From 201019f31b08fbb9461074368b31a920770b8ba9 Mon Sep 17 00:00:00 2001 From: Brian Davis Date: Sun, 30 Jun 2024 19:11:28 -0400 Subject: [PATCH] add additional sysctl checks = add additional sysctl checks = change color to green --- pkg/checksec/sysctl.go | 6 ++++++ pkg/utils/utils.go | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/checksec/sysctl.go b/pkg/checksec/sysctl.go index d3421a5..1641cec 100644 --- a/pkg/checksec/sysctl.go +++ b/pkg/checksec/sysctl.go @@ -16,9 +16,15 @@ func SysctlCheck() ([]interface{}, []interface{}) { {"name": "net.ipv4.conf.all.rp_filter", "desc": "Ipv4 reverse path filtering", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}}, {"name": "kernel.yama.ptrace_scope", "desc": "YAMA", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}}, {"name": "kernel.exec-shield", "desc": "Exec Shield", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}}, + {"name": "kernel.unprivileged_bpf_disabled", "desc": "Unprivileged BPF Disabled", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}}, {"name": "kernel.randomize_va_space", "desc": "Vanilla Kernel ASLR", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}}, + {"name": "kernel.dmesg_restrict", "desc": "Dmesg Restrictions", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Enabled", "color": "green"}}}, + {"name": "kernel.kptr_restrict", "desc": "Kernel Pointer Restrictions", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}}, {"name": "fs.protected_fifos", "desc": "Protected fifos", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}}, {"name": "fs.protected_regular", "desc": "Protected regular", "values": map[string]map[string]string{"0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}}, + {"name": "kernel.perf_event_paranoid", "desc": "Performance events by normal users", "values": map[string]map[string]string{"-1": {"res": "Disabled", "color": "red"}, "0": {"res": "Disabled", "color": "red"}, "1": {"res": "Partial", "color": "yellow"}, "2": {"res": "Enabled", "color": "green"}}}, + {"name": "dev.tty.ldisc_autoload", "desc": "Disbale Autoload TTY Line Disciplines", "values": map[string]map[string]string{"1": {"res": "Disabled", "color": "red"}, "0": {"res": "Enabled", "color": "green"}}}, + {"name": "dev.tty.legacy_tiocsti", "desc": "Disbale Legacy TIOCSTI", "values": map[string]map[string]string{"1": {"res": "Disabled", "color": "red"}, "0": {"res": "Enabled", "color": "green"}}}, } for _, s := range sysctlChecks { diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 582c8be..d014640 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -5,7 +5,7 @@ import ( ) func PrintLogo() { - Red := color.New(color.FgHiRed, color.Bold) + Red := color.New(color.FgHiGreen, color.Bold) asciiLogo := ` _____ _ _ ______ _____ _ __ _____ ______ _____ / ____| | | | ____/ ____| |/ // ____| ____/ ____|