diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-06-18 12:14:01 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-06-18 12:14:01 +0300 |
| commit | 983e293eb157131ca5e085e4927ea5fc220edc73 (patch) | |
| tree | cc5e8bea4af5cfa53f57a73d2c61357f47165857 /include/tests_shells | |
| parent | 9c093f7a97fb0b9593a303ef7394c3bc5dea99b2 (diff) | |
Replaced text strings to allow translations
Diffstat (limited to 'include/tests_shells')
| -rw-r--r-- | include/tests_shells | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/include/tests_shells b/include/tests_shells index c267cf2b..9a060927 100644 --- a/include/tests_shells +++ b/include/tests_shells @@ -53,10 +53,10 @@ LogText "Test: Checking console TTYs" FIND=`egrep '^console' /etc/ttys | grep -v 'insecure'` if [ "${FIND}" = "" ]; then - Display --indent 2 --text "- Checking console TTYs" --result OK --color GREEN + Display --indent 2 --text "- Checking console TTYs" --result "${STATUS_OK}" --color GREEN LogText "Result: console is secured against single user mode without password." else - Display --indent 2 --text "- Checking console TTYs" --result WARNING --color RED + Display --indent 2 --text "- Checking console TTYs" --result "${STATUS_WARNING}" --color RED LogText "Result: Found insecure console in /etc/ttys. Single user mode login without password allowed!" LogText "Output /etc/ttys:" LogText "${FIND}" @@ -208,10 +208,10 @@ fi if [ ${IDLE_TIMEOUT} -eq 1 ]; then - Display --indent 4 --text "- Session timeout settings/tools" --result "FOUND" --color GREEN + Display --indent 4 --text "- Session timeout settings/tools" --result "${STATUS_FOUND}" --color GREEN AddHP 3 3 else - Display --indent 4 --text "- Session timeout settings/tools" --result "NONE" --color YELLOW + Display --indent 4 --text "- Session timeout settings/tools" --result "${STATUS_NONE}" --color YELLOW AddHP 1 3 fi fi @@ -234,7 +234,7 @@ FIND=`grep umask ${FILE} | sed 's/^[ \t]*//g' | sed 's/#.*$//' | grep -v "^$" | awk '{ print $2 }'` if [ "${FIND}" = "" ]; then LogText "Result: did not find umask configured in ${FILE}" - Display --indent 4 --text "- Checking default umask in ${FILE}" --result NONE --color YELLOW + Display --indent 4 --text "- Checking default umask in ${FILE}" --result "${STATUS_NONE}" --color YELLOW else for UMASKVALUE in ${FIND}; do LogText "Result: found umask ${UMASKVALUE} in ${FILE}" @@ -249,7 +249,7 @@ esac done if [ ${HARDENING_POSSIBLE} -eq 0 ]; then - Display --indent 4 --text "- Checking default umask in ${FILE}" --result OK --color GREEN + Display --indent 4 --text "- Checking default umask in ${FILE}" --result "${STATUS_OK}" --color GREEN AddHP 3 3 else Display --indent 4 --text "- Checking default umask in ${FILE}" --result WEAK --color YELLOW @@ -263,7 +263,7 @@ #if [ ${FOUND} -eq 1 ]; then # if [ ${HARDENING_POSSIBLE} -eq 0 ]; then # LogText "Result: all shell files found, contain a proper umask" - # Display --indent 4 --text "- Default umask" --result OK --color GREEN + # Display --indent 4 --text "- Default umask" --result "${STATUS_OK}" --color GREEN # fi #fi fi @@ -300,11 +300,11 @@ if [ ! "${VULNERABLE}" = "" ]; then LogText "Output: ${VULNERABLE}" LogText "Result: Vulnerable to original shellshock (CVE-2014-6271)" - Display --indent 2 --text "- Shellshock: CVE-2014-6271 (original shellshocker)" --result "WARNING" --color RED + Display --indent 2 --text "- Shellshock: CVE-2014-6271 (original shellshocker)" --result "${STATUS_WARNING}" --color RED FOUND=1 else LogText "Result: Not vulnerable to original shellshock (CVE-2014-6271)" - #Display --indent 4 --text "- CVE-2014-6271 (original shellshocker)" --result "OK" --color GREEN + #Display --indent 4 --text "- CVE-2014-6271 (original shellshocker)" --result "${STATUS_OK}" --color GREEN fi # CVE-2014-6277 (disabled, as this test was giving too much false positives) @@ -317,11 +317,11 @@ if [ ! "${VULNERABLE}" = "" ]; then LogText "Output: ${VULNERABLE}" LogText "Result: Vulnerable to CVE-2014-6278" - Display --indent 2 --text "- Shellshock: CVE-2014-6278 (Florian's patch, lcamtuf bug #2)" --result "WARNING" --color RED + Display --indent 2 --text "- Shellshock: CVE-2014-6278 (Florian's patch, lcamtuf bug #2)" --result "${STATUS_WARNING}" --color RED FOUND=1 else LogText "Result: Not vulnerable to CVE-2014-6278" - #Display --indent 4 --text "- CVE-2014-6278 (Florian's patch, lcamtuf bug #2)" --result "OK" --color GREEN + #Display --indent 4 --text "- CVE-2014-6278 (Florian's patch, lcamtuf bug #2)" --result "${STATUS_OK}" --color GREEN fi # CVE-2014-7169 @@ -332,11 +332,11 @@ if [ ! "${VULNERABLE}" = "" ]; then LogText "Output: ${VULNERABLE}" LogText "Result: Vulnerable to taviso bug (CVE-2014-7169)" - Display --indent 2 --text "- Shellshock: CVE-2014-7169 (taviso bug)" --result "WARNING" --color RED + Display --indent 2 --text "- Shellshock: CVE-2014-7169 (taviso bug)" --result "${STATUS_WARNING}" --color RED FOUND=1 else LogText "Result: Not vulnerable to taviso bug (CVE-2014-7169)" - #Display --indent 4 --text "- CVE-2014-7169 (taviso bug)" --result "OK" --color GREEN + #Display --indent 4 --text "- CVE-2014-7169 (taviso bug)" --result "${STATUS_OK}" --color GREEN fi # CVE-2014-7186 @@ -347,11 +347,11 @@ if [ ! "${VULNERABLE}" = "" ]; then LogText "Output: ${VULNERABLE}" LogText "Result: Vulnerable to CVE-2014-7186" - Display --indent 2 --text "- Shellshock: CVE-2014-7186 redir_stack bug" --result "WARNING" --color RED + Display --indent 2 --text "- Shellshock: CVE-2014-7186 redir_stack bug" --result "${STATUS_WARNING}" --color RED FOUND=1 else LogText "Result: Not vulnerable to CVE-2014-7186" - #Display --indent 4 --text "- CVE-2014-7186 redir_stack bug" --result "OK" --color GREEN + #Display --indent 4 --text "- CVE-2014-7186 redir_stack bug" --result "${STATUS_OK}" --color GREEN fi # CVE-2014-7187 @@ -362,11 +362,11 @@ if [ ! "${VULNERABLE}" = "" ]; then LogText "Output: ${VULNERABLE}" LogText "Result: Vulnerable to CVE-2014-7187" - Display --indent 2 --text "- Shellshock: CVE-2014-7187 nested loops off by one bug" --result "WARNING" --color RED + Display --indent 2 --text "- Shellshock: CVE-2014-7187 nested loops off by one bug" --result "${STATUS_WARNING}" --color RED FOUND=1 else LogText "Result: Not vulnerable to CVE-2014-7187" - #Display --indent 4 --text "- CVE-2014-7187 nested loops off by one bug" --result "OK" --color GREEN + #Display --indent 4 --text "- CVE-2014-7187 nested loops off by one bug" --result "${STATUS_OK}" --color GREEN fi # CVE-2014-//// @@ -377,11 +377,11 @@ if [ ! "${VULNERABLE}" = "" ]; then LogText "Output: ${VULNERABLE}" LogText "Result: Vulnerable to CVE-2014-//// (exploit #3 on shellshocker.net)" - Display --indent 2 --text "- Shellshock: Exploit #3 on shellshocker.net (no CVE)" --result "WARNING" --color RED + Display --indent 2 --text "- Shellshock: Exploit #3 on shellshocker.net (no CVE)" --result "${STATUS_WARNING}" --color RED FOUND=1 else LogText "Result: Not vulnerable to exploit #3 on shellshocker.net (no CVE)" - #Display --indent 4 --text "- Exploit#3 on shellshocker.net (no CVE)" --result "OK" --color GREEN + #Display --indent 4 --text "- Exploit#3 on shellshocker.net (no CVE)" --result "${STATUS_OK}" --color GREEN fi else LogText "Result: bash binary found, but not executable, or it is symlinked" |