New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add checks to post/linux/gather/enum_protections #11060

Merged
merged 1 commit into from Dec 7, 2018

Conversation

Projects
None yet
2 participants
@bcoles
Contributor

bcoles commented Dec 4, 2018

This PR largely reworks the post/linux/gather/enum_protections module.

Unless I'm missing something, the usage of which made no sense, so I replaced it with command -v. Although the command -v approach relies on $PATH, so too did the which implementation. The which implementation also iterated through each $PATH, which was inefficient and made no sense. Additionally, using command -v is generally considered to be better practice than using which.

This PR also adds various checks from the Post::Linux::Kernel mixin, such as checks for grsec, PaX, etc, and adds some additional applications to the apps check.

This PR also ensures print_status 'Installed applications saved to notes.' is only printed when a database is connected, as opposed to always.

Output

[!] SESSION may not be compatible with this module.
[*] Running module against 172.16.191.142 [subgraph]
[*] Info:
[*] 	Subgraph OS 1.0  
[*] 	Linux subgraph 4.9.33-subgraph #1 SMP Mon Jun 19 20:32:42 UTC 2017 x86_64 GNU/Linux
[*] Finding system protections...
[+] ASLR is enabled
[+] SMEP is enabled
[+] grsecurity is installed
[+] PaX is installed
[*] Finding installed applications...
[+] fw-settings found: /usr/bin/fw-settings
[+] oz-seccomp found: /usr/bin/oz-seccomp
[*] System protections saved to notes.
[*] Post module execution completed

msf5 post(linux/gather/enum_protections) > notes

Notes
=====

 Time                     Host            Service  Port  Protocol  Type              Data
 ----                     ----            -------  ----  --------  ----              ----
 2018-12-04 08:45:32 UTC  172.16.191.142                           linux.protection  "ASLR is enabled"
 2018-12-04 08:45:32 UTC  172.16.191.142                           linux.protection  "SMEP is enabled"
 2018-12-04 08:45:32 UTC  172.16.191.142                           linux.protection  "grsecurity is installed"
 2018-12-04 08:45:32 UTC  172.16.191.142                           linux.protection  "PaX is installed"
 2018-12-04 08:45:33 UTC  172.16.191.142                           linux.protection  "/usr/bin/fw-settings"
 2018-12-04 08:45:34 UTC  172.16.191.142                           linux.protection  "/usr/bin/oz-seccomp"

[*] Running module against 172.16.191.222 [openwall.local]
[*] Info:
[*] 	Owl 3.1-stable
[*] 	Linux openwall.local 2.6.18-431.el5.028stab123.1.owl2 #1 SMP Tue Jul 3 16:51:22 MSK 2018 x86_64 GNU/Linux
[*] Finding system protections...
[+] ASLR is enabled
[+] Exec-Shield is enabled
[*] Finding installed applications...
[+] iptables found: /sbin/iptables
[+] logrotate found: /usr/sbin/logrotate
[*] Post module execution completed
[*] Running module against 172.16.191.139 [manjaro-gnome-17-1-0]
[*] Info:
[*] 	Manjaro Linux
[*] 	Linux manjaro-gnome-17-1-0 4.14.10-2-MANJARO #1 SMP PREEMPT Fri Dec 29 18:25:07 UTC 2017 x86_64 GNU/Linux
[*] Finding system protections...
[+] ASLR is enabled
[+] SMEP is enabled
[+] Yama is installed and enabled
[*] Finding installed applications...
[+] ufw found: /usr/sbin/ufw
[+] iptables found: /usr/sbin/iptables
[+] logrotate found: /usr/sbin/logrotate
[*] Post module execution completed
[*] Running module against 172.16.191.233 [debian9-4-0-x64]
[*] Info:
[*] 	Debian GNU/Linux 9  
[*] 	Linux debian9-4-0-x64 4.9.0-6-amd64 #1 SMP Debian 4.9.82-1+deb9u3 (2018-03-02) x86_64 GNU/Linux
[*] Finding system protections...
[+] ASLR is enabled
[+] KAISER is enabled
[+] SMEP is enabled
[+] Yama is installed, but not enabled
[*] Finding installed applications...
[+] iptables found: /sbin/iptables
[+] logrotate found: /usr/sbin/logrotate
[*] Post module execution completed

@busterb busterb self-assigned this Dec 4, 2018

@busterb

This comment has been minimized.

Contributor

busterb commented Dec 7, 2018

Nice updates, thanks @bcoles

@busterb busterb merged commit 40906e0 into rapid7:master Dec 7, 2018

2 of 3 checks passed

Metasploit Automation - Sanity Test Execution Running automation sanity tests. Details available on completion.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

busterb added a commit that referenced this pull request Dec 7, 2018

msjenkins-r7 added a commit that referenced this pull request Dec 7, 2018

@busterb

This comment has been minimized.

Contributor

busterb commented Dec 7, 2018

Release Notes

This updates the post/linux/gather/enum_protections module to enumerate modern protection subsystems in Linux systems, as well as using more efficient techniques for performing checks.

@bcoles bcoles deleted the bcoles:enum_protections branch Dec 7, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment