-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #110 from VeriDevOps/Auditpol
Implemented a new way of checking the bunch of STIGs of AuditPolicy g…
- Loading branch information
Showing
13 changed files
with
315 additions
and
94 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| auditpol /get /subcategory:"%guid%" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| auditpol /set /subcategory:"%task%" /%parameter%:%value% |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
64 changes: 64 additions & 0 deletions
64
src/main/java/rqcode/stigs/win10_new/AuditPolicy/AuditPolMain.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,64 @@ | ||
|
|
||
|
|
||
| import java.io.File; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.nio.file.Files; | ||
| import java.nio.file.Paths; | ||
| import java.util.Properties; | ||
|
|
||
| /* | ||
| We are preparing three files: | ||
| * exec.txt: This is a simple template of a PowerShell script for setting values. | ||
| * check.txt: This is a template of a PowerShell script for obtaining values. | ||
| * tasks.properties: This file is used for mapping task numbers (e.g., V-63447) to their corresponding GUID (e.g., {0000-0000-000-0001}). Additionally, we store additional fields for the parameter and value of each task in this file. | ||
| How it works: | ||
| * The task name is provided as a command-line argument when running the JAR file. For example, when running the JAR, you simply specify the task name (java -jar jarname.jar V-63447). | ||
| * | ||
| * Next, we read the tasks.properties file and check if the desired task exists. If it doesn't exist, we throw an exception. | ||
| * The next step is to read the check.txt file, as it's a template that needs to be filled with real values. We have already obtained the real values from tasks.properties. | ||
| * After substituting these values, we have a command ready to be executed. | ||
| */ | ||
|
|
||
|
|
||
| public class AuditPolMain { | ||
|
|
||
| public static void main(String[] args) throws IOException { | ||
| String taskName = args[0]; | ||
|
|
||
| try (InputStream input = AuditPolMain.class.getClassLoader().getResourceAsStream("tasks.properties")) { | ||
|
|
||
| Properties properties = new Properties(); | ||
|
|
||
| if (input == null) { | ||
| throw new IllegalArgumentException("file tasks.properties is not found"); | ||
| } | ||
|
|
||
| //load a properties file from class path, inside static method | ||
| properties.load(input); | ||
|
|
||
| String guid = (String) properties.get(taskName); | ||
| String parameter = (String)properties.get(taskName + ".param"); | ||
| String value = (String)properties.get(taskName + ".value"); | ||
| if(guid == null || parameter == null || value == null) | ||
| throw new IllegalArgumentException(String.format("Task number %s not found!", taskName)); | ||
|
|
||
|
|
||
| byte[] bytes = Files.readAllBytes(Paths.get("ExternalFiles" + File.separator + "check.txt")); | ||
| String exec = new String(bytes); | ||
| exec = exec.replaceAll("%task%", guid); | ||
| exec = exec.replaceAll("%guid%", guid); | ||
| exec = exec.replaceAll("%parameter%", parameter); | ||
| exec = exec.replaceAll("%value%", value); | ||
| System.out.println(exec); | ||
| //Process execResult = Runtime.getRuntime().exec(exec); | ||
|
|
||
| } catch (IOException ex) { | ||
| ex.printStackTrace(); | ||
| } | ||
|
|
||
| } | ||
|
|
||
| } | ||
|
|
72 changes: 72 additions & 0 deletions
72
src/main/java/rqcode/stigs/win10_new/AuditPolicy/stigs/StigClassGenerator.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| import java.io.BufferedReader; | ||
| import java.io.File; | ||
| import java.io.FileReader; | ||
| import java.io.FileWriter; | ||
| import java.io.IOException; | ||
| import java.util.ArrayList; | ||
| import java.util.List; | ||
|
|
||
| public class StigClassGenerator { | ||
| public static void main(String[] args) { | ||
| String fileName = "src/main/java/rqcode/stigs/win10_new/AuditPolicy/stigs/stig_input.txt"; | ||
| String outputDirectory = "rqcode/stigs/win10_new/AuditPolicy/stigs/outputs"; | ||
| List<StigInfo> stigInfoList = new ArrayList<>(); | ||
|
|
||
| try (BufferedReader br = new BufferedReader(new FileReader(fileName))) { | ||
| String line; | ||
| while ((line = br.readLine()) != null) { | ||
| String[] parts = line.split("\\s"); // Split by spaces | ||
| if (parts.length == 3) { | ||
| String stig = parts[0]; | ||
| String checkValue = parts[1]; | ||
| String guid = parts[2]; | ||
| stigInfoList.add(new StigInfo(stig, checkValue, guid)); | ||
| } else { | ||
| System.err.println("Invalid line: " + line); | ||
| } | ||
| } | ||
| } catch (IOException e) { | ||
| e.printStackTrace(); | ||
| } | ||
|
|
||
| // Generate StigTemplate classes based on stigInfoList | ||
| for (StigInfo stigInfo : stigInfoList) { | ||
| String className = "V_" + stigInfo.getStig(); | ||
| String filePath = outputDirectory + "/" + className + ".java"; | ||
|
|
||
| try (FileWriter writer = new FileWriter(new File(filePath))) { | ||
| writer.write("public class " + className + " extends StigTemplate {\n"); | ||
| writer.write("\tpublic " + className + "() {\n"); | ||
| writer.write("\t\tsuper(\"" + stigInfo.getGuid() + "\", \"" + stigInfo.getCheckValue() + "\");\n"); | ||
| writer.write("\t}\n"); | ||
| writer.write("}\n"); | ||
| } catch (IOException e) { | ||
| e.printStackTrace(); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| static class StigInfo { | ||
| private String stig; | ||
| private String checkValue; | ||
| private String guid; | ||
|
|
||
| public StigInfo(String stig, String checkValue, String guid) { | ||
| this.stig = stig; | ||
| this.checkValue = checkValue; | ||
| this.guid = guid; | ||
| } | ||
|
|
||
| public String getStig() { | ||
| return stig; | ||
| } | ||
|
|
||
| public String getCheckValue() { | ||
| return checkValue; | ||
| } | ||
|
|
||
| public String getGuid() { | ||
| return guid; | ||
| } | ||
| } | ||
| } |
28 changes: 28 additions & 0 deletions
28
src/main/java/rqcode/stigs/win10_new/AuditPolicy/stigs/StigFileParser.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| import java.io.BufferedReader; | ||
| import java.io.FileReader; | ||
| import java.io.IOException; | ||
|
|
||
| public class StigFileParser { | ||
| public static void main(String[] args) { | ||
| String fileName = "stig_input.txt"; // Change this to your file's path if needed | ||
| try (BufferedReader br = new BufferedReader(new FileReader(fileName))) { // Added closing parenthesis | ||
| String line; | ||
| while ((line = br.readLine()) != null) { | ||
| String[] parts = line.split("\\s"); // Split by spaces | ||
| if (parts.length == 3) { | ||
| String stig = parts[0]; | ||
| String parameter = parts[1]; | ||
| String guid = parts[2]; | ||
| System.out.println("STIG: " + stig); | ||
| System.out.println("Parameter: " + parameter); | ||
| System.out.println("GUID: " + guid); | ||
| System.out.println(); // Separate records | ||
| } else { | ||
| System.err.println("Invalid line: " + line); | ||
| } | ||
| } | ||
| } catch (IOException e) { | ||
| e.printStackTrace(); | ||
| } | ||
| } | ||
| } |
28 changes: 28 additions & 0 deletions
28
src/main/java/rqcode/stigs/win10_new/AuditPolicy/stigs/StigTemplate.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| package rqcode.stigs.win10_new.AuditPolicy.stigs; | ||
|
|
||
| import rqcode.stigs.win10_new.AuditPolicy.AuditPolicyConst; | ||
| import rqcode.stigs.win10_new.AuditPolicy.AuditPolicyPattern; | ||
| import rqcode.stigs.win10_new.AuditPolicy.AuditPolicyScriptPattern; | ||
| import rqcode.stigs.win10_new.patterns.STIGScriptPattern; | ||
|
|
||
| import java.util.Map; | ||
|
|
||
| public class StigTemplate extends AuditPolicyPattern { | ||
| private final STIGScriptPattern policyScriptPattern; | ||
|
|
||
| public StigTemplate(String guid, String checkValue) { | ||
| policyScriptPattern = new AuditPolicyScriptPattern( | ||
| AuditPolicyConst.AUDIT_POLICY_SCRIPT_PATTERN_CHECK, AuditPolicyConst.AUDIT_POLICY_SCRIPT_PATTERN_ENFORCE, | ||
| Map.of( | ||
| "guid", guid, | ||
| "checkValue", checkValue | ||
| ), | ||
| Map.of( | ||
| "guid", guid, | ||
| "checkValue", checkValue, | ||
| "value", "enable" | ||
| ) | ||
| ); | ||
| pattern = this.policyScriptPattern; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
34 changes: 34 additions & 0 deletions
34
src/main/java/rqcode/stigs/win10_new/AuditPolicy/stigs/stig_input.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| V-63435 Success {0CCE923F-69AE-11D9-BED3-505054503030} | ||
| V-71761 Success {0CCE9231-69AE-11D9-BED3-505054503030} | ||
| V-63487 Success {0CCE9228-69AE-11D9-BED3-505054503030} | ||
| V-63481 Success {0CCE9230-69AE-11D9-BED3-505054503030} | ||
| V-63483 Failure {0CCE9228-69AE-11D9-BED3-505054503030} | ||
| V-63467 Success {0CCE9216-69AE-11D9-BED3-505054503030} | ||
| V-63463 Failure {0CCE9215-69AE-11D9-BED3-505054503030} | ||
| V-63469 Success {0CCE921B-69AE-11D9-BED3-505054503030} | ||
| V-63499 Success {0CCE9214-69AE-11D9-BED3-505054503030} | ||
| V-63491 Failure {0CCE9213-69AE-11D9-BED3-505054503030} | ||
| V-63495 Success {0CCE9213-69AE-11D9-BED3-505054503030} | ||
| V-63475 Failure {0CCE922F-69AE-11D9-BED3-505054503030} | ||
| V-63471 Failure {0CCE9245-69AE-11D9-BED3-505054503030} | ||
| V-63473 Success {0CCE9245-69AE-11D9-BED3-505054503030} | ||
| V-63479 Success {0CCE922F-69AE-11D9-BED3-505054503030} | ||
| V-63441 Success {0CCE923A-69AE-11D9-BED3-505054503030} | ||
| V-63445 Success {0CCE9237-69AE-11D9-BED3-505054503030} | ||
| V-63447 Failure {0CCE9235-69AE-11D9-BED3-505054503030} | ||
| V-63449 Success {0CCE9235-69AE-11D9-BED3-505054503030} | ||
| V-63515 Failure {0CCE9212-69AE-11D9-BED3-505054503030} | ||
| V-63513 Success {0CCE9211-69AE-11D9-BED3-505054503030} | ||
| V-63459 Success {0CCE921C-69AE-11D9-BED3-505054503030} | ||
| V-63457 Success {0CCE9249-69AE-11D9-BED3-505054503030} | ||
| V-63455 Success {0CCE9217-69AE-11D9-BED3-505054503030} | ||
| V-71759 Failure {0CCE9217-69AE-11D9-BED3-505054503030} | ||
| V-63507 Success {0CCE9210-69AE-11D9-BED3-505054503030} | ||
| V-63503 Failure {0CCE9214-69AE-11D9-BED3-505054503030} | ||
| V-63453 Success {0CCE922B-69AE-11D9-BED3-505054503030} | ||
| V-74721 Success {0CCE9224-69AE-11D9-BED3-505054503030} | ||
| V-63431 Failure {0CCE923F-69AE-11D9-BED3-505054503030} | ||
| V-74411 Success {0CCE9227-69AE-11D9-BED3-505054503030} | ||
| V-74409 Failure {0CCE9227-69AE-11D9-BED3-505054503030} | ||
| V-75027 Failure {0CCE9224-69AE-11D9-BED3-505054503030} | ||
| V-63517 Success {0CCE9212-69AE-11D9-BED3-505054503030} |
Oops, something went wrong.
c1f4ffbThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agree