Debugging

2024-04-08 14:55:57 +02:00 · 2024-04-08 14:55:57 +02:00 · 29d8a0f98a
parent a87d551a93
commit 29d8a0f98a
1 changed files with 7 additions and 7 deletions
--- a/pandora_agents/plugins/windows/pandora_security_win/src/pandora_security_win.py
+++ b/pandora_agents/plugins/windows/pandora_security_win/src/pandora_security_win.py
@ -340,21 +340,21 @@ def check_login_audit_policy(auditpol_logon_category, auditpol_logon_success_con
    try:
        # Run the auditpol command to check the audit policy for Logon/Logoff
        cmd_command = f'auditpol /get /subcategory:"{auditpol_logon_category}"'
-        result = subprocess.run(cmd_command, shell=True, capture_output=True, text=True, check=True, encoding=sys.getdefaultencoding())
+        result = subprocess.run(cmd_command, shell=True, capture_output=True, text=True, check=True, encoding="latin-1")
        last_line = result.stdout.strip().split('\n')[-1].strip()
        last_line_parts = re.split(r'\s\s+', last_line)
        cleaned_line = re.sub(' +', ' ', last_line)
        
-        print(sys.getdefaultencoding())
+        print("latin-1")
        print(last_line_parts[1])
-        print(last_line_parts[1].encode(sys.getdefaultencoding()))
+        print(last_line_parts[1].encode("latin-1"))
        print(auditpol_logon_success_conf)
-        print(auditpol_logon_success_conf.encode(sys.getdefaultencoding()))
+        print(auditpol_logon_success_conf.encode("latin-1"))

        # Interpret the result
-        if auditpol_logon_success_conf.encode(sys.getdefaultencoding()) == last_line_parts[1].encode(sys.getdefaultencoding()):
+        if auditpol_logon_success_conf.encode("latin-1") == last_line_parts[1].encode("latin-1"):
            result = 1
-        elif auditpol_logon_noaudit_conf.encode(sys.getdefaultencoding()) == last_line_parts[1].encode(sys.getdefaultencoding()):
+        elif auditpol_logon_noaudit_conf.encode("latin-1") == last_line_parts[1].encode("latin-1"):
            result = 0
        else:
            print("Unable to determine audit policy for Logon/Logoff events.", file=sys.stderr)
@ -388,7 +388,7 @@ if __name__ == "__main__":

    if(args.conf):
        try:
-            with open(args.conf, 'r', encoding=sys.getdefaultencoding()) as f:
+            with open(args.conf, 'r', encoding="latin-1") as f:
                content = f.read()
                config.read_string('[CONF]\n' + content)
        except Exception as e: