@@ -68,121 +68,6 @@ check_dep_port()
6868 fi
6969}
7070
71- check_docker_env () {
72- TOOL_NAME=" MongoDB"
73- print_output " " " ${TOOL_NAME} " " - \\ c" " no_log"
74- if ! grep -q " bindIp: ${MONGODB_HOST} " ; then
75- echo -e " ${RED} " " not ok" " ${NC} "
76- echo -e " ${RED} " " Wrong " " mongodb config" " - check your installation" " ${NC} "
77- echo -e " ${RED} " " RE-run installation - bindIp should be set to ${MONGODB_HOST} " " ${NC} "
78- DEP_ERROR=1
79- else
80- echo -e " ${GREEN} " " ok" " ${NC} "
81- fi
82- TOOL_NAME=" Docker Interface"
83- print_output " " " ${TOOL_NAME} " " -" " ${RED} " " \\ c" " no_log"
84- if ! ip a show emba_runs | grep -q " ${MONGODB_HOST} " ; then
85- echo -e " ${RED} " " Missing " " Docker-Interface" " - check your installation" " ${NC} "
86- if [[ " ${WSL} " -eq 1 ]]; then
87- echo -e " ${RED} " " Is dockerd running (e.g., sudo dockerd --iptables=false &)" " ${NC} "
88- DEP_ERROR=1
89- else
90- if [[ " ${EUID} " -eq 0 ]]; then
91- echo -e " ${ORANGE} " " Trying to auto-maintain the docker interface ..." " ${NC} "
92- systemctl restart NetworkManager docker
93- fi
94- if ! ip a show emba_runs | grep -q " ${MONGODB_HOST} " ; then
95- echo -e " ${RED} " " Use \$ systemctl restart NetworkManager docker or reset the docker interface manually (\$ docker network rm emba_runs)" " ${NC} "
96- DEP_ERROR=1
97- else
98- print_output " " " ${TOOL_NAME} " " -" " ${RED} " " \\ c" " no_log"
99- echo -e " ${GREEN} " " ok" " ${NC} "
100- fi
101- fi
102- else
103- echo -e " ${GREEN} " " ok" " ${NC} "
104- fi
105- }
106-
107- check_nw_interface () {
108- if ! ip a show emba_runs | grep -q " ${MONGODB_HOST} " ; then
109- echo -e " ${RED} " " Network interface not available" " - trying to restart now" " ${NC} "
110- systemctl restart NetworkManager docker
111- echo -e " ${GREEN} " " docker-networks restarted" " ${NC} "
112- fi
113- }
114-
115- check_cve_search () {
116- # CVE_STATUS_PRINT is used to disable the printing of the regular status check
117- # this was confusing for EMBA users
118- CVE_STATUS_PRINT=" ${1:- 0} "
119-
120- if [[ " ${JUMP_OVER_CVESEARCH_CHECK} " -eq 1 ]] ; then
121- # no cve check -> just return and enforce CVE_SEARCH
122- export CVE_SEARCH=1
123- return
124- fi
125- TOOL_NAME=" cve-search"
126- if [[ " ${CVE_STATUS_PRINT} " -eq 1 ]]; then
127- print_output " " " ${TOOL_NAME} " " - testing" " no_log"
128- fi
129- local CVE_SEARCH_=0 # local checker variable
130- # check if the cve-search produces results:
131- if ! [[ $( " ${PATH_CVE_SEARCH} " 2> /dev/null | grep -c " :\ CVE-" ) -gt 18 ]]; then
132- # we can restart the mongod database only in dev mode and not in docker mode:
133- if [[ " ${IN_DOCKER} " -eq 0 ]]; then
134- print_output " [*] CVE-search not working - restarting Mongo database for CVE-search" " no_log"
135- if [[ " ${WSL} " -eq 1 ]]; then
136- pkill -f mongod
137- mongod --config /etc/mongod.conf &
138- else
139- service mongod restart
140- fi
141- sleep 10
142-
143- # do a second try
144- if ! [[ $( " ${PATH_CVE_SEARCH} " 2> /dev/null | grep -c " :\ CVE-" ) -gt 18 ]]; then
145- print_output " [*] CVE-search not working - restarting Mongo database for CVE-search" " no_log"
146- if [[ " ${WSL} " -eq 1 ]]; then
147- pkill -f mongod
148- mongod --config /etc/mongod.conf &
149- else
150- service mongod restart
151- fi
152- sleep 10
153-
154- if [[ $( " ${PATH_CVE_SEARCH} " 2> /dev/null | grep -c " :\ CVE-" ) -gt 18 ]]; then
155- CVE_SEARCH_=1
156- fi
157- else
158- CVE_SEARCH_=1
159- fi
160- else
161- CVE_SEARCH_=1
162- fi
163- else
164- CVE_SEARCH_=1
165- fi
166-
167- if [[ " ${CVE_SEARCH_} " -eq 0 ]]; then
168- print_output " " " ${TOOL_NAME} " " - " " ${RED} " " not ok" " ${NC} " " no_log"
169- print_cve_search_failure
170- export CVE_SEARCH=0
171- else
172- if [[ " ${CVE_STATUS_PRINT} " -eq 1 ]]; then
173- print_output " " " ${TOOL_NAME} " " - " " ${GREEN} " " ok" " ${NC} " " no_log"
174- fi
175- export CVE_SEARCH=1
176- fi
177- }
178-
179- print_cve_search_failure () {
180- print_output " [-] The needed CVE database is not responding as expected." " no_log"
181- print_output " [-] CVE checks are currently not possible!" " no_log"
182- print_output " [-] Please check the following documentation on Github: https://github.com/e-m-b-a/emba/issues/187" " no_log"
183- print_output " [-] If this does not help, open a new issue here: https://github.com/e-m-b-a/emba/issues" " no_log"
184- }
185-
18671# Source: https://stackoverflow.com/questions/4023830/how-to-compare-two-strings-in-dot-separated-version-format-in-bash
18772version () { echo " $@ " | awk -F. ' { printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }' ; }
18873
@@ -422,8 +307,6 @@ dependency_check()
422307 local TMP_VER=0
423308 check_dep_tool " docker"
424309 check_dep_tool " docker-compose"
425- check_docker_env
426- check_cve_search 1
427310 check_dep_tool " inotifywait"
428311 check_dep_tool " notify-send"
429312 print_output " urllib3 version - \\ c" " no_log"
@@ -592,16 +475,7 @@ dependency_check()
592475 check_dep_file " Binarly FwHunt analyzer" " ${EXT_DIR} " " /fwhunt-scan/fwhunt_scan_analyzer.py"
593476
594477 if function_exists F20_vul_aggregator; then
595- # CVE-search
596- # TODO change to portcheck and write one for external hosts
597- check_dep_file " cve-search script" " ${EXT_DIR} " " /cve-search/bin/search.py"
598- # we have already checked it outside the docker - do not need it again
599- [[ " ${IN_DOCKER} " -eq 0 ]] && check_cve_search 1
600- if [[ " ${IN_DOCKER} " -eq 0 ]]; then
601- # really basic check, if cve-search database is running - no check, if populated and also no check, if EMBA in docker
602- check_dep_tool " mongo database" " mongod"
603- # check_cve_search
604- fi
478+ check_dep_file " NVD CVE database" " ${EXT_DIR} " " /nvd-json-data-feeds/README.md"
605479 # CVE searchsploit
606480 check_dep_tool " CVE Searchsploit" " cve_searchsploit"
607481
0 commit comments