Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 3:27 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 
Author Message
PostPosted: Wed Sep 19, 2012 4:00 am 
Offline
Contributor

Joined: Wed Apr 07, 2010 8:04 am
Posts: 105
Location: Boston, MA
Hi,
So, I'm picking up some work I started last year in regards to Mac auditing. Genloz started this script for OAv1 which I extended up a bit. Now I've signed up a student and we'll attempt to modify the output to XML format for OAv2. Again, we don't have coding experience with Obj-C so if there's anyone out there that could help out, please let me know here.

There might be some information that will be different than what OAv2 is build for, specially on these tags:
<sys>
<windows>
<bios>
<logs>
<services>
<software_keys>

Everything else, we should be able to get one way or another. We'll be posting here our progress, and eventually I'm thinking of uploading the code to sourceforge or launchpad.
Stay tuned. :wink:

_________________
Old OA Setup: 500 Windows 7 workstations & 200 Apple OSX with OA v1.5.2 on Windows Server 2003 and WAMP 2
New OA Setup: 100 Windows servers with OA 2.2 on Windows Server 2016 and WAMP 3


Top
 Profile  
Reply with quote  
PostPosted: Wed Sep 19, 2012 3:18 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Thanks El - always great to have people contribute.
I'm looking forward to your posts.
I don't have a MAC (not even a Hackintosh), but I'd love to be able to say "OAv2 audits OSX as well"...

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Sep 20, 2012 4:55 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1259
If the Obj-C is a barrier you could try to audit in shell scripts like with the OAv1 Linux audit. Although that amount of rewrite is probably greater than the learning curve to get over the Obj-C barrier especially if you don't know shell scripts as well. It would get rid of the write-compile-test needed with Obj-C.


Top
 Profile  
Reply with quote  
PostPosted: Thu Oct 04, 2012 1:13 am 
Offline
Contributor

Joined: Wed Apr 07, 2010 8:04 am
Posts: 105
Location: Boston, MA
we have a working copy of the script and is exporting in XML right now. We don't have all the data to match every field but we're still working on it.
Here's a preview of our initial data, I had to remove a huge list of software, otherwise I would have gone over the 100,000 char limit.

[code]<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<system>
<sys>
<system_timestamp>2012-10-03 09:31:30</system_timestamp>
<system_uuid>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</system_uuid>
<system_hostname>libsysimac</system_hostname>
<system_domain></system_domain>
<system_type></system_type>
<system_os_icon></system_os_icon>
<system_os_group>OS X</system_os_group>
<system_os_family>Mac OS</system_os_family>
<system_os_name>Lion</system_os_name>
<system_os_version>10.7.5</system_os_version>
<system_serial>QP0000XXXX0</system_serial>
<system_model>iMac8,1</system_model>
<system_manufacturer>Apple Inc.</system_manufacturer>
<system_uptime></system_uptime>
<system_form_factor></system_form_factor>
<system_pc_os_bit>64</system_pc_os_bit>
<system_pc_memory>4294967296</system_pc_memory>
<system_pc_num_processor></system_pc_num_processor>
<system_pc_date_os_installation></system_pc_date_os_installation>
<man_org_id></man_org_id>
</sys>
<bios>
<bios_description>IM81.00C1.B00</bios_description>
<bios_manufacturer>Apple Inc.</bios_manufacturer>
<bios_serial></bios_serial>
<bios_smversion></bios_smversion>
<bios_version></bios_version>
</bios>
<processor>
<processor_cores>2E0</processor_cores>
<processor_socket></processor_socket>
<processor_description>Intel Core 2 Duo</processor_description>
<processor_speed>2400</processor_speed>
<processor_manufacturer>Intel Corporation</processor_manufacturer>
<processor_power_management_supported></processor_power_management_supported>
</processor>
<memory>
<slot>
<bank>DIMM_0</bank>
<type>Synchronous</type>
<form_factor>DIMM</form_factor>
<detail>DDR2</detail>
<capacity></capacity>
<speed>800 MHz</speed>
<tag></tag>
</slot>
<slot>
<bank>DIMM_1</bank>
<type>Synchronous</type>
<form_factor>DIMM</form_factor>
<detail>DDR2</detail>
<capacity></capacity>
<speed>800 MHz</speed>
<tag></tag>
</slot>
</memory>
<video_cards>
<video_card>
<video_description>ATI Radeon HD 2400</video_description>
<video_manufacturer>ATI (0x1002)</video_manufacturer>
<video_memory>128 MB</video_memory>
</video_card>
</video_cards>
<sound_cards>
<sound_card>
<sound_name>hda_compatible_hardware</sound_name>
<sound_manufacturer></sound_manufacturer>
<sound_device_id></sound_device_id>
</sound_card>
</sound_cards>
<printers>
<printer>
<man_ip_address></man_ip_address>
<hostname></hostname>
<system_key></system_key>
<uuid></uuid>
<description>10.4</description>
<icon></icon>
<model></model>
<manufacturer></manufacturer>
<printer_port_name></printer_port_name>
<printer_shared></printer_shared>
<printer_shared_name></printer_shared_name>
<printer_location></printer_location>
<printer_color></printer_color>
<printer_duplex></printer_duplex>
<printer_type></printer_type>
<printer_name>libsysprint</printer_name>
<printer_connection_status>lpd://libsysprint/</printer_connection_status>
</printer>
</printers>
<package>
<software>
<software_name>Terminal</software_name>
<software_version>2.2.3</software_version>
<software_location>/Applications/Utilities/Terminal.app</software_location>
<software_uninstall></software_uninstall>
<software_install_date></software_install_date>
<software_publisher></software_publisher>
<software_install_source></software_install_source>
<software_system_component></software_system_component>
<software_url></software_url>
<software_email></software_email>
<software_comment></software_comment>
<software_code_base></software_code_base>
<software_status></software_status>
<software_installed_by></software_installed_by>
<software_installed_on></software_installed_on>
</software>
<software>
<software_name>Canon IJScanner1</software_name>
<software_version>1.1.1</software_version>
<software_location>/Library/Image Capture/Devices/Canon IJScanner1.app</software_location>
<software_uninstall></software_uninstall>
<software_install_date></software_install_date>
<software_publisher>1.1.1, Copyright CANON INC. 2009 All Rights Reserved</software_publisher>
<software_install_source></software_install_source>
<software_system_component></software_system_component>
<software_url></software_url>
<software_email></software_email>
<software_comment></software_comment>
<software_code_base></software_code_base>
<software_status></software_status>
<software_installed_by></software_installed_by>
<software_installed_on></software_installed_on>
</software>
</package>
<hard_disks>
<hard_disk>
<hard_drive_caption>Canon IJScanner1</hard_drive_caption>
<hard_drive_index>1.1.1</hard_drive_index>
<hard_drive_interface_type>/Library/Image Capture/Devices/Canon IJScanner1.app</hard_drive_interface_type>
<hard_drive_manufacturer></hard_drive_manufacturer>
<hard_drive_model>Hitachi HDP725025GLA380</hard_drive_model>
<hard_drive_serial>GEK260RB2US21A</hard_drive_serial>
<hard_drive_size>238475</hard_drive_size>
<hard_drive_device_id></hard_drive_device_id>
<hard_drive_partitions></hard_drive_partitions>
<hard_drive_status></hard_drive_status>
<hard_drive_scsi_logical_unit></hard_drive_scsi_logical_unit>
</hard_disk>
</hard_disks>
</system>[/code]

_________________
Old OA Setup: 500 Windows 7 workstations & 200 Apple OSX with OA v1.5.2 on Windows Server 2003 and WAMP 2
New OA Setup: 100 Windows servers with OA 2.2 on Windows Server 2016 and WAMP 3


Last edited by el_geto on Fri Oct 05, 2012 1:16 am, edited 1 time in total.

Top
 Profile  
Reply with quote  
PostPosted: Thu Oct 04, 2012 3:03 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1259
[quote="el_geto"]
<software>
<software_name>Canon IJScanner1</software_name>
<software_version>1.1.1</software_version>
<software_location>/Library/Image Capture/Devices/Canon IJScanner1.app</software_location>
...
</software>
</package>
<hard_disks>
<hard_disk>
<hard_drive_caption>Canon IJScanner1</hard_drive_caption>
<hard_drive_index>1.1.1</hard_drive_index>
<hard_drive_interface_type>/Library/Image Capture/Devices/Canon IJScanner1.app</hard_drive_interface_type>
<hard_drive_manufacturer></hard_drive_manufacturer>
<hard_drive_model>Hitachi HDP725025GLA380</hard_drive_model>
[/code]

Little weirdness here assuming what you posted is a cut and paste from the actual output. The hard_drive caption, index and interface_type look to be from the previous software entry. Maybe need to clear a variable when switching from auditing software to disks?

Top
 Profile  
Reply with quote  
PostPosted: Fri Oct 05, 2012 6:04 am 
Offline
Newbie

Joined: Thu Sep 27, 2012 10:19 am
Posts: 4
The mac script for transforming Mac system information to XML that is supported by OAV2 is attached to this post.

This is still a work in progress and there are still some variables that we're having trouble matching from the Mac system to the Windows tags in the XML. If you have any questions, comments or concerns, please post them. Any help and feedback would be much appreciated.

This is the script. All you have to do is decompress and click on the file. The xml file should be generated in the same folder as the script. It's called mac.xml in case you're wondering.
[attachment=0] File comment: Script
mac_audit.zip [29.26 KiB]
Downloaded 354 times


This is the objective C code:
[attachment=1] File comment: Objective C files
Mac audit OAV2 Xcode.zip [90.8 KiB]
Downloaded 334 times


I commented out the software section of the code. If you want a list of the software, just remove the comment characters and you'll get some information about all the software on your computer in the same format as the xml generated by the windows script.

Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 6 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group