almost there with exploit mitigation

5f120d9d · lwilms · fca270f6 · 5f120d9d · 5f120d9d
Commit 5f120d9d authored Jun 08, 2020 by lwilms
Hide whitespace changes
Inline Side-by-side

Showing with 55 additions and 11 deletions

main.tex pdf_generator/templates/new_template/main.tex +12 -11

template_engine.py pdf_generator/tex_generation/template_engine.py +43 -0

No files found.
--- a/pdf_generator/templates/new_template/main.tex
+++ b/pdf_generator/templates/new_template/main.tex
@@ -41,8 +41,9 @@
 \BLOCK{endif}
 }
-\skills{{}\BLOCK{for selected_summary in analysis['exploit_mitigations']['summary'] | sort},{\VAR{selected_summary | filter_chars }/\VAR{analysis['exploit_mitigations']['summary'][selected_summary]|elements_count *6/analysis['exploit_mitigations']['count']}}\BLOCK{endfor}
+\skills{\VAR{ analysis | call_for_mitigations}}
-}
+%#\skills{\BLOCK{for selected_summary in analysis['exploit_mitigations']['summary'] | sort},{\VAR{selected_summary | filter_chars }/\VAR{analysis['exploit_mitigations']['summary'][selected_summary]|elements_count *6/analysis['exploit_mitigations']['count']}}\BLOCK{endfor}}
 \makeprofile
 % ----------------------------------------------------------------------------------------------------------------------
@@ -102,15 +103,15 @@
 % ----------------------------------------------------------------------------------------------------------------------
 %  ELF ANALYSIS
 % ----------------------------------------------------------------------------------------------------------------------
-\BLOCK{if 'elf_analysis' in analysis}
+%\BLOCK{if 'elf_analysis' in analysis }
-	\section{ELF Analysis}
+%	\section{ELF Analysis}
+%
-	\begin{twentyshort}
+%	\begin{twentyshort}
-		\BLOCK{for ELF in analysis['elf_analysis']['summary'] | top_five(20)}
+%		\BLOCK{for ELF in analysis['elf_analysis']['summary'] | top_five(20)}
-		\twentyitemshort{\VAR{analysis['elf_analysis']['summary'][ELF] | elements_count}}{\VAR{ELF | filter_chars}}
+%		\twentyitemshort{\VAR{analysis['elf_analysis']['summary'][ELF] | elements_count}}{\VAR{ELF | filter_chars}}
-		\BLOCK{endfor}
+%		\BLOCK{endfor}
-	\end{twentyshort}
+%	\end{twentyshort}
-\BLOCK{endif}
+%\BLOCK{endif}
 % ----------------------------------------------------------------------------------------------------------------------
 %  IP & URI
 % ----------------------------------------------------------------------------------------------------------------------

--- a/pdf_generator/tex_generation/template_engine.py
+++ b/pdf_generator/tex_generation/template_engine.py
@@ -137,6 +137,48 @@ def get_five_longest_entries(summary, top=5):
    return sorted_summary
+def exploit_mitigation(summary):
+    summary = summary['exploit_mitigations']['summary']
+    max_count = count_mitigations(summary) * 6  # skillsbar is maxed out at 6
+    pie_num, canary_num, relro_num, nx_num, fortify_num = 0, 0, 0, 0, 0
+    for selected_summary in summary:
+        if 'PIE' in selected_summary and ('disabled' in selected_summary or 'invalid' in selected_summary):
+            pie_num += len(summary[selected_summary])
+        if 'RELRO' in selected_summary and 'disabled' in selected_summary:
+            relro_num += len(summary[selected_summary])
+        if 'CANARY' in selected_summary and 'disabled' in selected_summary:
+            canary_num += len(summary[selected_summary])
+        if 'NX' in selected_summary and 'disabled' in selected_summary:
+            nx_num += len(summary[selected_summary])
+        if 'FORTIFY' in selected_summary and 'disabled' in selected_summary:
+            fortify_num += len(summary[selected_summary])
+    return '{0}{2}/{3}{1},{0}{4}/{5}{1},{0}{6}/{7}{1},{0}{8}/{9}{1}'.format('{', '}', 'CANARY', canary_num / max_count,
+                                                                    'PIE', pie_num / max_count,
+                                                                    'RELRO', relro_num / max_count,
+                                                                    'NX', nx_num / max_count,
+                                                                    'FORTIFY_SOURCE', fortify_num / max_count)
+#  exp mitigation: PIE disabled + invalid
+#                  RELRO partially + fully
+def count_mitigations(summary):
+    for mitigation in ['Canary', 'NX', 'RELRO', 'PIE', 'FORTIFY']:
+        count = count_this_mitigation(summary, mitigation)
+        if count != 0:
+            return count
+    return count
+def count_this_mitigation(summary, mitigation):
+    count = 0
+    for selected_summary in summary:
+        if mitigation in selected_summary:
+            count += len(summary[selected_summary])
+    return count
 def _add_filters_to_jinja(environment):
    environment.filters['number_format'] = render_number_as_size
    environment.filters['nice_unix_time'] = render_unix_time
@@ -152,6 +194,7 @@ def _add_filters_to_jinja(environment):
    environment.filters['contains'] = item_contains_string
    environment.filters['top_five'] = get_five_longest_entries
    environment.filters['sort'] = sorted
+    environment.filters['call_for_mitigations'] = exploit_mitigation
 class TemplateEngine: