File size: 2,348 Bytes
08c964e | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | #!/usr/bin/python
# coding: utf-8
# -------------------------------------------------------------------
# 宝塔Linux面板
# -------------------------------------------------------------------
# Copyright (c) 2015-2099 宝塔软件(http://bt.cn) All rights reserved.
# -------------------------------------------------------------------
# Author: linxiao
# -------------------------------------------------------------------
# -------------------------------------------------------------------
# FTP弱口令检测
# -------------------------------------------------------------------
# import sys, os
# os.chdir('/www/server/panel')
# sys.path.append("class/")
import os,public
_title = 'FTP服务弱口令检测'
_version = 2.0 # 版本
_ps = "检测已启用的FTP服务弱口令" # 描述
_level = 3 # 风险级别: 1.提示(低) 2.警告(中) 3.危险(高)
_date = '2022-08-12' # 最后更新时间
_ignore = os.path.exists("data/warning/ignore/sw_ftp_pass.pl")
_tips = [
"请到【FTP】页面修改FTP密码",
"注意:请不要使用过于简单的帐号密码,以免造成安全隐患",
"推荐使用高安全强度的密码:分别包含数字、大小写、特殊字符混合,且长度不少于7位。",
"使用【Fail2ban防爆破】插件对FTP服务进行保护"
]
_help = ''
_remind = '此方案可以加强对FTP服务器的防护,防止入侵者通过爆破入侵FTP服务器。'
def check_run():
"""检测FTP弱口令
@author linxiao<2020-9-19>
@return (bool, msg)
"""
pass_info = public.ReadFile("/www/server/panel/config/weak_pass.txt")
if not pass_info: return True, '无风险'
pass_list = pass_info.split('\n')
data = public.M("ftps").select()
ret = ""
for i in data:
if i['password'] in pass_list:
ret += "FTP用户:" + i['name'] + "存在弱口密码:" + short_passwd(i['password']) + "<br/>"
if ret:
# print(ret)
return False, ret
else:
return True, '无风险'
def short_passwd(text):
"""
@name 密码脱敏
@author lwh
"""
text_len = len(text)
if text_len > 4:
return text[:2] + "**" + text[text_len-2:]
else:
if 1 < text_len <= 4:
return text[:1] + "****" + text[text_len-1]
else:
return "******"
|