mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
27 lines
988 B
YAML
27 lines
988 B
YAML
id: firewall-disabled
|
|
|
|
info:
|
|
name: macOS Application Firewall Disabled
|
|
author: geeknik
|
|
severity: medium
|
|
description: |
|
|
Verifies if the macOS application firewall is disabled, removing protection against unauthorized network access by applications.
|
|
impact: |
|
|
Disabling the firewall can allow malicious applications to make outbound connections and expose the system to network-based attacks.
|
|
remediation: |
|
|
Enable the macOS application firewall to control network access for applications.
|
|
tags: macos,audit,local,security
|
|
|
|
self-contained: true
|
|
|
|
code:
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
/usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "Firewall is disabled. (State = 0)"
|
|
# digest: 4b0a00483046022100fec597c208922cff8c5bf96d23a75c06d1192ecc31c5f257bd72cda4b05c3678022100b2899ee2431e105ca31f924e76bc446fa025a9c64b0f62c5268e06af0859be81:922c64590222798bb761d5b6d8e72950 |