finish folder checking for linux
This commit is contained in:
parent
a933a287b5
commit
ce82000bb4
|
@ -61,6 +61,12 @@ version = "0.2.148"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b"
|
||||
|
||||
[[package]]
|
||||
name = "log"
|
||||
version = "0.4.20"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f"
|
||||
|
||||
[[package]]
|
||||
name = "number_prefix"
|
||||
version = "0.4.0"
|
||||
|
@ -78,6 +84,7 @@ name = "security-checker"
|
|||
version = "0.1.0"
|
||||
dependencies = [
|
||||
"indicatif",
|
||||
"users",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -86,6 +93,16 @@ version = "0.1.11"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85"
|
||||
|
||||
[[package]]
|
||||
name = "users"
|
||||
version = "0.11.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "24cc0f6d6f267b73e5a2cadf007ba8f9bc39c6a6f9666f8cf25ea809a153b032"
|
||||
dependencies = [
|
||||
"libc",
|
||||
"log",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "windows-sys"
|
||||
version = "0.45.0"
|
||||
|
|
|
@ -7,3 +7,4 @@ edition = "2021"
|
|||
|
||||
[dependencies]
|
||||
indicatif = "0.17.7"
|
||||
users = "0.11.0"
|
||||
|
|
81
src/main.rs
81
src/main.rs
|
@ -1,7 +1,11 @@
|
|||
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
|
||||
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
||||
use security_checker::{structs::{Folder, Perms}, get_home};
|
||||
use std::os::unix::fs::PermissionsExt;
|
||||
use security_checker::{
|
||||
get_home,
|
||||
structs::{Folder, FolderPerms, Perms},
|
||||
};
|
||||
use std::{
|
||||
fmt::Write, fs, os::unix::prelude::MetadataExt, process, sync::mpsc, thread, time::Duration,
|
||||
};
|
||||
|
||||
fn main() {
|
||||
// TODO: add support for other OSes
|
||||
|
@ -9,19 +13,6 @@ fn main() {
|
|||
println!("This currently only supports linux. Sorry!");
|
||||
process::exit(1)
|
||||
}
|
||||
println!("SCAMing you...");
|
||||
let pb = ProgressBar::new(100);
|
||||
pb.set_style(ProgressStyle::with_template("[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})")
|
||||
.unwrap()
|
||||
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap())
|
||||
.progress_chars("=>-"));
|
||||
|
||||
let mut progress = 0;
|
||||
while progress < 100 {
|
||||
progress += 1;
|
||||
pb.set_position(progress);
|
||||
thread::sleep(Duration::from_millis(50));
|
||||
}
|
||||
|
||||
let (tx, rx) = mpsc::channel();
|
||||
|
||||
|
@ -31,27 +22,61 @@ fn main() {
|
|||
for mut folder in folders {
|
||||
folder.path = folder.path.replace('~', &get_home()[..]);
|
||||
|
||||
// check if we have write perms for all of the folders, if so, push to out
|
||||
let md = fs::metadata(&folder.path).unwrap();
|
||||
let perms = md.permissions().mode();
|
||||
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
|
||||
|
||||
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
|
||||
let perms = Perms::from_unix_folder(&folder.path);
|
||||
let owner = md.uid();
|
||||
let group = md.gid();
|
||||
|
||||
// println!("{readonly} - {}", folder.path);
|
||||
// if !readonly {
|
||||
// println!("can write to {}", folder.path);
|
||||
// out.push(folder)
|
||||
// }
|
||||
};
|
||||
let current_user = users::get_effective_uid();
|
||||
let current_group = users::get_effective_gid();
|
||||
|
||||
// clippy hates this.
|
||||
if owner == current_user && perms.owner.contains(&folder.dangerous_perms) {
|
||||
out.push(folder)
|
||||
} else if group == current_group && perms.group.contains(&folder.dangerous_perms) {
|
||||
out.push(folder)
|
||||
} else if perms.other.contains(&folder.dangerous_perms) {
|
||||
out.push(folder)
|
||||
};
|
||||
}
|
||||
tx.send(out)
|
||||
});
|
||||
|
||||
println!("SCAMing you...");
|
||||
let pb = ProgressBar::new(100);
|
||||
pb.set_style(
|
||||
ProgressStyle::with_template(
|
||||
"[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})",
|
||||
)
|
||||
.unwrap()
|
||||
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| {
|
||||
write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap()
|
||||
})
|
||||
.progress_chars("=>-"),
|
||||
);
|
||||
|
||||
let mut progress = 0;
|
||||
while progress < 100 {
|
||||
progress += 1;
|
||||
pb.set_position(progress);
|
||||
thread::sleep(Duration::from_millis(50));
|
||||
}
|
||||
|
||||
pb.finish();
|
||||
println!("Ran SCAM. Here's your output!");
|
||||
|
||||
let recieved = rx.recv().unwrap();
|
||||
println!("{recieved:?}");
|
||||
|
||||
for folder in recieved {
|
||||
println!(
|
||||
"I can {} {}. This is potentially bad, because this folder stores {}.",
|
||||
match folder.dangerous_perms {
|
||||
FolderPerms::Write => "write to",
|
||||
FolderPerms::Read => "read from",
|
||||
FolderPerms::Execute => "execute files in",
|
||||
},
|
||||
folder.path,
|
||||
folder.contains
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -13,11 +13,12 @@ pub struct Data {
|
|||
#[derive(Debug)]
|
||||
pub struct Folder {
|
||||
pub path: String,
|
||||
pub r#type: FolderType,
|
||||
pub ftype: FolderType,
|
||||
pub contains: String,
|
||||
pub dangerous_perms: FolderPerms,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
#[derive(Debug, PartialEq, Eq)]
|
||||
pub enum FolderType {
|
||||
ApplicationData,
|
||||
Binary,
|
||||
|
@ -26,7 +27,7 @@ pub enum FolderType {
|
|||
}
|
||||
|
||||
pub struct Malware {
|
||||
pub r#type: Vec<MalwareType>,
|
||||
pub ftype: Vec<MalwareType>,
|
||||
pub name: String,
|
||||
}
|
||||
|
||||
|
@ -44,49 +45,58 @@ impl Folder {
|
|||
// system folders
|
||||
Folder {
|
||||
path: String::from("/usr/bin"),
|
||||
r#type: FolderType::Binary,
|
||||
ftype: FolderType::Binary,
|
||||
contains: "Installed Programs".to_string(),
|
||||
dangerous_perms: FolderPerms::Write
|
||||
},
|
||||
Folder {
|
||||
path: "/boot".to_string(),
|
||||
r#type: FolderType::Kernel,
|
||||
ftype: FolderType::Kernel,
|
||||
contains: "Boot Files, Kernel".to_string(),
|
||||
dangerous_perms: FolderPerms::Write
|
||||
},
|
||||
Folder {
|
||||
path: "/lib".to_string(),
|
||||
r#type: FolderType::SystemData,
|
||||
ftype: FolderType::SystemData,
|
||||
contains: "Kernel Modules, Libraries".to_string(),
|
||||
dangerous_perms: FolderPerms::Write
|
||||
},
|
||||
Folder {
|
||||
path: "/usr/lib".to_string(),
|
||||
r#type: FolderType::SystemData,
|
||||
ftype: FolderType::SystemData,
|
||||
contains: "Libraries, Object Files".to_string(),
|
||||
dangerous_perms: FolderPerms::Write
|
||||
},
|
||||
Folder {
|
||||
path: "/dev".to_string(),
|
||||
r#type: FolderType::SystemData,
|
||||
ftype: FolderType::SystemData,
|
||||
contains: "Access To All Devices".to_string(),
|
||||
dangerous_perms: FolderPerms::Write
|
||||
},
|
||||
Folder {
|
||||
path: "/tmp".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: "Temporary Application Data".to_string(),
|
||||
dangerous_perms: FolderPerms::Read
|
||||
},
|
||||
// user specific files
|
||||
Folder {
|
||||
path: "~/.config".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: "Permanent Application Data, Login Info".to_string(),
|
||||
dangerous_perms: FolderPerms::Read
|
||||
},
|
||||
Folder {
|
||||
path: "~/.local/share".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: String::from("Permanent Application Data, Login Info"),
|
||||
dangerous_perms: FolderPerms::Read
|
||||
},
|
||||
Folder {
|
||||
path: "~/.cache".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: "Cached Data From Applications".to_string(),
|
||||
dangerous_perms: FolderPerms::Read
|
||||
},
|
||||
]
|
||||
}
|
||||
|
@ -99,7 +109,7 @@ pub struct Perms {
|
|||
pub other: Vec<FolderPerms>,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
#[derive(Debug, PartialEq, Eq)]
|
||||
pub enum FolderPerms {
|
||||
Read,
|
||||
Write,
|
||||
|
@ -107,7 +117,7 @@ pub enum FolderPerms {
|
|||
}
|
||||
|
||||
impl Perms {
|
||||
pub fn from_unix_folder(path: String) -> Perms {
|
||||
pub fn from_unix_folder(path: &String) -> Perms {
|
||||
let md = fs::metadata(path).unwrap();
|
||||
let perms = md.permissions().mode();
|
||||
let string = format!("{perms:o}")
|
||||
|
@ -119,7 +129,6 @@ impl Perms {
|
|||
.rev()
|
||||
.collect::<String>()
|
||||
.chars()
|
||||
.into_iter()
|
||||
.collect::<Vec<char>>();
|
||||
|
||||
Perms {
|
||||
|
|
Loading…
Reference in New Issue