Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormboelen <michael@cisofy.com>2016-04-28 10:15:54 +0300
committermboelen <michael@cisofy.com>2016-04-28 10:15:54 +0300
commit9e312f5a5f2a1379a29151d8cb87cd22f387bc6c (patch)
treee33f24994327564c621802c4c2052f3685adbb8f
parent5e587adf8a630383a207adfcc658c1fe6401977f (diff)
Replaced functions and minor cleanups
-rw-r--r--include/binaries268
-rw-r--r--include/functions2
-rw-r--r--include/helper_audit_dockerfile31
-rw-r--r--include/helper_update10
-rw-r--r--include/osdetection2
-rw-r--r--include/tests_authentication2
-rw-r--r--include/tests_networking8
-rw-r--r--include/tests_storage4
-rw-r--r--include/tests_tooling7
9 files changed, 166 insertions, 168 deletions
diff --git a/include/binaries b/include/binaries
index 345dad2b..a67a8e11 100644
--- a/include/binaries
+++ b/include/binaries
@@ -32,7 +32,7 @@
if [ ${CHECK_BINARIES} -eq 1 ]; then
InsertSection "System Tools"
Display --indent 2 --text "- Scanning available tools..."
- logtext "Start scanning for available audit binaries and tools..."
+ LogText "Start scanning for available audit binaries and tools..."
# Test : CORE-1000
# Description : Check all system binaries
@@ -40,38 +40,38 @@
Register --test-no CORE-1000 --weight L --network NO --description "Check all system binaries"
BINARY_PATHS_FOUND=""; N=0
Display --indent 2 --text "- Checking system binaries..."
- logtext "Status: Starting binary scan..."
+ LogText "Status: Starting binary scan..."
for SCANDIR in ${BIN_PATHS}; do
- logtext "Test: Checking binaries in directory ${SCANDIR}"
+ LogText "Test: Checking binaries in directory ${SCANDIR}"
ORGPATH=""
if [ -d ${SCANDIR} ]; then
SKIPDIR=0
if [ -L ${SCANDIR} ]; then
- logtext "Result: directory exists, but is actually a symlink"
+ LogText "Result: directory exists, but is actually a symlink"
ShowSymlinkPath ${SCANDIR}
if [ ${FOUNDPATH} -eq 1 ]; then
if [ ! "${SYMLINK}" = "" -a -d ${SYMLINK} ]; then
# Set path to new location
- logtext "Result: found the path behind this symlink (${SCANDIR} --> ${sFILE})"
+ LogText "Result: found the path behind this symlink (${SCANDIR} --> ${sFILE})"
ORGPATH="${SCANDIR}"
SCANDIR="${sFILE}"
else
- SKIPDIR=1; logtext "Result: Symlink variable empty, or directory to symlink is non-existing"
+ SKIPDIR=1; LogText "Result: Symlink variable empty, or directory to symlink is non-existing"
fi
else
- SKIPDIR=1; logtext "Result: Could not find the location of this symlink, or is not a directory"
+ SKIPDIR=1; LogText "Result: Could not find the location of this symlink, or is not a directory"
fi
fi
# Add a space to make sure we discover a related directory if it was already scanned
FIND=`echo ${BINARY_PATHS_FOUND} | grep ", ${SCANDIR}"`
if [ ! "${FIND}" = "" ]; then
- SKIPDIR=1; logtext "Result: Skipping this directory as it was already scanned"
+ SKIPDIR=1; LogText "Result: Skipping this directory as it was already scanned"
fi
if [ ${SKIPDIR} -eq 0 ]; then
BINARY_PATHS_FOUND="${BINARY_PATHS_FOUND}, ${SCANDIR}"
- logtext "Directory ${SCANDIR} exists. Starting directory scanning..."
+ LogText "Directory ${SCANDIR} exists. Starting directory scanning..."
FIND=`ls ${SCANDIR}`
for I in ${FIND}; do
N=`expr ${N} + 1`
@@ -79,144 +79,144 @@
DISCOVERED_BINARIES="${DISCOVERED_BINARIES}${BINARY} "
# Optimized, much quicker (limited file access needed)
case ${I} in
- aa-status) APPARMORFOUND=1; AASTATUSBINARY=${BINARY}; logtext " Found known binary: aa-status (apparmor component) - ${BINARY}" ;;
- afick.pl) AFICKFOUND=1; AFICKBINARY=${BINARY}; logtext " Found known binary: afick (file integrity checker) - ${BINARY}" ;;
- aide) AIDEFOUND=1; AIDEBINARY=${BINARY}; logtext " Found known binary: aide (file integrity checker) - ${BINARY}" ;;
- apache2) if [ -f ${BINARY} ]; then HTTPDFOUND=1; HTTPDBINARY=${BINARY}; logtext " Found known binary: apache2 (web server) - ${BINARY}"; fi ;;
- auditd) AUDITDFOUND=1; AUDITDBINARY=${BINARY}; logtext " Found known binary: auditd (audit framework) - ${BINARY}" ;;
- awk) if [ -f ${BINARY} ]; then AWKFOUND=1; AWKBINARY=${BINARY}; logtext " Found known binary: awk (string tool) - ${BINARY}"; fi ;;
- dig) DIGFOUND=1; DIGBINARY=${BINARY}; logtext " Found known binary: dig (nameservice tool) - ${BINARY}" ;;
- as) ASFOUND=1; ASBINARY="${BINARY}"; COMPILER_INSTALLED=1; logtext " Found known binary: as (compiler) - ${BINARY}" ;;
- auditctl) AUDITCTLFOUND=1; AUDITCTLBINARY="${BINARY}"; logtext " Found known binary: auditctl (control utility for audit daemon) - ${BINARY}" ;;
- autolog) AUTOLOGFOUND=1; AUTOLOGBINARY="${BINARY}"; IDLE_SESSION_KILLER_INSTALLED=1; logtext " Found known binary: autolog (idle session killer) - ${BINARY}" ;;
- chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; logtext " Found known binary: chkconfig (administration tool) - ${BINARY}" ;;
- clamscan) CLAMSCANFOUND=1; CLAMSCANBINARY=${BINARY}; logtext " Found known binary: clamscan (AV scanner) - ${BINARY}" ;;
- cfagent) CFAGENTFOUND=1; CFAGENTBINARY="${BINARY}"; FILE_INT_TOOL_FOUND=1; logtext " Found known binary: cfengine agent (configuration tool) - ${BINARY}" ;;
- chkrootkit) CHKROOTKITFOUND=1; CHKROOTKITBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; logtext " Found known binary: chkrootkit (malware scanner) - ${BINARY}" ;;
- comm) COMMBINARY="${BINARY}"; logtext " Found known binary: comm (file compare) - ${BINARY}" ;;
- csum) CSUMFOUND=1; CSUMBINARY="${BINARY}"; logtext " Found known binary: csum (hashing tool on AIX) - ${BINARY}" ;;
- curl) CURLFOUND=1; CURLBINARY="${BINARY}"; CURLVERSION=`${BINARY} --version | grep "^curl" | awk '{ if ($1=="curl") { print $2 }}'`; logtext " Found known binary: curl (browser) - ${BINARY}" ;;
- debsecan) DEBSECANBINARY="${BINARY}"; logtext " Found known binary: debsecan (package vulnerability checking) - ${BINARY}" ;;
- debsums) DEBSUMSBINARY="${BINARY}"; logtext " Found known binary: debsums (package integrity checking) - ${BINARY}" ;;
- dig) if [ -f ${BINARY} ]; then DIGFOUND=1; DIGBINARY=${BINARY}; logtext " Found known binary: dig (network/dns tool) - ${BINARY}"; fi ;;
- dnf) DNFBINARY="${BINARY}"; logtext " Found known binary: dnf (package manager) - ${BINARY}"; ;;
- dnsdomainname) DNSDOMAINNAMEFOUND=1; DNSDOMAINNAMEBINARY="${BINARY}"; logtext " Found known binary: dnsdomainname (DNS domain) - ${BINARY}" ;;
- docker) if [ -f ${BINARY} ]; then DOCKERBINARY="${BINARY}"; logtext " Found known binary: docker (container technology) - ${BINARY}"; fi ;;
- domainname) DOMAINNAMEFOUND=1; DOMAINNAMEBINARY="${BINARY}"; logtext " Found known binary: domainname (NIS domain) - ${BINARY}" ;;
- dpkg) DPKGBINARY="${BINARY}"; logtext " Found known binary: dpkg (package management) - ${BINARY}" ;;
- egrep) EGREPFOUND=1; EGREPBINARY=${BINARY}; logtext " Found known binary: egrep (text search) - ${BINARY}" ;;
- exim) EXIMFOUND=1; EXIMBINARY="${BINARY}"; EXIMVERSION=`${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs`; logtext "Found ${BINARY} (version ${EXIMVERSION})" ;;
- fail2ban-server) FAIL2BANFOUND=1; FAIL2BANBINARY="${BINARY}"; logtext " Found known binary: fail2ban (IPS tool) - ${BINARY}" ;;
- find) FINDFOUND=1; FINDBINARY="${BINARY}"; logtext " Found known binary: find (search tool) - ${BINARY}" ;;
- g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; logtext " Found known binary: g++ (compiler) - ${BINARY}" ;;
+ aa-status) APPARMORFOUND=1; AASTATUSBINARY=${BINARY}; LogText " Found known binary: aa-status (apparmor component) - ${BINARY}" ;;
+ afick.pl) AFICKFOUND=1; AFICKBINARY=${BINARY}; LogText " Found known binary: afick (file integrity checker) - ${BINARY}" ;;
+ aide) AIDEFOUND=1; AIDEBINARY=${BINARY}; LogText " Found known binary: aide (file integrity checker) - ${BINARY}" ;;
+ apache2) if [ -f ${BINARY} ]; then HTTPDFOUND=1; HTTPDBINARY=${BINARY}; LogText " Found known binary: apache2 (web server) - ${BINARY}"; fi ;;
+ auditd) AUDITDFOUND=1; AUDITDBINARY=${BINARY}; LogText " Found known binary: auditd (audit framework) - ${BINARY}" ;;
+ awk) if [ -f ${BINARY} ]; then AWKFOUND=1; AWKBINARY=${BINARY}; LogText " Found known binary: awk (string tool) - ${BINARY}"; fi ;;
+ dig) DIGFOUND=1; DIGBINARY=${BINARY}; LogText " Found known binary: dig (nameservice tool) - ${BINARY}" ;;
+ as) ASFOUND=1; ASBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: as (compiler) - ${BINARY}" ;;
+ auditctl) AUDITCTLFOUND=1; AUDITCTLBINARY="${BINARY}"; LogText " Found known binary: auditctl (control utility for audit daemon) - ${BINARY}" ;;
+ autolog) AUTOLOGFOUND=1; AUTOLOGBINARY="${BINARY}"; IDLE_SESSION_KILLER_INSTALLED=1; LogText " Found known binary: autolog (idle session killer) - ${BINARY}" ;;
+ chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; LogText " Found known binary: chkconfig (administration tool) - ${BINARY}" ;;
+ clamscan) CLAMSCANFOUND=1; CLAMSCANBINARY=${BINARY}; LogText " Found known binary: clamscan (AV scanner) - ${BINARY}" ;;
+ cfagent) CFAGENTFOUND=1; CFAGENTBINARY="${BINARY}"; FILE_INT_TOOL_FOUND=1; LogText " Found known binary: cfengine agent (configuration tool) - ${BINARY}" ;;
+ chkrootkit) CHKROOTKITFOUND=1; CHKROOTKITBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; LogText " Found known binary: chkrootkit (malware scanner) - ${BINARY}" ;;
+ comm) COMMBINARY="${BINARY}"; LogText " Found known binary: comm (file compare) - ${BINARY}" ;;
+ csum) CSUMFOUND=1; CSUMBINARY="${BINARY}"; LogText " Found known binary: csum (hashing tool on AIX) - ${BINARY}" ;;
+ curl) CURLFOUND=1; CURLBINARY="${BINARY}"; CURLVERSION=`${BINARY} --version | grep "^curl" | awk '{ if ($1=="curl") { print $2 }}'`; LogText " Found known binary: curl (browser) - ${BINARY}" ;;
+ debsecan) DEBSECANBINARY="${BINARY}"; LogText " Found known binary: debsecan (package vulnerability checking) - ${BINARY}" ;;
+ debsums) DEBSUMSBINARY="${BINARY}"; LogText " Found known binary: debsums (package integrity checking) - ${BINARY}" ;;
+ dig) if [ -f ${BINARY} ]; then DIGFOUND=1; DIGBINARY=${BINARY}; LogText " Found known binary: dig (network/dns tool) - ${BINARY}"; fi ;;
+ dnf) DNFBINARY="${BINARY}"; LogText " Found known binary: dnf (package manager) - ${BINARY}"; ;;
+ dnsdomainname) DNSDOMAINNAMEFOUND=1; DNSDOMAINNAMEBINARY="${BINARY}"; LogText " Found known binary: dnsdomainname (DNS domain) - ${BINARY}" ;;
+ docker) if [ -f ${BINARY} ]; then DOCKERBINARY="${BINARY}"; LogText " Found known binary: docker (container technology) - ${BINARY}"; fi ;;
+ domainname) DOMAINNAMEFOUND=1; DOMAINNAMEBINARY="${BINARY}"; LogText " Found known binary: domainname (NIS domain) - ${BINARY}" ;;
+ dpkg) DPKGBINARY="${BINARY}"; LogText " Found known binary: dpkg (package management) - ${BINARY}" ;;
+ egrep) EGREPFOUND=1; EGREPBINARY=${BINARY}; LogText " Found known binary: egrep (text search) - ${BINARY}" ;;
+ exim) EXIMFOUND=1; EXIMBINARY="${BINARY}"; EXIMVERSION=`${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs`; LogText "Found ${BINARY} (version ${EXIMVERSION})" ;;
+ fail2ban-server) FAIL2BANFOUND=1; FAIL2BANBINARY="${BINARY}"; LogText " Found known binary: fail2ban (IPS tool) - ${BINARY}" ;;
+ find) FINDFOUND=1; FINDBINARY="${BINARY}"; LogText " Found known binary: find (search tool) - ${BINARY}" ;;
+ g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: g++ (compiler) - ${BINARY}" ;;
# additional file check due to existance /usr/libexec/gcc (directory)
- gcc) if [ -f ${BINARY} ]; then GCCBINARY="${BINARY}"; COMPILER_INSTALLED=1; logtext " Found known binary: gcc (compiler) - ${BINARY}"; fi ;;
- grep) GREPFOUND=1; GREPBINARY=${BINARY}; logtext " Found known binary: grep (text search) - ${BINARY}" ;;
- grub2-install) GRUB2INSTALLFOUND=1; GRUB2INSTALLBINARY=${BINARY}; logtext " Found known binary: grub2-install (installer for boot loader) - ${BINARY}" ;;
- gzip) GZIPFOUND=1; GZIPBINARY="${BINARY}"; logtext " Found known binary: gzip (compressing utility) - ${BINARY}" ;;
- httpd2-prefork) HTTPDFOUND=1; HTTPDBINARY=${BINARY}; logtext " Found known binary: apache2 (web server) - ${BINARY}" ;;
- initctl) INITCTLBINARY=${BINARY}; SERVICE_MANAGER="upstart"; logtext " Found known binary: initctl (client to upstart init) - ${BINARY}" ;;
- lsvg) LSVGFOUND=1; LVSGBINARY=${BINARY}; logtext " Found known binary: lsvg (volume manager) - ${BINARY}" ;;
- lvdisplay) LVDISPLAYBINARY="${BINARY}"; logtext " Found known binary: lvdisplay (LVM tool) - ${BINARY}" ;;
- named-checkconf) NAMEDCHECKCONFIGFOUND=1; NAMEDCHECKCONFBINARY="${BINARY}"; logtext " Found known binary: named-checkconf (BIND configuration analyzer) - ${BINARY}" ;;
- getcap) GETCAPFOUND=1; GETCAPBINARY="${BINARY}"; logtext " Found known binary: getcap (kernel capabilities) - ${BINARY}" ;;
- grpck) GRPCKFOUND=1; GRPCKBINARY="${BINARY}"; logtext " Found known binary: grpck (consistency checker) - ${BINARY}" ;;
- httpd) if [ -f ${BINARY} ]; then HTTPDFOUND=1; HTTPDBINARY="${BINARY}"; logtext " Found known binary: httpd (web server) - ${BINARY}"; fi ;;
- ip) IPFOUND=1; IPBINARY="${BINARY}"; logtext " Found known binary: ip (IP configuration) - ${BINARY}" ;;
- ipf) IPFFOUND=1; IPFBINARY="${BINARY}"; logtext " Found known binary: ipf (firewall) - ${BINARY}" ;;
- ifconfig) IFCONFIGFOUND=1; IFCONFIGBINARY="${BINARY}"; logtext " Found known binary: ipconfig (IP configuration) - ${BINARY}" ;;
- iptables) if [ -f ${BINARY} ]; then IPTABLESFOUND=1; IPTABLESBINARY="${BINARY}"; logtext " Found known binary: iptables (firewall) - ${BINARY}"; fi ;;
- istat) ISTATFOUND=1; ISTATBINARY="${BINARY}"; logtext " Found known binary: istat (file information) - ${BINARY}" ;;
- journalctl) JOURNALCTLBINARY="${BINARY}"; logtext " Found known binary: journalctl (systemd journal) - ${BINARY}"; ;;
- kldstat) KLDSTATFOUND=1; KLDSTATBINARY="${BINARY}"; logtext " Found known binary: kldstat (kernel modules) - ${BINARY}" ;;
- kstat) KSTATFOUND=1; KSTATBINARY="${BINARY}"; logtext " Found known binary: kstat (kernel statistics) - ${BINARY}" ;;
- launchctl) LAUNCHCTLBINARY="${BINARY}"; SERVICE_MANAGER="launchd"; logtext " Found known binary: launchctl (launchd client) - ${BINARY}" ;;
- locate) LOCATEFOUND=1; LOCATEBINARY="${BINARY}"; logtext " Found known binary: locate (file database) - ${BINARY}" ;;
- logrotate) LOGROTATEFOUND=1; LOGROTATEBINARY="${BINARY}"; logtext " Found known binary: logrotate (log rotation tool) - ${BINARY}" ;;
- ls) LSFOUND=1; LSBINARY="${BINARY}"; logtext " Found known binary: ls (file listing) - ${BINARY}" ;;
- lsattr) LSATTRFOUND=1; LSATTRBINARY="${BINARY}"; logtext " Found known binary: lsattr (file attributes) - ${BINARY}" ;;
- lsmod) LSMODFOUND=1; LSMODBINARY="${BINARY}"; logtext " Found known binary: lsmod (kernel modules) - ${BINARY}" ;;
- lsof) LSOFFOUND=1; LSOFBINARY="${BINARY}"; logtext " Found known binary: lsof (open files) - ${BINARY}" ;;
- lynx) LYNXFOUND=1; LYNXBINARY="${BINARY}"; LYNXVERSION=`${BINARY} -version | grep "^Lynx Version" | cut -d ' ' -f3`; logtext "Found known binary: lynx (browser) - ${BINARY} (version ${LYNXVERSION})" ;;
- maldet) LMDFOUND=1; LMDBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; logtext " Found known binary: maldet (Linux Malware Detect, malware scanner) - ${BINARY}" ;;
- md5) MD5FOUND=1; MD5BINARY="${BINARY}"; logtext " Found known binary: md5 (hash tool) - ${BINARY}" ;;
- md5sum) MD5FOUND=1; MD5BINARY="${BINARY}"; logtext " Found known binary: md5sum (hash tool) - ${BINARY}" ;;
- mtree) MTREEFOUND=1; MTREEBINARY="${BINARY}"; logtext " Found known binary: mtree (mapping directory tree) - ${BINARY}" ;;
- mysql) MYSQLCLIENTFOUND=1; MYSQLCLIENTBINARY="${BINARY}"; MYSQLCLIENTVERSION=`${BINARY} -V | awk '{ if ($4=="Distrib") { print $5 }}' | sed 's/,//g'` ; logtext "Found ${BINARY} (version: ${MYSQLCLIENTVERSION})" ;;
- netstat) NETSTATFOUND=1; NETSTATBINARY="${BINARY}"; logtext " Found known binary: netstat (network statistics) - ${BINARY}" ;;
- nft) NFTFOUND=1; NFTBINARY="${BINARY}"; logtext " Found known binary: nft (nftables client) - ${BINARY}" ;;
- nmap) NMAPFOUND=1; NMAPBINARY="${BINARY}"; NMAPVERSION=`${BINARY} -V | grep "^Nmap version" | awk '{ print $3 }'`; logtext "Found ${BINARY} (version ${NMAPVERSION})" ;;
- ntpq) NTPQFOUND=1; NTPQBINARY="${BINARY}"; logtext " Found known binary ntpq (time daemon client) - ${BINARY}" ;;
- osiris) OSIRISFOUND=1; OSIRISBINARY="${BINARY}"; logtext " Found known binary: osiris - ${BINARY}" ;;
- openssl) OPENSSLFOUND=1; OPENSSLBINARY="${BINARY}"; OPENSSLVERSION=`${BINARY} version 2> /dev/null | head -n 1 | awk '{ print $2 }' | xargs`; logtext "Found ${BINARY} (version ${OPENSSLVERSION})" ;;
- pacman) PACMANFOUND=1; PACMANBINARY="${BINARY}"; logtext " Found known binary: pacman (package manager) - ${BINARY}" ;;
- perl) PERLFOUND=1; PERLBINARY="${BINARY}"; PERLVERSION=`${BINARY} -V:version | sed 's/^version=//' | sed 's/;//' | xargs`; logtext "Found ${BINARY} (version ${PERLVERSION})" ;;
- php) PHPFOUND=1; PHPBINARY="${BINARY}"; PHPVERSION=`${BINARY} -v | awk '{ if ($1=="PHP") { print $2 }}' | head -1`; logtext "Found known binary: php (programming language intrepreter) - ${BINARY} (version ${PHPVERSION})" ;;
- pkg_admin) PKGADMINBINARY="${BINARY}"; logtext " Found known binary: pkg_admin (software package administration) - ${BINARY}" ;;
- postconf) POSTCONFFOUND=1; POSTCONFBINARY="${BINARY}"; logtext " Found known binary: postconf (postfix configuration) - ${BINARY}" ;;
- postfix) POSTFIXFOUND=1; POSTFIXBINARY="${BINARY}"; logtext " Found known binary: postfix (postfix binary) - ${BINARY}" ;;
- prelink) PRELINKFOUND=1; PRELINKBINARY="${BINARY}"; logtext " Found known binary: prelink (system optimizer) - ${BINARY}" ;;
- pfctl) PFCTLFOUND=1; PFCTLBINARY="${BINARY}"; logtext " Found known binary: pfctl (client to pf firewall) - ${BINARY}" ;;
- ps) PSFOUND=1; PSBINARY="${BINARY}"; logtext " Found known binary: ps (process listing) - ${BINARY}" ;;
- puppet) PUPPETFOUND=1; PUPPETBINARY="${BINARY}"; logtext " Found known binary: puppet (automation tooling) - ${BINARY}" ;;
- puppetmasterd) PUPPETMASTERDFOUND=1; PUPPETMASTERDBINARY="${BINARY}"; logtext " Found known binary: puppetmasterd (puppet master daemon) - ${BINARY}" ;;
- python) PYTHONFOUND=1; PYTHONBINARY="${BINARY}"; PYTHONVERSION=`${BINARY} --version 2>&1 | sed 's/^Python //'`; logtext "Found known binary: ${I} (programming language intepreter) - ${BINARY} (version ${PYTHONVERSION})" ;;
- python2) PYTHON2FOUND=1; PYTHON2BINARY="${BINARY}"; PYTHON2VERSION=`${BINARY} --version 2>&1 | sed 's/^Python //'`; logtext "Found known binary: ${I} (programming language intepreter) - ${BINARY} (version ${PYTHON2VERSION})" ;;
- python3) PYTHON3FOUND=1; PYTHON3BINARY="${BINARY}"; PYTHON3VERSION=`${BINARY} --version 2>&1 | sed 's/^Python //'`; logtext "Found known binary: ${I} (programming language intepreter) - ${BINARY} (version ${PYTHON3VERSION})" ;;
- readlink) READLINKFOUND=1; READLINKBINARY="${BINARY}"; logtext " Found known binary: readlink (follows symlinks) - ${BINARY}" ;;
- rkhunter) RKHUNTERFOUND=1; RKHUNTERBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; logtext " Found known binary: rkhunter (malware scanner) - ${BINARY}" ;;
- rootsh) ROOTSHFOUND=1; ROOTSHBINARY="${BINARY}"; logtext " Found known binary: rootsh (wrapper for shells) - ${BINARY}" ;;
- rpcinfo) RPCINFOFOUND=1; RPCINFOBINARY="${BINARY}"; logtext " Found known binary: rpcinfo (RPC information) - ${BINARY}" ;;
- rpm) RPMFOUND=1; RPMBINARY="${BINARY}"; logtext " Found known binary: rpm (package manager) - ${BINARY}" ;;
- runlevel) RUNLEVELFOUND=1; RUNLEVELBINARY="${BINARY}"; logtext " Found known binary: runlevel (system utility) - ${BINARY}" ;;
- salt-master) SALTMASTERFOUND=1; SALTMASTERBINARY="${BINARY}"; logtext " Found known binary: salt-master (SaltStack master) - ${BINARY}" ;;
- salt-minion) SALTMINIONFOUND=1; SALTMINIONBINARY="${BINARY}"; logtext " Found known binary: salt-minion (SaltStack client) - ${BINARY}" ;;
- samhain) SAMHAINFOUND=1; SAMHAINBINARY="${BINARY}"; logtext " Found known binary: samhain (integrity tool) - ${BINARY}" ;;
- service) SERVICEFOUND=1; SERVICEBINARY="${BINARY}"; logtext " Found known binary: service (system services) - ${BINARY}" ;;
- sestatus) SESTATUSFOUND=1; SESTATUSBINARY="${BINARY}"; logtext " Found known binary: sestatus (SELinux client) - ${BINARY}" ;;
- slocate) LOCATEFOUND=1; LOCATEBINARY="${BINARY}"; logtext " Found known binary: slocate (file database) - ${BINARY}" ;;
- smbd) SMBDFOUND=1; SMBDBINARY="${BINARY}"; if [ "${OS}" = "MacOS" ]; then SMBDVERSION="unknown"; else SMBDVERSION=`${BINARY} -V | grep "^Version" | awk '{ print $2 }'`; fi; logtext "Found ${BINARY} (version ${SMBDVERSION})" ;;
- smtpctl) SMTPCTLBINARY="${BINARY}"; logtext " Found known binary: smtpctl (OpenSMTPD client) - ${BINARY}" ;;
- showmount) SHOWMOUNTFOUND=1; SHOWMOUNTBINARY="${BINARY}"; logtext " Found known binary: showmount (NFS mounts) - ${BINARY}" ;;
- sockstat) SOCKSTATFOUND=1; SOCKSTATBINARY="${BINARY}"; logtext " Found known binary: sockstat (open network sockets) - ${BINARY}" ;;
- squid) SQUIDFOUND=1; SQUIDBINARY="${BINARY}"; logtext " Found known binary: squid (proxy) - ${BINARY}" ;;
- ss) SSFOUND=1; SSBINARY="${BINARY}"; logtext " Found known binary: ss (show sockets) - ${BINARY}" ;;
- sshd) SSHDFOUND=1; SSHDBINARY="${BINARY}"; SSHDVERSION=`${BINARY} -t -d 2>&1 | head -n 1 | awk '{ print $4 }' | cut -d '_' -f2 | tr -d '\r'`; logtext "Found ${BINARY} (version ${SSHDVERSION})" ;;
- stat) STATFOUND=1; STATBINARY="${BINARY}"; logtext " Found known binary: stat (file information) - ${BINARY}" ;;
- strings) STRINGSFOUND=1; STRINGSBINARY="${BINARY}"; logtext " Found known binary: strings (text strings search) - ${BINARY}" ;;
- sha1|sha1sum|shasum) SHA1SUMFOUND=1; SHA1SUMBINARY="${BINARY}"; logtext " Found known binary: sha1/sha1sum/shasum (crypto hashing) - ${BINARY}" ;;
- ssh-keyscan) SSHKEYSCANFOUND=1; SSHKEYSCANBINARY="${BINARY}"; logtext " Found known binary: ssh-keyscan (scanner for SSH keys) - ${BINARY}" ;;
- sysctl) SYSCTLFOUND=1; SYSCTLBINARY="${BINARY}"; logtext " Found known binary: sysctl (kernel parameters) - ${BINARY}" ;;
- syslog-ng) SYSLOGNGFOUND=1; SYSLOGNGBINARY="${BINARY}"; SYSLOGNGVERSION=`${BINARY} -V 2>&1 | grep "^syslog-ng" | awk '{ print $2 }'`; logtext "Found ${BINARY} (version ${SYSLOGNGVERSION})" ;;
- systemctl) SYSTEMCTLFOUND=1; SYSTEMCTLBINARY="${BINARY}"; SERVICE_MANAGER="systemd"; logtext " Found known binary: systemctl (client to systemd) - ${BINARY}" ;;
- timedatectl) TIMEDATECTLFOUND=1; TIMEDATECTL="${BINARY}"; logtext " Found known binary: timedatectl (timedate client) - ${BINARY}" ;;
- tripwire) TRIPWIREFOUND=1; TRIPWIREBINARY="${BINARY}"; logtext " Found known binary: tripwire (file integrity) - ${BINARY}" ;;
- tune2fs) TUNE2FSFOUND=1; TUNE2FSBINARY="${BINARY}"; logtext " Found known binary: tune2fs (file system tool) - ${BINARY}" ;;
- vgdisplay) VGDISPLAYFOUND=1; VGDISPLAYBINARY="${BINARY}"; logtext " Found known binary: vgdisplay (LVM tool) - ${BINARY}" ;;
- vmtoolsd) VMWARETOOLSFOUND=1; VMWARETOOLSDBINARY="${BINARY}"; logtext " Found known binary: vmtoolsd (VMWare tools) - ${BINARY}" ;;
- wget) WGETFOUND=1; WGETBINARY="${BINARY}"; WGETVERSION=`${BINARY} -V | grep "^GNU Wget" | awk '{ print $3 }'`; logtext "Found ${BINARY} (version ${WGETVERSION})" ;;
- yum) YUMFOUND=1; YUMBINARY="${BINARY}"; logtext " Found known binary: yum (package manager) - ${BINARY}" ;;
- zgrep) ZGREPFOUND=1; ZGREPBINARY=${BINARY}; logtext " Found known binary: zgrep (text search for compressed files) - ${BINARY}" ;;
- zypper) ZYPPERFOUND=1; ZYPPERBINARY="${BINARY}"; logtext " Found known binary: zypper (package manager) - ${BINARY}" ;;
+ gcc) if [ -f ${BINARY} ]; then GCCBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: gcc (compiler) - ${BINARY}"; fi ;;
+ grep) GREPFOUND=1; GREPBINARY=${BINARY}; LogText " Found known binary: grep (text search) - ${BINARY}" ;;
+ grub2-install) GRUB2INSTALLFOUND=1; GRUB2INSTALLBINARY=${BINARY}; LogText " Found known binary: grub2-install (installer for boot loader) - ${BINARY}" ;;
+ gzip) GZIPFOUND=1; GZIPBINARY="${BINARY}"; LogText " Found known binary: gzip (compressing utility) - ${BINARY}" ;;
+ httpd2-prefork) HTTPDFOUND=1; HTTPDBINARY=${BINARY}; LogText " Found known binary: apache2 (web server) - ${BINARY}" ;;
+ initctl) INITCTLBINARY=${BINARY}; SERVICE_MANAGER="upstart"; LogText " Found known binary: initctl (client to upstart init) - ${BINARY}" ;;
+ lsvg) LSVGFOUND=1; LVSGBINARY=${BINARY}; LogText " Found known binary: lsvg (volume manager) - ${BINARY}" ;;
+ lvdisplay) LVDISPLAYBINARY="${BINARY}"; LogText " Found known binary: lvdisplay (LVM tool) - ${BINARY}" ;;
+ named-checkconf) NAMEDCHECKCONFIGFOUND=1; NAMEDCHECKCONFBINARY="${BINARY}"; LogText " Found known binary: named-checkconf (BIND configuration analyzer) - ${BINARY}" ;;
+ getcap) GETCAPFOUND=1; GETCAPBINARY="${BINARY}"; LogText " Found known binary: getcap (kernel capabilities) - ${BINARY}" ;;
+ grpck) GRPCKFOUND=1; GRPCKBINARY="${BINARY}"; LogText " Found known binary: grpck (consistency checker) - ${BINARY}" ;;
+ httpd) if [ -f ${BINARY} ]; then HTTPDFOUND=1; HTTPDBINARY="${BINARY}"; LogText " Found known binary: httpd (web server) - ${BINARY}"; fi ;;
+ ip) IPFOUND=1; IPBINARY="${BINARY}"; LogText " Found known binary: ip (IP configuration) - ${BINARY}" ;;
+ ipf) IPFFOUND=1; IPFBINARY="${BINARY}"; LogText " Found known binary: ipf (firewall) - ${BINARY}" ;;
+ ifconfig) IFCONFIGFOUND=1; IFCONFIGBINARY="${BINARY}"; LogText " Found known binary: ipconfig (IP configuration) - ${BINARY}" ;;
+ iptables) if [ -f ${BINARY} ]; then IPTABLESFOUND=1; IPTABLESBINARY="${BINARY}"; LogText " Found known binary: iptables (firewall) - ${BINARY}"; fi ;;
+ istat) ISTATFOUND=1; ISTATBINARY="${BINARY}"; LogText " Found known binary: istat (file information) - ${BINARY}" ;;
+ journalctl) JOURNALCTLBINARY="${BINARY}"; LogText " Found known binary: journalctl (systemd journal) - ${BINARY}"; ;;
+ kldstat) KLDSTATFOUND=1; KLDSTATBINARY="${BINARY}"; LogText " Found known binary: kldstat (kernel modules) - ${BINARY}" ;;
+ kstat) KSTATFOUND=1; KSTATBINARY="${BINARY}"; LogText " Found known binary: kstat (kernel statistics) - ${BINARY}" ;;
+ launchctl) LAUNCHCTLBINARY="${BINARY}"; SERVICE_MANAGER="launchd"; LogText " Found known binary: launchctl (launchd client) - ${BINARY}" ;;
+ locate) LOCATEFOUND=1; LOCATEBINARY="${BINARY}"; LogText " Found known binary: locate (file database) - ${BINARY}" ;;
+ logrotate) LOGROTATEFOUND=1; LOGROTATEBINARY="${BINARY}"; LogText " Found known binary: logrotate (log rotation tool) - ${BINARY}" ;;
+ ls) LSFOUND=1; LSBINARY="${BINARY}"; LogText " Found known binary: ls (file listing) - ${BINARY}" ;;
+ lsattr) LSATTRFOUND=1; LSATTRBINARY="${BINARY}"; LogText " Found known binary: lsattr (file attributes) - ${BINARY}" ;;
+ lsmod) LSMODFOUND=1; LSMODBINARY="${BINARY}"; LogText " Found known binary: lsmod (kernel modules) - ${BINARY}" ;;
+ lsof) LSOFFOUND=1; LSOFBINARY="${BINARY}"; LogText " Found known binary: lsof (open files) - ${BINARY}" ;;
+ lynx) LYNXFOUND=1; LYNXBINARY="${BINARY}"; LYNXVERSION=`${BINARY} -version | grep "^Lynx Version" | cut -d ' ' -f3`; LogText "Found known binary: lynx (browser) - ${BINARY} (version ${LYNXVERSION})" ;;
+ maldet) LMDFOUND=1; LMDBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; LogText " Found known binary: maldet (Linux Malware Detect, malware scanner) - ${BINARY}" ;;
+ md5) MD5FOUND=1; MD5BINARY="${BINARY}"; LogText " Found known binary: md5 (hash tool) - ${BINARY}" ;;
+ md5sum) MD5FOUND=1; MD5BINARY="${BINARY}"; LogText " Found known binary: md5sum (hash tool) - ${BINARY}" ;;
+ mtree) MTREEFOUND=1; MTREEBINARY="${BINARY}"; LogText " Found known binary: mtree (mapping directory tree) - ${BINARY}" ;;
+ mysql) MYSQLCLIENTFOUND=1; MYSQLCLIENTBINARY="${BINARY}"; MYSQLCLIENTVERSION=`${BINARY} -V | awk '{ if ($4=="Distrib") { print $5 }}' | sed 's/,//g'` ; LogText "Found ${BINARY} (version: ${MYSQLCLIENTVERSION})" ;;
+ netstat) NETSTATFOUND=1; NETSTATBINARY="${BINARY}"; LogText " Found known binary: netstat (network statistics) - ${BINARY}" ;;
+ nft) NFTFOUND=1; NFTBINARY="${BINARY}"; LogText " Found known binary: nft (nftables client) - ${BINARY}" ;;
+ nmap) NMAPFOUND=1; NMAPBINARY="${BINARY}"; NMAPVERSION=`${BINARY} -V | grep "^Nmap version" | awk '{ print $3 }'`; LogText "Found ${BINARY} (version ${NMAPVERSION})" ;;
+ ntpq) NTPQFOUND=1; NTPQBINARY="${BINARY}"; LogText " Found known binary ntpq (time daemon client) - ${BINARY}" ;;
+ osiris) OSIRISFOUND=1; OSIRISBINARY="${BINARY}"; LogText " Found known binary: osiris - ${BINARY}" ;;
+ openssl) OPENSSLFOUND=1; OPENSSLBINARY="${BINARY}"; OPENSSLVERSION=`${BINARY} version 2> /dev/null | head -n 1 | awk '{ print $2 }' | xargs`; LogText "Found ${BINARY} (version ${OPENSSLVERSION})" ;;
+ pacman) PACMANFOUND=1; PACMANBINARY="${BINARY}"; LogText " Found known binary: pacman (package manager) - ${BINARY}" ;;
+ perl) PERLFOUND=1; PERLBINARY="${BINARY}"; PERLVERSION=`${BINARY} -V:version | sed 's/^version=//' | sed 's/;//' | xargs`; LogText "Found ${BINARY} (version ${PERLVERSION})" ;;
+ php) PHPFOUND=1; PHPBINARY="${BINARY}"; PHPVERSION=`${BINARY} -v | awk '{ if ($1=="PHP") { print $2 }}' | head -1`; LogText "Found known binary: php (programming language intrepreter) - ${BINARY} (version ${PHPVERSION})" ;;
+ pkg_admin) PKGADMINBINARY="${BINARY}"; LogText " Found known binary: pkg_admin (software package administration) - ${BINARY}" ;;
+ postconf) POSTCONFFOUND=1; POSTCONFBINARY="${BINARY}"; LogText " Found known binary: postconf (postfix configuration) - ${BINARY}" ;;
+ postfix) POSTFIXFOUND=1; POSTFIXBINARY="${BINARY}"; LogText " Found known binary: postfix (postfix binary) - ${BINARY}" ;;
+ prelink) PRELINKFOUND=1; PRELINKBINARY="${BINARY}"; LogText " Found known binary: prelink (system optimizer) - ${BINARY}" ;;
+ pfctl) PFCTLFOUND=1; PFCTLBINARY="${BINARY}"; LogText " Found known binary: pfctl (client to pf firewall) - ${BINARY}" ;;
+ ps) PSFOUND=1; PSBINARY="${BINARY}"; LogText " Found known binary: ps (process listing) - ${BINARY}" ;;
+ puppet) PUPPETFOUND=1; PUPPETBINARY="${BINARY}"; LogText " Found known binary: puppet (automation tooling) - ${BINARY}" ;;
+ puppetmasterd) PUPPETMASTERDFOUND=1; PUPPETMASTERDBINARY="${BINARY}"; LogText " Found known binary: puppetmasterd (puppet master daemon) - ${BINARY}" ;;
+ python) PYTHONFOUND=1; PYTHONBINARY="${BINARY}"; PYTHONVERSION=`${BINARY} --version 2>&1 | sed 's/^Python //'`; LogText "Found known binary: ${I} (programming language intepreter) - ${BINARY} (version ${PYTHONVERSION})" ;;
+ python2) PYTHON2FOUND=1; PYTHON2BINARY="${BINARY}"; PYTHON2VERSION=`${BINARY} --version 2>&1 | sed 's/^Python //'`; LogText "Found known binary: ${I} (programming language intepreter) - ${BINARY} (version ${PYTHON2VERSION})" ;;
+ python3) PYTHON3FOUND=1; PYTHON3BINARY="${BINARY}"; PYTHON3VERSION=`${BINARY} --version 2>&1 | sed 's/^Python //'`; LogText "Found known binary: ${I} (programming language intepreter) - ${BINARY} (version ${PYTHON3VERSION})" ;;
+ readlink) READLINKFOUND=1; READLINKBINARY="${BINARY}"; LogText " Found known binary: readlink (follows symlinks) - ${BINARY}" ;;
+ rkhunter) RKHUNTERFOUND=1; RKHUNTERBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; LogText " Found known binary: rkhunter (malware scanner) - ${BINARY}" ;;
+ rootsh) ROOTSHFOUND=1; ROOTSHBINARY="${BINARY}"; LogText " Found known binary: rootsh (wrapper for shells) - ${BINARY}" ;;
+ rpcinfo) RPCINFOFOUND=1; RPCINFOBINARY="${BINARY}"; LogText " Found known binary: rpcinfo (RPC information) - ${BINARY}" ;;
+ rpm) RPMFOUND=1; RPMBINARY="${BINARY}"; LogText " Found known binary: rpm (package manager) - ${BINARY}" ;;
+ runlevel) RUNLEVELFOUND=1; RUNLEVELBINARY="${BINARY}"; LogText " Found known binary: runlevel (system utility) - ${BINARY}" ;;
+ salt-master) SALTMASTERFOUND=1; SALTMASTERBINARY="${BINARY}"; LogText " Found known binary: salt-master (SaltStack master) - ${BINARY}" ;;
+ salt-minion) SALTMINIONFOUND=1; SALTMINIONBINARY="${BINARY}"; LogText " Found known binary: salt-minion (SaltStack client) - ${BINARY}" ;;
+ samhain) SAMHAINFOUND=1; SAMHAINBINARY="${BINARY}"; LogText " Found known binary: samhain (integrity tool) - ${BINARY}" ;;
+ service) SERVICEFOUND=1; SERVICEBINARY="${BINARY}"; LogText " Found known binary: service (system services) - ${BINARY}" ;;
+ sestatus) SESTATUSFOUND=1; SESTATUSBINARY="${BINARY}"; LogText " Found known binary: sestatus (SELinux client) - ${BINARY}" ;;
+ slocate) LOCATEFOUND=1; LOCATEBINARY="${BINARY}"; LogText " Found known binary: slocate (file database) - ${BINARY}" ;;
+ smbd) SMBDFOUND=1; SMBDBINARY="${BINARY}"; if [ "${OS}" = "MacOS" ]; then SMBDVERSION="unknown"; else SMBDVERSION=`${BINARY} -V | grep "^Version" | awk '{ print $2 }'`; fi; LogText "Found ${BINARY} (version ${SMBDVERSION})" ;;
+ smtpctl) SMTPCTLBINARY="${BINARY}"; LogText " Found known binary: smtpctl (OpenSMTPD client) - ${BINARY}" ;;
+ showmount) SHOWMOUNTFOUND=1; SHOWMOUNTBINARY="${BINARY}"; LogText " Found known binary: showmount (NFS mounts) - ${BINARY}" ;;
+ sockstat) SOCKSTATFOUND=1; SOCKSTATBINARY="${BINARY}"; LogText " Found known binary: sockstat (open network sockets) - ${BINARY}" ;;
+ squid) SQUIDFOUND=1; SQUIDBINARY="${BINARY}"; LogText " Found known binary: squid (proxy) - ${BINARY}" ;;
+ ss) SSFOUND=1; SSBINARY="${BINARY}"; LogText " Found known binary: ss (show sockets) - ${BINARY}" ;;
+ sshd) SSHDFOUND=1; SSHDBINARY="${BINARY}"; SSHDVERSION=`${BINARY} -t -d 2>&1 | head -n 1 | awk '{ print $4 }' | cut -d '_' -f2 | tr -d '\r'`; LogText "Found ${BINARY} (version ${SSHDVERSION})" ;;
+ stat) STATFOUND=1; STATBINARY="${BINARY}"; LogText " Found known binary: stat (file information) - ${BINARY}" ;;
+ strings) STRINGSFOUND=1; STRINGSBINARY="${BINARY}"; LogText " Found known binary: strings (text strings search) - ${BINARY}" ;;
+ sha1|sha1sum|shasum) SHA1SUMFOUND=1; SHA1SUMBINARY="${BINARY}"; LogText " Found known binary: sha1/sha1sum/shasum (crypto hashing) - ${BINARY}" ;;
+ ssh-keyscan) SSHKEYSCANFOUND=1; SSHKEYSCANBINARY="${BINARY}"; LogText " Found known binary: ssh-keyscan (scanner for SSH keys) - ${BINARY}" ;;
+ sysctl) SYSCTLFOUND=1; SYSCTLBINARY="${BINARY}"; LogText " Found known binary: sysctl (kernel parameters) - ${BINARY}" ;;
+ syslog-ng) SYSLOGNGFOUND=1; SYSLOGNGBINARY="${BINARY}"; SYSLOGNGVERSION=`${BINARY} -V 2>&1 | grep "^syslog-ng" | awk '{ print $2 }'`; LogText "Found ${BINARY} (version ${SYSLOGNGVERSION})" ;;
+ systemctl) SYSTEMCTLFOUND=1; SYSTEMCTLBINARY="${BINARY}"; SERVICE_MANAGER="systemd"; LogText " Found known binary: systemctl (client to systemd) - ${BINARY}" ;;
+ timedatectl) TIMEDATECTLFOUND=1; TIMEDATECTL="${BINARY}"; LogText " Found known binary: timedatectl (timedate client) - ${BINARY}" ;;
+ tripwire) TRIPWIREFOUND=1; TRIPWIREBINARY="${BINARY}"; LogText " Found known binary: tripwire (file integrity) - ${BINARY}" ;;
+ tune2fs) TUNE2FSFOUND=1; TUNE2FSBINARY="${BINARY}"; LogText " Found known binary: tune2fs (file system tool) - ${BINARY}" ;;
+ vgdisplay) VGDISPLAYFOUND=1; VGDISPLAYBINARY="${BINARY}"; LogText " Found known binary: vgdisplay (LVM tool) - ${BINARY}" ;;
+ vmtoolsd) VMWARETOOLSFOUND=1; VMWARETOOLSDBINARY="${BINARY}"; LogText " Found known binary: vmtoolsd (VMWare tools) - ${BINARY}" ;;
+ wget) WGETFOUND=1; WGETBINARY="${BINARY}"; WGETVERSION=`${BINARY} -V | grep "^GNU Wget" | awk '{ print $3 }'`; LogText "Found ${BINARY} (version ${WGETVERSION})" ;;
+ yum) YUMFOUND=1; YUMBINARY="${BINARY}"; LogText " Found known binary: yum (package manager) - ${BINARY}" ;;
+ zgrep) ZGREPFOUND=1; ZGREPBINARY=${BINARY}; LogText " Found known binary: zgrep (text search for compressed files) - ${BINARY}" ;;
+ zypper) ZYPPERFOUND=1; ZYPPERBINARY="${BINARY}"; LogText " Found known binary: zypper (package manager) - ${BINARY}" ;;
esac
done
else
- logtext "Result: Directory ${SCANDIR} skipped"
+ LogText "Result: Directory ${SCANDIR} skipped"
if [ ! "${ORGPATH}" = "" ]; then TEXT="${ORGPATH} (links to ${SCANDIR})"; else TEXT="${SCANDIR}"; fi
fi
else
- logtext "Result: Directory ${SCANDIR} does NOT exist"
+ LogText "Result: Directory ${SCANDIR} does NOT exist"
fi
done
BINARY_PATHS_FOUND=`echo ${BINARY_PATHS_FOUND} | sed 's/^, //g' | sed 's/ //g'`
- logtext "Discovered directories: ${BINARY_PATHS_FOUND}"
- report "binary_paths=${BINARY_PATHS_FOUND}"
+ LogText "Discovered directories: ${BINARY_PATHS_FOUND}"
+ Report "binary_paths=${BINARY_PATHS_FOUND}"
BINARY_SCAN_FINISHED=1
- logtext "Result: found ${N} binaries"
- report "binaries_count=${N}"
+ LogText "Result: found ${N} binaries"
+ Report "binaries_count=${N}"
else
- logtext "Result: checking of binaries skipped in this mode"
+ LogText "Result: checking of binaries skipped in this mode"
fi
#
diff --git a/include/functions b/include/functions
index 1e24813a..8f3e9225 100644
--- a/include/functions
+++ b/include/functions
@@ -385,7 +385,7 @@
TEMP_FILE=`mktemp /tmp/lynis.XXXXXXXXXX` || exit 1
fi
if [ ! "${TEMP_FILE}" = "" ]; then
- logtext "Action: created temporary file ${TEMP_FILE}"
+ LogText "Action: created temporary file ${TEMP_FILE}"
else
Fatal "Could not create a temporary file"
fi
diff --git a/include/helper_audit_dockerfile b/include/helper_audit_dockerfile
index eb6f24c0..cabb9e92 100644
--- a/include/helper_audit_dockerfile
+++ b/include/helper_audit_dockerfile
@@ -71,16 +71,16 @@ fi
case ${IMAGE} in
"debian")
- logtext "Image = Debian based"
+ LogText "Image = Debian based"
PKGMGR="apt"
;;
"fedora*")
- logtext " Image = Fedora based"
+ LogText " Image = Fedora based"
PKGMGR="yum"
;;
"ubuntu")
- logtext " Image = Ubuntu based"
+ LogText " Image = Ubuntu based"
PKGMGR="apt"
;;
*)
@@ -113,20 +113,20 @@ InsertSection "Basics"
"apt")
FIND=`egrep "apt-get(.*) install" ${AUDIT_FILE}`
if [ ! "${FIND}" = "" ]; then
- logtext "Found installation via apt-get"
+ LogText "Found installation via apt-get"
else
- logtext "No installations found via apt-get"
+ LogText "No installations found via apt-get"
fi
;;
*)
- logtext "Unknown package manager"
+ LogText "Unknown package manager"
;;
esac
FIND=`egrep " (gcc|libc6-dev|make)" ${AUDIT_FILE} | grep -v "^#"`
if [ ! "${FIND}" = "" ]; then
ReportWarning "dockerfile" "L" "Possible development utilities found, which is not advised for production environment"
- logtext "Details: ${FIND}"
+ LogText "Details: ${FIND}"
fi
# SSH
@@ -142,14 +142,14 @@ InsertSection "Basics"
FILE_DOWNLOAD=0
- logtext "Checking usage of cURL"
+ LogText "Checking usage of cURL"
FIND_CURL=`grep curl ${AUDIT_FILE}`
if [ ! "${FIND_CURL}" = "" ]; then
Display --indent 4 --text "Download tool" --result "curl"
FILE_DOWNLOAD=1
fi
- logtext "Checking usage of wget"
+ LogText "Checking usage of wget"
FIND_WGET=`grep wget ${AUDIT_FILE}`
if [ ! "${FIND_WGET}" = "" ]; then
Display --indent 4 --text "Download tool" --result "wget"
@@ -161,7 +161,7 @@ InsertSection "Basics"
if [ ! "${FIND}" = "" ]; then
FILE_DOWNLOAD=1
ReportWarning "dockerfile" "L" "Found download of file via ADD. Unclear if the integrity of this file is checked, or file is signed"
- logtext "Details: ${FIND}"
+ LogText "Details: ${FIND}"
fi
if [ ${FILE_DOWNLOAD} -eq 1 ]; then
@@ -199,12 +199,11 @@ InsertSection "Basics"
##################################################################################################
#
-
-# Removing temp file
-logtext "Action: Removing temporary file ${TMP_FILE}"
- if [ -f ${TMP_FILE} ]; then
- rm -f ${TMP_FILE}
- fi
+ # Removing temp file
+ LogText "Action: Removing temporary file ${TMP_FILE}"
+ if [ -f ${TMP_FILE} ]; then
+ rm -f ${TMP_FILE}
+ fi
# The End
diff --git a/include/helper_update b/include/helper_update
index 4bc02758..064cbbf8 100644
--- a/include/helper_update
+++ b/include/helper_update
@@ -108,12 +108,12 @@ if [ "$1" = "release" ]; then
Display --indent 2 --text "${CYAN}[Phase 1] Downloading details${NORMAL}"
if [ ! "${WGET_EXISTS}" = "" ]; then
- logtext "Using wget to download release information"
+ LogText "Using wget to download release information"
LAST_COMMAND_HELP="wget --output-document ${TMP_FILE} ${FULLPATH}"
wget --output-document ${TMP_FILE} ${FULLPATH} 2> /dev/null
EXIT_CODE=$?
elif [ ! "${CURL_EXISTS}" = "" ]; then
- logtext "Using curl to download release information"
+ LogText "Using curl to download release information"
LAST_COMMAND_HELP="curl --fail -o ${TMP_FILE} ${FULLPATH}"
curl --fail -o ${TMP_FILE} ${FULLPATH} 2> /dev/null
EXIT_CODE=$?
@@ -166,12 +166,12 @@ if [ "$1" = "release" ]; then
Display --indent 2 --text "[Phase 3] Downloading latest release"
Display --indent 2 --text "Download location: ${FULLPATH}"
if [ ! "${WGET_EXISTS}" = "" ]; then
- logtext "Using wget to download latest release"
+ LogText "Using wget to download latest release"
LAST_COMMAND_HELP="wget --output-document ${TMP_FILE} ${FULLPATH}"
wget --output-document ${TMP_FILE} ${FULLPATH} 2> /dev/null
EXIT_CODE=$?
elif [ ! "${CURL_EXISTS}" = "" ]; then
- logtext "Using curl to download latest release"
+ LogText "Using curl to download latest release"
LAST_COMMAND_HELP="curl --fail -o ${TMP_FILE} ${FULLPATH}"
curl --fail -o ${TMP_FILE} ${FULLPATH} 2> /dev/null
EXIT_CODE=$?
@@ -224,7 +224,7 @@ if [ "$1" = "release" ]; then
fi
# Removing temp file
- logtext "Action: Removing temporary file ${TMP_FILE}"
+ LogText "Action: Removing temporary file ${TMP_FILE}"
if [ "${TMP_FILE}" = "" ]; then
if [ -f ${TMP_FILE} ]; then
rm -f ${TMP_FILE}
diff --git a/include/osdetection b/include/osdetection
index 3906300b..eeadc1ec 100644
--- a/include/osdetection
+++ b/include/osdetection
@@ -86,7 +86,7 @@
# TrueOS
if [ -f /etc/defaults/trueos ]; then
OS_NAME="TrueOS"
- logtext "Result: found TrueOS file, system is completely based on FreeBSD though. Only adjusting OS name."
+ LogText "Result: found TrueOS file, system is completely based on FreeBSD though. Only adjusting OS name."
fi
;;
diff --git a/include/tests_authentication b/include/tests_authentication
index d0493d0e..64893b33 100644
--- a/include/tests_authentication
+++ b/include/tests_authentication
@@ -737,7 +737,7 @@
if [ ${SKIPTEST} -eq 0 ]; then
if FileIsReadable /etc/shadow; then
DAYS_SINCE_EPOCH=$((`date --utc +%s`/86400))
- logtext "Data: Days since epoch is ${DAYS_SINCE_EPOCH}"
+ LogText "Data: Days since epoch is ${DAYS_SINCE_EPOCH}"
LogText "Test: collecting accounts which have an expired password (last day changed + maximum change time)"
# Skip fields with a !, *, or x, or !* (field $3 is last changed, $5 is maximum changed)
FIND=`egrep -v ":[\!\*x](\*)?:" /etc/shadow | awk -v today=${DAYS_SINCE_EPOCH} -F: '{ if (today>$3+$5) { print $1 }}'`
diff --git a/include/tests_networking b/include/tests_networking
index c32ae1f4..f0ba8252 100644
--- a/include/tests_networking
+++ b/include/tests_networking
@@ -108,8 +108,8 @@
# - Check if we found IPv6 enabled nameservers
# Report
- report "ipv6_mode=${IPV6_MODE}"
- report "ipv6_only=${IPV6_ONLY}"
+ Report "ipv6_mode=${IPV6_MODE}"
+ Report "ipv6_only=${IPV6_ONLY}"
fi
#
#################################################################################
@@ -618,8 +618,8 @@
#################################################################################
#
-report "dhcp_client_running=${DHCP_CLIENT_RUNNING}"
-report "arpwatch_running=${ARPWATCH_RUNNING}"
+Report "dhcp_client_running=${DHCP_CLIENT_RUNNING}"
+Report "arpwatch_running=${ARPWATCH_RUNNING}"
wait_for_keypress
diff --git a/include/tests_storage b/include/tests_storage
index a7ec4043..7915d0b2 100644
--- a/include/tests_storage
+++ b/include/tests_storage
@@ -80,11 +80,11 @@
if [ `cat "${device}/authorized_default"` -eq 1 ]; then
FOUND=1
LogText "Test: ${device} is authorized by default"
- report "usb_authorized_default_device[]=${device}"
+ Report "usb_authorized_default_device[]=${device}"
elif [ `cat "${device}/authorized"` -eq 1 ]; then
FOUND=1
LogText "Test: ${device} is authorized currently"
- report "usb_authorized_device[]=${device}"
+ Report "usb_authorized_device[]=${device}"
fi
fi
done
diff --git a/include/tests_tooling b/include/tests_tooling
index 407460cb..ddc5c8eb 100644
--- a/include/tests_tooling
+++ b/include/tests_tooling
@@ -160,11 +160,10 @@
# Fail2ban presence
if [ ! "${FAIL2BANBINARY}" = "" ]; then
- LogText "Result: Fail2ban is installed (${FAIL2BANBINARY})"
- IDS_IPS_TOOL_FOUND=1
- report "ids_ips_tooling[]=fail2ban"
FAIL2BAN_FOUND=1
- Report "IPS_tool_running[]=fail2ban-server"
+ IDS_IPS_TOOL_FOUND=1
+ LogText "Result: Fail2ban is installed (${FAIL2BANBINARY})"
+ Report "ids_ips_tooling[]=fail2ban"
Display --indent 2 --text "- Checking presence of Fail2ban" --result FOUND --color GREEN
else
LogText "Result: Fail2ban not present (fail2ban-server not found)"