elysium-suite / aeacus Goto Github PK

In misc/dev/CSSClient You do not have a shebang at the top, which causes the service to fail to start.

With the new aeacus binary, although the scoring works before release, when I use sudo ./aeacus --verbose release, all of the scoring doesn't work at all.

Hello, Can anyone tell me why or how i am getting this error message (its scoring feedback)? I am using Aeacus 2.0.3
panic: runtime error: slice bounds out of range [-3:]

goroutine 1 [running]:
main.runCheck({{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, ...})
/home/mob/GolandProjects/aeacus/checks.go:106 +0x7b3
main.checkPass(...)
/home/mob/GolandProjects/aeacus/score.go:270
main.scoreCheck({{0xc00004e630, 0x8c}, 0x3, {0x0, 0x0, 0x0}, {0xc0002d38c0, 0x2, 0x2}, {0x0, ...}})
/home/mob/GolandProjects/aeacus/score.go:217 +0x545
main.scoreChecks()
/home/mob/GolandProjects/aeacus/score.go:194 +0x13d
main.scoreImage()
/home/mob/GolandProjects/aeacus/score.go:115 +0x9f
main.main.func3(0xc000076000?)
/home/mob/GolandProjects/aeacus/aeacus.go:72 +0x25
github.com/urfave/cli/v2.(*Command).Run(0xc000076000, 0xc0000584c0)
/home/mob/go/pkg/mod/github.com/urfave/cli/[email protected]/command.go:173 +0x6ca
github.com/urfave/cli/v2.(*App).RunContext(0xc000072000, {0xc15c18?, 0xc00009a0a0}, {0xc0000c8000, 0x3, 0x4})
/home/mob/go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:384 +0xfde
github.com/urfave/cli/v2.(*App).Run(...)
/home/mob/go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:253
main.main()
/home/mob/GolandProjects/aeacus/aeacus.go:163 +0xd3f

I was looking at the list of commands for scoring and I was unsure of how best to score whether smart screen is turned on. I think it is possible to score through the registry but I think that requires editing and creating keys beforehand. Smart screen if enabled or disabled through the windows settings menu does not make, change or create the keys in my image. I know that these settings can be changed through group policy and that would be my preferred way to teach it and score it. Im just not sure what the best way to do this is. - Thanks for your time

When a service is stopped systemctl is-active prints out inactive which still contains the word active causing the scoring engine to believe the service is still running

Allow for ReadMe.conf to be also spelled as readme.conf or README.conf or whatever you please
(I'll add this feature in I just needed a reminder)

okay so for one reason or another PasswordChanged on Windows will not parse the time anymore... I added debug lines and that's clearly the problem but that is all I know right now.

All .desktop files have an absolute path to Firefox, which can vary based on how it was installed (via Snap, etc.) We should instead just replace this with firefox or something else if a better solution exists.

Capitalize ALL functions to export them

I do not know what distros this check works on, but I know for a fact that it does not work on Debian 10. Personally, I feel this check should either be removed; however, the check could be massively reworked to look for the APT::Periodic::Update-Package-Lists( |)"1"; in many places, instead of just the one file.

Since 2018 Gnome 3 has prevented desktop icons. https://gitlab.gnome.org/GNOME/nautilus/-/issues/158#problems-with-the-current-implementation

Is there a way to include a workaround with aeacus?

Enabling Virus & Threat protection on a Windows machine attacks the scoring system (deleting phocus.exe, and the related service)

I've observed this happening after running aeacus.exe release

When using the ProgramVersion function on Ubuntu 20.04, I never get points even when the version is correct. It seems like a CommandOutput() error, but I'm not really sure.

We are in dire need of testing for most functions, specifically crypto and check stuff. Any contributions towards testing will be greatly appreciated.

When using PermissionIs type on Windows, the check passes, but when scoring, it says that the type does not exist.

[FAIL] Check type does not exist: PermissionIs (reflect: call of reflect.Value.Call on zero Value)

config file:
	[[check.pass]]
	type = 'PermissionIsNot'
	path = 'C:\test'
	name = 'Everyone'
	value = "Write"

After running sudo ./aeceus release, the automatically created desktop shortcuts are untrusted.

Machine specs

> uname -a
Linux bombe 6.2.0-32-generic #32~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug 18 10:40:13 UTC 2 x86_64 x86_64 x_86_64 GNU/Linux

After Clicking to try and open

While working with various SecurityPolicy functions, I noticed that MaximumPasswordAge and MinimumPasswordAge are set up weird.
If my check is set to "90", a value of "42" will work for MaximumPasswordAge. This would not be an acceptable Maximum Password Age in the real world. A value of "91", however, would not work for MaximumPasswordAge, even though that would be an acceptable Maximum Password Age in the real world.
Since I didn't make this check, I don't want to change stuff without input, but what would be the best way to go about making this check better?

Instead of creating new functions, structs should all implement a Score() method. This way, they can be grouped into an interface to remove that switch-case for each check type. In order to achieve this automatically while deserializing, we can use a custom unmarshal method that looks like something I wrote for another project, it looks like this:

func (w *WidgetBase) UnmarshalText(text []byte) error {
    var widgetType struct {
        Type string
    }

    if err := toml.Unmarshal(text, &widgetType); err != nil {
        return err
    }

    fn, ok := WidgetTypes[widgetType.Type]
    if !ok {
        return errors.New("Invalid widget type: " + widgetType.Type)
    }
    widgetStruct := fn()

    if err := toml.Unmarshal(text, &widgetStruct); err != nil {
        return err
    }

    w.Widget = widgetStruct
    return nil
}

Where WidgetTypes is a map from strings to functions that return pointers to initialized structs. This forces toml.Unmarshal to deserialize into that struct. The only drawback of this is that as soon as this is returned from the unmarshaler, it becomes the interface type, stripping it of its identifiable fields. Not sure how to address this; open to ideas.

Hello, I wrote some (opinionated) VSCode snippets to make writing Aeacus configuration slightly easier:
https://gist.github.com/safinsingh/835a2ec96bf272dac908e7cbbf55e281

Would this be better placed in a separate resources repository or should we look into adding this to the main aeacus repository?

The TeamID prompt isn't writing to /opt/aeacus/TeamID.txt correctly

We need to be able to score one finding using multiple sources. To be able to do this a more advanced logic than just Pass/Pass Override/Fail is necessary.
For example, to be able to score PAM configs there could be a file that exists in the directory that isn't parsed, so directory contains isn't sufficient, but password management could be handled by several different files. So you'd need to test if a file exists and the file contains a certain string three or four times in a single scored point.

So for 3 different files in the pam directory you'd need (A & B) or (C & D) or (D & E) would be sufficient for scoring points.

For users without any password, how would you check if one was applied for Windows?
I tried using PasswordChanged with arg2=' ' and that didn't work for me, are there any other ways to do this?

Attach correct imports and prefixes to each file.
Will we be using . imports? They're not recommended by go-lint. Pinging @sourque for input.

Receiving the following error on a fresh install:

[WARN] TeamID.txt does not exist! This image is local only, so we will continue.
[FAIL] Sending notification failed. Is the user in the configuration correct, and are they logged in to a desktop environment?

There's a couple productivity tools we could add like goreleaser and golangci-lint. We should also dockerize our local CI testing to make it available to people who don't have go installed (as in just wrap golangci-lint, goreleaser, build, testing, etc in a Dockerfile). This way, we can allow others to simulate our CI without having to actually install the tooling for an open-source contribution.

Checking for the INVOCATION_ID env var stops systemd from running phocus on Ubuntu 16

https://github.com/sourque/aeacus/blob/40eaa1f7efafbee2f72667187c56f9f5ec779782/src/phocus_linux.go#L36-L40

Following your directions, I tried to compile the latest version myself. I installed go and garble using the command go get mvdan.cc/garble.
When running make win, I got this error:
'make' is not recognized as an internal or external command, operable program or batch file.
What did I do wrong?

If I wanted to check to see if a person installed a newer version, of lets say notepad++, and use this image in the future. How can I score based off of a version + ? for example: the image has version 7.1, the newest version is 7.9 and lets say I always want it to score versions 7.9 and up, so I don't have to change it to the currently up-to-date version before I give someone else the image?

After setting up Active Directory on a Windows Server 2019 instance it was found that the UserRights check would not work. Namely the checks on SeRemoteShutdownPrivilege and SeEnableDelegationPrivilege. My speculation is that group policy management is altered when changing to active directory. Here's the lines in the scoring.conf:

[[check]]
message = "Authenticated Users may not remotely shutdown the system"
points = 2
[[check.pass]]
type='UserRightsNot'
arg1='everyone'
arg2='SeEnableDelegationPrivilege'

[[check]]
message = "Everyone may not enable computer and user accounts to be trusted for delegation"
points = 2
[[check.pass]]
type='UserRightsNot'
arg1='everyone'
arg2='SeEnableDelegationPrivilege'

We need to separate the current master module into subpackages as our current cmd directory is cluttered at the moment. We'll need to split into a couple separate modules; scoring, crypto, checks, etc. This'll be much easier to maintain in the long run. The only issue we're having with this right now is that we end up recursively importing these modules due to the current cluttered design. A rewrite would force us to think with the module mindset from the beginning. Also, on a side note, the current toml package we're using is really outdated (compatible with the spec at v0.4.0). We should consider switching to https://github.com/pelletier/go-toml. Another thing I'm still iffy about is the split between phocus and aeacus with build tagging; this would be a lot easier if we had a common library that they could both draw functions from (ideally this would be in a separate repository). Then, we'd just set up a directory structure in the aeacus repo like so:

~
+-- cmd // command line parsing/execution
    +-- aeacus
        +-- aeacus.go
        +-- aeacus_test.go
    +-- phocus
        +-- phocus.go
        +-- phocus_test.go
+-- pkg // only if ABSOLUTELY necessary, helper functions for aeacus/phocus
    +-- aeacus
        +-- aeacus.go
        +-- aeacus_test.go
    +-- phocus
        +-- phocus.go
        +-- phocus_test.go

This results in a way more idiomatic and maintainable structure, preserving our current root executors.

Aeacus Version="v1.8.3"
Linux Kernel="5.11.0-38-Generic"
Ubuntu Version="Ubuntu 20.04.3 LTS"

I was just poking around with the engine and trying to run ./aeacus configure return:
[Warn] This is not implement on linux

I have a valid scoring.conf and a valid TeamID

Determine (and uncapitalize) all internal functions

I dont see an option for User must change password at next logon on the Windows User Properties page Is this a viable option? Also for User cannot change password?

Thanks for your time,

How would I go about a check to see if Remote Desktop Sharing is on/off?

This is a Windows question as much as it is a aeacus question, I realize this.
Would it be possible to check for a change when the on/off switch is turned, or do I just have to score based on the services for RDP being disabled?

It's okay if it's the latter, however, the former would be much preferred.

Doing DirContainsRegex in a directory may take a long time to execute if there are large binaries within. Consider checking file size before attempting the regex OR checking if the file is not a binary

After creating the scoring config file and verifying the validity of the file through ./aeacus --verbose check, executing the command ./aeacus --verbose score scores the vulnerabilities and passes yet no scoring report is created inside the assets folder. Instead, this code is displayed.

[FAIL] Error decoding TOML: toml: line 190 (last key "check.passoverride.path"): invalid escape in string '\P'

Finalize and clean up modules specifications (version, tagging, etc)

As of #138, the ReadMe.conf file can have the names {readme,ReadMe,README}.conf. This causes an issue during release because aeacus currently assumes that the file is named ReadMe.conf (see: https://github.com/elysium-suite/aeacus/blob/master/release_linux.go#L65).

I am just now finding this program and I have noticed it does not work on Windows 10 x64. Is there anyway to fix this or is there nothing i can do. I would also like to help with this project even though I have little coding knowledge, especially on making the gui version