Skip to content

Instantly share code, notes, and snippets.

@arubdesu

arubdesu/see_ayyys.py

Created December 1, 2015 18:52
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save arubdesu/35cac6fdc03b31999cd7 to your computer and use it in GitHub Desktop.
Save arubdesu/35cac6fdc03b31999cd7 to your computer and use it in GitHub Desktop.
Download ZIP
Work In Progress
Raw
see_ayyys.py
#!/usr/bin/python
"""Check osquery output against whitelisted CA's."""
import json
import os
import subprocess
import sys
def osquery_check():
"""bail early if osquery not installed"""
if not os.path.exists('/usr/local/bin/osqueryi'):
result = 'wha? no osquery? bro, do you even lift?'
print "<result>%s</result>" % result
sys.exit(0)
def run_osquery(sql):
"""take sql command you'd like json output for from osquery"""
cmd = ['/usr/local/bin/osqueryi', '--json', sql]
jsony_out = subprocess.check_output(cmd)
try:
jsony_dictlist = json.loads(jsony_out)
except ValueError:
sys.exit(1)
return jsony_dictlist
def alloweds():
"""whitelist"""
allowed_shaones = ["3b166c3b7dc4b751c9fe2afab9135641e388e186", "3f74eaa16baeb77316111f4c7f059282aa6f94a1",
"93e877cb764959f83a7c44dcf744c09f1ae80067", "d80a1b23037545ade0a0b36791ebdf6f7d1e81d8",
"79e3fd45b2e00ab8773e17da09bc6f04259e6c46", "e9270d8b7e36001a72ef9b596a4ecf692a59785d",
"01ba0f5a33e4653e8398be8a5b28cf1e375e692c", "c3ea2bea3cc921d28bec786aaeb076e332b03542",
"11af37eb2bf7f5a1e2cb73f8eb38f8b2db8d0e14", "d62ed2e228aa62001e5c1b51dadfab0475370cc0",
"936147635154c99e5042d2b3b5acb65ae238911e", "ced00d53668b587e7b6ba6e13c051d1b59c25e6b",
"f026b3b7866e4decfe5c3ec15c60ac6ca124611c", "4e9b436db4f090ad3d9e6e00aedf44481caab76f",
"bcab4878ba72dc435b208602e8bb769d08e1a90e", "63735d1410cc84cbd50e0ee86d2cb55b5c901d06",
"6c9f73c049b53c3e8666920fa2da634ab612f4cb", "5418cfe064d5698a9eb9b56f9fd8298238c6336c",
"5ecb4dd3e32236e3479695240c0f37933bac4c16", "192003934745221df24220ccc8880358dc3fa8c3",
"cc91523b4eb0d7222fde59ae359159b206f882f5", "cd78544ccac6ea15728186eb8659f6e6c0faa741",
"1646cb9973034c8e0ccc89550576176aef882632", "0e24ec079c3885cc516275f53ccebeefaccc2560",
"820e3aff52cffa50a2508cbdfd60922482eee52f", "64452b6570603c4897ccadc078d078d9c147e0d7",
"c3b072977aa082a01c2463565e9ea589baaac5e5", "2aaa056ec62c38596590ee0d6312818f8ad7cbc8",
"8fd43cf4c9fdd6902c5956ff054b5d2b0656fa48", "6fee67345ff6265f133700ac001a51f0013b477d",
"38cad51fd603e450bc66cd8bc152fbce3544c7a4", "810bfb48c1afa8e3c5ff7d50b328576a5ebf9e29",
"44f78c983719291ecb8770094068da841dac8545", "77b6b942f887608badb837564d9aed85aed6fc7d",
"5043435c89b7a77d884137feefc00dc7e2ab9478", "1401fa883fed011ca78544e94471579a22a9d791",
"bf86c3e3003c26d475d31a06d27a737e26258f23", "a9ad4a1602f2b8fc5001855f294a1d9b839371b5",
"eea1e33fefb50260853bc4bd4c9fc6fdd39e286c", "335d30244be77df680d22e34ae63750c99d4bcf6",
"d4b551de0544683c43af0ed0e95043be0f3b1613", "ef710effe3ab545ef74ad97446b89f94b2c31321",
"15520b550d4455bdf4fa30178a7fe30e84ca11aa", "cfe799298518249845a07acae9e4f3c1eed88d5c",
"baa79653d34e8b52234817606c27ab7b4a17b980", "8889f972c41837cbd1ead95e2b70a08ad599cf92",
"0f2a96355ae46bc2b36c9b3fe734bed4b13196e1", "9d5a650abf4d7a31e72ff504404b610905b9ca76",
"bf19a5f29cae657e5b0f2261caf2861837552b47", "7afcf305798f534d1b862ccf47730e73767cbd83",
"690b8c89bf529032518de21710a424ef304cb9c2", "ac2add57010a719a8b3d09bdcffd9a6635cf45fc",
"f5b09242146f071c4fc9daf4cd870710086813b5", "925ec8c4c78338da1eb2c5688afba75f5f83beee",
"493cbaaf162f733f5513dc94026710e6a2080fe4", "e5f62a23d17d5ba1df15ca98536a2a6d70cc935f",
"c87687989b170776f7db32f7879242b6e1ab8c33", "1f786af1f936b7c33a3477255d02aafceb429c4a",
"4091d600a741e37fb3186be10214e2fe2c1f0f71", "6cf50357ddc7c5913127562076625abfaf8cbc7b",
"9ef5a072abe00f6822f71118801271ef383b6690", "4b5f44556693f4ecb07da16c0930fabf59cd958e",
"345242f58ed3e7877f20561e8c9fc3cbf9e43d40", "82d441f7064a6e5317d290093a0d3351382f653e",
"74b820940de0071e2c1d814152f749802ece89d1", "cca34fc69b8dcdaac2c10bbaa9ec2531afec0aeb",
"a706ba1ecab6a2ab18699fc0d7dd8c7de36f290f", "ec071003d8f5a37f42c4557f656aae8665fa4b02",
"eea58c40e0ba3b32048f7ad6c4be287bbfb95125", "3cff8808aa0ba9b15b5a1bba33bc6cb3d2957fbf",
"3c7d56578767687f38242e48c4d968666f94d888", "4878433920794e6afb98ac0d9408ba8519bcea29",
"a60f34c8626c81f68bf77da9f667588a903f7d36", "ac00a20c1a44aeb020ec86fb7436bca02888b9db",
"47dcd42735b8ce2b547ff8dd668890f17473a6ef", "32785a6d7ba34978f2193ffff4e919d1eb9a0904",
"2f0f12b5897ec2404d352280456595b4c1a9c6f9", "1fadedd04d46e7dccf5dbe9c910b7690d2fbc3ad",
"04eafc58d509a94c5210b2a0d12097d4dbbe3365", "dfa70199732d74b88b5fef31e80cb6af2f49f797",
"8838ac11a5acf7a9e27ba292b4d148569ce7f0b4", "6671619469f1c2beee367b03a15432c9cfba24cd",
"801d62d07b449d5c5c035c98ea61fa443c2a58fe", "e619d25b380b7b13fda33e8a58cd82d8a88e0515",
"679a4f81fc705ddec419778dd2ebd875f4c242c6", "51a44c28f313e3f9cb5e7c0a1e0e0dd2843758ae",
"d3c063f219ed073e34ad5d750b327629ffd59af2", "26caff09a7afbae96810cfff821a94326d2845aa",
"7f8ab0cfd051876a66f3360f47c88d8cd335fc74", "f373b387065a28848af2f34ace192bddc78e9cac",
"ccab0ea04c2301d6697bdd379fcd12eb24e3949d", "02faf3e291435468607857694df5e45b68851868",
"2ab628485e78fbf3ad9e7910dd6bdf99722c96e5", "4d2378ec919539b5007f758f033b211ec54d8bcf",
"f9b5b632455f9cbeec575f80dce96e2cc7b278b7", "293621028b20ed02f566c532d1d6ed909f45002f",
"b8236b002f1d16865301556c11a437caebffc3bb", "d8a6332ce0036fb185f6634f7d6a066526322827",
"968338f113e36a7babdd08f7776391a68736582e", "14698989bfb2950921a42452646d37b50af017e2",
"b52cb02fd567e0359fe8fa4d4c41037970fe01b0", "3b166c3b7dc4b751c9fe2afab9135641e388e186",
"611e5b662c593a08ff58d14ae22452d198df6c60", "580f804792abc63bbb80154d4dfddd8b2ef2674e",
"121f9fac629ff133887c1b45640c1a034f03f28f", "253f775b0e7797ab645f15915597c39e263631d1",
"6b81446a5cddf474a0f800ffbe69fd0db6287516", "d4de20d05e66fc53fe1a50882c78db2852cae474",
"490a7574de870a47fe58eef6c76bebc60b124099", "dafaf7fa6684ec068f1450bdc7c281a5bca96457",
"a0a1ab90c9fc847b3b1261e8977d5fd32261d3cc", "61573a11df0ed87ed5926522ead056d744b32371",
"204285dcf7eb764195578e136bd4b7d1e98e46a5", "61ef43d77fcad46151bc98e0c35912af9feb6311",
"132d0d45534b6997cdb2d5c339e25576609b5cc6", "c8ec8c879269cb4bab39e98d7e5767f31495739d",
"8e1c74f8a620b9e58af461faec2b4756511a52c6", "b561ebeaa4dee4254b691a98a55747c234c7d971",
"6631bf9ef74f9eb6c9d5a60cba6abed1f7bdef7b", "b12e13634586a46f1ab2606837582dc4acfd9497",
"9d70bb01a5a4a018112ef71c01b932c534e788a8", "2e14daec28f0fa1e8e389a4eabeb26c00ad383c3",
"3e5d358f283a0f647c1c927ffbaad4852d997256", "67650df17e8e7e5b8240a4f4564bcfe23d69c6f0",
"e1a45b141a21da1a79f41a42a961d669cd0634c1", "ae3b31bf8fd891079cf1df34cbce6e70d37fb5b0",
"f9cd0e2cda7624c18fbdf0f0abb645b8f7fed57a", "d1eb23a46d17d68fd92564c2f1f1601764d8e349",
"4a65d5f41def39b8b8904a4ad3648133cfc7a1d1", "e19fe30e8b84609e809b170d72a8c5ba6e1409bd",
"58e8abb0361533fb80f79b1b6d29d3ff8d5f00f0", "96c91b0b95b4109842fad0d82279fe60fab91683",
"f74dacb21414dcbaab0b947c8a257c325ca88550", "85a408c09c193e5d51587dcdd61330fd8cde37bf",
"0563b8630d62d75abbc8ab1e4bdfb5a899b24d43", "a14b48d943ee0a0e40904f3ce0a4c09193515d3f",
"f517a24f9a48c6c9f8a200269fdc0f482cab3089", "a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c5436",
"df3c24f9bfd666761b268073fe06d1cc8d4f82a4", "7e04de896a3e666d00e687d33ffad93be83d349e",
"5fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25", "ddfb16cd4931c973a2037d3fc83a4d7d775d05e4",
"8c941b34ea1ea6ed9ae2bc54cf687252b4c9b561", "51c6e70849066ef392d45ca00d6da3628fc35239",
"8c96baebdd2b070748ee303266a0f3986e7cae58", "cb658264ea8cda186e1752fb52c397367ea387be",
"b31eb1b740e36c8402dadc37d44df5d4674952f9", "20d80640df9b25f512253a11eaf7598aeb14b547",
"8cf427fd790c3ad166068de81e57efbb932272d4", "409d4bd917b55c27b69b64cb9822440dcd09b889",
"cb44a097857c45fa187ed952086cb9841f2d51b5", "905f942fd9f28f679b378180fd4f846347f645c1",
"aec5fb3fc8e1bfc4e54f03075a9ae800b7f7b6fa", "2796bae63f1801e277261ba0d77770028f20eee4",
"8d1784d537f3037dec70fe578b519a99e610d7b0", "039eedb80be7a03c6953893b20d2d9323a4c2afd",
"de28f4a4ffe5b92fa3c503d1a349a7f9962a8212", "d69b561148f01c77c54578c10926df5b856976ad",
"b1bc968bd4f49d622aa89a81f2150152a41d829c", "6969562e4080f424a1e7199f14baf3ee58ab6abb",
"1f24c630cda418ef2069ffad4fdd5f463a1b69aa", "75e0abb6138512271c04f85fddde38e4b7242efe",
"47beabc922eae80e78783462a79f45c254fde68b", "0b7199a1c7f3addf7ba7eab8eb574ae80d60ddde",
"d6daa8208d09d2154d24b52fcb346eb258b28a58", "fe45659b79035b98a161b5512eacda580948224d",
"d2441aa8c203aecaa96e501f124d52b68fe4c375", "df717eaa4ad94ec9558499602d48de5fbcf03a25",
"ba29416077983ff4f3eff231053b2eea6d4d45fd", "dac9024f54d8f6df94935fb1732638ca6ad77c13",
"4054da6f1c3f4074aced0feccddb79d153fb901d", "30779e9315022e94856a3ff8bcf815b082f9aefd",
"4a3f8d6bdc0e1ecfcd72e377def2d7ff92c19bc7", "2f783d255218a74a653971b52ca29c45156fe919",
"f00fc37d6a1c9261fb6bc1c218498c5aa4dc51fb", "d3eefbcbbcf49867838626e23bb59ca01e305db7",
"89df74fe5cf40f4a80f9e3377d54da91e101318e", "06083f593f15a104a069a46ba903d006b7970991",
"74f8a3c3efe7b390064b83903c21646020e5dfce", "d8eb6b41519259e0f3e78500c03db68897c9eefc",
"a1e7c600aa4170e5b74bc94f9b9703edc261b4b9", "07e032e020b72c3f192f0628a2593a19a70f069e",
"6e3a55a4190c195c93843cc0db722e313061f0b1", "339b6b1450249b557a01877284d9e02fc3d2d8e9",
"25019019cffbd9991cb76825748d945f30939542", "36b12b49f9819ed74c9ebc380fc6568f5dacb2f7",
"feb8c432dcf9769aceae3dd8908ffd288665647d", "5f3b8cf2f810b37d78b4ceec1919c37334b9c774",
"ad7e1c28b064ef8f6003402014c3d0e3370eb58a", "c9a8b9e755805e58e35377a725ebafc37b27ccd7",
"8d08fc43c0770ca84f4dccb2d41a5d956d786dc4", "0747220199ce74b97cb03d79b264a2c855e933ff",
"37f76de6077c90c5b13e931ab74110b4f2e49a27", "76e27ec14fdb82c1c0a675b505be3d29b4eddbbb",
"b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e", "925a8f8d2c6d04e0665f596aff22d863e8256f3f",
"31f1fd68226320eec63b3f9dea4a3e537c7c3917", "d8c5388ab7301b1b6ed47ae645253a6f9f1a2761",
"56e0fac03b8f18235518e5d311cae8c24331ab66", "9baae59f56ee21cb435abe2593dfa7f040d11dcb",
"77474fc630e40f4c47643f84bab8c6954a8a41ec", "e7a19029d3d552dc0d0fc692d3ea880d152e1a6b",
"84f2e3dd83133ea91d19527f02d729bfc15fe667", "517f611e29916b5382fb72e744d98dc3cc536d64",
"6724902e4801b02296401046b4b1672ca975fd2b", "40b331a0e9bfe855bc3993ca704f4ec251d41d8f",
"58d52db93301a4fd291a8c9645a08fee7f529282", "26a16c235a2472229b23628025bc8097c88524a1",
"590d2d7d884f402e617ea562321765cf17d894e9", "55a6723ecbf2eccdc3237470199d2abe11e381d1",
"5cfb1f5db732e4084c0dd4978574e0cbc093beb3", "9cbb4853f6a4f6d352a4e83252556013f5adaf65",
"b091aa913847f313d727bcefc8179f086f3a8c0f", "4313bb96f1d5869bc14e6a92f6cff63469878237",
"3bc0380b33c3f6a60c86152293d9dff54b81c004", "3a44735ae581901f248661461e3b9cc45ff53a1b",
"8782c6c304353bcfd29692d2593e7d44d934ff11", "1b4b396126276b6491a2686dd70243212d1f1d96",
"0b972c9ea6e7cc58d93b20bf71ec412e7209fabf", "8250bed5a214433a66377cbc10ef83f669da3a67",
"b172b1a56d95f91fe50287e14d37ea6a4463768a", "0483ed3399ac3608058722edbc5e4600e3bef9d7",
"5d989cdb159611365165641b560fdbea2ac23ef1", "e12dfb4b41d7d9c32b30514bac1d81d8385e2d46",
"58119f0e128287ea50fdd987456f4f78dcfad6d4", "6252dc40f71143a22fde9ef7348e064251b18118",
"22d5d8df8f0231d18df79db7cf8a2d64c93f6c3a", "3679ca35668772304d30a5fb873b0fa77bb70d54",
"4eb6d578499b1ccf5f581ead56be3d9b6744a5e5", "5a4d0e8b5fdcfdf64e7299a36c060db222ca78e4",
"70179b868c00a4fa609152223f9f3e32bde00562", "5922a1e15aea163521f898396a4646b0441b0fa9",
"e7b4f69d61ec9069db7e90a7401a3cf47d4fe8ee", "b80186d1eb9c86a54104cf3054f34c52b7e558c6",
"51cca0710af7733d34acdc1945099f435c7fc59f", "fab7ee36972662fb2db02af6bf03fde87c4b2f9b",
"74207441729cdd92ec7931d823108dc28192e2bb", "de990ced99e0431f60edc3937e7cd5bf0ed9e5fa",
"2ac8d58b57cebf2f49aff2fc768f511462907a41", "503006091d97d4f5ae39f7cbe7927d7d652d3431",
"323c118e1bf7b8b65254e2e2100dd6029037f096", "027268293e5f5d17aaa4b3c3e6361e1f92575eaa",
"aced5f6553fd25ce015f1f7a483b6a749f6178c6", "faa7d9fb31b746f200a85e65797613d816e063b5",
"de3f40bd5093d39b6c60f6dabc076201008976c9", "1b8eea5796291ac939eab80a811a7373c0937967",
"ca3afbcf1240364b44b216208880483919937cf7", "093c61f38b8bdc7d55df7538020500e125f5c836",
"1f4914f7d874951dddae02c0befd3a2d82755185", "4812bd923ca8c43906e7306d2796e6a4cf222e7d",
"786a74ac76ab147f9c6a3050ba9ea87efe9ace3c", "4abdeeec950d359c89aec752a12c5b29f6d6aa0c",
"59af82799186c7b47507cbcf035746eb04ddb716", "101dfa3fd50bcbbb9bb5600c1955a41af4733a04",
"3e2bf7f2031b96f38ce6c4d8a85d3e2d58476a0f", "a3f1333fe242bfcfc5d14e8f394298406810d1a0",
"5f3afc0a8b64f686673474df7ea9a2fef9fa7a51", "6b2f34ad8958be62fdb06b5ccebb9dd94f4e39f3",
"8cc4307bc60755e7b22dd9f7fea245936c7cf288", "ae5083ed7cf45cbc8f61c621fe685d794221156e",
"8025eff46e70c8d472246584fe403b8a8d6adbf5", "a69a91fd057f136a42630bb1760d2d51120c1650",
"f18b538d1be903b6a6f056435b171589caf36bf2", "91c6d6ee3e8ac86384e548c299295c756c817b81",
"aadbbc22238fc401a127bb38ddf41ddb089ef012", "9656cd7b57969895d0e141466806fbb8c6110687",
"7998a308e14d6585e6c21e153a719fba5ad34ad9", "b435d4e1119d1c6690a749ebb394bd637ba782b7",
"f17f6fb631dc99e3a3c87ffe1cf1811088d96033", "cf9e876dd3ebfc422697a3b5a37aa076a9062348",
"2dff6336e33a4829aa009f01a1801ee7eba582bb", "801d62d07b449d5c5c035c98ea61fa443c2a58fe",
"679a4f81fc705ddec419778dd2ebd875f4c242c6", "7454535c24a3a758207e3e3ed324f816fb211649",
"fc219a76112f76c1c508833c9a2fa2ba84ac087a", "ccab0ea04c2301d6697bdd379fcd12eb24e3949d",
"02faf3e291435468607857694df5e45b68851868", "2ab628485e78fbf3ad9e7910dd6bdf99722c96e5",
"4d2378ec919539b5007f758f033b211ec54d8bcf", "9078c5a28f9a4325c2a7c73813cdfe13c20f934e",
"3921c115c15d0eca5ccb5bc4f07d21d8050b566a", "85b5ff679b0c79961fc86e4422004613db179284",
"968338f113e36a7babdd08f7776391a68736582e", "611e5b662c593a08ff58d14ae22452d198df6c60",
"580f804792abc63bbb80154d4dfddd8b2ef2674e", "d4de20d05e66fc53fe1a50882c78db2852cae474",
"204285dcf7eb764195578e136bd4b7d1e98e46a5", "61ef43d77fcad46151bc98e0c35912af9feb6311",
"132d0d45534b6997cdb2d5c339e25576609b5cc6", "c8ec8c879269cb4bab39e98d7e5767f31495739d",
"273ee12457fdc4f90c55e82b56167f62f532e547", "b3eac44776c9c81ceaf29d95b6cca0081b67ec9d",
"85371ca6e550143dce2803471bde3a09e8f8770f", "0b77bebbcb7aa24705decc0fbd6a02fc7abd9b52",
"76b76096dd145629ac7585d37063c1bc47861c8b", "d1eb23a46d17d68fd92564c2f1f1601764d8e349",
"4a65d5f41def39b8b8904a4ad3648133cfc7a1d1", "e19fe30e8b84609e809b170d72a8c5ba6e1409bd",
"f74dacb21414dcbaab0b947c8a257c325ca88550", "b72fff92d2ce43de0a8d4c548c503726a81e2b93",
"67eb337b684ceb0ec2b0760ab488278cdd9597dd", "0563b8630d62d75abbc8ab1e4bdfb5a899b24d43",
"10f193f340ac91d6de5f1edc006247c4f25d9671", "bc8978198c3d2b2d3b585f0ca3a5863c5ce3ae18",
"8c941b34ea1ea6ed9ae2bc54cf687252b4c9b561", "3a32ef7b9ab836f837181a4cefa355c64667acbf",
"d23209ad23d314232174e40d7f9d62139786633a", "7e784a101c8265cc2de1f16d47b440cad90a1945",
"da40188b9189a3edeeaeda97fe2f9df5b7d18a41", "394ff6850b06be52e51856cc10e180e882b385cc",
"cf74bfff9b86815b08335440363e87b6b6f0bf73", "2796bae63f1801e277261ba0d77770028f20eee4",
"97817950d81c9670cc34d809cf794431367ef474", "de28f4a4ffe5b92fa3c503d1a349a7f9962a8212",
"75e0abb6138512271c04f85fddde38e4b7242efe", "24ba6d6c8a5b5837a48db5fae919ea675c94d217",
"b6ca215b836c35101daf7463900a936880767aa6", "4ad44d4d812e42232fe038764c7b0ceb466eef96",
"270c500cc6c86ecb1980bc1305439ed282480be3", "90aea26985ff14804c434952ece9608477af556f",
"6782aae0edeee21a5839d3c0cd14680a4f60142a", "742c3192e607e424eb4549542be1bbc53e6174e2",
"6e3a55a4190c195c93843cc0db722e313061f0b1", "339b6b1450249b557a01877284d9e02fc3d2d8e9",
"25019019cffbd9991cb76825748d945f30939542", "3cbb5de0fcd6397c0588e56697bd462abdf95c76",
"70179b868c00a4fa609152223f9f3e32bde00562", "36b12b49f9819ed74c9ebc380fc6568f5dacb2f7",
"ad7e1c28b064ef8f6003402014c3d0e3370eb58a", "4463c531d7ccc1006794612bb656d3bf8257846f",
"0747220199ce74b97cb03d79b264a2c855e933ff", "37f76de6077c90c5b13e931ab74110b4f2e49a27",
"720fc15ddc27d456d098fabf3cdd78d31ef5a8da", "838e30f77fdd14aa385ed145009c0e2236494faa",
"9fc796e8f8524f863ae1496d381242105f1b78f5", "d29f6c98befc6d986521543ee8be56cebc288cf3",
"a399f76f0cbf4c9da55e4ac24e8960984b2905b6", "8781c25a96bdc2fb4c65064ff9390b26048a0e01",
"21fcbd8e7f6caf051bd1b343eca8e76147f20f8a", "b172b1a56d95f91fe50287e14d37ea6a4463768a",
"0483ed3399ac3608058722edbc5e4600e3bef9d7", "5d989cdb159611365165641b560fdbea2ac23ef1",
"e12dfb4b41d7d9c32b30514bac1d81d8385e2d46", "58119f0e128287ea50fdd987456f4f78dcfad6d4",
"e5df743cb601c49b9843dcab8ce86a81109fe48e", "317a2ad07f2b335ef5a1c34e4b57e8b7d8f1fca6",
"69bd8cf49cd300fb592e1793ca556af3ecaa35fb", "5922a1e15aea163521f898396a4646b0441b0fa9",
"b80186d1eb9c86a54104cf3054f34c52b7e558c6", "2964b686135b5dfddd3253a89bbc24d74b08c64d",
"8e1032e9245944f84791983ec9e829cb1059b4d3", "6a84fe627ecc49a1be02e918fac9e1f732803a62",
"5bcdcdcc66f6dce4441fe37d5cc3134c46f47038", "dfdfac8947bdf75264a9233ac10ee3d12833dacc",
"da79c1711150c23439aa2b0b0c62fd55b2f9f580", "e392512f0acff505dff6de067f7537e165ea574b",
"f7355322ea4b80c7ffe2b4cbd492b04545b918d4", "2f173f7de99667afa57af80aa2d1b12fac830338",
"8939576e178df705780fcc5ec84f84f6253a4893", "2ceb0534ad5927180d348c5f0e056d382b508287",
"74a266f095a9a4eb952219d605da9363f514faf9", "a676dbf19248f52c5753d0dac14c53c474a4835e",
"b457121e6345ff935d6b1ca2ddf4523cc6d0ef6b", "4cab31a128340252bcb467d62a99631b21772050",
"2ef64bba77dd3779e91fbd5a4eee633c8a36a5b1", "027268293e5f5d17aaa4b3c3e6361e1f92575eaa",
"f5c27cf5fff3029acf1a1a4bec7ee1964c77d784", "5f4e1fcf31b7913b850b54f6e5ff501a2b6fc6cf",
"aced5f6553fd25ce015f1f7a483b6a749f6178c6", "016897e1a0b8f2c3b134665c20a727b7a158e28f",
"40e78c1d523d1cd9954fac1a1ab3bd3cbaa15bfc", "209900b63d955728140cd13622d8c687a4eb0085",
"36863563fd5128c7bea6f005cfe9b43668086cce", "de3f40bd5093d39b6c60f6dabc076201008976c9",
"ca3afbcf1240364b44b216208880483919937cf7", "1f4914f7d874951dddae02c0befd3a2d82755185",
"23e594945195f2414803b4d564d2a3a3f5d88b8c", "627f8d7827656399d27d7f9044c9feb3f33efa9a",
"101dfa3fd50bcbbb9bb5600c1955a41af4733a04", "95e6adf8d77146024dd56a21b2e73fcdf23b35ff",
"5f3afc0a8b64f686673474df7ea9a2fef9fa7a51", "564b6f8c5638dc055bba2ba1390f7e31954a5550",
"6b2f34ad8958be62fdb06b5ccebb9dd94f4e39f3", "8cc4307bc60755e7b22dd9f7fea245936c7cf288",
"ae5083ed7cf45cbc8f61c621fe685d794221156e", "8025eff46e70c8d472246584fe403b8a8d6adbf5",
"a69a91fd057f136a42630bb1760d2d51120c1650", "879f4bee05df98583be360d633e70d3ffe9871af",
"99a69be61afe886b4d2b82007cb854fc317e1539", "93e6ab220303b52328dcda569ebae4d1d1ccfb65"
]
return allowed_shaones
def main():
"""gimme some main"""
osquery_check()
allowedshas = alloweds()
ca_dicts = run_osquery('select common_name, subject, key_usage, path, sha1 from certificates where ca = "1"')
aliens = []
for each in ca_dicts:
if each['sha1'] not in allowedshas:
aliens.append(str(each))
if len(aliens) > 0:
result = "Found somethin':\n" + "\n".join(*[aliens])
else:
result = "No non-standard CAs installed."
print "<result>%s</result>" % result
if __name__ == '__main__':
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment