plugin users&pws: ported to new base class #1241
Conversation
| def generate_unix_entry(entry: bytes) -> dict: | ||
| class CredentialResult(pydantic.BaseModel): | ||
| username: str = Field(description='The username.') | ||
| full_entry: str = Field(description='The full entry in unparsed form.') |
There was a problem hiding this comment.
What is a "full_entry" supposed to be? I do not understand the description.
There was a problem hiding this comment.
"full_entry" is a full, unparsed entry, e.g.
admin:$5$Mqs9JzinZfyjSMNR$M7DWqlMjKmOHwfzXnts89eQImN2QNDATeN/Z/BX0Jb.:12332:0:99999:7:::
or if it doesn't contain a pw hash:
admin:*:12332:0:99999:7:::
This can be interesting if something went wrong (or sees to have gone wrong) during parsing or if the result is empty (because there is no hash)
src/plugins/analysis/users_and_passwords/code/password_file_analyzer.py
Outdated
Show resolved
Hide resolved
src/plugins/analysis/users_and_passwords/code/password_file_analyzer.py
Outdated
Show resolved
Hide resolved
| for regex_list, entry_gen_function in [ | ||
| (UNIX_REGEXES, generate_unix_entry), | ||
| (HTPASSWD_REGEXES, generate_htpasswd_entry), | ||
| (MOSQUITTO_REGEXES, generate_mosquitto_entry), | ||
| ]: | ||
| credentials.extend(find_password_entries(file_contents, regex_list, entry_gen_function)) |
There was a problem hiding this comment.
I personally find this less readable than not using a for loop. Also not using a for-loop is three lines less.
There was a problem hiding this comment.
The find_password_entries was also ugly and kinda useless, since it had only one line. I refactored it in a way that made more sense to me
| class Schema(pydantic.BaseModel): | ||
| credentials: List[CredentialResult] = Field(description='The list of found credentials.') |
There was a problem hiding this comment.
I'd propose a different schema:
class Schema(pydantic.BaseMode):
unix: list[CreadentialResult]
httpd: list[CredentialResult]
mosquito: list[CredentialResult]The class CrednetialResult would not have the type field anymore.
This way we could delete the _group_user_and_pw_results function and the schema would be more expressive imo.
There was a problem hiding this comment.
Changing the schema in this way also has disadvantages (like making it more complicated to add more password types or making it more complicated to iterate through all found pw entries) but I changed it (minus the typos 😅)
There was a problem hiding this comment.
I kept the type field, though, because without it, summary generation becomes unnecessarily ugly.
jstucke
force-pushed
the
users-pw-pluginV1
branch
2 times, most recently
from
2685c6b to
4d63d30
Compare
jstucke
force-pushed
the
users-pw-pluginV1
branch
from
4d63d30 to
fb47e99
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #1241 +/- ##
==========================================
- Coverage 91.96% 91.84% -0.12%
==========================================
Files 377 378 +1
Lines 22360 20929 -1431
==========================================
- Hits 20564 19223 -1341
+ Misses 1796 1706 -90 ☔ View full report in Codecov by Sentry. |
jstucke
force-pushed
the
users-pw-pluginV1
branch
from
fb47e99 to
20b2e15
Compare
No description provided.