Dropbox Installed (Mac OS X)

2011-06-27T00:00:00
ID MACOSX_DROPBOX_INSTALLED.NASL
Type nessus
Reporter Tenable
Modified 2017-05-30T00:00:00

Description

Dropbox is installed on the remote Mac OS X host. Dropbox is an application for storing and synchronizing files between computers, possibly outside the organization.

                                        
                                            #TRUSTED 1a10b2a95c0fd660025c553a17c49d0e748eb9eb098c077d42cdb3748182ee02c1b5b6558151e10fa2dc9ab0fa198d909460c77a43bc6b75ac540af26ea5b0a54ea334272832261bdac84273a7c5152afafea43777c47f8200308e7aef252d3bcfbc3b4e1f2dac112c53f4e7f3be78e33f250922496e55d913d86c182c682db714c7910202bc00350d8e85c7cb8ae24afcd9ec8a29c4e0b152b4c1b8812f847c0f97c5d70327a0f29180cd00fd74592a8993feb166e3df268979b46589d9a4d87909a8fb11c10f52e98ab79150e9579629c542c79430387abc869ed1fd17cc5973e7f61f2864a556da25ca9ad2c0059a1d4302f38a0a350284801dbcf13951bdca2b7164c1e90f3e32e22fab97b6ee41999d967fd2400bb1ed2a35936311be69ae802f51a217a38e02922de1a9f1889d431e09930ed06f2efbdd4b3a02ef3ed8b874f35cca30736b5bcbaa83cfe71f70c07d2eba2fd22ca371f0321a9552efb27789aef97d469c378bc96bb6c85a540f9489ce8144e2b591f3957f20aa43ccd917f84abf2ac24413fee0342ad67388b7b254ecc446380d21f79cc29e63e01d1b067ea3165844db4cdfde24aa069a8cb0f1bbe2b290c4bb4066e19e12c6faa915186a0d05308a469916ad563fc5b370f968ac88b711222278890f3412af89a96cbdb5a0c3960703df3cb346ce01d73a5bebac9e3b68b2e3b8b6a6bfc59e97a59a
#
# (C) Tenable Network Security, Inc.
#


if (!defined_func("bn_random")) exit(0);


include("compat.inc");


if (description)
{
  script_id(55435);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2017/05/30");

  script_name(english:"Dropbox Installed (Mac OS X)");
  script_summary(english:"Gets Dropbox version from Info.plist");

  script_set_attribute(
    attribute:"synopsis",
    value:"There is a file synchronization application on the remote host."
  );
  script_set_attribute(
    attribute:"description",
    value:
"Dropbox is installed on the remote Mac OS X host.  Dropbox is an
application for storing and synchronizing files between computers,
possibly outside the organization."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.dropbox.com/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Ensure that use of this software agrees with your organization's
acceptable use and security policies."
  );
  script_set_attribute(attribute:"risk_factor", value:"None");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:dropbox:dropbox");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version");

  exit(0);
}


include("global_settings.inc");
include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");



if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");

os = get_kb_item("Host/MacOSX/Version");
if (!os) exit(0, "The host does not appear to be running Mac OS X.");


kb_base = "MacOSX/Dropbox";


plist = "/Applications/Dropbox.app/Contents/Info.plist";
cmd =  'plutil -convert xml1 -o - \'' + plist + '\' | ' +
  'grep -A 1 CFBundleShortVersionString | ' +
  'tail -n 1 | ' +
  'sed \'s/.*string>\\(.*\\)<\\/string>.*/\\1/g\'';
version = exec_cmd(cmd:cmd);
if (!strlen(version)) exit(0, "Dropbox does not appear to be installed.");
set_kb_item(name:kb_base+"/Installed", value:TRUE);

if (ereg(pattern:"^Dropbox ", string:version)) version = version - "Dropbox ";
if (version !~ "^[0-9]") exit(1, "The Dropbox version does not look valid (" + version + ").");
set_kb_item(name:kb_base+"/Version", value:version);

if (report_verbosity > 0)
{
  report = 
    '\n  Path    : /Applications/Dropbox.app' +
    '\n  Version : ' + version + '\n';
  security_note(port:0, extra:report);
}
else security_note(0);