From 7422a5d3e14dd4bfb633daf3eb566beea98494e1 Mon Sep 17 00:00:00 2001
From: "th.l" <thl-cmk@outlook.com>
Date: Sun, 10 Apr 2022 09:48:06 +0200
Subject: [PATCH] update project
---
.../local/86400/local_spring-vuln-scanner.sh | 28 +++++------
.../lib/local/local_spring-vuln-scanner.ps1 | 44 ++++++++++--------
packages/spring4shell | 2 +-
spring4shell.mkp | Bin 3801 -> 3962 bytes
web/plugins/metrics/spring4shell.py | 5 ++
5 files changed, 46 insertions(+), 33 deletions(-)
diff --git a/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh b/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh
index 7f46fce..960fa6e 100755
--- a/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh
+++ b/agents/custom/linux_all_spring4shell/lib/local/86400/local_spring-vuln-scanner.sh
@@ -11,14 +11,15 @@ START_DATE=$(date +%s)
DEST="/" # scan under this path
WAITTIME="10800" # max scan runtime (default: 3h = 10800sec)
-EXCLUDE_PATHS="--exclude /mnt"
-LOGFILE="/tmp/local-spring-vuln-scanner"
-ARGS="--quiet --log $LOGFILE $EXCLUDE_PATHS"
+EXCLUDE_PATHS="--exclude /mnt --exclude /lost+found --exclude /media --exclude /run/user/"
+LOGFILE="/tmp/local-spring-vuln-scanner.log"
+ARGS="--verbose --quiet --log $LOGFILE $EXCLUDE_PATHS"
SERVICENAME="CVE-Spring4Shell"
PWD="/usr/lib/check_mk_agent"
# search pattern
PATTERN_VULNERABLE="^indicator for vulnerable component found in "
+PATTERN_INSPECTED="^Inspecting "
PATTERN_DENY=": permission denied$"
PATTERN_CVES="^Checking for vulnerabilities: "
PATTERN_REPLACE="indicator for vulnerable component found in "
@@ -27,8 +28,6 @@ WAITMAX=$(which waitmax)
COMMAND="$WAITMAX $WAITTIME $PWD/bin/local-spring-vuln-scanner $ARGS $DEST"
-MSG="Scanned path: $DEST"
-
# Check if a scan is already running
PROCESSES=$(pgrep -lfc local-spring-vuln-scanner)
@@ -49,16 +48,17 @@ CVES=$(echo "$CVES" | awk -F':' '{print $2}')
# trim spaces at the beginning of string
CVES=${CVES##*( )}
-MSG="Checked for: $CVES, $MSG"
+LONGOUTPUT="Checked for: $CVES\nScanned path: $DEST"
DENIED=$(grep -c "$PATTERN_DENY" $LOGFILE)
VULNERABLE=$(grep -cE "$PATTERN_VULNERABLE" $LOGFILE)
+INSPECTED=$(grep -cE "$PATTERN_INSPECTED" $LOGFILE)
END_DATE=$(date +%s)
RUN_TIME=$(("$END_DATE" - "$START_DATE"))
# Perfdata
-PERFDATA="files_vulnerable=$VULNERABLE;1;1|files_not_permitted=$DENIED;1|run_time=$RUN_TIME;"
+PERFDATA="files_inspected=$INSPECTED|files_vulnerable=$VULNERABLE;1;1|files_not_permitted=$DENIED;1|run_time=$RUN_TIME;"
# Output if errors while scanning
if [[ $EXITCODE -gt 0 ]]
@@ -70,25 +70,25 @@ fi
# Output if suspicious files found
if [[ $VULNERABLE -eq 0 ]]
then
- MSG="$MSG, No vulnerabilities found"
+ MSG="No vulnerabilities found"
else
# get files with indicator
FILES_VULNERABLE=$(sed -n -e "/$PATTERN_VULNERABLE/p" $LOGFILE | sed "s/$PATTERN_REPLACE//g" | sed ':a;N;$!ba;s/\n/\\n/g')
FILES_VULNERABLE="\nIndicator for vulnerable component found in:\n$FILES_VULNERABLE"
- MSG="$MSG, Found indicators for vulnerable components"
+ MSG="Found indicators for vulnerable components"
+ LONGOUTPUT="$LONGOUTPUT\n$FILES_VULNERABLE"
fi
if [[ DENIED -gt 0 ]]
then
# get denied files
FILES_DENIED=$(sed -n -e "/$PATTERN_DENY/p" $LOGFILE | sed ':a;N;$!ba;s/\n/\\n/g')
- FILES_DENIED="\Unscanned files:\n$FILES_DENIED"
+ FILES_DENIED="\nUnscanned files:\n$FILES_DENIED"
+ LONGOUTPUT="$LONGOUTPUT\n$FILES_DENIED"
fi
-LONGOUTPUT="$FILES_VULNERABLE\n$FILES_DENIED"
-
# Default output
-echo "P $SERVICENAME $PERFDATA $MSG $LONGOUTPUT"
+echo "P $SERVICENAME $PERFDATA $MSG\n$LONGOUTPUT\n"
# cleanup
unset ARGS
@@ -100,11 +100,13 @@ unset END_DATE
unset EXITCODE
unset FILES_DENIED
unset FILES_VULNERABLE
+unset INSPECTED
unset LOGFILE
unset LONGOUTPUT
unset MSG
unset PATTERN_CVES
unset PATTERN_DENY
+unset PATTERN_INSPECTED
unset PATTERN_REPLACE
unset PATTERN_VULNERABLE
unset PERFDATA
diff --git a/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1 b/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1
index 07957b5..f9a1e3c 100755
--- a/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1
+++ b/agents/custom/win_spring4shell/lib/local/local_spring-vuln-scanner.ps1
@@ -13,6 +13,7 @@ $SVC_NAME = "CVE-Spring4Shell"
# pattern to search in output
$PATTERN_VULNERABLE="^indicator for vulnerable component found in "
+$PATTERN_INSPECTING="^Inspecting "
$PATTERN_DENY=": Access is denied\.$"
$PATTERN_CVES="^Checking for vulnerabilities: "
$PATTERN_REPLACE="indicator for vulnerable component found in "
@@ -20,12 +21,12 @@ $PATTERN_REPLACE="indicator for vulnerable component found in "
# get list of drives to check without empty drives (like CDROM), returns i.e. "C:\ D:\"
$DRIVES_TO_CHECK = (Get-PSDrive -PSProvider "FileSystem" | Where-Object used -gt 0 | Select -ExpandProperty root) -join " "
-$MSG = "Scanned drive(s): $($DRIVES_TO_CHECK)"
+$LONGOUTPUT = "Scanned drive(s): $($DRIVES_TO_CHECK)"
$EXECUTABLE = "c:\ProgramData\checkmk\agent\bin\local-spring-vuln-scanner.exe"
-$EXCLUDE_PATHS = ""
+$EXCLUDE_PATHS = "--exclude ""C:\System Volume Information"""
$LOGFILE = "$env:TEMP\spring4shell.log"
-$ARGS = "--quiet --log $($LOGFILE) $($EXCLUDE_PATHS)"
+$ARGS = "--verbose --quiet --log $($LOGFILE) $($EXCLUDE_PATHS)"
$RUN = "$EXECUTABLE $ARGS $DRIVES_TO_CHECK"
@@ -50,43 +51,48 @@ catch {
return
}
- if (Test-Path -Path "$LOGFILE" -PathType Leaf) {
+if (Test-Path -Path "$LOGFILE" -PathType Leaf) {
+ # search for CVEs checked for:
+ $CVES = (Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_CVES | Select -ExpandProperty Line).split(":")[1].trim()
+ $LONGOUTPUT="$LONGOUTPUT\nChecked for: $CVES"
+
# search for vulnerabilites and remove log file name from output:
$FILES_VULNERABLE = Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_VULNERABLE | Select -ExpandProperty Line
$VULNERABLE = $FILES_VULNERABLE.Length
if ( $VULNERABLE -gt 0 ) {
$FILES_VULNERABLE=($FILES_VULNERABLE -join "\n") -replace $PATTERN_REPLACE, ""
$FILES_VULNERABLE = "\nIndicator for vulnerable component found in:\n$FILES_VULNERABLE"
- $MSG = "$MSG, Found indicators for vulnerable components"
+ $MSG = "Found indicators for vulnerable components"
+ $LONGOUTPUT="$LONGOUTPUT\n$FILES_VULNERABLE"
} else {
- $MSG = "$MSG, No vulnerabilities found"
+ # $MSG = "$MSG, No vulnerabilities found"
+ $MSG = "No vulnerabilities found"
}
- # get number/list of denied files
- $FILES_DENIED= (Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_DENY)
+ # search for denied files and remove log file name from output:
+ $FILES_DENIED= (Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_DENY) | Select -ExpandProperty Line
$DENIED = $FILES_DENIED.Length
if ( $DENIED -gt 0 ) {
$FILES_DENIED=($FILES_DENIED -join "\n")
$FILES_DENIED = "\nUnscanned files:\n$FILES_DENIED"
+ $LONGOUTPUT="$LONGOUTPUT\n$FILES_DENIED"
}
- # search for CVEs checked for:
- $CVES = (Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_CVES | Select -ExpandProperty Line).split(":")[1].trim()
- } else {
+ # get number of inspected .jar/.war files
+ $FILES_INSPECTED = Select-String -Path $LOGFILE -CaseSensitive -Pattern $PATTERN_INSPECTING | Select -ExpandProperty Line
+ $INSPECTED = $FILES_INSPECTED.length
+
+ # remove log file
+ Remove-Item -Path $LOGFILE
+
+} else {
Write-output "1 $($SVC_NAME) Logfile $($LOGFILE) not found"
return
- }
-
-if (Test-Path -Path $LOGFILE -PathType Leaf) {
- Remove-Item -Path $LOGFILE
}
-$MSG = "Checked for: $CVES, $MSG"
-$LONGOUTPUT="$FILES_VULNERABLE\n$FILES_DENIED"
-
$END_TIME = Get-Date
$RUN_TIME = (New-TimeSpan -Start $START_TIME -End $END_TIME).TotalSeconds
-$PERFDATA="files_vulnerable=$VULNERABLE;1;1|files_not_permitted=$DENIED;1|run_time=$RUN_TIME;"
+$PERFDATA="files_inspected=$INSPECTED|files_vulnerable=$VULNERABLE;1;1|files_not_permitted=$DENIED;1|run_time=$RUN_TIME;"
write-output "P $($SVC_NAME) $PERFDATA $MSG\n$LONGOUTPUT\n"
exit 0
diff --git a/packages/spring4shell b/packages/spring4shell
index 545c15c..7d5b81c 100644
--- a/packages/spring4shell
+++ b/packages/spring4shell
@@ -33,7 +33,7 @@
'name': 'spring4shell',
'num_files': 4,
'title': 'Spring4Shell check plugin',
- 'version': '0.95',
+ 'version': '0.96a',
'version.min_required': '2.0.0',
'version.packaged': '2021.09.20',
'version.usable_until': None}
\ No newline at end of file
diff --git a/spring4shell.mkp b/spring4shell.mkp
index a80a227aa17df6b03ece55e95883169f48d87cf3..1125bbaa8a980dee0117f737b9f127cab1b2f775 100644
GIT binary patch
literal 3962
zcmbW3RYMaDpg;j*;OKoIjdVCthm?SHN(s{4wb6_kAkFAe(k0!EFp!Xv9!M(P0~G1l
zz4tHNm-7eCc{t2*goLeeI#vWYPnd_JoBeA~2U`~xK0$sl5lenoXBZxq-q~|mk>7kQ
z>n@6KysBj0|0elEZGg8e$6O9y0K3?6{I(Of6Nk{3bTG5e3I=x{vdW<_lfox`U~&?j
zHL$@?-D`yp#*5*kU#@$wD#vqyy8Z3J+wY+_hPImPy>V_CuNj@cxVWfNZP8f`Jd6Ec
z){XZ#ukP!MQBN0PbVm<S;KY8Ybjzwq?iQWy&wqis_FEXQd+GU+VUY<h+=}(Z9O@tg
zl^gGZ3zQ#uBfqvZf$A(doE=fOCyw-dmL)flZ=_)D6Z-n7x6S1?3?z7D=w`~&L2*v}
z(<^Y+ZukK+#|RkSuVt*K_`~qiCUwKsqM^th4}NfA7>2eG_QBF#4>t3={C#B$8XYE+
zd$=sCa5VhJ%sHDZ=O~XbX%Ajs!(1}fnel6?Bj||LUbtuJzBFzvG#=EmH5Ofncrsuk
z<t^Y{g(lzbwfR<dqx`1EIR){x+pxk9!wr^y3t1dS|MgMks^_*uCG3^I@5FFLx~cO_
zbD@x~8KU}vLRm^)T717B8_Ez<(>yoJg{4=Wl-r*y1G!?uvz{{W<e))U1EoCx%-OyJ
z#mQa2x0%RWGQxD{2#yu+lh3pR^@|HR<aW0MO&#)8&>Eq+Z|UHGMp&zU#awLKxRq^o
zPN$4%zBU1;B-1|Htoa{Hi)3wJaGuHe-*)|iR{n0K%BlKqC+#(3e;5~t>(9yxs1m`R
z$l<b+o%Xaf?g$gE8^UTLa2!?8tJW4OhltnFK@IO~*W}-6seZwDM873%tAEB=DDIYN
zLyUIGLQGBb0#`$Xv^3a<wJ!HKyx&GY8EE6e3{4Gk82cS*`vnjRu(%*W;GN_Nv{iad
z;?q!P%ks@n*0V)SlJ5v39kw@znsV?jDQM6U;ZHklNx~PQ{srQ|$f)hYk<r|pUk{d`
z3UD}8IV_*oQ~G&60C-omrE#+DZrf;!$(Z%-aypiLC+4dVWr8pKKFuEEtI_{*$T1`5
zaOIlhAR)A@kae@kqyn5tB0K1|5dyuTR>D5R@E55DP<CC3!_A@%c!GLrh5%}>7TCV?
z&z7<cl&A5QsuJ{1#{)$bgp4cn)Y4AWTG&<B_T}P833jp_9=T>uXA2;3*-5xGDSwe$
zk85*RU`n^m1E4-@8zGQ_t6;_H9?Azr-a+Bt%W6T8^i!4|JxVmd);H)Pv#VxuhIX;>
z-{GGQecpzHSINSB<B55h#H(r7{|v!pa9M&glnY1hXGw7~_=lMWqsTvdUaZLy)p^`7
zK+HDL9*gLA=qo=w&22}5KuKNZ6wVjPyK0117^Z;ps$H2!#{uZnfa3tF<A9<K@5GyE
z&7v1~9z!vu84^}1RBTK=%huL0Rg4r@b4*HvP#-DU)gyQ0)gY+>xE}nUn7X`$!`V)c
z$OAB&cb)Mn;uyEY8T@_~*D@Y|^nf7pQ+@%Db^7Jvy8iose)#;#{14b7KrIKcJ)S*E
zy+CxeI3IU`BZNbU)t$Wnzk<#Xx_*9nh1{c6#19|Wt|>n$-Qs*|IB#+E%djUOzTw)|
z^@s0p92Qt-rZpB&F7GJaR&Ay@-{n0d+2oyDaPJ{q!sO3VRi&)U6y}1+J4Z7atK2Wu
z-@=9la^0YHv-C$N=byhCG5tlTqHm)<YN77!+S;np^%@n)Gh~E_Iz&-)OzvKY%ADgC
z|L%E9&yO|wzw~*d-^@xAnLM8r;pX|vCO-dYtS&X4XOV+}B2G%d@nK0+bP-CLaOvOU
z<vVAU94uUoH=6wydCh*|u$YHi&CF<YXBQVfzruro0ZbU@N)On-2h&5mE#BK#_SX|?
zT9p-}X1j0g$sBj5F1VAztJ8`e3u?SpiE|)=>y<7a1v)@JW8bbIHszXVG}H99ue_KS
z0C{6Uxy;8FK0<4bg|XD@+N+Q+<;vWNSp**f#@`2=u5T5r9v$5yXK+tBk{$P?Ffj%%
zi}o;sIW(iaS=O&!D1@7-D`KMMt5)B-iTG=fueDL1F*scr(2Y}EWMdI0vNy!rzldXv
ztD6;3SzaaM?iNY~X}{YUHxAnIzS!PyMpOnQ{BmSsK7z>XM8*8j*n^#Xtp8e7L3GeQ
zqrvP#_@mg}%dh=s<XZ>ID2Kvs3X<lrRp<R_N|MAh2Zz3c75s6b>4=~(lEZYh^J#Ab
z3ErXHV#TKAh#+UU{f17|e>DvaD~>?rOJy&bB*7+l4P6S^NFQdAHkv_)YcNK$a_i0n
z-|I^tm3?+%ak5ikL7+l>g$9PCXplHTwANK?viR3=;5X7mHI<~LHF1<y6N`_+cTa-z
zOdDR<t<8;%9Bp>2tN;sX#b-$X)m_V+GXqu*dBv480pPEj(g96v_!KLe>Gt+MJ<vXB
zV4H4l2LN-CQ9VZ3TPz<0^^RK^gv7Dm%st^jkIi|qU(!zg;4;E;Muo{RO0qFwa{v3V
zc}D#`NtS1f9#8<99AZnik>1R2X@Q=Vz=~yL9DAh2_ZjnLB)4Q|C`JiK<z7$kSqVm3
zHZU17UKs+r1V5xw=z=;eOf-br5~ntuawmsAj=v3BFLDq^D>}AbLWgc9R04YC#1;xF
zBe;2K3M<F!04=?)4+gC<s7<?FM&t=L)^4=-zv;*XpO)y$d@Cm=BA=FPJD*Aky%@Y!
zi8cI@-NT4u3u>fq$eWQ`>e2RMPR7K}TCD$L0>W_G<7}ZeU`={}sqL|MpOceH8*d8d
z3@bT#zbL`cp(k%)6sA3DAmWr@Qix=hRI=}qt;mFXFmR|u8Id>=YCg^2^ZTUIRl@Z&
zEUZ#%tT?1ikrT#4wA95&tzeWnP>dy|RNM*`qo%EAbApG`rsZ~Mhx~ledN595D;Xsz
zo7U9PiJtv6jb=KKFzc8c4Z3=R-(%Ekf^C{V_$kvp+5DPFFWCvsmCO!-@`#aT46J_0
zmIm8|0Jz^PWg3mj$VSA)Y45#Va^6}1rXkVYGToOvT9i+=a|JcOgC=}xUxYS}zL!(C
z{Bp|*NX5bw79QMZE?TCtVxE2m$hudqY!b&EfMKW*cmYk9`L+^VAzYK3Vq1wt;olT?
zB+)XEh`H2vWax^NQtoUswO>0ac~WP6TDKiv4DU82f1^#$iBMAjg0f5XNWtv!@yHEE
zCa!zaOXWv;_2Y3dTbF?n<dY3ZS2j32OBX;~<)`I(BXq<9ra0-=G#tZy4;CBmb>CyS
z{Nn~8Kp<VsQ+f<(Vw@ZZki#%<+^Fs}Y^eqt$LU&v@TA9N2ishM52@zpy>tb|TDZz!
zMnS@{KgzyQxH;p+sEByYrrBY6yvyZP#?*O)`OD2aDVvb<`ig?;`*LpK)lKhtez@j6
z>qf7rX8Z;5o&MEAsr7-5otBLDSD1>>?@qS`t-nnnl`@-h*1b@wOtdL|zbWgO*-9oj
zypRbMFqKzG{eHK%=Hk{1Qe8T>{`Qd?D>!GM^tXVcP&F0M3R^+dpez9v<*QcNGE~}4
z%wjH&nabKUk7|OCbrqB}{1y`jSA#NcLdPtaIgALfKW}Y%egVE+NboK675Kh(xSMgg
z114}LmIbV=D)By+V)%Md8pFqQ&dA_+xpcNqJlmsNPiG`a7yNiNIb>H-^5adaS4D*N
z;0_ny2gUp+mQN<NuD4Hg?i@DLVY&@AVa7;xX!{+!4v*GHiq9NB1A=fBdG9X?jkHzl
zCIfTUN-YlwRFpRTgKL&bzcxg`%c6p1o79_ONgG{3B}HEb(nkQx&+JgmGz<$!9I>pP
z9*63#MXutaZTC+}$zv|G{`NilG<<C!qZ##A8xolhlKo>U$JCoO;KSVdDn(oe{w(`M
zn{0wYRg?80k$pR{+c_%bQDq`<>s8$waW6ab87pAhXOn^z!my;-r3Zpep-`QYCs>F_
z>DRL*qL^sm=%oMs-EWcd-6i_&o0du3;ocuj%h|THGeNzmj|-64_DDV2M1K}8;*{7E
zvpAAqIpktAiX`lF_>;9Da*KhS`6I6c@tTXTY+4N>Yt}k0pUdy-BL`Gi+Jnm0+JN8h
zax~v<d+lrphzmm`3B1<}6|k~!gdZ!zF#qEhr&5nQn@@+WGA@PP7UkqF9WsQ;`lx*2
zv=N|pZXL$VnMi8Yyhqdgb@Ow5hUZ=38flW$LQ69#TR#1dk3?F^{Mgfcv&Y6!1w$6J
z@~3UjiZt0tKS3o-X+oameF>$hkT?(d0dj%H=!h4%Y-r*qfBjGd=<T=POKj6W-hrN|
zJ=NtN>^(3!Fc3FE?~mCr_AOYY&}inB@^W=a%6pK#96u3Gia@#%ib$2j&a>8D`R0O8
z(g!%YfQLKjMBiWDN6{5jujU^FXU6<@+$OPDzo6lvxoliiliUd5flB?MX=_*>?hDg*
z(5QyZc-p{;Gynd`p4FyLMoAsGbv&LHbLv%ormgZ|6P3>uefd&q0>Y;}LV2)ztCE%A
zv0GX-pm9HOxYL^lQ$yO5$4ChKjGc12iN_`Sm;328@9Q<#PdGfkP?ZVlJWTbwFn0+9
z$=f_D&BGq*XV8hz!(%T7{d+zVkuY*Wyv(1!Jp5#n^zJD_%w&4q{C0Cv>HeXqu_d`1
zcgqT!oUF^gy?cI+SYPXZIN4G3e)PR+Sup<`VZL{1eznPbm;B5&W1!=rOk~-wraF0}
zO(8J;QFY;a0)$Cm9GhUMC*TWy1#eC2B^ETiB<S2Y>@L`>&X&WL0f}L_@X6?*4>#b-
zeKZU_oF?mM_i=QRK$|wM60ur(L@Q4lQ$aZr<t))fczwJvzNS{KU~|CQUYCgMQfe<a
zYpxBMsYM{GFXmTMVpke~DhUXWzW&)2LSFnRFv`soscy2G^&N1kM@4^HPS2dy(?lt6
zSsjA3#!Prr*g$+qvrg?BMEy(MlO|h=DCN8U86**V;J*qAq@4~yEl)-iN4my*ynj<^
z%cumUZp`KC8@me5w5}d)^yeCrcj`tSN|>F+68PDoTQ~yyOM+;dNH30I57cbXP^mYg
zawA(UDdK08!O%X%>p)Uj5}!<u!!334B$p?L&QU#OPVXqnzOn$Nwx>tHfpS+ZDS;yr
zK^BKVij;%+^_-#WD+4k7RHstbDCm5?+LZF@r4T|_4JIuR^1r1RJ*E9WTmMhs@=uwy
Mp1NP-`QhRH57e#7TmS$7
literal 3801
zcmV;~4kqy*iwFoVg-~Jw|8sD1X>MmUb7*C3Y%MS@IW;bAYj6PV8*6joMsmMKRr?<%
zvM#`#c^d2uj&mWvZd~VA0bb|IIFt|rC>A3{4||=B|NC{%j6lM$eyrC?uBNMYEzPvL
zd-^rqgJiR@`|1lr31GWg<$nQ||8CWGYOl)GN~KyZRjRe^SEX{Pyj6WgO0Ql3q98PV
z5al@*nOxl81U_cWD4e=}rcN@=sc#3NZ8CCZ`{D1KWaL`sW_S@W_j*drE6UDCZg?@G
z<QpPzU2jT#(hcckW-<oD8I3F;6HcAHHM>L_ZWKDMd&vn{?kuyZk<5q&mT!BZ?J{J4
z=9``e<V@d<*oXw4Z?j4MDsospuz)=E`z%FYFd6&qjQnIfmoE8{vI%A6yCMJk!_;=1
z=y#i$$e}Qz->-ar<=`|7y`Ww!PV8_R4GSP~ky9%=u4Ov;hsw5cunP|mn}yWBGM)NL
zlmnYZAL=91c5X=a&33g^3aFJ^iF#(Uk$WBNl1}7M!YCclQJr*YNG#KuQesXh8M{95
zoM>XRfS90Kz6i2{7(8HI26e(&K72(zx8<&!$P;E;U{bKY7lp*9zeO|%>1Y-2?BjJ_
zw1WT$7Av_m+|A&IS;TVL*q#vPh9q#gL=RtDb83PwIqqcTY^7AG<V)3jX`7t+K;4{C
z0xmornW33?%pr9Gu6%A!u6k*%2T<FT(IZu8xe#~U*X8&wEC$$xQ_xC4)&<5qra#TG
zmf|Rd+$81*ya_yu<wHBMv<J|NX%P2vlU##EK~PGj)bWTrj+gKdIzn~aG07NW*|C48
zqlY}`M~s1L=7J2(fL>8QfLuUAcS1u<U0kx2W}m0G$M6!uCOE;vJkz<?%yG@pAo3kd
zb$oDaJ2ZehNWqY;LcBcBSg;>~<2y)bU^>n~xP3JM)j2RcEDmi}?6e!L!!}Y`2@jyc
zW2(sGTwD)U#8)Ah-pk|KX6vZ0r|Sjf%teZF=9&(<0%V>l&S>b{R!~gRE_gSYi(Awk
zgGfU~CTF=)Su`8Oiml>6Xon6*?F!T`qDp@fy!dm{UWiyKd|OM76=twROkK85M~F}<
zlnSL3hG$xrU_>!ns+0?*Zwr+)N)(twhYlhZ+UNpDE~B@9f&Jfx`mgY7;Icoj{;Slg
z+e`Id87e?k|Gh~4r;GYeuM_<l>c90BpT0@-M8Svr9#Zf<s=Dj5r_^nIwp@{|E5Dvz
zYb_O4eI`n#we`_w7DJz^eEKX=(|kq&^EuVZa%uA9I^;=3$HOX&Czlhc+Tr1a0uPWx
zoq!R7V|+J*8;De1Ccx#n{+KcWi9BCHkf8R|tzW+Y8nEB<mE5!6>#*Mw9k+YbM{*Jc
z;hQ^7tliuZOR5<0aBoixrM7mQ=UaOcA>P^f<a}pOVk9?qz+#c(pu}+<0z=i?zi$2)
zK2^Xy@K4(RD^<K++W#wCYX5%`cuXSs9M$a9YWTOjQ{54N#l3)SdHz@0*(ue)Pax20
zJ1=Q}LS79c+ZlZV@4orJDLlT;&@}Cpg8vtIzQW+i@n75CD$V1+T88n;cB!J`|3zTq
zYo6et5}j(=2Gp)tI<1fW4N+V{ZGOP}8jjDOTWTF;-AlfM9`c7p1Brc_wgC@3CGT{5
zjZSaSYV_KBMi%OSO8)haAg5`qcDJ{u7j?2h5SKtR3AH%18UgXlaH^d(_Ithk!}gwD
zF1;z05N~FF5V$_pZO~F=M|5mPPFN>fQ?f@mA~t=R*8aJ9aN24QP8z+Rx_f#)Pd`{r
z1no_6#zI{?IDYqb{{Uzg!<n~UdR=RD-totw*o1~LpNIa781iXiq`2r>x7~Ta-)tW>
zQ0nIUc0O6)>e|U!3m8U$&m)wZWH7rN@M2C!I|kJBttl=anp&m-)n2=EG<bh{aMbQJ
zenfeHfkwu*%n-Ue?C?-n>SHMj&D+d#8IXbrY|L#&^f`%E`{=)WP}D*XHiM26+n*6-
zHXRuY91s|m`U`gs>~@m$ZO0C63a#)0z0*E9Xf#2j$4SKPdf50GoZ)(E!)mWhI|Rdm
z&6>xDhm9l9ks)!25jz1fKzZEf*V>90Xe(l%UjduL?z=s`%cn-%q3ZLgIAH8CF@-;Y
z&zX)-&CyNV>uD#Q<7T_t1(g_CZ{kyr<ejm#KFD%N_gI_=AYtg<vA2xL$7EsZ{2W#j
zQz!XJNXq2mLIZTBeU)UJO`?%<E~kA(t*J}&En*~Gjd;Fm(IB9~-r|8>(pZvUX@Q&2
z^UQ{LiZNags3#=Tf!hZ=BwO0p)--wrc|$j(iFAms{a*991u^|^Fx-1Cuh3E((2_2t
z&*LSBi3rrA-{WH9py3`Y3@@IpDwS`yYkDk$P>>-Q|3S>_OOk(^sb@&$Bibw^M&&kx
zf<WIoBLOsu6jT%PBZnb{){{5-ppzg(6HBrm@z2J_KeHrvD_x6A2d)Lef!1(-lNd0g
zV`e+rZ@1<Ou@VZwI7})e5!!R~qyiW7$)~jTQR{9-?VKJBc)|qF(Tx~I2iMV!MH1F?
z+*42FVT^Xt?!1NZ#-2E`7%bv<&scEZE$^295D4H_1D-}8Nsaalu~?V|zZzgt-ZNrB
zcJ*{jP~Ug`fI!$oa^PW;h=|ysctDgE0U-=pNqc;rw2>BpG!{ocu&*zu#Lipc&YKh>
zhyu^HY&QxBUysO5u@s9HlRW(`AqW22!R?MV-XurvvPTL!x<;LV0`>-(z<wb(@bjg4
zmV`;PVt0_TeE_bMXTX%`#TC{sdJFr5TO+m}ED&WbhK*U5vzfZNd$enOJv4WNVxJZJ
z@NWW+zk<2mXZsIN;q^W<mPzPZN;z*Os-zjLB^v15JVN)vk(SIKD^hG$LZ9<B%;RjO
z@-Wm^sO>(*NTPcGlm&A4;9M8$78pYGgX5!j$EUrMQz&KbsO8QR;D{|zu*kDxO?dZ7
z+PjT7CV4`^1;k7^3Cp1-i##o20cZv{J$WgUb9@IWNnQ&6^P6r@UdA~hzLmivZ<Dg8
zh88Q7!&1ZZyI5Q~0E>`U$$epI2+g%LB)xiR^bYq}Tk&nYfyMV{vGj3XlD7$!$0PGB
zDF^QGl7&g)juX^)vMFgV-2XlGDEB$ee`-5h)p`H7U8_L<SFOOb>i=E<zT40W-5ch5
zfsN@<)UzVbrt2bdEq|@UskjNmYgzb)uIs>m^6=es95V9lD=K~j^GrXWyfTv6ssOp8
z+1Wqo?H?Z@+Xnv;vcB?XMVxOzZBmb$N^RqNO_PNPFX{KlI~wK@2gdn+-mvgj!4sd3
zsZW_j0Y&dZ@@1iO({!QbV-eMX#{1@gCrX&U+hsw9lnoRvOtw_eddM{x&(KvF%WYM|
z!ulDjY_U=G3q}I#fsK{%xt*2RDjhHd7O>KgbK_za0y-dc=7l%$Y}T<aDQUJk$A`I1
z;?pql8LXo~3!vJ1pS0?I5UkbNhb0Vp$Ajii?dE?#?^!h6Nw<Ym2wa@_?v;)GyZ#pJ
z)x8NqI>S=r3|xZdkB7ffD<l!$r}_T=2kBA=$MWqD9{3tO4_*p#`K}x0Nd8wBmxPPr
zTOj&@+>E*4*&qkSUUpfq9OAcsZZ}VRyo7_tta=}4PkeLM!k->x2=sZ+-G_d%zqX+(
z&=2TrsTLn8!dP5Uz@0(aRlV0fJn5%?0(0C6;PHkOkd}@QvhzwFuTu>83Sgh&q!TNN
zd)xGSbzVDVdo%!JK#NPn|8x2HZSTgT<bayv9Qnx0*bbe!S2Vv5CR%zxyA=eXm~z7v
zbQ1zCkruQ!pqcj<B{>oi)ioh!z8!)ih%#I+<HF-G&c)??U8p1Gky{YJ0#i6AinxKr
zKF>=rCro2n=--G1enYI;h!ib?nuG@+gdhcoIiua_9C!AQ-X4RBjR7B%V$)PhfvpKn
z3c=k^3Vyc_$u9WhbWUd>K3QcmJ+^_q(rWXwq2=5mQ?<`+O3=NqS|#|?t7xNz<aMBN
zr#=M@h$zf=d9!=ReVS%KyOafxqIj6gw7MdNt`Fz~n_)j>q}bjOrEoymB%A^w_rFvh
z#uG;Dymy}5%idj=OdoxwgNdN2cA(2A%jtC!LwO}h48CXSi3o|a*W()_LT(B6lJUAz
zgx0s8@R&C5n#2iDalRv@o2XQC0xA9Td;zyY?4sm>z{1Gle%ZjOZg0uBQlf0?Hfhwm
z$iigzwrq3lB%%p+=Rj<c@-zn*fm=5DY@Ki_pNx!LA@IO}S-r03&dV1CJeA7A`jWQ)
zWCl8LCp_Sjn@TEe#)*gAeu2#*_R95#Va6jnWPWb7TprF(l+Ywc^g7?OXS55-Bw!iS
z4@t7D%(o%N=45h(o*SA@ms&0x1)A|?kGrl@raDQRD&5w@(if@$r+)DsQh@>m3KS?%
z@b`jiI{dOPf4+Lk`=6y+rKaBhd<nSc_3P)h|Elx<N~yLJ+rPZE1>@!I^0s>a>!sfR
z!q<rKeHhBFh<6iCUAFaF+aURW=J7KQ@P;~x!g2l$j=%)Y9oQB$tF%tu9i2jRg?*1h
zPNJb>Tk#yZsz~JcY=8Z?L5OwQIe;dyK7TPxVi%^a7rF)4pCA(UaELVjs^X30aVXqZ
z99dy6&d>A`zAQfn;OP7`3u#XxyI_~!Fk;U<7n;ApYi(&(hDSk$M~s+#&0AVAI>2w}
zHpR%qH@#_c06$f60gw90QTfJ}APQqSWSpROo>}fGGZ)aYeiTp7ziAv~Gw&A|IY~Sd
zF+0RB5iRK4!%RGCxsLeEzg#YwIC{I1WvWYE$Mr3L8$p}`J(zE04d1x`UB|40N3=M9
zhf#2s$<|hJD4D$0mXu$>AF$Xco6SJX<0(UClbj0zlC5BU<M9th9h*_pk6G}kfKF!d
zr@F7T^w-wQ2HRYTkXCO3=OW1`#FGYKQZAL`@a^Vv2|8Ezeav?%Def0J@KRMUDNvw5
zfdT~z6ev)jK!E}U3KS?%pg@5F1qu`>P@q780tE^bC{Un4fdT~z6ev)jK!E}U3KS?%
P@PhC^S0%l;0C)fZm&jTD
diff --git a/web/plugins/metrics/spring4shell.py b/web/plugins/metrics/spring4shell.py
index fb8fd6e..bf52ddc 100644
--- a/web/plugins/metrics/spring4shell.py
+++ b/web/plugins/metrics/spring4shell.py
@@ -18,6 +18,11 @@ from cmk.gui.plugins.metrics import (
check_metrics,
)
+metric_info['files_inspected'] = {
+ 'title': _('Inspected files'),
+ 'unit': 'count',
+ 'color': '31/a',
+}
metric_info['files_vulnerable'] = {
'title': _('Vulnerable'),
'unit': 'count',
--
GitLab