-
Notifications
You must be signed in to change notification settings - Fork 13.9k
/
unix.rb
130 lines (119 loc) · 2.94 KB
/
unix.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# -*- coding: binary -*-
module Msf::Post::Unix
#
# @return [Boolean] true if session is running as uid=0
#
def is_root?
(cmd_exec('id -u').to_s.gsub(/[^\d]/, '') == '0')
end
#
# Gets the pid of the current session
# @return [String]
#
def get_session_pid
cmd_exec("echo $PPID").to_s
end
#
# Returns an array of hashes each representing a user
# Keys are name, uid, gid, info, dir and shell
#
def get_users
users = []
etc_passwd = nil
[
"/etc/passwd",
"/etc/security/passwd",
"/etc/master.passwd",
].each { |f|
if file_exist?(f)
etc_passwd = f
break
end
}
cmd_out = read_file(etc_passwd).split("\n")
cmd_out.each do |l|
entry = {}
user_field = l.split(":")
entry[:name] = user_field[0]
entry[:uid] = user_field[2]
entry[:gid] = user_field[3]
entry[:info] = user_field[4]
entry[:dir] = user_field[5]
entry[:shell] = user_field[6]
users << entry
end
return users
end
#
# Returns an array of hashes each hash representing a user group
# Keys are name, gid and users
#
def get_groups
groups = []
group = '/etc/group'
if file_exist?(group)
cmd_out = read_file(group).split("\n")
cmd_out.each do |l|
entry = {}
user_field = l.split(":")
entry[:name] = user_field[0]
entry[:gid] = user_field[2]
entry[:users] = user_field[3]
groups << entry
end
end
return groups
end
#
# Enumerates the user directories in /Users or /home
#
def enum_user_directories
user_dirs = []
# get all user directories from /etc/passwd
passwd = '/etc/passwd'
if file_exist?(passwd)
read_file(passwd).each_line do |passwd_line|
user_dirs << passwd_line.split(/:/)[5]
end
end
# also list other common places for home directories in the event that
# the users aren't in /etc/passwd (LDAP, for example)
case session.platform
when 'osx'
user_dirs << cmd_exec('ls /Users').each_line.map { |l| "/Users/#{l}" }
else
user_dirs << cmd_exec('ls /home').each_line.map { |l| "/home/#{l}" }
end
user_dirs.flatten!
user_dirs.compact!
user_dirs.sort!
user_dirs.uniq!
user_dirs
end
#
# It returns the username of the current user
# @return [String] with username
#
def whoami
shellpid = get_session_pid()
status = read_file("/proc/#{shellpid}/status")
status.each_line do |line|
split = line.split(":")
if split[0] == "Uid"
regex = /.*\s(.*)\s/
useridtmp = split[1]
userid = useridtmp[regex, 1]
uid = userid.to_s
passwd = read_file("/etc/passwd")
passwd.each_line do |line|
parts = line.split(":")
uid_passwd = parts[2].to_s
user = parts[0].to_s
if uid_passwd == uid
return user
end
end
end
end
end
end