finish folder checking for linux
This commit is contained in:
parent
a933a287b5
commit
ce82000bb4
|
@ -61,6 +61,12 @@ version = "0.2.148"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b"
|
checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "log"
|
||||||
|
version = "0.4.20"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "number_prefix"
|
name = "number_prefix"
|
||||||
version = "0.4.0"
|
version = "0.4.0"
|
||||||
|
@ -78,6 +84,7 @@ name = "security-checker"
|
||||||
version = "0.1.0"
|
version = "0.1.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"indicatif",
|
"indicatif",
|
||||||
|
"users",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
@ -86,6 +93,16 @@ version = "0.1.11"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85"
|
checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "users"
|
||||||
|
version = "0.11.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "24cc0f6d6f267b73e5a2cadf007ba8f9bc39c6a6f9666f8cf25ea809a153b032"
|
||||||
|
dependencies = [
|
||||||
|
"libc",
|
||||||
|
"log",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "windows-sys"
|
name = "windows-sys"
|
||||||
version = "0.45.0"
|
version = "0.45.0"
|
||||||
|
|
|
@ -7,3 +7,4 @@ edition = "2021"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
indicatif = "0.17.7"
|
indicatif = "0.17.7"
|
||||||
|
users = "0.11.0"
|
||||||
|
|
87
src/main.rs
87
src/main.rs
|
@ -1,27 +1,18 @@
|
||||||
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
|
|
||||||
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
||||||
use security_checker::{structs::{Folder, Perms}, get_home};
|
use security_checker::{
|
||||||
use std::os::unix::fs::PermissionsExt;
|
get_home,
|
||||||
|
structs::{Folder, FolderPerms, Perms},
|
||||||
|
};
|
||||||
|
use std::{
|
||||||
|
fmt::Write, fs, os::unix::prelude::MetadataExt, process, sync::mpsc, thread, time::Duration,
|
||||||
|
};
|
||||||
|
|
||||||
fn main() {
|
fn main() {
|
||||||
// TODO: add support for other OSes
|
// TODO: add support for other OSes
|
||||||
if std::env::consts::OS != "linux" {
|
if std::env::consts::OS != "linux" {
|
||||||
println!("This currently only supports linux. Sorry!");
|
println!("This currently only supports linux. Sorry!");
|
||||||
process::exit(1)
|
process::exit(1)
|
||||||
}
|
}
|
||||||
println!("SCAMing you...");
|
|
||||||
let pb = ProgressBar::new(100);
|
|
||||||
pb.set_style(ProgressStyle::with_template("[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})")
|
|
||||||
.unwrap()
|
|
||||||
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap())
|
|
||||||
.progress_chars("=>-"));
|
|
||||||
|
|
||||||
let mut progress = 0;
|
|
||||||
while progress < 100 {
|
|
||||||
progress += 1;
|
|
||||||
pb.set_position(progress);
|
|
||||||
thread::sleep(Duration::from_millis(50));
|
|
||||||
}
|
|
||||||
|
|
||||||
let (tx, rx) = mpsc::channel();
|
let (tx, rx) = mpsc::channel();
|
||||||
|
|
||||||
|
@ -29,29 +20,63 @@ fn main() {
|
||||||
let mut out: Vec<Folder> = vec![];
|
let mut out: Vec<Folder> = vec![];
|
||||||
let folders = Folder::linux();
|
let folders = Folder::linux();
|
||||||
for mut folder in folders {
|
for mut folder in folders {
|
||||||
folder.path = folder.path.replace('~', &get_home()[..]);
|
folder.path = folder.path.replace('~', &get_home()[..]);
|
||||||
|
|
||||||
// check if we have write perms for all of the folders, if so, push to out
|
|
||||||
let md = fs::metadata(&folder.path).unwrap();
|
|
||||||
let perms = md.permissions().mode();
|
|
||||||
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
|
|
||||||
|
|
||||||
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
|
let md = fs::metadata(&folder.path).unwrap();
|
||||||
|
let perms = Perms::from_unix_folder(&folder.path);
|
||||||
let owner = md.uid();
|
let owner = md.uid();
|
||||||
let group = md.gid();
|
let group = md.gid();
|
||||||
|
|
||||||
// println!("{readonly} - {}", folder.path);
|
let current_user = users::get_effective_uid();
|
||||||
// if !readonly {
|
let current_group = users::get_effective_gid();
|
||||||
// println!("can write to {}", folder.path);
|
|
||||||
// out.push(folder)
|
// clippy hates this.
|
||||||
// }
|
if owner == current_user && perms.owner.contains(&folder.dangerous_perms) {
|
||||||
};
|
out.push(folder)
|
||||||
|
} else if group == current_group && perms.group.contains(&folder.dangerous_perms) {
|
||||||
|
out.push(folder)
|
||||||
|
} else if perms.other.contains(&folder.dangerous_perms) {
|
||||||
|
out.push(folder)
|
||||||
|
};
|
||||||
|
}
|
||||||
tx.send(out)
|
tx.send(out)
|
||||||
});
|
});
|
||||||
|
|
||||||
|
println!("SCAMing you...");
|
||||||
|
let pb = ProgressBar::new(100);
|
||||||
|
pb.set_style(
|
||||||
|
ProgressStyle::with_template(
|
||||||
|
"[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})",
|
||||||
|
)
|
||||||
|
.unwrap()
|
||||||
|
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| {
|
||||||
|
write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap()
|
||||||
|
})
|
||||||
|
.progress_chars("=>-"),
|
||||||
|
);
|
||||||
|
|
||||||
|
let mut progress = 0;
|
||||||
|
while progress < 100 {
|
||||||
|
progress += 1;
|
||||||
|
pb.set_position(progress);
|
||||||
|
thread::sleep(Duration::from_millis(50));
|
||||||
|
}
|
||||||
|
|
||||||
pb.finish();
|
pb.finish();
|
||||||
println!("Ran SCAM. Here's your output!");
|
println!("Ran SCAM. Here's your output!");
|
||||||
|
|
||||||
let recieved = rx.recv().unwrap();
|
let recieved = rx.recv().unwrap();
|
||||||
println!("{recieved:?}");
|
|
||||||
|
for folder in recieved {
|
||||||
|
println!(
|
||||||
|
"I can {} {}. This is potentially bad, because this folder stores {}.",
|
||||||
|
match folder.dangerous_perms {
|
||||||
|
FolderPerms::Write => "write to",
|
||||||
|
FolderPerms::Read => "read from",
|
||||||
|
FolderPerms::Execute => "execute files in",
|
||||||
|
},
|
||||||
|
folder.path,
|
||||||
|
folder.contains
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,11 +13,12 @@ pub struct Data {
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Folder {
|
pub struct Folder {
|
||||||
pub path: String,
|
pub path: String,
|
||||||
pub r#type: FolderType,
|
pub ftype: FolderType,
|
||||||
pub contains: String,
|
pub contains: String,
|
||||||
|
pub dangerous_perms: FolderPerms,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug, PartialEq, Eq)]
|
||||||
pub enum FolderType {
|
pub enum FolderType {
|
||||||
ApplicationData,
|
ApplicationData,
|
||||||
Binary,
|
Binary,
|
||||||
|
@ -26,7 +27,7 @@ pub enum FolderType {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct Malware {
|
pub struct Malware {
|
||||||
pub r#type: Vec<MalwareType>,
|
pub ftype: Vec<MalwareType>,
|
||||||
pub name: String,
|
pub name: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -44,49 +45,58 @@ impl Folder {
|
||||||
// system folders
|
// system folders
|
||||||
Folder {
|
Folder {
|
||||||
path: String::from("/usr/bin"),
|
path: String::from("/usr/bin"),
|
||||||
r#type: FolderType::Binary,
|
ftype: FolderType::Binary,
|
||||||
contains: "Installed Programs".to_string(),
|
contains: "Installed Programs".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/boot".to_string(),
|
path: "/boot".to_string(),
|
||||||
r#type: FolderType::Kernel,
|
ftype: FolderType::Kernel,
|
||||||
contains: "Boot Files, Kernel".to_string(),
|
contains: "Boot Files, Kernel".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/lib".to_string(),
|
path: "/lib".to_string(),
|
||||||
r#type: FolderType::SystemData,
|
ftype: FolderType::SystemData,
|
||||||
contains: "Kernel Modules, Libraries".to_string(),
|
contains: "Kernel Modules, Libraries".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/usr/lib".to_string(),
|
path: "/usr/lib".to_string(),
|
||||||
r#type: FolderType::SystemData,
|
ftype: FolderType::SystemData,
|
||||||
contains: "Libraries, Object Files".to_string(),
|
contains: "Libraries, Object Files".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/dev".to_string(),
|
path: "/dev".to_string(),
|
||||||
r#type: FolderType::SystemData,
|
ftype: FolderType::SystemData,
|
||||||
contains: "Access To All Devices".to_string(),
|
contains: "Access To All Devices".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/tmp".to_string(),
|
path: "/tmp".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: "Temporary Application Data".to_string(),
|
contains: "Temporary Application Data".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Read
|
||||||
},
|
},
|
||||||
// user specific files
|
// user specific files
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.config".to_string(),
|
path: "~/.config".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: "Permanent Application Data, Login Info".to_string(),
|
contains: "Permanent Application Data, Login Info".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Read
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.local/share".to_string(),
|
path: "~/.local/share".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: String::from("Permanent Application Data, Login Info"),
|
contains: String::from("Permanent Application Data, Login Info"),
|
||||||
|
dangerous_perms: FolderPerms::Read
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.cache".to_string(),
|
path: "~/.cache".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: "Cached Data From Applications".to_string(),
|
contains: "Cached Data From Applications".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Read
|
||||||
},
|
},
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -99,7 +109,7 @@ pub struct Perms {
|
||||||
pub other: Vec<FolderPerms>,
|
pub other: Vec<FolderPerms>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug, PartialEq, Eq)]
|
||||||
pub enum FolderPerms {
|
pub enum FolderPerms {
|
||||||
Read,
|
Read,
|
||||||
Write,
|
Write,
|
||||||
|
@ -107,7 +117,7 @@ pub enum FolderPerms {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Perms {
|
impl Perms {
|
||||||
pub fn from_unix_folder(path: String) -> Perms {
|
pub fn from_unix_folder(path: &String) -> Perms {
|
||||||
let md = fs::metadata(path).unwrap();
|
let md = fs::metadata(path).unwrap();
|
||||||
let perms = md.permissions().mode();
|
let perms = md.permissions().mode();
|
||||||
let string = format!("{perms:o}")
|
let string = format!("{perms:o}")
|
||||||
|
@ -119,7 +129,6 @@ impl Perms {
|
||||||
.rev()
|
.rev()
|
||||||
.collect::<String>()
|
.collect::<String>()
|
||||||
.chars()
|
.chars()
|
||||||
.into_iter()
|
|
||||||
.collect::<Vec<char>>();
|
.collect::<Vec<char>>();
|
||||||
|
|
||||||
Perms {
|
Perms {
|
||||||
|
|
Loading…
Reference in New Issue