Compare commits
2 Commits
a933a287b5
...
12ac96f568
| Author | SHA1 | Date |
|---|---|---|
 SadlyNotSappho
|
12ac96f568 | |
|
SadlyNotSappho
|
ce82000bb4 |
File diff suppressed because it is too large
Load Diff
|
|
@ -7,3 +7,6 @@ edition = "2021"
|
|||
|
||||
[dependencies]
|
||||
indicatif = "0.17.7"
|
||||
reqwest = "0.11.22"
|
||||
tokio = { version = "1.33.0", features = ["rt-multi-thread", "macros"] }
|
||||
users = "0.11.0"
|
||||
|
|
|
|||
115
src/main.rs
115
src/main.rs
|
|
@ -1,20 +1,75 @@
|
|||
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
|
||||
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
||||
use security_checker::{structs::{Folder, Perms}, get_home};
|
||||
use std::os::unix::fs::PermissionsExt;
|
||||
use security_checker::{
|
||||
get_home,
|
||||
structs::{Data, Folder, FolderPerms, Perms},
|
||||
};
|
||||
use std::{
|
||||
fmt::Write, fs, os::unix::prelude::MetadataExt, process, sync::mpsc, thread, time::Duration,
|
||||
};
|
||||
|
||||
fn main() {
|
||||
// TODO: add support for other OSes
|
||||
#[tokio::main]
|
||||
async fn main() {
|
||||
// TODO: add support for other OSes
|
||||
if std::env::consts::OS != "linux" {
|
||||
println!("This currently only supports linux. Sorry!");
|
||||
process::exit(1)
|
||||
}
|
||||
|
||||
let (tx, rx) = mpsc::channel();
|
||||
|
||||
thread::spawn(|| async move {
|
||||
let mut vulnerable_folders: Vec<Folder> = vec![];
|
||||
let current_user = users::get_effective_uid();
|
||||
|
||||
// vulnerable folders
|
||||
let folders = Folder::linux();
|
||||
for mut folder in folders {
|
||||
folder.path = folder.path.replace('~', &get_home()[..]);
|
||||
|
||||
let md = fs::metadata(&folder.path).unwrap();
|
||||
let perms = Perms::from_unix_folder(&folder.path);
|
||||
let owner = md.uid();
|
||||
let group = md.gid();
|
||||
|
||||
let current_user = users::get_effective_uid();
|
||||
let current_group = users::get_effective_gid();
|
||||
|
||||
// clippy hates this.
|
||||
if owner == current_user && perms.owner.contains(&folder.dangerous_perms) {
|
||||
vulnerable_folders.push(folder)
|
||||
} else if group == current_group && perms.group.contains(&folder.dangerous_perms) {
|
||||
vulnerable_folders.push(folder)
|
||||
} else if perms.other.contains(&folder.dangerous_perms) {
|
||||
vulnerable_folders.push(folder)
|
||||
};
|
||||
}
|
||||
|
||||
// ping home
|
||||
let ping = reqwest::get("https://sadlynotsappho.dev/scam").await;
|
||||
let root = current_user == 0;
|
||||
|
||||
tx.send(Data {
|
||||
vulnerable_folders,
|
||||
root,
|
||||
pinged_home: ping.is_ok(),
|
||||
cam_access: false,
|
||||
mic_access: false,
|
||||
known_malware: vec![],
|
||||
})
|
||||
});
|
||||
|
||||
println!("SCAMing you...");
|
||||
let pb = ProgressBar::new(100);
|
||||
pb.set_style(ProgressStyle::with_template("[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})")
|
||||
pb.set_style(
|
||||
ProgressStyle::with_template(
|
||||
"[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})",
|
||||
)
|
||||
.unwrap()
|
||||
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap())
|
||||
.progress_chars("=>-"));
|
||||
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| {
|
||||
write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap()
|
||||
})
|
||||
.progress_chars("=>-"),
|
||||
);
|
||||
|
||||
let mut progress = 0;
|
||||
while progress < 100 {
|
||||
|
|
@ -23,35 +78,25 @@ fn main() {
|
|||
thread::sleep(Duration::from_millis(50));
|
||||
}
|
||||
|
||||
let (tx, rx) = mpsc::channel();
|
||||
|
||||
thread::spawn(move || {
|
||||
let mut out: Vec<Folder> = vec![];
|
||||
let folders = Folder::linux();
|
||||
for mut folder in folders {
|
||||
folder.path = folder.path.replace('~', &get_home()[..]);
|
||||
|
||||
// check if we have write perms for all of the folders, if so, push to out
|
||||
let md = fs::metadata(&folder.path).unwrap();
|
||||
let perms = md.permissions().mode();
|
||||
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
|
||||
|
||||
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
|
||||
let owner = md.uid();
|
||||
let group = md.gid();
|
||||
|
||||
// println!("{readonly} - {}", folder.path);
|
||||
// if !readonly {
|
||||
// println!("can write to {}", folder.path);
|
||||
// out.push(folder)
|
||||
// }
|
||||
};
|
||||
tx.send(out)
|
||||
});
|
||||
|
||||
pb.finish();
|
||||
println!("Ran SCAM. Here's your output!");
|
||||
|
||||
let recieved = rx.recv().unwrap();
|
||||
let recieved = rx.recv();
|
||||
println!("{recieved:?}");
|
||||
|
||||
// println!("Root: {}", recieved.root);
|
||||
// println!("Pinged Home: {}", recieved.pinged_home);
|
||||
|
||||
// for folder in recieved.vulnerable_folders {
|
||||
// println!(
|
||||
// "I can {} {}. This is potentially bad, because this folder stores {}.",
|
||||
// match folder.dangerous_perms {
|
||||
// FolderPerms::Write => "write to",
|
||||
// FolderPerms::Read => "read from",
|
||||
// FolderPerms::Execute => "execute files in",
|
||||
// },
|
||||
// folder.path,
|
||||
// folder.contains
|
||||
// );
|
||||
// }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,23 +1,25 @@
|
|||
use std::fs;
|
||||
use std::os::unix::fs::PermissionsExt;
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct Data {
|
||||
pub vulnerable_folders: Vec<Folder>,
|
||||
pub vulnerable_folders: Vec<Folder>, // done
|
||||
pub pinged_home: bool,
|
||||
pub known_malware: Vec<Malware>,
|
||||
pub root: bool,
|
||||
pub cam_access: bool,
|
||||
pub mic_access: bool,
|
||||
pub root: bool,
|
||||
pub known_malware: Vec<Malware>,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct Folder {
|
||||
pub path: String,
|
||||
pub r#type: FolderType,
|
||||
pub ftype: FolderType,
|
||||
pub contains: String,
|
||||
pub dangerous_perms: FolderPerms,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
#[derive(Debug, PartialEq, Eq)]
|
||||
pub enum FolderType {
|
||||
ApplicationData,
|
||||
Binary,
|
||||
|
|
@ -25,11 +27,13 @@ pub enum FolderType {
|
|||
Kernel,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct Malware {
|
||||
pub r#type: Vec<MalwareType>,
|
||||
pub ftype: Vec<MalwareType>,
|
||||
pub name: String,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub enum MalwareType {
|
||||
DataThief, // sells data to ad companies (cough cough google chrome cough cough)
|
||||
LoginStealer, // fuckin skyblock mods, probably
|
||||
|
|
@ -44,49 +48,58 @@ impl Folder {
|
|||
// system folders
|
||||
Folder {
|
||||
path: String::from("/usr/bin"),
|
||||
r#type: FolderType::Binary,
|
||||
ftype: FolderType::Binary,
|
||||
contains: "Installed Programs".to_string(),
|
||||
dangerous_perms: FolderPerms::Write,
|
||||
},
|
||||
Folder {
|
||||
path: "/boot".to_string(),
|
||||
r#type: FolderType::Kernel,
|
||||
ftype: FolderType::Kernel,
|
||||
contains: "Boot Files, Kernel".to_string(),
|
||||
dangerous_perms: FolderPerms::Write,
|
||||
},
|
||||
Folder {
|
||||
path: "/lib".to_string(),
|
||||
r#type: FolderType::SystemData,
|
||||
ftype: FolderType::SystemData,
|
||||
contains: "Kernel Modules, Libraries".to_string(),
|
||||
dangerous_perms: FolderPerms::Write,
|
||||
},
|
||||
Folder {
|
||||
path: "/usr/lib".to_string(),
|
||||
r#type: FolderType::SystemData,
|
||||
ftype: FolderType::SystemData,
|
||||
contains: "Libraries, Object Files".to_string(),
|
||||
dangerous_perms: FolderPerms::Write,
|
||||
},
|
||||
Folder {
|
||||
path: "/dev".to_string(),
|
||||
r#type: FolderType::SystemData,
|
||||
ftype: FolderType::SystemData,
|
||||
contains: "Access To All Devices".to_string(),
|
||||
dangerous_perms: FolderPerms::Write,
|
||||
},
|
||||
Folder {
|
||||
path: "/tmp".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: "Temporary Application Data".to_string(),
|
||||
dangerous_perms: FolderPerms::Read,
|
||||
},
|
||||
// user specific files
|
||||
Folder {
|
||||
path: "~/.config".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: "Permanent Application Data, Login Info".to_string(),
|
||||
dangerous_perms: FolderPerms::Read,
|
||||
},
|
||||
Folder {
|
||||
path: "~/.local/share".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: String::from("Permanent Application Data, Login Info"),
|
||||
dangerous_perms: FolderPerms::Read,
|
||||
},
|
||||
Folder {
|
||||
path: "~/.cache".to_string(),
|
||||
r#type: FolderType::ApplicationData,
|
||||
ftype: FolderType::ApplicationData,
|
||||
contains: "Cached Data From Applications".to_string(),
|
||||
dangerous_perms: FolderPerms::Read,
|
||||
},
|
||||
]
|
||||
}
|
||||
|
|
@ -99,7 +112,7 @@ pub struct Perms {
|
|||
pub other: Vec<FolderPerms>,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
#[derive(Debug, PartialEq, Eq)]
|
||||
pub enum FolderPerms {
|
||||
Read,
|
||||
Write,
|
||||
|
|
@ -107,7 +120,7 @@ pub enum FolderPerms {
|
|||
}
|
||||
|
||||
impl Perms {
|
||||
pub fn from_unix_folder(path: String) -> Perms {
|
||||
pub fn from_unix_folder(path: &String) -> Perms {
|
||||
let md = fs::metadata(path).unwrap();
|
||||
let perms = md.permissions().mode();
|
||||
let string = format!("{perms:o}")
|
||||
|
|
@ -119,7 +132,6 @@ impl Perms {
|
|||
.rev()
|
||||
.collect::<String>()
|
||||
.chars()
|
||||
.into_iter()
|
||||
.collect::<Vec<char>>();
|
||||
|
||||
Perms {
|
||||
|
|
|
|||
Loading…
Reference in New Issue