Class: Dawn::Kb::OperatingSystemCheck
- Inherits:
-
Object
- Object
- Dawn::Kb::OperatingSystemCheck
- Includes:
- BasicCheck
- Defined in:
- lib/dawn/kb/operating_system_check.rb
Constant Summary
Constants included from BasicCheck
Instance Attribute Summary collapse
-
#safe_os ⇒ Object
safe_os is an Hash with this form :vendor=>“”, :version=>“”.
-
#target_os ⇒ Object
Returns the value of attribute target_os.
Attributes included from BasicCheck
#applies, #aux_links, #check_family, #cve, #cvss, #cwe, #debug, #evidences, #fixes_version, #kind, #message, #mitigated, #name, #osvdb, #owasp, #please_ignore_dep_version, #priority, #release_date, #remediation, #ruby_version, #ruby_vulnerable_versions, #severity, #status, #target_version, #title
Instance Method Summary collapse
- #different_family? ⇒ Boolean
- #different_vendor? ⇒ Boolean
-
#initialize(options = {}) ⇒ OperatingSystemCheck
constructor
A new instance of OperatingSystemCheck.
- #os_detect ⇒ Object
- #vuln? ⇒ Boolean
- #vulnerable_os? ⇒ Boolean
Methods included from BasicCheck
#applies_to?, #cve_link, #cvss_score, families, #family, #family=, #lint, #mitigated?, #nvd_link, #osvdb_link, #rubysec_advisories_link
Constructor Details
#initialize(options = {}) ⇒ OperatingSystemCheck
Returns a new instance of OperatingSystemCheck.
22 23 24 25 |
# File 'lib/dawn/kb/operating_system_check.rb', line 22 def initialize(={}) super() os_detect end |
Instance Attribute Details
#safe_os ⇒ Object
safe_os is an Hash with this form :vendor=>“”, :version=>“”
family can be one of the following:
"linux"
"windows"
"unix"
"osx"
"freebsd"
"netbsd"
"openbsd"
"unknown"
vendor will be either “microsoft”, “apple”, unix flavour or linux distribution accordingly
18 19 20 |
# File 'lib/dawn/kb/operating_system_check.rb', line 18 def safe_os @safe_os end |
#target_os ⇒ Object
Returns the value of attribute target_os.
19 20 21 |
# File 'lib/dawn/kb/operating_system_check.rb', line 19 def target_os @target_os end |
Instance Method Details
#different_family? ⇒ Boolean
34 35 36 37 38 39 40 |
# File 'lib/dawn/kb/operating_system_check.rb', line 34 def different_family? ret = false @safe_os.each do |sos| ret = true if ! ret && sos[:family] == @target_os[:family] end ret end |
#different_vendor? ⇒ Boolean
42 43 44 45 46 47 48 |
# File 'lib/dawn/kb/operating_system_check.rb', line 42 def different_vendor? ret = false @safe_os.each do |sos| ret = true if ! ret && sos[:vendor] == @target_os[:vendor] end ret end |
#os_detect ⇒ Object
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/dawn/kb/operating_system_check.rb', line 60 def os_detect platform = RUBY_PLATFORM @target_os = {} @target_os[:family] = "osx"; @target_os[:vendor]="apple" unless /darwin/.match(platform).nil? @target_os[:family] = "windows"; @target_os[:vendor]="microsoft" unless /win32/.match(platform).nil? @target_os[:family] = "linux" unless /linux/.match(platform).nil? @target_os[:family] = "unix"; @target_os[:vendor]="freebsd" unless /freebsd/.match(platform).nil? @target_os[:family] = "unix"; @target_os[:vendor]="openbsd" unless /openbsd/.match(platform).nil? @target_os[:family] = "unix"; @target_os[:vendor]="netbsd" unless /netbsd/.match(platform).nil? begin require 'sys/uname' @target_os[:version]= [Sys::Uname.release] rescue # otherwise use shell @target_os[:version] = [`uname -r`.strip] end tmp = "" if File.exist?("/etc/SuSE-release") tmp = File.readlines("/etc/SuSE-release"); @target_os[:vendor]="suse" end if File.exist?("/etc/redhat_release") tmp = File.readlines("/etc/redhat_release"); @target_os[:vendor]="redhat" end if File.exist?("/etc/debian_release") tmp = File.readlines("/etc/debian_release"); @target_os[:vendor]="debian" end end |
#vuln? ⇒ Boolean
27 28 29 30 31 32 |
# File 'lib/dawn/kb/operating_system_check.rb', line 27 def vuln? return false if different_family? return false if different_vendor? return vulnerable_os? end |
#vulnerable_os? ⇒ Boolean
50 51 52 53 54 55 56 57 |
# File 'lib/dawn/kb/operating_system_check.rb', line 50 def vulnerable_os? ret = false @safe_os.each do |sos| ret = true if ! ret && sos[:version] = 'none' ret = true if ! ret && is_vulnerable_version?(@target_os[:family], sos[:version]) end ret end |