这是indexloc提供的服务,不要输入任何密码
Skip to content

Os tagging #112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
May 25, 2018
Merged

Os tagging #112

merged 10 commits into from
May 25, 2018

Conversation

@dorpvom
Copy link
Member

@dorpvom dorpvom commented May 9, 2018

  • OS tagging feature implemented by @rkonertz
  • Merged from [1] and refactored
  • Utilizing Software Components OS detection

[1] https://github.com/rkonertz/FACT_core

rkonertz and others added 3 commits April 29, 2018 20:59
- Added tagging of OS Information in Plugin: software components
4efa19e 
- Added Signature for Cisco IOS
- Added generic add tag method to PluginBase
@dorpvom
Merge pull request #111 from rkonertz/os_tag
0e880e6 
Added tagging of OS Information in Plugin: software components
@dorpvom
Code refactoring, fixed propagate bug, added credits to RK
cab5c6d
@dorpvom dorpvom self-assigned this May 9, 2018
@dorpvom dorpvom requested a review from weidenba May 9, 2018 12:55
@codecov-io
Copy link

codecov-io commented May 9, 2018
edited
Loading

Codecov Report

Merging #112 into master will increase coverage by 0.01%.
The diff coverage is 96.7%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #112      +/-   ##
==========================================
+ Coverage   94.33%   94.35%   +0.01%     
==========================================
  Files         294      296       +2     
  Lines       14498    14581      +83     
==========================================
+ Hits        13677    13758      +81     
- Misses        821      823       +2
Impacted Files Coverage Δ
...components/test/test_plugin_software_components.py 100% <100%> (ø) ⬆️
...test/test_plugin_software_components_signatures.py 100% <100%> (ø) ⬆️
...s/software_components/internal/extract_os_names.py 100% <100%> (ø)
...s/analysis/crypto_material/code/crypto_material.py 100% <100%> (ø) ⬆️
...s/software_components/test/test_scan_signatures.py 100% <100%> (ø)
src/analysis/PluginBase.py 89.62% <85.71%> (+0.48%) ⬆️
...is/software_components/code/software_components.py 96.72% <87.5%> (-3.28%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 25ce018...92f50ab. Read the comment docs.

weidenba
weidenba suggested changes May 23, 2018
View reviewed changes
src/plugins/analysis/software_components/internal/install.py Outdated
scanned_software = get_scanned_software('./signatures/os.yara')
first = True

with open('./code/__init__.py', 'w') as init_file:
Copy link
Contributor

@weidenba weidenba May 23, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it would be better to store this in bin/

src/plugins/analysis/software_components/internal/scan_signatures.py Outdated
@@ -0,0 +1,13 @@
def get_scanned_software(yara_signature_file):
Copy link
Contributor

@weidenba weidenba May 23, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

function is to complex.
consider use of common_helper_files.get_string_list_from_file to avoid errors
and export parsing to another function (s.a.).

src/plugins/analysis/software_components/internal/install.py Outdated


def scan():
scanned_software = get_scanned_software('./signatures/os.yara')
Copy link
Contributor

@weidenba weidenba May 23, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please do not mix up string formating and read/write operations in one function.

Copy link
Contributor

@weidenba weidenba May 23, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you might want to use common_helper_files.write_binary_to_file function to avoid errors and create folders automatically

weidenba
weidenba suggested changes May 25, 2018
View reviewed changes
src/plugins/analysis/software_components/code/software_components.py
self.add_analysis_tag(file_object, 'OS', os, TagColor.GREEN, False)
self.add_analysis_tag(file_object, 'OS Version', entry, TagColor.GREEN, True)

@staticmethod
Copy link
Contributor

@weidenba weidenba May 25, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method is not tested. Seems trivial to do it?

src/plugins/analysis/software_components/code/software_components.py
def add_os_key(self, file_object):
for entry in file_object.processed_analysis[self.NAME]['summary']:
for os in OS_LIST:
if entry.find(os) != -1:
Copy link
Contributor

@weidenba weidenba May 25, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These cases are not tested. Does not seem to be hard to test.

src/analysis/PluginBase.py
}
if 'tags' not in file_object.processed_analysis[self.NAME]:
file_object.processed_analysis[self.NAME]['tags'] = new_tag
else:
Copy link
Contributor

@weidenba weidenba May 25, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This case it not tested. It does not look hard to test it.

@weidenba weidenba merged commit 650dd8d into master May 25, 2018
@weidenba weidenba deleted the os-tagging branch May 25, 2018 07:27
weidenba added a commit that referenced this pull request Oct 22, 2018
@weidenba
Merge pull request #112 from fkie-cad/os-tagging
359c9d6 
Os tagging
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@weidenba weidenba weidenba approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@dorpvom dorpvom

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dorpvom @codecov-io @weidenba