jin.c
上传用户:ynjin1970
上传日期:2014-10-13
资源大小:6438k
文件大小:11k
源码类别:

中间件编程

开发平台:

Visual C++

  1. /****************************************************************************
  2.  *
  3.  * NAME:   Jin Automated Filesystem Security Scanner
  4.  *
  5.  * DESCRIPTION:
  6.  * -Conducts a systematic scan of the local filesystem looking for common
  7.  *  security problems.  Two different levels of scanning are available,
  8.  *  and the output can be formatted as plain text.
  9.  *
  10.  * USAGE:
  11.  *   Jin [OPTIONS]... [SCANTYPE]
  12.  *
  13.  * Available options:
  14.  *   -r        Format output in a collated report style
  15.  *   -d        Include dynamic and device directories in the scan
  16.  *   --help    Display help and usage information
  17.  *
  18.  * Scan levels: normal, verbose
  19.  *
  20.  * Example Usage:
  21.  *   Jin -r verbose
  22.  *
  23.  ****************************************************************************/
  24. #include <sys/types.h>
  25. #include <sys/stat.h>
  26. #include <unistd.h>
  27. #include <stdio.h>
  28. #include <ftw.h>
  29. #include <string.h>
  30. #include <stdlib.h>
  31.                                                                                 
  32. struct Laven
  33. {
  34.   char path[128];
  35.   struct Laven *next;
  36. };
  37.                                                                                 
  38. void initStorage();
  39. int checkFile(const char*, const struct stat*, int);
  40. void outputReport();
  41.                                                                                 
  42.                                                                                 
  43.                                                                                 
  44. struct Laven *s_isuid, *s_isgid, *s_iwoth, *ds_iwoth;
  45. struct Laven *s_isuid_cur, *s_isgid_cur, *s_iwoth_cur, *ds_iwoth_cur;
  46. struct Laven *s_isvtx;
  47. struct Laven *s_isvtx_cur;
  48. struct Laven *temp;
  49. int normal, verbose, report, dynamic;
  50. void readd();
  51. void test(char *a);
  52.                                                                                 
  53.                                                                                 
  54. int main(int argc, char **argv)//接受命令行变元的参数
  55. {
  56.   int i;
  57.                                                                                 
  58.   //initialize
  59.   normal = 0;
  60.   verbose = 0;
  61.   report = 0;
  62.   dynamic = 0;
  63.                                                                                 
  64.   //if no command line arguments, assume default run
  65.   if (argc <= 1)
  66.     normal = 1;
  67.    //print help/usage info if requested
  68.   if ((argc > 1) && (strcmp(argv[1], "--help") == 0))
  69.   {
  70.     printf("Jin, an automated file system security scanning tool.n");
  71.     printf("Usage: Jin [OPTION]... [SCANTYPE]...nn");
  72.     printf("Options:n");
  73.     printf("  -d          Include dynamic directories in scan (/tmp /dev /proc /devices)n");
  74.     printf("  -r          Format output as a categorically sorted reportn");
  75.     printf("  --help      Display this help messagenn");
  76.     printf("Scan Types:n");
  77.     printf("  normal      Basic security scan (default)n");
  78.     printf("  verbose     Extended security scann");
  79.     exit(0);
  80.   }
  81.                                                                                 
  82.   //check for command line goodies
  83.   if (argc > 1)
  84.   {
  85.     for (i = 1; i < argc; i++)
  86.     {
  87.       if (strcmp(argv[i], "-r") == 0)
  88.             report = 1;
  89.       else if (strcmp(argv[i], "-d") == 0)
  90.         dynamic = 1;
  91.       else if (strcmp(argv[i], "normal") == 0)
  92.         normal = 1;
  93.       else if (strcmp(argv[i], "verbose") == 0)
  94.         verbose = 1;
  95.       else
  96.         {
  97.           printf("Jin: invalid optionn");
  98.           printf("Usage: Jin [OPTION]... [SCANTYPE]...nn");
  99.           printf("Try 'Jin --help' for more information.nn");
  100.           exit(1);
  101.         }
  102.     }
  103.   }
  104.                                                                                 
  105.   if (report)
  106.     initStorage();
  107.                                                                                 
  108.   nftw("/", checkFile, sysconf(_SC_OPEN_MAX) - 3, 1);//遍历目录函数
  109.   if (report)
  110.     outputReport();
  111.   readd();
  112.                                                                                 
  113. }
  114.                                                                                 
  115.                                                                                 
  116. int checkFile(const char *path, const struct stat *st, int flag)
  117. {
  118.   //produce no output if we're ignoring /dev, /tmp, and /proc
  119.   if (!dynamic)
  120.   {
  121.     if ((path[0] == '/') &&
  122.         (path[1] == 'd') &&
  123.         (path[2] == 'e') &&
  124.         (path[3] == 'v') &&
  125.         (path[4] == '/'))
  126.       return(0);
  127.     if ((path[0] == '/') &&
  128.         (path[1] == 't') &&
  129.         (path[2] == 'm') &&
  130.         (path[3] == 'p') &&
  131.         (path[4] == '/'))
  132.       return(0);
  133.     if ((path[0] == '/') &&
  134.         (path[1] == 'p') &&
  135.         (path[2] == 'r') &&
  136.         (path[3] == 'o') &&
  137.         (path[4] == 'c') &&
  138.         (path[5] == '/'))
  139.       return(0);
  140.     if ((path[0] == '/') &&
  141.         (path[1] == 'd') &&
  142.         (path[2] == 'e') &&
  143.         (path[3] == 'v') &&
  144.         (path[4] == 'i') &&
  145.         (path[5] == 'c') &&
  146.         (path[6] == 'e') &&
  147.         (path[7] == 's') &&
  148.         (path[8] == '/'))
  149.       return(0);
  150.   }
  151.                                                                                 
  152.   switch(flag)
  153.   {
  154.     case FTW_F://general files
  155.       //normal checks
  156.      if ((st->st_mode & S_ISUID) != 0)
  157.         if (report)
  158.         {
  159.           strcpy(s_isuid_cur->path, path);
  160.           temp = malloc(sizeof(struct Laven));
  161.           s_isuid_cur->next = temp;
  162.           s_isuid_cur = temp;
  163.           temp->next = NULL;
  164.         }
  165.         else
  166.           printf("SUID file: %sn", path);
  167.                                                                                 
  168.       if ((st->st_mode & S_ISGID) != 0)
  169.          if (report)
  170.          {
  171.            strcpy(s_isgid_cur->path, path);
  172.            temp = malloc(sizeof(struct Laven));
  173.            s_isgid_cur->next = temp;
  174.            s_isgid_cur = temp;
  175.            temp->next = NULL;
  176.          }
  177.          else
  178.           printf("SGID file: %sn", path);
  179.       if ((st->st_mode & S_IWOTH) != 0)
  180.          if (report)
  181.          {
  182.            strcpy(s_iwoth_cur->path, path);
  183.            temp = malloc(sizeof(struct Laven));
  184.            s_iwoth_cur->next = temp;
  185.            s_iwoth_cur = temp;
  186.            temp->next = NULL;
  187.          }
  188.          else
  189.           printf("World-writeable file: %sn", path);
  190.                                                                                 
  191.       //verbose checks
  192.       if (verbose)
  193.       {
  194.         if ((st->st_mode & S_ISVTX) != 0)
  195.            if (report)
  196.            {
  197.              strcpy(s_isvtx_cur->path, path);
  198.              temp = malloc(sizeof(struct Laven));
  199.              s_isvtx_cur->next = temp;
  200.              s_isvtx_cur = temp;
  201.              temp->next = NULL;
  202.            }
  203.            else
  204.             printf("Sticky file: %sn", path);
  205.       }
  206.       break;
  207.                                                                                 
  208.     case FTW_D:    //目录文件
  209.       //normal checks
  210.      if ((st->st_mode & S_IWOTH) != 0)
  211.         if (report)
  212.         {
  213.           strcpy(ds_iwoth_cur->path, path);
  214.           temp = malloc(sizeof(struct Laven));
  215.           ds_iwoth_cur->next = temp;
  216.           ds_iwoth_cur = temp;
  217.           temp->next = NULL;
  218.         }
  219.         else
  220.           printf("World-writeable directory: %sn", path);
  221.       break;
  222.   }                                                                    
  223.   return(0);
  224. }
  225.                                                                                 
  226.                                                                                 
  227. void initStorage()
  228. {
  229.   s_isuid = malloc(sizeof(struct Laven));
  230.   s_isuid_cur = s_isuid;
  231.   s_isuid->next = NULL;
  232.                                                                                 
  233.   s_isgid = malloc(sizeof(struct Laven));
  234.   s_isgid_cur = s_isgid;
  235.    s_isgid->next = NULL;
  236.                                                                                 
  237.   s_iwoth = malloc(sizeof(struct Laven));
  238.   s_iwoth_cur = s_iwoth;
  239.   s_iwoth->next = NULL;
  240.                                                                                 
  241.   ds_iwoth = malloc(sizeof(struct Laven));
  242.   ds_iwoth_cur = ds_iwoth;
  243.   ds_iwoth->next = NULL;
  244.                                                                                 
  245.   if (verbose)
  246.   {
  247.     s_isvtx = malloc(sizeof(struct Laven));
  248.     s_isvtx_cur = s_isvtx;
  249.     s_isvtx->next = NULL;
  250.    }                                                      
  251. }
  252. void outputReport()
  253. {
  254.  FILE *fp;
  255.   fp=fopen("result.txt","w");
  256.   if(fp==NULL)
  257.    {perror("results.txt");
  258.     exit(1);
  259.     }
  260.  // fprintf(fp,"n");
  261. //  fprintf(fp,"                       Results Fromn");
  262. //  fprintf(fp,"         Jin Automated Filesystem Security Scannern");
  263.                                                                                 
  264.   //output SUID file list
  265. //  fprintf(fp,"nnSUID Filesn");
  266. //  fprintf(fp,"-----------------------------------------------------------------n");
  267.   s_isuid_cur = s_isuid;
  268.   while (s_isuid_cur->next != NULL)
  269.   {
  270.    fprintf(fp,"%sn", s_isuid_cur->path);
  271.     temp = s_isuid_cur;
  272.     s_isuid_cur = s_isuid_cur->next;
  273.     free(temp);
  274.   }
  275.                                                                                 
  276.   //output SGID file list
  277. //  fprintf(fp,"nnSGID Filesn");
  278. //  fprintf(fp,"-----------------------------------------------------------------n");
  279.   s_isgid_cur = s_isgid;
  280.   while (s_isgid_cur->next != NULL)
  281.    {
  282.     fprintf(fp,"%sn", s_isgid_cur->path);
  283.     temp = s_isgid_cur;
  284.     s_isgid_cur = s_isgid_cur->next;
  285.     free(temp);
  286.   }
  287.                                                                                 
  288.   //output "sticky" files
  289.   if (verbose)
  290.   {
  291.   //  fprintf(fp,"nn"Sticky" Filesn");
  292.   //  fprintf(fp,"-----------------------------------------------------------------n");
  293.     s_isvtx_cur = s_isvtx;
  294.     while (s_isvtx_cur->next != NULL)
  295.     {
  296.       fprintf(fp,"%sn", s_isvtx_cur->path);
  297.       temp = s_isvtx_cur->next;
  298.       s_isvtx_cur = s_isvtx_cur->next;
  299.       free(temp);
  300.      }
  301.    }
  302.  fclose(fp);
  303. }
  304.      
  305. void readd()
  306. {FILE *fp;
  307. char a[100];
  308. char ch;
  309. int i=0;
  310. if((fp=fopen("result.txt","r"))==NULL)
  311. {printf("file can't open!n");
  312. }
  313. while((ch=fgetc(fp))!=EOF)
  314. {if(ch!='n')
  315.  a[i++]=ch;
  316. else
  317. {a[i]='';
  318. test(a);  
  319. i=0;
  320. }
  321. }
  322. fclose(fp);
  323. }
  324. void test(char *a)
  325. {
  326. int i=7,j=0;
  327. char d[100];
  328. d[0]='m';
  329. d[1]='d';
  330. d[2]='5';
  331. d[3]='s';
  332. d[4]='u';
  333. d[5]='m';
  334. d[6]=' ';
  335. while(a[j]!='')
  336. d[i++]=a[j++];
  337. d[i]='';
  338. system(d);
  339. }
  340.