SadlyNotSappho
/
security-checker-automatic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: SadlyNotSappho:12ac96f56878910f9de711add0c6117cdd9517e5
Branches Tags
SadlyNotSappho:main
..
compare: SadlyNotSappho:a933a287b51dfd5063760cfb8cb25df287d79b60
Branches Tags
SadlyNotSappho:main

No commits in common. "12ac96f56878910f9de711add0c6117cdd9517e5" and "a933a287b51dfd5063760cfb8cb25df287d79b60" have entirely different histories.
12ac96f568 ... a933a287b5

4 changed files with 62 additions and 1189 deletions
Show Stats Expand all files Collapse all files

1085
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

3
Cargo.toml
View File

@ -7,6 +7,3 @@ edition = "2021"
[dependencies]
indicatif = "0.17.7"
reqwest = "0.11.22"
tokio = { version = "1.33.0", features = ["rt-multi-thread", "macros"] }
users = "0.11.0"

115
src/main.rs
View File

@ -1,75 +1,20 @@
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
use security_checker::{
get_home,
structs::{Data, Folder, FolderPerms, Perms},
};
use std::{
fmt::Write, fs, os::unix::prelude::MetadataExt, process, sync::mpsc, thread, time::Duration,
};
use security_checker::{structs::{Folder, Perms}, get_home};
use std::os::unix::fs::PermissionsExt;
#[tokio::main]
async fn main() {
// TODO: add support for other OSes
fn main() {
// TODO: add support for other OSes
if std::env::consts::OS != "linux" {
println!("This currently only supports linux. Sorry!");
process::exit(1)
}
let (tx, rx) = mpsc::channel();
thread::spawn(|| async move {
let mut vulnerable_folders: Vec<Folder> = vec![];
let current_user = users::get_effective_uid();
// vulnerable folders
let folders = Folder::linux();
for mut folder in folders {
folder.path = folder.path.replace('~', &get_home()[..]);
let md = fs::metadata(&folder.path).unwrap();
let perms = Perms::from_unix_folder(&folder.path);
let owner = md.uid();
let group = md.gid();
let current_user = users::get_effective_uid();
let current_group = users::get_effective_gid();
// clippy hates this.
if owner == current_user && perms.owner.contains(&folder.dangerous_perms) {
vulnerable_folders.push(folder)
} else if group == current_group && perms.group.contains(&folder.dangerous_perms) {
vulnerable_folders.push(folder)
} else if perms.other.contains(&folder.dangerous_perms) {
vulnerable_folders.push(folder)
};
}
// ping home
let ping = reqwest::get("https://sadlynotsappho.dev/scam").await;
let root = current_user == 0;
tx.send(Data {
vulnerable_folders,
root,
pinged_home: ping.is_ok(),
cam_access: false,
mic_access: false,
known_malware: vec![],
})
});
println!("SCAMing you...");
let pb = ProgressBar::new(100);
pb.set_style(
ProgressStyle::with_template(
"[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})",
)
pb.set_style(ProgressStyle::with_template("[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})")
.unwrap()
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| {
write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap()
})
.progress_chars("=>-"),
);
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap())
.progress_chars("=>-"));
let mut progress = 0;
while progress < 100 {
@ -78,25 +23,35 @@ async fn main() {
thread::sleep(Duration::from_millis(50));
}
let (tx, rx) = mpsc::channel();
thread::spawn(move || {
let mut out: Vec<Folder> = vec![];
let folders = Folder::linux();
for mut folder in folders {
folder.path = folder.path.replace('~', &get_home()[..]);
// check if we have write perms for all of the folders, if so, push to out
let md = fs::metadata(&folder.path).unwrap();
let perms = md.permissions().mode();
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
let owner = md.uid();
let group = md.gid();
// println!("{readonly} - {}", folder.path);
// if !readonly {
// println!("can write to {}", folder.path);
// out.push(folder)
// }
};
tx.send(out)
});
pb.finish();
println!("Ran SCAM. Here's your output!");
let recieved = rx.recv();
let recieved = rx.recv().unwrap();
println!("{recieved:?}");
// println!("Root: {}", recieved.root);
// println!("Pinged Home: {}", recieved.pinged_home);
// for folder in recieved.vulnerable_folders {
// println!(
// "I can {} {}. This is potentially bad, because this folder stores {}.",
// match folder.dangerous_perms {
// FolderPerms::Write => "write to",
// FolderPerms::Read => "read from",
// FolderPerms::Execute => "execute files in",
// },
// folder.path,
// folder.contains
// );
// }
}

48
src/structs.rs
View File

@ -1,25 +1,23 @@
use std::fs;
use std::os::unix::fs::PermissionsExt;
#[derive(Debug)]
pub struct Data {
pub vulnerable_folders: Vec<Folder>, // done
pub vulnerable_folders: Vec<Folder>,
pub pinged_home: bool,
pub root: bool,
pub known_malware: Vec<Malware>,
pub cam_access: bool,
pub mic_access: bool,
pub known_malware: Vec<Malware>,
pub root: bool,
}
#[derive(Debug)]
pub struct Folder {
pub path: String,
pub ftype: FolderType,
pub r#type: FolderType,
pub contains: String,
pub dangerous_perms: FolderPerms,
}
#[derive(Debug, PartialEq, Eq)]
#[derive(Debug)]
pub enum FolderType {
ApplicationData,
Binary,
@ -27,13 +25,11 @@ pub enum FolderType {
Kernel,
}
#[derive(Debug)]
pub struct Malware {
pub ftype: Vec<MalwareType>,
pub r#type: Vec<MalwareType>,
pub name: String,
}
#[derive(Debug)]
pub enum MalwareType {
DataThief, // sells data to ad companies (cough cough google chrome cough cough)
LoginStealer, // fuckin skyblock mods, probably
@ -48,58 +44,49 @@ impl Folder {
// system folders
Folder {
path: String::from("/usr/bin"),
ftype: FolderType::Binary,
r#type: FolderType::Binary,
contains: "Installed Programs".to_string(),
dangerous_perms: FolderPerms::Write,
},
Folder {
path: "/boot".to_string(),
ftype: FolderType::Kernel,
r#type: FolderType::Kernel,
contains: "Boot Files, Kernel".to_string(),
dangerous_perms: FolderPerms::Write,
},
Folder {
path: "/lib".to_string(),
ftype: FolderType::SystemData,
r#type: FolderType::SystemData,
contains: "Kernel Modules, Libraries".to_string(),
dangerous_perms: FolderPerms::Write,
},
Folder {
path: "/usr/lib".to_string(),
ftype: FolderType::SystemData,
r#type: FolderType::SystemData,
contains: "Libraries, Object Files".to_string(),
dangerous_perms: FolderPerms::Write,
},
Folder {
path: "/dev".to_string(),
ftype: FolderType::SystemData,
r#type: FolderType::SystemData,
contains: "Access To All Devices".to_string(),
dangerous_perms: FolderPerms::Write,
},
Folder {
path: "/tmp".to_string(),
ftype: FolderType::ApplicationData,
r#type: FolderType::ApplicationData,
contains: "Temporary Application Data".to_string(),
dangerous_perms: FolderPerms::Read,
},
// user specific files
Folder {
path: "~/.config".to_string(),
ftype: FolderType::ApplicationData,
r#type: FolderType::ApplicationData,
contains: "Permanent Application Data, Login Info".to_string(),
dangerous_perms: FolderPerms::Read,
},
Folder {
path: "~/.local/share".to_string(),
ftype: FolderType::ApplicationData,
r#type: FolderType::ApplicationData,
contains: String::from("Permanent Application Data, Login Info"),
dangerous_perms: FolderPerms::Read,
},
Folder {
path: "~/.cache".to_string(),
ftype: FolderType::ApplicationData,
r#type: FolderType::ApplicationData,
contains: "Cached Data From Applications".to_string(),
dangerous_perms: FolderPerms::Read,
},
]
}
@ -112,7 +99,7 @@ pub struct Perms {
pub other: Vec<FolderPerms>,
}
#[derive(Debug, PartialEq, Eq)]
#[derive(Debug)]
pub enum FolderPerms {
Read,
Write,
@ -120,7 +107,7 @@ pub enum FolderPerms {
}
impl Perms {
pub fn from_unix_folder(path: &String) -> Perms {
pub fn from_unix_folder(path: String) -> Perms {
let md = fs::metadata(path).unwrap();
let perms = md.permissions().mode();
let string = format!("{perms:o}")
@ -132,6 +119,7 @@ impl Perms {
.rev()
.collect::<String>()
.chars()
.into_iter()
.collect::<Vec<char>>();
Perms {