines:
- if lines['PermitEmptyPasswords'] == 'yes':
+ if lines.has_key('PermitEmptyPasswords'):
+ if lines.get('PermitEmptyPasswords') == 'yes':
check_results['high'].append('Empty passwords are
allowed')
else:
check_results['ok'].append('Empty passwords are
not allowed')
@@ -79,8 +79,8 @@
check_results['high'].append('Empty passwords are
allowed')

# Checking if X11 Forward is allowed (shouldn't)
- if 'X11Forwarding' in lines:
- if lines['X11Forwarding'] == 'yes':
+ if lines.has_key('X11Forwarding'):
+ if lines.get('X11Forwarding') == 'yes':
check_results['low'].append('X11 forward is
allowed')
else:
check_results['ok'].append('X11 forward is not
allowed')
@@ -88,12 +88,13 @@
check_results['ok'].append('X11 forward is not
allowed')

# Checking if SSH allow TCP Forward (shouldn't)
- if 'AllowTcpForwarding' in lines:
- if lines['AllowTcpForwarding'] == 'yes':
+ if lines.has_key('AllowTcpForwarding'):
+ if lines.get('AllowTcpForwarding') == 'yes':
check_results['low'].append('TCP forwarding is
allowed')
else:
check_results['ok'].append('TCP forwarding is not
allowed')
else:
check_results['low'].append('TCP forwarding is
allowed')
-
+
+ # returning the report
return check_results
=======================================
--- /HnTool/modules/system-wide.py Sun Aug 22 07:48:58 2010
+++ /HnTool/modules/system-wide.py Mon Aug 30 10:28:56 2010
@@ -22,6 +22,7 @@
import stat
from HnTool.modules.rule import MasterRule

+#TODO: write a better parser and refactor this code
class Rule(MasterRule):
def __init__(self, options):
MasterRule.__init__(self, options)
=======================================
--- /HnTool/output/terminal.py Tue May 4 15:54:25 2010
+++ /HnTool/output/terminal.py Mon Aug 30 10:28:56 2010
@@ -39,7 +39,7 @@
if use_colors : return '[\033[1;92m OK \033[0m]'
else : return '[ OK ]'
elif token == 'low':
- if use_colors : return '[\033[1;30m LOW \033[0m]'
+ if use_colors : return '[\033[1;90m LOW \033[0m]'
else : return '[ LOW ]'
elif token == 'medium':
if use_colors : return '[\033[1;93m MEDIUM \033[0m]'

Reply all

Reply to author

Forward

0 new messages