!267 增加mysq空密码扫描基线项

Merge pull request !267 from a-alpha/alpha-dev
2023-07-20 02:36:49 +00:00 · 2023-07-20 02:36:49 +00:00 · a93f82e4bc
parent 4e31dc32c7 4209225ca6
commit a93f82e4bc
1 changed files with 95 additions and 0 deletions
--- a/data/BaseLine/AccountRisk/mysql/check_mysql_weak_password/check_mysql_weak_password.py
+++ b/data/BaseLine/AccountRisk/mysql/check_mysql_weak_password/check_mysql_weak_password.py
@ -0,0 +1,95 @@
+# [OK] 为验证通过
+# [WARNING] 为风险提示
+
+from asyncore import read
+import pymysql
+import os
+import sys
+
+arg_lang = ""
+
+################################
+# 常量
+
+# for get_env_lang()
+STR_GET_ENV_LANG_ZH     = "语言环境为中文"
+STR_GET_ENV_LANG_EN     = "语言环境为英文"
+STR_GET_ENV_LANG_UNKNOW = "语言环境未知"
+
+# for is_root()
+STR_IS_ROOT_TRUE  = "当前用户为root权限"
+STR_IS_ROOT_FALSE = "当前用户没有root权限"
+
+################################
+# 环境检查函数
+
+def get_env_lang():
+#    lang = os.getenv("LANG")
+#    if lang.startswith("zh"):
+#        return STR_GET_ENV_LANG_ZH
+#    elif lang.startswith("en"):
+#        return STR_GET_ENV_LANG_EN
+#    else:
+#        return STR_GET_ENV_LANG_UNKNOW
+#
+    if arg_lang == "zh":
+        return STR_GET_ENV_LANG_ZH
+    elif arg_lang == "en":
+        return STR_GET_ENV_LANG_EN
+    else:
+        return STR_GET_ENV_LANG_UNKNOW
+
+def is_root():
+    if os.geteuid() == 0:
+        print(STR_IS_ROOT_TRUE)
+        return True
+    else:
+        print(STR_IS_ROOT_FALSE)
+        return False
+
+################################
+# 辅助函数
+def l_print(zh_str, en_str) :
+    if STR_GET_ENV_LANG_ZH == get_env_lang() :
+        print(zh_str);
+    else :
+        print(en_str);
+
+################################
+# 功能函数
+
+# MySQL弱口令检查
+def check_mysql_weak_password(ip, port, username, password):
+    try:
+        conn = pymysql.connect(host=ip, port=int(port), user=username, passwd=password)
+        conn.close()
+
+        return False
+    except pymysql.err.OperationalError:
+
+        return True
+    except pymysql.err.InternalError:
+        return True
+    except Exception as e:
+        return True
+if __name__ == '__main__':
+    arg_lang = sys.argv[1]
+
+    ip="localhost"
+    port=3306
+    const=0
+    # 读取字典中的弱口令
+    # 路径为口令字典路径按实际需求修改
+    with open('../../../../../data/dic/weakPassword','r',encoding="utf-8-sig") as f :
+        for line in f:
+            password = line.strip()
+            password = password.encode('latin1','ignore')
+            re=check_mysql_weak_password(ip, port, "root", password.decode('latin1'))
+            if re == False :
+                const=1
+                l_print(f"[WARNING] 检测到MySQL弱密码: {ip}:{port}",
+                    f"[WARNING] MySQL weak password detected for {ip}:{port}")
+                break
+        if const==0 :
+            l_print(f"[OK] MySQL弱密码检查已通过: {ip}:{port}",
+                f"[OK] MySQL weak password check passed for {ip}:{port}")