From 6dfd213f177d054ed6dcbef80f338d9baf264b4d Mon Sep 17 00:00:00 2001 From: Brandon Myers Date: Fri, 5 Oct 2018 18:05:46 -0400 Subject: [PATCH] Remove redundant backslach between brackets --- .flake8 | 1 - benchmarking/workers/json2Mozdef.py | 16 +++++----- mq/plugins/auditdFixup.py | 42 +++++++++++++------------- mq/plugins/ttl_auditd.py | 42 +++++++++++++------------- rest/index.py | 4 +-- tests/mq/plugins/test_vulnerability.py | 14 ++++----- 6 files changed, 59 insertions(+), 60 deletions(-) diff --git a/.flake8 b/.flake8 index dd5f90e6..ee64a0e7 100644 --- a/.flake8 +++ b/.flake8 @@ -33,7 +33,6 @@ ignore = E305 # expected 2 blank lines after class or function definition E402 # module level import not at top of file E501 # line too long - E502 # the backslash is redundant between brackets E711 # comparison to None should be 'if cond is not None E712 # comparison to True should be 'if cond is True E713 # test for membership should be 'not in' diff --git a/benchmarking/workers/json2Mozdef.py b/benchmarking/workers/json2Mozdef.py index e7a708ec..ec2251a4 100755 --- a/benchmarking/workers/json2Mozdef.py +++ b/benchmarking/workers/json2Mozdef.py @@ -74,14 +74,14 @@ if __name__ == '__main__': for i in range(0,10): print(i) - alog=dict(eventtime=pytz.timezone('UTC').localize(datetime.now()).isoformat(),\ - hostname=socket.gethostname(),\ - processid=os.getpid(),\ - processname=sys.argv[0],\ - severity='INFO',\ - summary='joe login failed',\ - category='authentication',\ - tags=[],\ + alog=dict(eventtime=pytz.timezone('UTC').localize(datetime.now()).isoformat(), + hostname=socket.gethostname(), + processid=os.getpid(), + processname=sys.argv[0], + severity='INFO', + summary='joe login failed', + category='authentication', + tags=[], details=[]) alog['details']=dict(success=True,username='mozdef') alog['tags']=['mozdef','stresstest'] diff --git a/mq/plugins/auditdFixup.py b/mq/plugins/auditdFixup.py index e7bac74b..28786626 100644 --- a/mq/plugins/auditdFixup.py +++ b/mq/plugins/auditdFixup.py @@ -35,16 +35,16 @@ class message(object): return(None, metadata) # rabbitmq - if ('details' in message \ - and 'parentprocess' in message['details'] \ - and message['details']['parentprocess'] == 'beam.smp' \ - and 'duser' in message['details'] \ - and message['details']['duser'] == 'rabbitmq' \ + if ('details' in message + and 'parentprocess' in message['details'] + and message['details']['parentprocess'] == 'beam.smp' + and 'duser' in message['details'] + and message['details']['duser'] == 'rabbitmq' and 'command' in message['details']) \ - and (message['details']['command'] == '/usr/lib64/erlang/erts-5.8.5/bin/epmd -daemon' \ - or message['details']['command'].startswith('inet_gethost 4') \ - or message['details']['command'].startswith('sh -c exec inet_gethost 4') \ - or message['details']['command'].startswith('/bin/sh -s unix:cmd') \ + and (message['details']['command'] == '/usr/lib64/erlang/erts-5.8.5/bin/epmd -daemon' + or message['details']['command'].startswith('inet_gethost 4') + or message['details']['command'].startswith('sh -c exec inet_gethost 4') + or message['details']['command'].startswith('/bin/sh -s unix:cmd') or message['details']['command'].startswith('sh -c exec /bin/sh -s unix:cmd')): return(None, metadata) @@ -59,24 +59,24 @@ class message(object): return(None, metadata) # chkconfig - if ('details' in message \ - and 'parentprocess' in message['details'] \ - and message['details']['parentprocess'] == 'chkconfig' \ - and 'suser' in message['details'] \ - and message['details']['suser'] == 'root' \ + if ('details' in message + and 'parentprocess' in message['details'] + and message['details']['parentprocess'] == 'chkconfig' + and 'suser' in message['details'] + and message['details']['suser'] == 'root' and 'command' in message['details']) \ - and (message['details']['command'].startswith('/sbin/runlevel') \ + and (message['details']['command'].startswith('/sbin/runlevel') or message['details']['command'].startswith('sh -c /sbin/runlevel')): return(None, metadata) # nagios - if ('details' in message \ - and 'duser' in message['details'] \ - and message['details']['duser'] == 'nagios' \ - and 'suser' in message['details'] \ - and message['details']['suser'] == 'root' \ + if ('details' in message + and 'duser' in message['details'] + and message['details']['duser'] == 'nagios' + and 'suser' in message['details'] + and message['details']['suser'] == 'root' and 'command' in message['details']) \ - and (message['details']['command'].startswith('/usr/lib64/nagios/plugins') \ + and (message['details']['command'].startswith('/usr/lib64/nagios/plugins') or message['details']['command'].startswith('sh -c /usr/lib64/nagios/plugins')): return(None, metadata) diff --git a/mq/plugins/ttl_auditd.py b/mq/plugins/ttl_auditd.py index bcd65552..a3f0b2ea 100644 --- a/mq/plugins/ttl_auditd.py +++ b/mq/plugins/ttl_auditd.py @@ -28,16 +28,16 @@ class message(object): message['_ttl'] = '3d' # rabbitmq -> 3d - if ('details' in message \ - and 'parentprocess' in message['details'] \ - and message['details']['parentprocess'] == 'beam.smp' \ - and 'duser' in message['details'] \ - and message['details']['duser'] == 'rabbitmq' \ + if ('details' in message + and 'parentprocess' in message['details'] + and message['details']['parentprocess'] == 'beam.smp' + and 'duser' in message['details'] + and message['details']['duser'] == 'rabbitmq' and 'command' in message['details']) \ - and (message['details']['command'] == '/usr/lib64/erlang/erts-5.8.5/bin/epmd -daemon' \ - or message['details']['command'].startswith('inet_gethost 4') \ - or message['details']['command'].startswith('sh -c exec inet_gethost 4') \ - or message['details']['command'].startswith('/bin/sh -s unix:cmd') \ + and (message['details']['command'] == '/usr/lib64/erlang/erts-5.8.5/bin/epmd -daemon' + or message['details']['command'].startswith('inet_gethost 4') + or message['details']['command'].startswith('sh -c exec inet_gethost 4') + or message['details']['command'].startswith('/bin/sh -s unix:cmd') or message['details']['command'].startswith('sh -c exec /bin/sh -s unix:cmd')): message['_ttl'] = '3d' @@ -52,24 +52,24 @@ class message(object): message['_ttl'] = '3d' # chkconfig -> 3d - if ('details' in message \ - and 'parentprocess' in message['details'] \ - and message['details']['parentprocess'] == 'chkconfig' \ - and 'suser' in message['details'] \ - and message['details']['suser'] == 'root' \ + if ('details' in message + and 'parentprocess' in message['details'] + and message['details']['parentprocess'] == 'chkconfig' + and 'suser' in message['details'] + and message['details']['suser'] == 'root' and 'command' in message['details']) \ - and (message['details']['command'].startswith('/sbin/runlevel') \ + and (message['details']['command'].startswith('/sbin/runlevel') or message['details']['command'].startswith('sh -c /sbin/runlevel')): message['_ttl'] = '3d' # nagios -> 3d - if ('details' in message \ - and 'duser' in message['details'] \ - and message['details']['duser'] == 'nagios' \ - and 'suser' in message['details'] \ - and message['details']['suser'] == 'root' \ + if ('details' in message + and 'duser' in message['details'] + and message['details']['duser'] == 'nagios' + and 'suser' in message['details'] + and message['details']['suser'] == 'root' and 'command' in message['details']) \ - and (message['details']['command'].startswith('/usr/lib64/nagios/plugins') \ + and (message['details']['command'].startswith('/usr/lib64/nagios/plugins') or message['details']['command'].startswith('sh -c /usr/lib64/nagios/plugins')): message['_ttl'] = '3d' diff --git a/rest/index.py b/rest/index.py index 73640fc0..c831ef78 100644 --- a/rest/index.py +++ b/rest/index.py @@ -315,7 +315,7 @@ def createIncident(): except KeyError: response.status = 500 response.body = json.dumps(dict(status='failed', - error='Missing required keys'\ + error='Missing required keys' '(summary, phase, creator)')) return response @@ -354,7 +354,7 @@ def createIncident(): if False in dates: response.status = 500 response.body = json.dumps(dict(status='failed', - error='Wrong format of date. Please '\ + error='Wrong format of date. Please ' 'use yyyy-mm-dd hh:mm am/pm')) return response diff --git a/tests/mq/plugins/test_vulnerability.py b/tests/mq/plugins/test_vulnerability.py index 73fd0dc2..494d4d65 100644 --- a/tests/mq/plugins/test_vulnerability.py +++ b/tests/mq/plugins/test_vulnerability.py @@ -72,13 +72,13 @@ class TestVulnerabilityMessageV2(): 'kernel-firmware-2.6.32-642.4.2.el6', 'kernel-headers-2.6.32-642.4.2.el6' ], - 'output': '\nRemote package installed : kernel-2.6.32-642.4.2.el6\n' + \ - 'Should be : kernel-2.6.32-642.6.1.el6\n\n' + \ - 'Remote package installed : kernel-devel-2.6.32-642.4.2.el6\n' + \ - 'Should be : kernel-devel-2.6.32-642.6.1.el6\n' + \ - '\nRemote package installed : kernel-firmware-2.6.32-642.4.2.el6\n' + \ - 'Should be : kernel-firmware-2.6.32-642.6.1.el6\n\n' + \ - 'Remote package installed : kernel-headers-2.6.32-642.4.2.el6\n' + \ + 'output': '\nRemote package installed : kernel-2.6.32-642.4.2.el6\n' + + 'Should be : kernel-2.6.32-642.6.1.el6\n\n' + + 'Remote package installed : kernel-devel-2.6.32-642.4.2.el6\n' + + 'Should be : kernel-devel-2.6.32-642.6.1.el6\n' + + '\nRemote package installed : kernel-firmware-2.6.32-642.4.2.el6\n' + + 'Should be : kernel-firmware-2.6.32-642.6.1.el6\n\n' + + 'Remote package installed : kernel-headers-2.6.32-642.4.2.el6\n' + 'Should be : kernel-headers-2.6.32-642.6.1.el6\n\n', 'cve': 'CVE-2016-4470', 'cvss': 7.2,