From 19c42a6fed687b5960787f4b28b2df1f47f6a635 Mon Sep 17 00:00:00 2001
From: "th.l" <thl-cmk@outlook.com>
Date: Fri, 8 Apr 2022 20:51:46 +0200
Subject: [PATCH] update project
---
.../linux_all_spring4shell/lib/bin/README | 3 +
.../local/86400/local_spring-vuln-scanner.sh | 120 ++++++++++++++++++
.../lib/local/local_spring-vuln-scanner.ps1 | 92 ++++++++++++++
packages/spring4shell | 39 ++++++
spring4shell.mkp | Bin 0 -> 3801 bytes
web/plugins/metrics/spring4shell.py | 53 ++++++++
6 files changed, 307 insertions(+)
create mode 100755 agents/custom/linux_all_spring4shell/lib/bin/README
create mode 100755 agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh
create mode 100755 agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1
create mode 100644 packages/spring4shell
create mode 100644 spring4shell.mkp
create mode 100644 web/plugins/metrics/spring4shell.py
diff --git a/agents/custom/linux_all_spring4shell/lib/bin/README b/agents/custom/linux_all_spring4shell/lib/bin/README
new file mode 100755
index 0000000..d8f8091
--- /dev/null
+++ b/agents/custom/linux_all_spring4shell/lib/bin/README
@@ -0,0 +1,3 @@
+https://github.com/hillu/local-spring-vuln-scanner
+
+
diff --git a/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh b/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh
new file mode 100755
index 0000000..7f46fce
--- /dev/null
+++ b/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh
@@ -0,0 +1,120 @@
+#!/bin/bash
+
+# Check local-spring-vuln-scanner
+# checkmk Local Check
+# Christian Wirtz, 2022-04 <doc@snowheaven.de>
+#
+# https://github.com/hillu/local-spring-vuln-scanner
+
+START_DATE=$(date +%s)
+
+DEST="/" # scan under this path
+WAITTIME="10800" # max scan runtime (default: 3h = 10800sec)
+
+EXCLUDE_PATHS="--exclude /mnt"
+LOGFILE="/tmp/local-spring-vuln-scanner"
+ARGS="--quiet --log $LOGFILE $EXCLUDE_PATHS"
+SERVICENAME="CVE-Spring4Shell"
+PWD="/usr/lib/check_mk_agent"
+
+# search pattern
+PATTERN_VULNERABLE="^indicator for vulnerable component found in "
+PATTERN_DENY=": permission denied$"
+PATTERN_CVES="^Checking for vulnerabilities: "
+PATTERN_REPLACE="indicator for vulnerable component found in "
+
+WAITMAX=$(which waitmax)
+
+COMMAND="$WAITMAX $WAITTIME $PWD/bin/local-spring-vuln-scanner $ARGS $DEST"
+
+MSG="Scanned path: $DEST"
+
+# Check if a scan is already running
+PROCESSES=$(pgrep -lfc local-spring-vuln-scanner)
+
+# Output if another scan is running
+if [[ $PROCESSES -gt 1 ]]
+then
+ PROCESSES=$(($PROCESSES - 1))
+ echo "3 $SERVICENAME processes=$PROCESSES; Another scan is already running, number of processes: $PROCESSES"
+ exit 3
+fi
+
+eval "$COMMAND"
+EXITCODE=$?
+
+CVES=$(grep -E "$PATTERN_CVES" $LOGFILE)
+# cut "Checking for vulnerabilities: " from "Checking for vulnerabilities: CVE-2022-22965"
+CVES=$(echo "$CVES" | awk -F':' '{print $2}')
+# trim spaces at the beginning of string
+CVES=${CVES##*( )}
+
+MSG="Checked for: $CVES, $MSG"
+
+DENIED=$(grep -c "$PATTERN_DENY" $LOGFILE)
+VULNERABLE=$(grep -cE "$PATTERN_VULNERABLE" $LOGFILE)
+
+END_DATE=$(date +%s)
+RUN_TIME=$(("$END_DATE" - "$START_DATE"))
+
+# Perfdata
+PERFDATA="files_vulnerable=$VULNERABLE;1;1|files_not_permitted=$DENIED;1|run_time=$RUN_TIME;"
+
+# Output if errors while scanning
+if [[ $EXITCODE -gt 0 ]]
+then
+ echo "2 $SERVICENAME - Error on scanner run: $EXITCODE"
+ exit 2
+fi
+
+# Output if suspicious files found
+if [[ $VULNERABLE -eq 0 ]]
+then
+ MSG="$MSG, No vulnerabilities found"
+else
+ # get files with indicator
+ FILES_VULNERABLE=$(sed -n -e "/$PATTERN_VULNERABLE/p" $LOGFILE | sed "s/$PATTERN_REPLACE//g" | sed ':a;N;$!ba;s/\n/\\n/g')
+ FILES_VULNERABLE="\nIndicator for vulnerable component found in:\n$FILES_VULNERABLE"
+ MSG="$MSG, Found indicators for vulnerable components"
+fi
+
+if [[ DENIED -gt 0 ]]
+then
+ # get denied files
+ FILES_DENIED=$(sed -n -e "/$PATTERN_DENY/p" $LOGFILE | sed ':a;N;$!ba;s/\n/\\n/g')
+ FILES_DENIED="\Unscanned files:\n$FILES_DENIED"
+fi
+
+LONGOUTPUT="$FILES_VULNERABLE\n$FILES_DENIED"
+
+# Default output
+echo "P $SERVICENAME $PERFDATA $MSG $LONGOUTPUT"
+
+# cleanup
+unset ARGS
+unset COMMAND
+unset CVES
+unset DENIED
+unset DEST
+unset END_DATE
+unset EXITCODE
+unset FILES_DENIED
+unset FILES_VULNERABLE
+unset LOGFILE
+unset LONGOUTPUT
+unset MSG
+unset PATTERN_CVES
+unset PATTERN_DENY
+unset PATTERN_REPLACE
+unset PATTERN_VULNERABLE
+unset PERFDATA
+unset PROCESSES
+unset PWD
+unset RUN_TIME
+unset SERVICENAME
+unset START_DATE
+unset VULNERABLE
+unset WAITMAX
+unset WAITTIME
+
+exit 0
diff --git a/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1 b/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1
new file mode 100755
index 0000000..07957b5
--- /dev/null
+++ b/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1
@@ -0,0 +1,92 @@
+<#
+.Synopsis
+ Checks for CVE-2022-22965 wrapper for checkmk for a scan tool to check all drives and parse the output
+.DESCRIPTION
+ Author: Christopher Stegmann
+ Date: 2022-04
+#>
+
+$START_TIME = Get-Date
+
+$ErrorActionPreference = "SilentlyContinue"
+$SVC_NAME = "CVE-Spring4Shell"
+
+# pattern to search in output
+$PATTERN_VULNERABLE="^indicator for vulnerable component found in "
+$PATTERN_DENY=": Access is denied\.$"
+$PATTERN_CVES="^Checking for vulnerabilities: "
+$PATTERN_REPLACE="indicator for vulnerable component found in "
+
+# get list of drives to check without empty drives (like CDROM), returns i.e. "C:\ D:\"
+$DRIVES_TO_CHECK = (Get-PSDrive -PSProvider "FileSystem" | Where-Object used -gt 0 | Select -ExpandProperty root) -join " "
+
+$MSG = "Scanned drive(s): $($DRIVES_TO_CHECK)"
+
+$EXECUTABLE = "c:\ProgramData\checkmk\agent\bin\local-spring-vuln-scanner.exe"
+$EXCLUDE_PATHS = ""
+$LOGFILE = "$env:TEMP\spring4shell.log"
+$ARGS = "--quiet --log $($LOGFILE) $($EXCLUDE_PATHS)"
+
+$RUN = "$EXECUTABLE $ARGS $DRIVES_TO_CHECK"
+
+if (Test-Path -Path $LOGFILE -PathType Leaf) {
+ Remove-Item -Path $LOGFILE
+}
+
+if ( -not (Test-Path -Path $EXECUTABLE -PathType Leaf)) {
+ # warn scanner not found
+ Write-Output "1 $($SVC_NAME) - Error: $($EXECUTABLE) not found"
+ return
+}
+
+# run the scanner tool
+try{
+ & cmd /c $RUN
+}
+catch {
+ $ERRORINFO = $_
+ # warn error on scanning
+ Write-output "1 $($SVC_NAME) - Error on scanner run: $($ERRORINFO)"
+ return
+}
+
+ if (Test-Path -Path "$LOGFILE" -PathType Leaf) {
+ # search for vulnerabilites and remove log file name from output:
+ $FILES_VULNERABLE = Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_VULNERABLE | Select -ExpandProperty Line
+ $VULNERABLE = $FILES_VULNERABLE.Length
+ if ( $VULNERABLE -gt 0 ) {
+ $FILES_VULNERABLE=($FILES_VULNERABLE -join "\n") -replace $PATTERN_REPLACE, ""
+ $FILES_VULNERABLE = "\nIndicator for vulnerable component found in:\n$FILES_VULNERABLE"
+ $MSG = "$MSG, Found indicators for vulnerable components"
+ } else {
+ $MSG = "$MSG, No vulnerabilities found"
+ }
+
+ # get number/list of denied files
+ $FILES_DENIED= (Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_DENY)
+ $DENIED = $FILES_DENIED.Length
+ if ( $DENIED -gt 0 ) {
+ $FILES_DENIED=($FILES_DENIED -join "\n")
+ $FILES_DENIED = "\nUnscanned files:\n$FILES_DENIED"
+ }
+
+ # search for CVEs checked for:
+ $CVES = (Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_CVES | Select -ExpandProperty Line).split(":")[1].trim()
+ } else {
+ Write-output "1 $($SVC_NAME) Logfile $($LOGFILE) not found"
+ return
+ }
+
+if (Test-Path -Path $LOGFILE -PathType Leaf) {
+ Remove-Item -Path $LOGFILE
+}
+
+$MSG = "Checked for: $CVES, $MSG"
+$LONGOUTPUT="$FILES_VULNERABLE\n$FILES_DENIED"
+
+$END_TIME = Get-Date
+$RUN_TIME = (New-TimeSpan -Start $START_TIME -End $END_TIME).TotalSeconds
+$PERFDATA="files_vulnerable=$VULNERABLE;1;1|files_not_permitted=$DENIED;1|run_time=$RUN_TIME;"
+write-output "P $($SVC_NAME) $PERFDATA $MSG\n$LONGOUTPUT\n"
+
+exit 0
diff --git a/packages/spring4shell b/packages/spring4shell
new file mode 100644
index 0000000..545c15c
--- /dev/null
+++ b/packages/spring4shell
@@ -0,0 +1,39 @@
+{'author': 'Christian Wirtz, doc[at]snowheaven[dot]de & Christopher Stegmann & '
+ 'thl-cmk[at]outlook[dot]com',
+ 'description': 'Wrapper around spring-vuln-scanner\n'
+ 'from Hilko Bengen <bengen@hilluzination.de>\n'
+ '\n'
+ 'https://github.com/hillu/local-spring-vuln-scanner\n'
+ '\n'
+ 'Scan interval:\n'
+ 'Linux:daily (86400sec)\n'
+ 'Windows; Rule needed: Set cache age for plugins and local '
+ 'checks: 86400\n'
+ '\n'
+ 'ToDo\n'
+ '- nicer output requested '
+ '(https://github.com/hillu/local-spring-vuln-scanner/issues/2)\n'
+ '- async config not so nice\n'
+ '\n'
+ 'Changelog\n'
+ '2022-04-06 Wrt same perfdata-labels for Linux and Windows\n'
+ '2022-04-06 Wrt,thl-cmk nicer code from thl-cmk; some things '
+ 'from Christian\n'
+ '2022-04-05 Wrt,thl-cmk Windows, added Run-time perfdata\n'
+ '2022-04-05 Wrt Windows ok, with the help of thl-cmk\n'
+ '2022-04-05 Wrt Linux check finalized\n'
+ '2022-04-05 Wrt running Windows baseversion together with '
+ 'Christopher\n'
+ '2022-04-05 Wrt running Linux baseversion\n',
+ 'download_url': '',
+ 'files': {'agents': ['custom/linux_all_spring4shell/lib/bin/README',
+ 'custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh',
+ 'custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1'],
+ 'web': ['plugins/metrics/spring4shell.py']},
+ 'name': 'spring4shell',
+ 'num_files': 4,
+ 'title': 'Spring4Shell check plugin',
+ 'version': '0.95',
+ 'version.min_required': '2.0.0',
+ 'version.packaged': '2021.09.20',
+ 'version.usable_until': None}
\ No newline at end of file
diff --git a/spring4shell.mkp b/spring4shell.mkp
new file mode 100644
index 0000000000000000000000000000000000000000..3f002ac6ed74a8d2151978bfff7d13243f98a6c9
GIT binary patch
literal 3801
zcmV;~4kqy*iwFomgivAv|8sD1X>MmUb7*C3Y%MS@IW;bAYj6PV8*6joMsmMKRr?<%
zvM#`#c^car9OpuS-MG%iF2L(t8HW;L0L5aY=wYw3@qfSWnGr}B){pf%$<=h#uBDk)
zcTc~jdys54c3*vAC;{wLtNbs(^53oP-R)Q9YNb*wmnx;*-B+b@sl2uIij-cx07OA(
z`XI`4EHb&czX^QIm{B-&{Y;Hy8dKj6Lfd5I%=W|IH_6Dg&du;5VD9ylnpc#akKFKL
zM9DWq;JV(F`lK7u$;@O7hBF#jKqj0zd24owG~6h3T=$X_u-sW@QzMxX4J_aGLfd7?
z{>(Q$56GFm8?g}yJl|%M{8i+zd|&~2>i1cSzF;!;-5L4Gb}n7=BV`lH$ah2j_lK$N
zIMMGmGm%4KM89A8{K~;;7<xgiSe)45G#VB_;v%P3bX?1H@(-15<zN>cAT|rBe`Pwg
zl_-Zci$2swrtRF2?3<lxsT5Evw-WWtW+V4H*dv|Dp@dO7qN5t=(vVoDHKoLyP%?IX
z;yKa8W&trlwR{m|1u=NQx(sTBvwZl9dT!HQIguyKw!oxdeJ=`$Pk)PO5Yo{q-r2|N
zyl4jj5G+=5Yq*=i4YP>lvavlO%neE4a)}<kw8qo~Uvk{Z%GpY(QpuO9`O*$K^MSfK
zqXb-dJTgNw@0dgC1YG&to?P|PTo0hODWgZK&~hQ}xUb9cJy;B|3#Xu!fUFCQc}#zr
z<93Rp6mpZ8Bk(5hES3-L#L^x>E2cr*%T00(76m~mnNr6i?l@k;L+A+AamOTMh-JtA
zosJ&zpdT>?s+kKiGy{4?{Qz<S3Ec?|F?DgtR+@dD-X6nC2%F#p5A#gtUNgrvM}x?B
zFxBzFvF*?R?jQw2whHm`JY&Ir1di_@p@Hc*1L5}7095C|@US?vS+UcqH;-CKWhFd-
z3XiEGk8^Q7SP@@^V0tf)Yn!d3zMifZlrtA8%9(3A<O+~^syL&eZ(BhzNxR_PWG-$|
zcMKv86`7pnN@dY(5G%Hd1EC!{9JMP@yND|NN$}#&NqZq;sqpP~a;z|eC1UEbeL6yf
zN}*IJr7%3xx&$MN*;1ukD1BR~q*0>496EFmvCu{rXuFKw{ss1b8|uHpuYt?{y!x-Q
zUENu#|H@^UR`uUY)PK6D|MVKspP~L+U-9XiL{Aia$nPNq-=nI#K6^^t)@REV*}C%U
z>9y8UVby1%WLjGveP%KAsmiC%5;e_d6fmDttt^)&Pp(6rRCGM7!gz8yk*XaYUMTPY
zNz@4#Avnf&Gq{0B<z)g~p6ib(6OhRB6$A-tPu=?U3!nk}JzvQ^`@IhPJ<)NyM|~tG
zQ4qel<HXv{9kHZ}5fAtF#87H$$9cZBClTVEolnkp_9RAfV+Sl2ISxu3*C8-ez5VOv
zf8kRF+ynol{l8Mh>!tm_vZeO_7lFqllFw1i?)EnRE$>!$#b0qRU`L++f$>Y*;3p7h
z+q*Ame?ndjBik8$0`I>0zbQPv&d@aNm4g2lc)r5m$??CvvsIeMf3*zbm7P*W#s7=I
z#@9T-LnS)Zv<;|Tv2<D=`x~OTg4+C$_ca`!KeyC6%DR_)2R-Buiv|+=G;ISOcuL;s
z_UfJ9pjq#=_Khsm|CIdeA3;vjnyqecUoYxpgCH(}W)f;~Xf*=jnc-ABs~_}w2S=@a
zy<B=zDk0v?{2*|BtlOZa$d2gPjGVAWwx(pCa71kSG_Cb><M6cE8l2R7KXv!@e4c)=
zoCw;R;*5p5c6j{m?ZF|?E`~F2z4W?P@4VxWL$L`BV?Gc47cu11#7J?`wQj5P{-Dun
z*HP-m`&K?#;Og4RSrZsWfzKn9n`AJ%9PnaJM>_`8^sOl_ADUXG0o7is(;mD(J#4o+
z^&e5*U!ak(Ei;7f4m&&)mik!ALi0BBTn40I0vmIi5q(ag*=qlHABtM&!Di5LV*4|q
z%%&q_fdc}=Qh(vjf!$7$zU|ndO`#QDpm$m)hxG=C^f-yQU61NNgEL%DZCLHKX@_7~
zuvz2y=&0TX9T^gb7_k!&1C+;oeyy#Dfwm$B`W3J_>b~38yL@WI9jZ2;iUY<T6I1vT
z_?+qZ)EwQ!y`FZ`Ic~JNT~LXU^(H>`NZuJ+>w_$ZbdSY}01}4o9ec}|d`uRm&d*^r
zF?EukgrrO^E;K-A+E+=o*(4e%=W^Ot)S9|P-y%lB)rjZ277YR#>@ObJBlRT-mKL}P
zJ<n{2rx@b}fm%W`9k_k4L$alfZB3(BkT-Ngnn;KEI_Ncyn-J6g2E)DQ@(L}r04?cK
z`aE88n210<`aLct4jS&k!tmnhs#5uOXIqbD5DGE`<3EUbeM$0fGqnuKd_<dt#Hie6
zP!Q-_XC#0|k%DSMe&jHu(0cMlA9NCgXktnBBmUXg_-B^nZl!B+>A<x>IM5o-ZxRD$
zbj)n+gI05{5G$b&jKict5}`duPbzRRpL|MdwVQV{YUi{);0Y5vM>k>=9b88@7D-so
zaZf#whcVhotMeAd>-*x!Vz7wcePh9Wue?|OLm+@#4R{)XBsJPM#A0C<{Az$ndEbZy
z+0)Z8L4Du#0|H?W$$^JWA|hgk;sH@w1cWeXCGGKf(n4AU(pVh*z`nMi5<72&J8x2m
zAPPL&vfU^kd_5vJ#ZoL*O!D-%gdF&52e&)gc$2i<Wsekebd5Rz1?&wnf&D^o;O9&8
zED4in#qJ<w`v6=i&wwe>iz}>O^cMC9w?=F|SRl$=3>&j9XEQZ(uf1n{Jv8@%VxJZJ
z@NWW+zk<2mX9o{Y;k7<9mPzPZN;z*Os-zjLB^v15JVN)vk(SIKD^hG$LZ9<B%;RjO
z@-Wm^sO>(*NTPcGlm&A4;9M8$78pYG!{he5<I~>BDU>pI)N<zuaKxr4SmfEUCcOJ3
z?cGKklRTl|0%9hdgym3^MV=P105pS}p1hRFIlhCGBrgU3`AxScFXJ2$-^$>Tw@KMk
zLyHy4VX5KyT`aB~fJMlw<i4;pgyvcrl3u+udWU<gt@t+Hz~cL}So%0G$=ig=<B@rm
zlmmBo$-*RY#|dgY*_5;w?*E>8l=~d#Kij)o)p`H7vt5DyuUdg=)&IQ!e7B($x;M=A
z0vpqzsAol<P1i-_TK-yxQ*jfB*Rt>pUDtvC<l(#NIArA8S5*86=9zv#d1WNCRRMBG
zqjPZ5J2-A5+dBUdvbOSPMVxO!ZBmPyN^RqNO_PNPFX{KmI~wK@2gdn+Ubpa9!4sd3
zsZW_j0Y&dZ@@1iO({Q2XV-eMX#{0&ACrX&U+hsw9lnoRvOtw_eddM{x&(KvF%WYNN
z!ulDjY_U=G3q}I#fsK{%xt*2RDjhHd7O>KgbK_za0y-dc=7l%$Y}T<aDQPr2$49wM
z;?pql8LXo~3!vIspEPTI5UklbfF%ri$AiXCt;T;q?^!h6Nw<kq2wa@_?v;)GyZ#pJ
z)x8NqI>S=r3|xZdkB7ffD<l!$r}_T=2kBA=$MUTY9{3tO4_*p#`K}x0Nd8wBmxPPr
zTOj&@+>E*4*&qkSUUpfq9OAcrZZ%GOyo7_ttXdyvPkeLM#Gf8z2=sZ+-G_d%zqX+(
z&=2TrsTLn8!dP5Uz@0(aRjt=LI_al=0(0C6;PHkOkd}@QvhzwFuTu>83Sgh&q!TNN
zd)xGSbzVDVdo%!JK#NPn|8x2HZSTgT<dB-<9Qnx0*bbe!S2TYBCR%zxyA=eXm~z7v
zbQ1zCkruQ!pqcj<B{>oi)ioh!z8!)ih%#I+<HF-G&c)??O{gR0ky{YJ0#i6AinxKr
zKF>=rCro2n=--G1enYI;h!ib?nuG@+gdhcoIiuC-9Cr@dZ;wI6#(<AWv1zKMz}5sO
zh2ZWd1;5*eWEXsLI;XP`pRBT(9@{`)X|?&;&~omOsoLi@CFovQtrGm{RkYDU@*2>%
zQ=ftcL=@(`yxG0uJ`FRVUCIJTQ9R6LT3wMs*9Y{W&9EObQf%*tQaGe+5>5e;`(LUL
z;|U{n-aAk3XYZ~{rjI_;!9>thJJ98m<@CCVp}dkL2H&&vM1;iI>+y{dA-4p3$#~r<
zLhIX4cubpjP2z;7INuS{O;oBmft3DvzJOaHc2V*`U}0o&zii-Cx3^?mDN#0cn>6ZO
zWMQ&<Tei7&643;^b0D@zd76WZz%846woW*ePew+r5O`p~tX|V|=jDq6o=Rn5eM#GY
zG6NmD6CUu%O(m5!<HSR5zrbb@d*%AWFyoOOGC#LkE)VA?N@$Wcz0UXS8SR2H30TJT
zLy{~j^DT(6IhkCc=Z2=!rIyP^fo6Q!<F4zJsZP?SO1Jf}^o44`sb9Q@RG>hC0tE^b
z{Jr3s4!`WnpRb<s{%2{sQdRGNz69L!`t@_$f7SVarL?^p+rPZE1>@zN@{W4{>!sfR
z!q<rKeHhBFh<6iCUAFaF+aURW=J7KQ@P-<R!g2l$j=%)Y9oiN&tF%VmwNIhB!oJ5L
zC(+Qct$2=HRU~qJw!i+{AjCTD972;=o4*()u?thz3*Cb2PY?-vI7FI%Rq;mhI1=tF
zj;yd3=Vy8eUzVQ(aCCl}g|sJ;U9ih<7_n!b3(eo)wYD@X!=oU>BSy@=<}Ixl9pE=~
zn_^_*o8B}zfS;<kfJgo0sC;8f5QVWEGEPuC&n)+pnG5JxKZ>X4-!u-gnfD8foFtx!
zm>uGmh!%A2VJ056Tt|H7UoIC-9KBu1GS#K7<NB7rjUY~e9?ZA0hHu>eu4C50BU+rl
z!zj4RWNWK9luTZ0OUf_c4_IuJ&1N9x@suI6NzMfU$yTtw@%RU$j?Jj)$1M0%Kqs^K
zQ{C5E`fKZDgKe%vNUJx2bCKi|;z<KADVIue_;&NT1f8q<KIXfX6!(i9c&RFw6ev)j
zK!E}U3KS?%pg@5F1qu`>P@q780tE^bC{Un4fdT~z6ev)jK!E}U3KS?%pg@5F1qu`>
PctQ9d9f+;70C)fZpE+)i
literal 0
HcmV?d00001
diff --git a/web/plugins/metrics/spring4shell.py b/web/plugins/metrics/spring4shell.py
new file mode 100644
index 0000000..fb8fd6e
--- /dev/null
+++ b/web/plugins/metrics/spring4shell.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2022-04-08
+#
+# Metrics file for the spring4shell plugin
+#
+from cmk.gui.i18n import _
+
+from cmk.gui.plugins.metrics import (
+ metric_info,
+ graph_info,
+ perfometer_info,
+ check_metrics,
+)
+
+metric_info['files_vulnerable'] = {
+ 'title': _('Vulnerable'),
+ 'unit': 'count',
+ 'color': '11/a',
+}
+metric_info['files_not_permitted'] = {
+ 'title': _('Files denied'),
+ 'unit': 'count',
+ 'color': '21/a',
+}
+metric_info['run_time'] = {
+ 'title': _('Run time'),
+ 'unit': 's',
+ 'color': '33/b',
+}
+
+perfometer_info.append(('stacked', [
+ {
+ 'type': 'linear',
+ 'segments': [
+ 'files_vulnerable',
+ 'files_not_permitted',
+ ],
+ 'total': 100,
+ },
+ {
+ 'type': 'linear',
+ 'segments': [
+ 'run_time',
+ ],
+ 'total': 7200,
+ },
+]))
--
GitLab