jin.c
资源名称:08.zip [点击查看]
上传用户:ynjin1970
上传日期:2014-10-13
资源大小:6438k
文件大小:11k
源码类别:
中间件编程
开发平台:
Visual C++
- /****************************************************************************
- *
- * NAME: Jin Automated Filesystem Security Scanner
- *
- * DESCRIPTION:
- * -Conducts a systematic scan of the local filesystem looking for common
- * security problems. Two different levels of scanning are available,
- * and the output can be formatted as plain text.
- *
- * USAGE:
- * Jin [OPTIONS]... [SCANTYPE]
- *
- * Available options:
- * -r Format output in a collated report style
- * -d Include dynamic and device directories in the scan
- * --help Display help and usage information
- *
- * Scan levels: normal, verbose
- *
- * Example Usage:
- * Jin -r verbose
- *
- ****************************************************************************/
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <unistd.h>
- #include <stdio.h>
- #include <ftw.h>
- #include <string.h>
- #include <stdlib.h>
- struct Laven
- {
- char path[128];
- struct Laven *next;
- };
- void initStorage();
- int checkFile(const char*, const struct stat*, int);
- void outputReport();
- struct Laven *s_isuid, *s_isgid, *s_iwoth, *ds_iwoth;
- struct Laven *s_isuid_cur, *s_isgid_cur, *s_iwoth_cur, *ds_iwoth_cur;
- struct Laven *s_isvtx;
- struct Laven *s_isvtx_cur;
- struct Laven *temp;
- int normal, verbose, report, dynamic;
- void readd();
- void test(char *a);
- int main(int argc, char **argv)//接受命令行变元的参数
- {
- int i;
- //initialize
- normal = 0;
- verbose = 0;
- report = 0;
- dynamic = 0;
- //if no command line arguments, assume default run
- if (argc <= 1)
- normal = 1;
- //print help/usage info if requested
- if ((argc > 1) && (strcmp(argv[1], "--help") == 0))
- {
- printf("Jin, an automated file system security scanning tool.n");
- printf("Usage: Jin [OPTION]... [SCANTYPE]...nn");
- printf("Options:n");
- printf(" -d Include dynamic directories in scan (/tmp /dev /proc /devices)n");
- printf(" -r Format output as a categorically sorted reportn");
- printf(" --help Display this help messagenn");
- printf("Scan Types:n");
- printf(" normal Basic security scan (default)n");
- printf(" verbose Extended security scann");
- exit(0);
- }
- //check for command line goodies
- if (argc > 1)
- {
- for (i = 1; i < argc; i++)
- {
- if (strcmp(argv[i], "-r") == 0)
- report = 1;
- else if (strcmp(argv[i], "-d") == 0)
- dynamic = 1;
- else if (strcmp(argv[i], "normal") == 0)
- normal = 1;
- else if (strcmp(argv[i], "verbose") == 0)
- verbose = 1;
- else
- {
- printf("Jin: invalid optionn");
- printf("Usage: Jin [OPTION]... [SCANTYPE]...nn");
- printf("Try 'Jin --help' for more information.nn");
- exit(1);
- }
- }
- }
- if (report)
- initStorage();
- nftw("/", checkFile, sysconf(_SC_OPEN_MAX) - 3, 1);//遍历目录函数
- if (report)
- outputReport();
- readd();
- }
- int checkFile(const char *path, const struct stat *st, int flag)
- {
- //produce no output if we're ignoring /dev, /tmp, and /proc
- if (!dynamic)
- {
- if ((path[0] == '/') &&
- (path[1] == 'd') &&
- (path[2] == 'e') &&
- (path[3] == 'v') &&
- (path[4] == '/'))
- return(0);
- if ((path[0] == '/') &&
- (path[1] == 't') &&
- (path[2] == 'm') &&
- (path[3] == 'p') &&
- (path[4] == '/'))
- return(0);
- if ((path[0] == '/') &&
- (path[1] == 'p') &&
- (path[2] == 'r') &&
- (path[3] == 'o') &&
- (path[4] == 'c') &&
- (path[5] == '/'))
- return(0);
- if ((path[0] == '/') &&
- (path[1] == 'd') &&
- (path[2] == 'e') &&
- (path[3] == 'v') &&
- (path[4] == 'i') &&
- (path[5] == 'c') &&
- (path[6] == 'e') &&
- (path[7] == 's') &&
- (path[8] == '/'))
- return(0);
- }
- switch(flag)
- {
- case FTW_F://general files
- //normal checks
- if ((st->st_mode & S_ISUID) != 0)
- if (report)
- {
- strcpy(s_isuid_cur->path, path);
- temp = malloc(sizeof(struct Laven));
- s_isuid_cur->next = temp;
- s_isuid_cur = temp;
- temp->next = NULL;
- }
- else
- printf("SUID file: %sn", path);
- if ((st->st_mode & S_ISGID) != 0)
- if (report)
- {
- strcpy(s_isgid_cur->path, path);
- temp = malloc(sizeof(struct Laven));
- s_isgid_cur->next = temp;
- s_isgid_cur = temp;
- temp->next = NULL;
- }
- else
- printf("SGID file: %sn", path);
- if ((st->st_mode & S_IWOTH) != 0)
- if (report)
- {
- strcpy(s_iwoth_cur->path, path);
- temp = malloc(sizeof(struct Laven));
- s_iwoth_cur->next = temp;
- s_iwoth_cur = temp;
- temp->next = NULL;
- }
- else
- printf("World-writeable file: %sn", path);
- //verbose checks
- if (verbose)
- {
- if ((st->st_mode & S_ISVTX) != 0)
- if (report)
- {
- strcpy(s_isvtx_cur->path, path);
- temp = malloc(sizeof(struct Laven));
- s_isvtx_cur->next = temp;
- s_isvtx_cur = temp;
- temp->next = NULL;
- }
- else
- printf("Sticky file: %sn", path);
- }
- break;
- case FTW_D: //目录文件
- //normal checks
- if ((st->st_mode & S_IWOTH) != 0)
- if (report)
- {
- strcpy(ds_iwoth_cur->path, path);
- temp = malloc(sizeof(struct Laven));
- ds_iwoth_cur->next = temp;
- ds_iwoth_cur = temp;
- temp->next = NULL;
- }
- else
- printf("World-writeable directory: %sn", path);
- break;
- }
- return(0);
- }
- void initStorage()
- {
- s_isuid = malloc(sizeof(struct Laven));
- s_isuid_cur = s_isuid;
- s_isuid->next = NULL;
- s_isgid = malloc(sizeof(struct Laven));
- s_isgid_cur = s_isgid;
- s_isgid->next = NULL;
- s_iwoth = malloc(sizeof(struct Laven));
- s_iwoth_cur = s_iwoth;
- s_iwoth->next = NULL;
- ds_iwoth = malloc(sizeof(struct Laven));
- ds_iwoth_cur = ds_iwoth;
- ds_iwoth->next = NULL;
- if (verbose)
- {
- s_isvtx = malloc(sizeof(struct Laven));
- s_isvtx_cur = s_isvtx;
- s_isvtx->next = NULL;
- }
- }
- void outputReport()
- {
- FILE *fp;
- fp=fopen("result.txt","w");
- if(fp==NULL)
- {perror("results.txt");
- exit(1);
- }
- // fprintf(fp,"n");
- // fprintf(fp," Results Fromn");
- // fprintf(fp," Jin Automated Filesystem Security Scannern");
- //output SUID file list
- // fprintf(fp,"nnSUID Filesn");
- // fprintf(fp,"-----------------------------------------------------------------n");
- s_isuid_cur = s_isuid;
- while (s_isuid_cur->next != NULL)
- {
- fprintf(fp,"%sn", s_isuid_cur->path);
- temp = s_isuid_cur;
- s_isuid_cur = s_isuid_cur->next;
- free(temp);
- }
- //output SGID file list
- // fprintf(fp,"nnSGID Filesn");
- // fprintf(fp,"-----------------------------------------------------------------n");
- s_isgid_cur = s_isgid;
- while (s_isgid_cur->next != NULL)
- {
- fprintf(fp,"%sn", s_isgid_cur->path);
- temp = s_isgid_cur;
- s_isgid_cur = s_isgid_cur->next;
- free(temp);
- }
- //output "sticky" files
- if (verbose)
- {
- // fprintf(fp,"nn"Sticky" Filesn");
- // fprintf(fp,"-----------------------------------------------------------------n");
- s_isvtx_cur = s_isvtx;
- while (s_isvtx_cur->next != NULL)
- {
- fprintf(fp,"%sn", s_isvtx_cur->path);
- temp = s_isvtx_cur->next;
- s_isvtx_cur = s_isvtx_cur->next;
- free(temp);
- }
- }
- fclose(fp);
- }
- void readd()
- {FILE *fp;
- char a[100];
- char ch;
- int i=0;
- if((fp=fopen("result.txt","r"))==NULL)
- {printf("file can't open!n");
- }
- while((ch=fgetc(fp))!=EOF)
- {if(ch!='n')
- a[i++]=ch;
- else
- {a[i]=' ';
- test(a);
- i=0;
- }
- }
- fclose(fp);
- }
- void test(char *a)
- {
- int i=7,j=0;
- char d[100];
- d[0]='m';
- d[1]='d';
- d[2]='5';
- d[3]='s';
- d[4]='u';
- d[5]='m';
- d[6]=' ';
- while(a[j]!=' ')
- d[i++]=a[j++];
- d[i]=' ';
- system(d);
- }