Compare commits
2 Commits
a933a287b5
...
12ac96f568
Author | SHA1 | Date |
---|---|---|
SadlyNotSappho | 12ac96f568 | |
SadlyNotSappho | ce82000bb4 |
File diff suppressed because it is too large
Load Diff
|
@ -7,3 +7,6 @@ edition = "2021"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
indicatif = "0.17.7"
|
indicatif = "0.17.7"
|
||||||
|
reqwest = "0.11.22"
|
||||||
|
tokio = { version = "1.33.0", features = ["rt-multi-thread", "macros"] }
|
||||||
|
users = "0.11.0"
|
||||||
|
|
115
src/main.rs
115
src/main.rs
|
@ -1,20 +1,75 @@
|
||||||
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
|
|
||||||
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
||||||
use security_checker::{structs::{Folder, Perms}, get_home};
|
use security_checker::{
|
||||||
use std::os::unix::fs::PermissionsExt;
|
get_home,
|
||||||
|
structs::{Data, Folder, FolderPerms, Perms},
|
||||||
|
};
|
||||||
|
use std::{
|
||||||
|
fmt::Write, fs, os::unix::prelude::MetadataExt, process, sync::mpsc, thread, time::Duration,
|
||||||
|
};
|
||||||
|
|
||||||
fn main() {
|
#[tokio::main]
|
||||||
// TODO: add support for other OSes
|
async fn main() {
|
||||||
|
// TODO: add support for other OSes
|
||||||
if std::env::consts::OS != "linux" {
|
if std::env::consts::OS != "linux" {
|
||||||
println!("This currently only supports linux. Sorry!");
|
println!("This currently only supports linux. Sorry!");
|
||||||
process::exit(1)
|
process::exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let (tx, rx) = mpsc::channel();
|
||||||
|
|
||||||
|
thread::spawn(|| async move {
|
||||||
|
let mut vulnerable_folders: Vec<Folder> = vec![];
|
||||||
|
let current_user = users::get_effective_uid();
|
||||||
|
|
||||||
|
// vulnerable folders
|
||||||
|
let folders = Folder::linux();
|
||||||
|
for mut folder in folders {
|
||||||
|
folder.path = folder.path.replace('~', &get_home()[..]);
|
||||||
|
|
||||||
|
let md = fs::metadata(&folder.path).unwrap();
|
||||||
|
let perms = Perms::from_unix_folder(&folder.path);
|
||||||
|
let owner = md.uid();
|
||||||
|
let group = md.gid();
|
||||||
|
|
||||||
|
let current_user = users::get_effective_uid();
|
||||||
|
let current_group = users::get_effective_gid();
|
||||||
|
|
||||||
|
// clippy hates this.
|
||||||
|
if owner == current_user && perms.owner.contains(&folder.dangerous_perms) {
|
||||||
|
vulnerable_folders.push(folder)
|
||||||
|
} else if group == current_group && perms.group.contains(&folder.dangerous_perms) {
|
||||||
|
vulnerable_folders.push(folder)
|
||||||
|
} else if perms.other.contains(&folder.dangerous_perms) {
|
||||||
|
vulnerable_folders.push(folder)
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
// ping home
|
||||||
|
let ping = reqwest::get("https://sadlynotsappho.dev/scam").await;
|
||||||
|
let root = current_user == 0;
|
||||||
|
|
||||||
|
tx.send(Data {
|
||||||
|
vulnerable_folders,
|
||||||
|
root,
|
||||||
|
pinged_home: ping.is_ok(),
|
||||||
|
cam_access: false,
|
||||||
|
mic_access: false,
|
||||||
|
known_malware: vec![],
|
||||||
|
})
|
||||||
|
});
|
||||||
|
|
||||||
println!("SCAMing you...");
|
println!("SCAMing you...");
|
||||||
let pb = ProgressBar::new(100);
|
let pb = ProgressBar::new(100);
|
||||||
pb.set_style(ProgressStyle::with_template("[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})")
|
pb.set_style(
|
||||||
|
ProgressStyle::with_template(
|
||||||
|
"[{elapsed_precise}] [{wide_bar:.cyan/blue}] {pos}/{len} ({eta})",
|
||||||
|
)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap())
|
.with_key("eta", |state: &ProgressState, w: &mut dyn Write| {
|
||||||
.progress_chars("=>-"));
|
write!(w, "{:.1}s", state.eta().as_secs_f64()).unwrap()
|
||||||
|
})
|
||||||
|
.progress_chars("=>-"),
|
||||||
|
);
|
||||||
|
|
||||||
let mut progress = 0;
|
let mut progress = 0;
|
||||||
while progress < 100 {
|
while progress < 100 {
|
||||||
|
@ -23,35 +78,25 @@ fn main() {
|
||||||
thread::sleep(Duration::from_millis(50));
|
thread::sleep(Duration::from_millis(50));
|
||||||
}
|
}
|
||||||
|
|
||||||
let (tx, rx) = mpsc::channel();
|
|
||||||
|
|
||||||
thread::spawn(move || {
|
|
||||||
let mut out: Vec<Folder> = vec![];
|
|
||||||
let folders = Folder::linux();
|
|
||||||
for mut folder in folders {
|
|
||||||
folder.path = folder.path.replace('~', &get_home()[..]);
|
|
||||||
|
|
||||||
// check if we have write perms for all of the folders, if so, push to out
|
|
||||||
let md = fs::metadata(&folder.path).unwrap();
|
|
||||||
let perms = md.permissions().mode();
|
|
||||||
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
|
|
||||||
|
|
||||||
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
|
|
||||||
let owner = md.uid();
|
|
||||||
let group = md.gid();
|
|
||||||
|
|
||||||
// println!("{readonly} - {}", folder.path);
|
|
||||||
// if !readonly {
|
|
||||||
// println!("can write to {}", folder.path);
|
|
||||||
// out.push(folder)
|
|
||||||
// }
|
|
||||||
};
|
|
||||||
tx.send(out)
|
|
||||||
});
|
|
||||||
|
|
||||||
pb.finish();
|
pb.finish();
|
||||||
println!("Ran SCAM. Here's your output!");
|
println!("Ran SCAM. Here's your output!");
|
||||||
|
|
||||||
let recieved = rx.recv().unwrap();
|
let recieved = rx.recv();
|
||||||
println!("{recieved:?}");
|
println!("{recieved:?}");
|
||||||
|
|
||||||
|
// println!("Root: {}", recieved.root);
|
||||||
|
// println!("Pinged Home: {}", recieved.pinged_home);
|
||||||
|
|
||||||
|
// for folder in recieved.vulnerable_folders {
|
||||||
|
// println!(
|
||||||
|
// "I can {} {}. This is potentially bad, because this folder stores {}.",
|
||||||
|
// match folder.dangerous_perms {
|
||||||
|
// FolderPerms::Write => "write to",
|
||||||
|
// FolderPerms::Read => "read from",
|
||||||
|
// FolderPerms::Execute => "execute files in",
|
||||||
|
// },
|
||||||
|
// folder.path,
|
||||||
|
// folder.contains
|
||||||
|
// );
|
||||||
|
// }
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,23 +1,25 @@
|
||||||
use std::fs;
|
use std::fs;
|
||||||
use std::os::unix::fs::PermissionsExt;
|
use std::os::unix::fs::PermissionsExt;
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
pub struct Data {
|
pub struct Data {
|
||||||
pub vulnerable_folders: Vec<Folder>,
|
pub vulnerable_folders: Vec<Folder>, // done
|
||||||
pub pinged_home: bool,
|
pub pinged_home: bool,
|
||||||
pub known_malware: Vec<Malware>,
|
pub root: bool,
|
||||||
pub cam_access: bool,
|
pub cam_access: bool,
|
||||||
pub mic_access: bool,
|
pub mic_access: bool,
|
||||||
pub root: bool,
|
pub known_malware: Vec<Malware>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Folder {
|
pub struct Folder {
|
||||||
pub path: String,
|
pub path: String,
|
||||||
pub r#type: FolderType,
|
pub ftype: FolderType,
|
||||||
pub contains: String,
|
pub contains: String,
|
||||||
|
pub dangerous_perms: FolderPerms,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug, PartialEq, Eq)]
|
||||||
pub enum FolderType {
|
pub enum FolderType {
|
||||||
ApplicationData,
|
ApplicationData,
|
||||||
Binary,
|
Binary,
|
||||||
|
@ -25,11 +27,13 @@ pub enum FolderType {
|
||||||
Kernel,
|
Kernel,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
pub struct Malware {
|
pub struct Malware {
|
||||||
pub r#type: Vec<MalwareType>,
|
pub ftype: Vec<MalwareType>,
|
||||||
pub name: String,
|
pub name: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
pub enum MalwareType {
|
pub enum MalwareType {
|
||||||
DataThief, // sells data to ad companies (cough cough google chrome cough cough)
|
DataThief, // sells data to ad companies (cough cough google chrome cough cough)
|
||||||
LoginStealer, // fuckin skyblock mods, probably
|
LoginStealer, // fuckin skyblock mods, probably
|
||||||
|
@ -44,49 +48,58 @@ impl Folder {
|
||||||
// system folders
|
// system folders
|
||||||
Folder {
|
Folder {
|
||||||
path: String::from("/usr/bin"),
|
path: String::from("/usr/bin"),
|
||||||
r#type: FolderType::Binary,
|
ftype: FolderType::Binary,
|
||||||
contains: "Installed Programs".to_string(),
|
contains: "Installed Programs".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/boot".to_string(),
|
path: "/boot".to_string(),
|
||||||
r#type: FolderType::Kernel,
|
ftype: FolderType::Kernel,
|
||||||
contains: "Boot Files, Kernel".to_string(),
|
contains: "Boot Files, Kernel".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/lib".to_string(),
|
path: "/lib".to_string(),
|
||||||
r#type: FolderType::SystemData,
|
ftype: FolderType::SystemData,
|
||||||
contains: "Kernel Modules, Libraries".to_string(),
|
contains: "Kernel Modules, Libraries".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/usr/lib".to_string(),
|
path: "/usr/lib".to_string(),
|
||||||
r#type: FolderType::SystemData,
|
ftype: FolderType::SystemData,
|
||||||
contains: "Libraries, Object Files".to_string(),
|
contains: "Libraries, Object Files".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/dev".to_string(),
|
path: "/dev".to_string(),
|
||||||
r#type: FolderType::SystemData,
|
ftype: FolderType::SystemData,
|
||||||
contains: "Access To All Devices".to_string(),
|
contains: "Access To All Devices".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Write,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "/tmp".to_string(),
|
path: "/tmp".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: "Temporary Application Data".to_string(),
|
contains: "Temporary Application Data".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Read,
|
||||||
},
|
},
|
||||||
// user specific files
|
// user specific files
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.config".to_string(),
|
path: "~/.config".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: "Permanent Application Data, Login Info".to_string(),
|
contains: "Permanent Application Data, Login Info".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Read,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.local/share".to_string(),
|
path: "~/.local/share".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: String::from("Permanent Application Data, Login Info"),
|
contains: String::from("Permanent Application Data, Login Info"),
|
||||||
|
dangerous_perms: FolderPerms::Read,
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.cache".to_string(),
|
path: "~/.cache".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
ftype: FolderType::ApplicationData,
|
||||||
contains: "Cached Data From Applications".to_string(),
|
contains: "Cached Data From Applications".to_string(),
|
||||||
|
dangerous_perms: FolderPerms::Read,
|
||||||
},
|
},
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -99,7 +112,7 @@ pub struct Perms {
|
||||||
pub other: Vec<FolderPerms>,
|
pub other: Vec<FolderPerms>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug, PartialEq, Eq)]
|
||||||
pub enum FolderPerms {
|
pub enum FolderPerms {
|
||||||
Read,
|
Read,
|
||||||
Write,
|
Write,
|
||||||
|
@ -107,7 +120,7 @@ pub enum FolderPerms {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Perms {
|
impl Perms {
|
||||||
pub fn from_unix_folder(path: String) -> Perms {
|
pub fn from_unix_folder(path: &String) -> Perms {
|
||||||
let md = fs::metadata(path).unwrap();
|
let md = fs::metadata(path).unwrap();
|
||||||
let perms = md.permissions().mode();
|
let perms = md.permissions().mode();
|
||||||
let string = format!("{perms:o}")
|
let string = format!("{perms:o}")
|
||||||
|
@ -119,7 +132,6 @@ impl Perms {
|
||||||
.rev()
|
.rev()
|
||||||
.collect::<String>()
|
.collect::<String>()
|
||||||
.chars()
|
.chars()
|
||||||
.into_iter()
|
|
||||||
.collect::<Vec<char>>();
|
.collect::<Vec<char>>();
|
||||||
|
|
||||||
Perms {
|
Perms {
|
||||||
|
|
Loading…
Reference in New Issue