search

SecurityFTW / cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
GNU General Public License v3.0
1.13k stars 217 forks source link

[Azure] Err in module "6.1: Checking if any network group allows public access to RDP" #45

Open noadmin opened 4 years ago

noadmin commented 4 years ago

Next err occurs, during script run because of "wildcard" in source definition:

Traceback (most recent call last):
  File "cs.py", line 89, in <module>
    main()
  File "cs.py", line 83, in main
    azureaudit.azure_audit()
  File "/Users/user/cs-suite/modules/azureaudit.py", line 1885, in azure_audit
    rdp_public()
  File "/Users/user/cs-suite/modules/azureaudit.py", line 1056, in rdp_public
    access_type, port, direction, protocol, source = line.split()
ValueError: need more than 4 values to unpack

Actual line contains next string Allow 443 Inbound Tcp which can be actually spited od ['Allow', '443', 'Inbound', 'Tcp']

rule set (lines) looks like this:

Allow   443 Inbound Tcp
Allow   *   Inbound Tcp
Allow   22  Inbound Tcp
Allow   443 Inbound Tcp
Allow       Inbound Udp 192.168.1.5