Merge pull request #5 from 2lambda123/pixeebot/ablesov/fix_field_name

Hardening suggestions for KasperskyLab-TinyCheck / ablesov/fix_field_name
This commit is contained in:
Robert Bongart (MSc MSc MA) 2024-04-14 11:59:34 -05:00 committed by GitHub
commit 13ddb3b0bc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 499 additions and 495 deletions

View File

@ -13,6 +13,7 @@ import os
import re
import sys
import whois
from security import safe_command
class ZeekEngine(object):
@ -396,7 +397,7 @@ class ZeekEngine(object):
# This check can be good if the domain has already been cached by
# the device so it wont appear in self.dns.
if any([cert["cn"].endswith(r["domain"]) for r in self.dns]):
if any(cert["cn"].endswith(r["domain"]) for r in self.dns):
continue
for domain in self.bl_domains:
@ -445,10 +446,10 @@ class ZeekEngine(object):
"""
Start zeek and check the logs.
"""
sp.Popen("cd {} && /opt/zeek/bin/zeek -Cr capture.pcap protocols/ssl/validate-certs".format(
self.working_dir), shell=True).wait()
sp.Popen("cd {} && mv *.log assets/".format(self.working_dir),
shell=True).wait()
safe_command.run(sp.Popen, "cd {} && /opt/zeek/bin/zeek -Cr capture.pcap protocols/ssl/validate-certs".format(
self.working_dir), shell=False).wait()
safe_command.run(sp.Popen, "cd {} && mv *.log assets/".format(self.working_dir),
shell=False).wait()
self.fill_dns(self.working_dir + "/assets/")
self.netflow_check(self.working_dir + "/assets/")
self.ssl_check(self.working_dir + "/assets/")

View File

@ -15,3 +15,6 @@ netifaces==0.11.0
weasyprint==59.0
python-whois==0.8.0
six==1.16.0
security==1.2.1 \
--hash=sha256:4ca5f8cfc6b836e2192a84bb5a28b72c17f3cd1abbfe3281f917394c6e6c9238
--hash=sha256:0a9dc7b457330e6d0f92bdae3603fecb85394beefad0fd3b5058758a58781ded