tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-08 22:44:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Test for blacklisted host ID values

Browse Source
This commit is contained in:
mboelen 2015-10-23 13:42:23 +02:00
parent d058ba8bfc
commit a98f377f4d
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
include/functions
View File

@ -423,6 +423,8 @@
{ {
HOSTID="-" HOSTID="-"
FIND="" FIND=""
# Avoid some hashes (empty, only zeros)
BLACKLISTED_HASHES="6ef1338f520d075957424741d7ed35ab5966ae97 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc"
if [ ! "${SHA1SUMBINARY}" = "" -o ! "${OPENSSLBINARY}" = "" -o ! "${CSUMBINARY}" = "" ]; then if [ ! "${SHA1SUMBINARY}" = "" -o ! "${OPENSSLBINARY}" = "" -o ! "${CSUMBINARY}" = "" ]; then
case "${OS}" in case "${OS}" in
@ -574,6 +576,15 @@
ReportException "GetHostID" "Can't create HOSTID as OS is not supported yet by this function" ReportException "GetHostID" "Can't create HOSTID as OS is not supported yet by this function"
;; ;;
esac esac
# Remove HOSTID if it contains a default MAC address with a related hash value
if [ ! "${HOSTID}" = "" ]; then
for CHECKHASH in ${BLACKLISTED_HASHES}; do
if [ "${CHECKHASH}" = "${HOSTID}" ]; then
logtext "Result: hostid is a blacklisted value"
HOSTID=""
fi
done
fi
else else
ReportException "GetHostID" "Can't create HOSTID as there is no SHA1 hash tool available (sha1, sha1sum, openssl)" ReportException "GetHostID" "Can't create HOSTID as there is no SHA1 hash tool available (sha1, sha1sum, openssl)"
fi fi