BusyBox applet verification module

config/busybox_commands.cfg

@@ -0,0 +1,391 @@
+[
+[[
+acpid
+addgroup
+add-shell
+adduser
+adjtimex
+ar
+arch
+arp
+arping
+ash
+awk
+base64
+basename
+bash
+bbconfig
+bc
+beep
+blkdiscard
+blkid
+blockdev
+bootchartd
+brctl
+bunzip2
+busybox
+bzcat
+bzip2
+cal
+cat
+catv
+chat
+chattr
+chgrp
+chmod
+chown
+chpasswd
+chpst
+chroot
+chrt
+chvt
+cksum
+clear
+cmp
+comm
+conspy
+cp
+cpio
+crond
+crontab
+cryptpw
+cttyhack
+cut
+date
+dc
+dd
+deallocvt
+delgroup
+deluser
+depmod
+devmem
+df
+dhcprelay
+diff
+dirname
+dmesg
+dnsd
+dnsdomainname
+dos2unix
+dpkg
+dpkg-deb
+du
+dumpkmap
+dumpleases
+echo
+ed
+egrep
+eject
+env
+envdir
+envuidgid
+ether-wake
+expand
+expr
+factor
+fakeidentd
+fallocate
+false
+fatattr
+fbset
+fbsplash
+fdflush
+fdformat
+fdisk
+fgconsole
+fgrep
+find
+findfs
+flash_lock
+flash_unlock
+flock
+fold
+free
+freeramdisk
+fsck
+fsck.minix
+fsfreeze
+fstrim
+fsync
+ftpd
+ftpget
+ftpput
+fuser
+getopt
+getty
+grep
+groups
+gunzip
+gzip
+halt
+hd
+hdparm
+head
+hexdump
+hexedit
+hostid
+hostname
+httpd
+hush
+hwclock
+i2cdetect
+i2cdump
+i2cget
+i2cset
+id
+ifconfig
+ifdown
+ifenslave
+ifplugd
+ifup
+inetd
+init
+inotifyd
+insmod
+install
+ionice
+iostat
+ip
+ip6calc
+ipaddr
+ipcalc
+ipcrm
+ipcs
+iplink
+ipneigh
+iproute
+iprule
+iptunnel
+kbd_mode
+kill
+killall
+killall5
+klogd
+last
+length
+less
+link
+linux32
+linux64
+linuxrc
+ln
+loadfont
+loadkmap
+lock
+logger
+login
+logname
+logread
+losetup
+lpd
+lpq
+lpr
+ls
+lsattr
+lsmod
+lsof
+lspci
+lsscsi
+lsusb
+lzcat
+lzma
+lzmacat
+lzop
+lzopcat
+makedevs
+makemime
+man
+md5sum
+mdev
+mesg
+microcom
+mkdir
+mkdosfs
+mke2fs
+mkfifo
+mkfs.ext2
+mkfs.minix
+mkfs.vfat
+mknod
+mkpasswd
+mkswap
+mktemp
+modinfo
+modprobe
+more
+mount
+mountpoint
+mpstat
+msh
+mt
+mv
+nameif
+nanddump
+nandwrite
+nbd-client
+nc
+netmsg
+netstat
+nice
+nl
+nmeter
+nohup
+nologin
+nproc
+nsenter
+nslookup
+ntpd
+nuke
+od
+openvt
+partprobe
+passwd
+paste
+patch
+pgrep
+pidof
+ping
+ping6
+pipe_progress
+pivot_root
+pkill
+pmap
+popmaildir
+poweroff
+powertop
+printenv
+printf
+ps
+pscan
+pstree
+pwd
+pwdx
+raidautorun
+rdate
+rdev
+readahead
+readlink
+readprofile
+realpath
+reboot
+reformime
+remove-shell
+renice
+reset
+resize
+rev
+rfkill
+rm
+rmdir
+rmmod
+route
+rpm
+rpm2cpio
+rtcwake
+runlevel
+run-parts
+runsv
+runsvdir
+rx
+script
+scriptreplay
+sed
+sendmail
+seq
+setarch
+setconsole
+setfont
+setkeycodes
+setlogcons
+setpriv
+setserial
+setsid
+setuidgid
+sh
+sha1sum
+sha256sum
+sha3sum
+sha512sum
+showkey
+shred
+shuf
+slattach
+sleep
+smemcap
+softlimit
+sort
+split
+start-stop-daemon
+stat
+strings
+stty
+su
+sulogin
+sum
+sv
+svlogd
+swapoff
+swapon
+switch_root
+sync
+sysctl
+syslogd
+tac
+tail
+tar
+taskset
+tcpsvd
+tee
+telnet
+telnetd
+test
+tftp
+tftpd
+time
+timeout
+top
+touch
+tr
+traceroute
+traceroute6
+tree
+true
+truncate
+tty
+ttysize
+tunctl
+udhcpc
+udhcpc6
+udhcpd
+udpsvd
+umount
+uname
+uncompress
+unexpand
+uniq
+unix2dos
+unlink
+unlzma
+unlzop
+unshare
+unxz
+unzip
+uptime
+usleep
+uudecode
+uuencode
+vconfig
+vi
+vlock
+volname
+watch
+watchdog
+wc
+wget
+which
+who
+whoami
+xargs
+yes
+zcat
+zcip

config/report_templates/S118_busybox_verifier-pre.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+print_output "First, this module extracts the BusyBox vulnerabilities based on version details."
+print_output "Second, the enabled applets are extracted from the emulation results of module s115/s116."
+print_output "Finally, the already known vulnerabilities are matched against the extracted applets. Vulnerability descriptions with matching applets are rated as verified CVEs"