Merge pull request #254 from slimm609/add_sysctls

slimm609 · web-flow · commit ba491e3478f1 · 2024-06-30T19:42:01.000-04:00
add additional sysctl checks
diff --git a/pkg/checksec/sysctl.go b/pkg/checksec/sysctl.go
@@ -16,9 +16,15 @@ func SysctlCheck() ([]interface{}, []interface{}) {
 		{"name": "net.ipv4.conf.all.rp_filter", "desc": "Ipv4 reverse path filtering", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}},
 		{"name": "kernel.yama.ptrace_scope", "desc": "YAMA", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}},
 		{"name": "kernel.exec-shield", "desc": "Exec Shield", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}},
+		{"name": "kernel.unprivileged_bpf_disabled", "desc": "Unprivileged BPF Disabled", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}},
 		{"name": "kernel.randomize_va_space", "desc": "Vanilla Kernel ASLR", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}},
+		{"name": "kernel.dmesg_restrict", "desc": "Dmesg Restrictions", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}},
+		{"name": "kernel.kptr_restrict", "desc": "Kernel Pointer Restrictions", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}},
 		{"name": "fs.protected_fifos", "desc": "Protected fifos", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}},
 		{"name": "fs.protected_regular", "desc": "Protected regular", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}},
+		{"name": "kernel.perf_event_paranoid", "desc": "Performance events by normal users", "values": map[string]map[string]string{"-1": {"res": "Disabled", "color": "red"}, "0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}},
+		{"name": "dev.tty.ldisc_autoload", "desc": "Disbale Autoload TTY Line Disciplines", "values": map[string]map[string]string{"1": {"res": "Disabled", "color": "red"}, "0": {"res": "Enabled", "color": "green"}}},
+		{"name": "dev.tty.legacy_tiocsti", "desc": "Disbale Legacy TIOCSTI", "values": map[string]map[string]string{"1": {"res": "Disabled", "color": "red"}, "0": {"res": "Enabled", "color": "green"}}},
 	}
 
 	for _, s := range sysctlChecks {
diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go
@@ -5,7 +5,7 @@ import (
 )
 
 func PrintLogo() {
-	Red := color.New(color.FgHiRed, color.Bold)
+	Red := color.New(color.FgHiGreen, color.Bold)
 	asciiLogo := `
   _____ _    _ ______ _____ _  __ _____ ______ _____
  / ____| |  | |  ____/ ____| |/ // ____|  ____/ ____|

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@ import (`
`5`	`5`	`)`
`6`	`6`
`7`	`7`	`func PrintLogo() {`
`8`		`- Red := color.New(color.FgHiRed, color.Bold)`
	`8`	`+ Red := color.New(color.FgHiGreen, color.Bold)`
`9`	`9`	asciiLogo := `
`10`	`10`	`_____ _ _ ______ _____ _ __ _____ ______ _____`
`11`	`11`	`/ ____\| \| \| \| ____/ ____\| \|/ // ____\| ____/ ____\|`