{ "info": { "author": "Thomas D.", "author_email": "tdebize@mail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "Intended Audience :: Information Technology", "License :: OSI Approved :: GNU Library or Lesser General Public License (LGPL)", "Programming Language :: Python :: 2 :: Only", "Topic :: Security" ], "description": "RES Workspace Manager application security rule analyzer\n========================================================\n\nDescription\n-----------\nA simple script to visualize and find bypasses in RES Workspace Manager application restrictions\n\nFeatures\n--------\n* Finding possible paths to reach a targeted resource such as an executable program\n* Visually displaying rules as an oriented graph\n\nOptions\n-------\n```\n$ python reswmsecanalyzer.py -h\nUsage: reswmsecanalyzer.py [options]\nVersion: 1.0\n\nOptions:\n -h, --help show this help message and exit\n\n Main parameters:\n -i INPUT_FILE, --input-file=INPUT_FILE\n sec_globauth.xml file containing the security rules\n -t TARGET, --target=TARGET\n Program or file name you want to reach, globbing\n format accepted (Ex: cmd.exe, *cmd*)\n\n Optional parameters:\n -g, --graph Draw and show the graph with matplot\n -o OUTPUT_GRAPH, --output-graph=OUTPUT_GRAPH\n Filename to save the png graph (Ex. -o test.png)\n```\n\nPrerequisites\n-------------\nOn a protected environment (physical/logical/virtualized workstation):\n* The **whole configuration** is stored in this directory \n `C:\\Program Files (x86)\\RES Software\\Workspace Manager\\Data\\DBCache\\Objects\\`\n* The **application security rules** are stored in this file \n `C:\\Program Files (x86)\\RES Software\\Workspace Manager\\Data\\DBCache\\Objects\\sec_globauth.xml`\n* **Workspace access control** (if implemented) is defined in the following file \n `C:\\Program Files (x86)\\RES Software\\Workspace Manager\\Data\\DBCache\\Objects\\workspaces.xml`\n \nExamples\n--------\n* Some **example rules and their associated graphs** are provided in the [`reswmsecanalyzer/examples`](reswmsecanalyzer/examples/) folder. For each example, a **pretty-print** version `_prettyprint.xml` is also included\n* For the [`reswmsecanalyzer/examples/multiple-rules`](reswmsecanalyzer/examples/multiple-rules):\n * The policy defined in the RES Console looks like:\n ![](reswmsecanalyzer/examples/multiple-rules/policy_example.png)\n * Searching a path to `cmd` gives that:\n ```\n $ python reswmsecanalyzer.py -i examples/multiple-rules/sec_globauth.xml -t cmd -g\n [+] Number of enabled rules: 4\n [+] Possible path to 'cmd.exe': ['.', 'calc.exe', 'cmd.exe']\n [+] Possible path to 'cmd.exe': ['.', 'notepad.exe', 'cmd.exe']\n ```\n ![](reswmsecanalyzer/examples/multiple-rules/graph_to_cmd.png)\n\nDependencies and installation\n------------------------------\n* The easiest way: `pip install reswmsecanalyzer`\n* Or `pip install -r requirements.txt`\n* Or installing manually each dependency:\n * Python NetworkX: `apt-get install python-networkx` or `pip install networkx`\n * Python Matplotlib: `apt-get install python-matplotlib` or `pip install matplotlib` \n \nRoadmap\n-------\n* Improve the possible path output description\n* Add csv output\n* Take into account edge constraints such as workspace access control\n* Use some dynamic representation, like D3JS", "description_content_type": "text/markdown; charset=UTF-8;", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/maaaaz/reswmsecanalyzer", "keywords": "res workspace manager restrictions", "license": "LGPL", "maintainer": "", "maintainer_email": "", "name": "reswmsecanalyzer", "package_url": "https://pypi.org/project/reswmsecanalyzer/", "platform": "", "project_url": "https://pypi.org/project/reswmsecanalyzer/", "project_urls": { "Homepage": "https://github.com/maaaaz/reswmsecanalyzer" }, "release_url": "https://pypi.org/project/reswmsecanalyzer/1.1/", "requires_dist": null, "requires_python": "<3", "summary": "A simple script to visualize and find bypasses in RES Workspace Manager application restrictions", "version": "1.1" }, "last_serial": 4166285, "releases": { "1.0": [ { "comment_text": "", "digests": { "md5": "7d214ebcf99dd1740310b33795f64e35", "sha256": "8fd71fa7d2a9afc7091a5d79703c2317e3617e38cfa54df90cc6efd8a4c3a693" }, "downloads": -1, "filename": "reswmsecanalyzer-1.0.tar.gz", "has_sig": false, "md5_digest": "7d214ebcf99dd1740310b33795f64e35", "packagetype": "sdist", "python_version": "source", "requires_python": "<3", "size": 64459, "upload_time": "2017-07-14T10:57:47", "url": "https://files.pythonhosted.org/packages/53/0e/e20ec88d253cb8eda4d93ac1007062ff4f953b04a747c8dac5f25c321ca6/reswmsecanalyzer-1.0.tar.gz" } ], "1.1": [ { "comment_text": "", "digests": { "md5": "28d9e5412f528ea151d457bee1d9a2f2", "sha256": "130d1d20476b2ca809a5cacd363160784e5a02210d3fc0bfbc40fbc1f57c4600" }, "downloads": -1, "filename": "reswmsecanalyzer-1.1.tar.gz", "has_sig": false, "md5_digest": "28d9e5412f528ea151d457bee1d9a2f2", "packagetype": "sdist", "python_version": "source", "requires_python": "<3", "size": 65859, "upload_time": "2018-08-13T17:05:27", "url": "https://files.pythonhosted.org/packages/11/e8/6dc00724e98468c6c86ea8db13c3cdad7ccfcc50fc9c7bd09a27fce4e714/reswmsecanalyzer-1.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "28d9e5412f528ea151d457bee1d9a2f2", "sha256": "130d1d20476b2ca809a5cacd363160784e5a02210d3fc0bfbc40fbc1f57c4600" }, "downloads": -1, "filename": "reswmsecanalyzer-1.1.tar.gz", "has_sig": false, "md5_digest": "28d9e5412f528ea151d457bee1d9a2f2", "packagetype": "sdist", "python_version": "source", "requires_python": "<3", "size": 65859, "upload_time": "2018-08-13T17:05:27", "url": "https://files.pythonhosted.org/packages/11/e8/6dc00724e98468c6c86ea8db13c3cdad7ccfcc50fc9c7bd09a27fce4e714/reswmsecanalyzer-1.1.tar.gz" } ] }