STRLCPY/metabigor

Fix sudo issue if current user is root
j3ssie committed 3 years ago

a54a7572

1 parent 65f0aadc

■ ■ ■ ■ ■ ■

cmd/scan.go

		skipped 30 lines
31	31		scanCmd.Flags().BoolVarP(&options.Scan.SkipOverview, "skip-masscan", "s", false, "run nmap from input format like this: 1.2.3.4:443")
32	32		// more nmap options
33	33		scanCmd.Flags().StringVarP(&options.Scan.NmapScripts, "script", "S", "", "nmap scripts")
34		-	scanCmd.Flags().StringVar(&options.Scan.NmapTemplate, "nmap-command", "sudo nmap -sSV -p {{.ports}} {{.input}} {{.script}} -T4 --open -oA {{.output}}", "Nmap template command to run")
	34	+	scanCmd.Flags().StringVar(&options.Scan.NmapTemplate, "nmap-command", "nmap -sSV -p {{.ports}} {{.input}} {{.script}} -T4 --open -oA {{.output}}", "Nmap template command to run")
35	35		scanCmd.Flags().StringVar(&options.Scan.GrepString, "grep", "", "match string to confirm script success")
36	36		scanCmd.Flags().StringP("result-folder", "R", "", "Result folder")
37	37		scanCmd.Flags().BoolVar(&options.Scan.IPv4, "4", true, "Filter input to only get ipv4")
		skipped 244 lines

■ ■ ■ ■ ■ ■

modules/scan.go

		skipped 4 lines
5	5		"fmt"
6	6		"io/ioutil"
7	7		"os/exec"
	8	+	"os/user"
8	9		"path/filepath"
9	10		"strings"
10	11		"text/template"
		skipped 3 lines
14	15		"github.com/j3ssie/metabigor/core"
15	16		)
16	17
	18	+	// CurrentUser get current user
	19	+	func CurrentUser() string {
	20	+	u, err := user.Current()
	21	+	if err != nil {
	22	+	return ""
	23	+	}
	24	+
	25	+	username := u.Username
	26	+	return username
	27	+	}
	28	+
17	29		// RunMasscan run masscan command and return list of port open
18	30		func RunMasscan(input string, options core.Options) []string {
19	31		ports := options.Scan.Ports
		skipped 9 lines
29	41		}
30	42		massOutput = tmpFile.Name()
31	43
32		-	masscanCmd := fmt.Sprintf("sudo masscan --rate %v -p %v -oG %v %v", rate, ports, massOutput, input)
	44	+	masscanCmd := fmt.Sprintf("masscan --rate %v -p %v -oG %v %v", rate, ports, massOutput, input)
33	45		if options.Scan.All {
34		-	masscanCmd = fmt.Sprintf("sudo masscan --rate %v -p %v -oG %v -iL %v", rate, ports, massOutput, input)
	46	+	masscanCmd = fmt.Sprintf("masscan --rate %v -p %v -oG %v -iL %v", rate, ports, massOutput, input)
	47	+	}
	48	+	if CurrentUser() != "root" {
	49	+	masscanCmd = "sudo " + masscanCmd
35	50		}
36	51
37	52		core.DebugF("Execute: %v", masscanCmd)
		skipped 58 lines
96	111
97	112		// build nmap command
98	113		if options.Scan.All {
99		-	options.Scan.NmapTemplate = "sudo nmap -sSV -p {{.ports}} -iL {{.input}} {{.script}} -T4 --open -oA {{.output}}"
	114	+	options.Scan.NmapTemplate = "nmap -sSV -p {{.ports}} -iL {{.input}} {{.script}} -T4 --open -oA {{.output}}"
100	115		}
101	116		nmapCommand := make(map[string]string)
102	117		nmapCommand["output"] = nmapOutput
		skipped 5 lines
108	123		nmapCommand["script"] = ""
109	124		}
110	125		nmapCmd := ResolveData(options.Scan.NmapTemplate, nmapCommand)
111		-
	126	+	if CurrentUser() != "root" {
	127	+	nmapCmd = "sudo " + nmapCmd
	128	+	}
112	129		//
113	130		//nmapCmd := fmt.Sprintf("sudo nmap -sSV -p %v %v -T4 --open -oA %v", ports, input, nmapOutput)
114	131		//if options.Scan.NmapScripts != "" {
		skipped 85 lines
200	217		tmpFile, _ = ioutil.TempFile(zmapOutput, fmt.Sprintf("out-%v-*.txt", core.StripPath(filepath.Base(inputFile))))
201	218		}
202	219		zmapOutput = tmpFile.Name()
203		-	zmapCmd := fmt.Sprintf("sudo zmap -p %v -w %v -f 'saddr,sport' -O csv -o %v", port, inputFile, zmapOutput)
	220	+	zmapCmd := fmt.Sprintf("zmap -p %v -w %v -f 'saddr,sport' -O csv -o %v", port, inputFile, zmapOutput)
	221	+	if CurrentUser() != "root" {
	222	+	zmapCmd = "sudo " + zmapCmd
	223	+	}
204	224		core.DebugF("Execute: %v", zmapCmd)
205	225		command := []string{
206	226		"bash",
		skipped 36 lines

Fix sudo issue if current user is root