SadlyNotSappho
/
security-checker-automatic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: SadlyNotSappho:12ac96f56878910f9de711add0c6117cdd9517e5
Branches Tags
SadlyNotSappho:main
..
compare: SadlyNotSappho:a933a287b51dfd5063760cfb8cb25df287d79b60
Branches Tags
SadlyNotSappho:main

No commits in common. "12ac96f56878910f9de711add0c6117cdd9517e5" and "a933a287b51dfd5063760cfb8cb25df287d79b60" have entirely different histories.
12ac96f568 ... a933a287b5

4 changed files with 62 additions and 1189 deletions
Show Stats Expand all files Collapse all files

1085
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

3
Cargo.toml
View File

@ -7,6 +7,3 @@ edition = "2021"
[dependencies] [dependencies]
indicatif = "0.17.7" indicatif = "0.17.7"
reqwest = "0.11.22"
tokio = { version = "1.33.0", features = ["rt-multi-thread", "macros"] }
users = "0.11.0"

113
src/main.rs
View File

@ -1,75 +1,20 @@
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
use indicatif::{ProgressBar, ProgressState, ProgressStyle}; use indicatif::{ProgressBar, ProgressState, ProgressStyle};
use security_checker::{ use security_checker::{structs::{Folder, Perms}, get_home};
get_home, use std::os::unix::fs::PermissionsExt;
structs::{Data, Folder, FolderPerms, Perms},
};
use std::{
fmt::Write, fs, os::unix::prelude::MetadataExt, process, sync::mpsc, thread, time::Duration,
};
#[tokio::main] fn main() {
async fn main() {
// TODO: add support for other OSes // TODO: add support for other OSes
if std::env::consts::OS != "linux" { if std::env::consts::OS != "linux" {
println!("This currently only supports linux. Sorry!"); println!("This currently only supports linux. Sorry!");
process::exit(1) process::exit(1)
} }
let (tx, rx) = mpsc::channel();
thread::spawn(|| async move {
let mut vulnerable_folders: Vec<Folder> = vec![];
let current_user = users::get_effective_uid();
// vulnerable folders
let folders = Folder::linux();
for mut folder in folders {
folder.path = folder.path.replace('~', &get_home()[..]);
let md = fs::metadata(&folder.path).unwrap();
let perms = Perms::from_unix_folder(&folder.path);
let owner = md.uid();
let group = md.gid();
let current_user = users::get_effective_uid();
let current_group = users::get_effective_gid();
// clippy hates this.
if owner == current_user && perms.owner.contains(&folder.dangerous_perms) {
vulnerable_folders.push(folder)
} else if group == current_group && perms.group.contains(&folder.dangerous_perms) {
vulnerable_folders.push(folder)
} else if perms.other.contains(&folder.dangerous_perms) {
vulnerable_folders.push(folder)
};
}
// ping home
let ping = reqwest::get("https://sadlynotsappho.dev/scam").await;
let root = current_user == 0;
tx.send(Data {
vulnerable_folders,
root,
pinged_home: ping.is_ok(),
cam_access: false,
mic_access: false,
known_malware: vec![],
})
});
println!("SCAMing you..."); println!("SCAMing you...");
let pb = ProgressBar::new(100); let pb = ProgressBar::new(100);
pb.set_style( pb.set_style(ProgressStyle::with_template("[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})")
ProgressStyle::with_template(
"[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})",
)
.unwrap() .unwrap()
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| { .with_key("eta", |state: &ProgressState, w: &mut dyn Write| write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap())
write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap() .progress_chars("=>-"));
})
.progress_chars("=>-"),
);
let mut progress = 0; let mut progress = 0;
while progress < 100 { while progress < 100 {
@ -78,25 +23,35 @@ async fn main() {
thread::sleep(Duration::from_millis(50)); thread::sleep(Duration::from_millis(50));
} }
let (tx, rx) = mpsc::channel();
thread::spawn(move || {
let mut out: Vec<Folder> = vec![];
let folders = Folder::linux();
for mut folder in folders {
folder.path = folder.path.replace('~', &get_home()[..]);
// check if we have write perms for all of the folders, if so, push to out
let md = fs::metadata(&folder.path).unwrap();
let perms = md.permissions().mode();
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
let owner = md.uid();
let group = md.gid();
// println!("{readonly} - {}", folder.path);
// if !readonly {
// println!("can write to {}", folder.path);
// out.push(folder)
// }
};
tx.send(out)
});
pb.finish(); pb.finish();
println!("Ran SCAM. Here's your output!"); println!("Ran SCAM. Here's your output!");
let recieved = rx.recv(); let recieved = rx.recv().unwrap();
println!("{recieved:?}"); println!("{recieved:?}");
// println!("Root: {}", recieved.root);
// println!("Pinged Home: {}", recieved.pinged_home);
// for folder in recieved.vulnerable_folders {
// println!(
// "I can {} {}. This is potentially bad, because this folder stores {}.",
// match folder.dangerous_perms {
// FolderPerms::Write => "write to",
// FolderPerms::Read => "read from",
// FolderPerms::Execute => "execute files in",
// },
// folder.path,
// folder.contains
// );
// }
} }

48
src/structs.rs
View File

@ -1,25 +1,23 @@
use std::fs; use std::fs;
use std::os::unix::fs::PermissionsExt; use std::os::unix::fs::PermissionsExt;
#[derive(Debug)]
pub struct Data { pub struct Data {
pub vulnerable_folders: Vec<Folder>, // done pub vulnerable_folders: Vec<Folder>,
pub pinged_home: bool, pub pinged_home: bool,
pub root: bool, pub known_malware: Vec<Malware>,
pub cam_access: bool, pub cam_access: bool,
pub mic_access: bool, pub mic_access: bool,
pub known_malware: Vec<Malware>, pub root: bool,
} }
#[derive(Debug)] #[derive(Debug)]
pub struct Folder { pub struct Folder {
pub path: String, pub path: String,
pub ftype: FolderType, pub r#type: FolderType,
pub contains: String, pub contains: String,
pub dangerous_perms: FolderPerms,
} }
#[derive(Debug, PartialEq, Eq)] #[derive(Debug)]
pub enum FolderType { pub enum FolderType {
ApplicationData, ApplicationData,
Binary, Binary,
@ -27,13 +25,11 @@ pub enum FolderType {
Kernel, Kernel,
} }
#[derive(Debug)]
pub struct Malware { pub struct Malware {
pub ftype: Vec<MalwareType>, pub r#type: Vec<MalwareType>,
pub name: String, pub name: String,
} }
#[derive(Debug)]
pub enum MalwareType { pub enum MalwareType {
DataThief, // sells data to ad companies (cough cough google chrome cough cough) DataThief, // sells data to ad companies (cough cough google chrome cough cough)
LoginStealer, // fuckin skyblock mods, probably LoginStealer, // fuckin skyblock mods, probably
@ -48,58 +44,49 @@ impl Folder {
// system folders // system folders
Folder { Folder {
path: String::from("/usr/bin"), path: String::from("/usr/bin"),
ftype: FolderType::Binary, r#type: FolderType::Binary,
contains: "Installed Programs".to_string(), contains: "Installed Programs".to_string(),
dangerous_perms: FolderPerms::Write,
}, },
Folder { Folder {
path: "/boot".to_string(), path: "/boot".to_string(),
ftype: FolderType::Kernel, r#type: FolderType::Kernel,
contains: "Boot Files, Kernel".to_string(), contains: "Boot Files, Kernel".to_string(),
dangerous_perms: FolderPerms::Write,
}, },
Folder { Folder {
path: "/lib".to_string(), path: "/lib".to_string(),
ftype: FolderType::SystemData, r#type: FolderType::SystemData,
contains: "Kernel Modules, Libraries".to_string(), contains: "Kernel Modules, Libraries".to_string(),
dangerous_perms: FolderPerms::Write,
}, },
Folder { Folder {
path: "/usr/lib".to_string(), path: "/usr/lib".to_string(),
ftype: FolderType::SystemData, r#type: FolderType::SystemData,
contains: "Libraries, Object Files".to_string(), contains: "Libraries, Object Files".to_string(),
dangerous_perms: FolderPerms::Write,
}, },
Folder { Folder {
path: "/dev".to_string(), path: "/dev".to_string(),
ftype: FolderType::SystemData, r#type: FolderType::SystemData,
contains: "Access To All Devices".to_string(), contains: "Access To All Devices".to_string(),
dangerous_perms: FolderPerms::Write,
}, },
Folder { Folder {
path: "/tmp".to_string(), path: "/tmp".to_string(),
ftype: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: "Temporary Application Data".to_string(), contains: "Temporary Application Data".to_string(),
dangerous_perms: FolderPerms::Read,
}, },
// user specific files // user specific files
Folder { Folder {
path: "~/.config".to_string(), path: "~/.config".to_string(),
ftype: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: "Permanent Application Data, Login Info".to_string(), contains: "Permanent Application Data, Login Info".to_string(),
dangerous_perms: FolderPerms::Read,
}, },
Folder { Folder {
path: "~/.local/share".to_string(), path: "~/.local/share".to_string(),
ftype: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: String::from("Permanent Application Data, Login Info"), contains: String::from("Permanent Application Data, Login Info"),
dangerous_perms: FolderPerms::Read,
}, },
Folder { Folder {
path: "~/.cache".to_string(), path: "~/.cache".to_string(),
ftype: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: "Cached Data From Applications".to_string(), contains: "Cached Data From Applications".to_string(),
dangerous_perms: FolderPerms::Read,
}, },
] ]
} }
@ -112,7 +99,7 @@ pub struct Perms {
pub other: Vec<FolderPerms>, pub other: Vec<FolderPerms>,
} }
#[derive(Debug, PartialEq, Eq)] #[derive(Debug)]
pub enum FolderPerms { pub enum FolderPerms {
Read, Read,
Write, Write,
@ -120,7 +107,7 @@ pub enum FolderPerms {
} }
impl Perms { impl Perms {
pub fn from_unix_folder(path: &String) -> Perms { pub fn from_unix_folder(path: String) -> Perms {
let md = fs::metadata(path).unwrap(); let md = fs::metadata(path).unwrap();
let perms = md.permissions().mode(); let perms = md.permissions().mode();
let string = format!("{perms:o}") let string = format!("{perms:o}")
@ -132,6 +119,7 @@ impl Perms {
.rev() .rev()
.collect::<String>() .collect::<String>()
.chars() .chars()
.into_iter()
.collect::<Vec<char>>(); .collect::<Vec<char>>();
Perms { Perms {