Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add forti vuln module #105

Merged
merged 8 commits into from
Jul 3, 2024
Merged

Add forti vuln module #105

merged 8 commits into from
Jul 3, 2024

Conversation

Matie26
Copy link
Contributor

@Matie26 Matie26 commented Jun 17, 2024

No description provided.

@Matie26 Matie26 changed the title forti vuln module Add forti vuln module Jun 17, 2024
@Matie26 Matie26 marked this pull request as draft June 18, 2024 13:49
@Matie26 Matie26 marked this pull request as ready for review June 18, 2024 15:30
kazet
kazet reviewed Jun 25, 2024
View reviewed changes
autoreporter_addons/forti_vuln/reporter.py Outdated
from artemis.reporting.utils import get_top_level_target


class FortiVulnReporter(Reporter): # type: ignore[misc]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not too broad ignore?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

kazet
kazet reviewed Jun 25, 2024
View reviewed changes
docker-compose.yml Outdated
@@ -36,9 +36,22 @@ services:
command: "python3 -m artemis.modules.karton_ssl_checks"
profiles: [not-arm]

karton-forti_vuln:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sort kartons alphaetically

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

now they are sorted

kazet
kazet reviewed Jun 25, 2024
View reviewed changes
forti_vuln/forti_vuln.py Outdated
http_host = f"{host}:{port}"
self.log.info(f"forti vuln scanning {http_host}")

user_agent = ""
Copy link
Member

@kazet kazet Jun 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we send an empty one? or sth generic

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added default user agent just in case

kazet
kazet reviewed Jun 25, 2024
View reviewed changes
forti_vuln/forti_vuln.py Outdated
status_reason = "Detected CVE-2024-21762 vulnerability"
else:
status = TaskStatus.ERROR
status_reason = "Omitted because service does not use ssl encryption"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why no check if no ssl?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added support for services without ssl

@kazet kazet merged commit 770897b into CERT-Polska:main Jul 3, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kazet kazet kazet left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Matie26 @kazet