From 0b7e58ee05a78568c05947d08b5bb737d129cade Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=9E=C3=B3rhallur=20Sverrisson?= Date: Mon, 13 Dec 2021 13:15:57 +0000 Subject: [PATCH] Added additional file types and also exit code. I added .ear and .zip to types of file to test. Also added an exit code if a match is found. Exit codes: * 0: No match found * 1: Error * 2: Error parsing flags * 3: Match was found This enables integration with Ansible, e.g: ```yaml --- - hosts: all become: true tasks: - name: Copy log4shelldetect to remote host copy: src: /home/XXX/log4shelldetect dest: /tmp/log4shelldetect mode: "0555" - name: Search for log4j shell: cmd: "/tmp/log4shelldetect -mode=list /" register: log4shelldetect changed_when: log4shelldetect.rc == 3 failed_when: log4shelldetect.rc == 1 or log4shelldetect.rc == 2 - name: copy: dest: "/home/XXX/log4shelldetect.out/{{ ansible_fqdn }}" content: "{{ log4shelldetect.stdout }}\n" when: log4shelldetect.rc == 3 delegate_to: localhost ``` --- main.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/main.go b/main.go index 059fef7..040caa4 100644 --- a/main.go +++ b/main.go @@ -60,7 +60,7 @@ func main() { Callback: func(osPathname string, de *godirwalk.Dirent) error { // For each file in the directory, check if it ends in ".jar" ext := strings.ToLower(filepath.Ext(osPathname)) - if ext == ".jar" || ext == ".war" { + if ext == ".jar" || ext == ".war" || ext == ".ear" || ext == ".zip" { pool <- struct{}{} // If it is, take a goroutine (thread) from the thread pool // and check the jar. @@ -89,6 +89,8 @@ func main() { for i := 0; i < cap(pool); i++ { pool <- struct{}{} } + + os.Exit(found) } // checkJar checks a given jar file and returns a status and description for whether @@ -194,7 +196,7 @@ func checkJar(pathToFile string, rd io.ReaderAt, size int64, depth int) (status // If there is a jar in the jar, recurse into it. ext := strings.ToLower(path.Ext(file.Name)) - if ext == ".jar" || ext == ".war" { + if ext == ".jar" || ext == ".war" || ext == ".ear" || ext == ".zip" { var subStatus Status var subDesc string // If the jar is larger than 500 MB, this can be dangerous @@ -285,6 +287,8 @@ const ( StatusVulnerable ) +var found = 0 + // printStatus takes in the path to the file, status and description, and // prints the result out to stdout. func printStatus(fileName string, status Status, desc string) { @@ -295,6 +299,7 @@ func printStatus(fileName string, status Status, desc string) { if *mode == "list" { if status == StatusVulnerable || status == StatusMaybe { fmt.Println(fileName) + found = 3 } return @@ -309,12 +314,15 @@ func printStatus(fileName string, status Status, desc string) { case StatusPatched: c = color.New(color.FgGreen) c.Print("PATCHED ") + found = 3 case StatusVulnerable: c = color.New(color.FgRed) c.Print("VULNRBL ") + found = 3 case StatusMaybe: c = color.New(color.FgRed) c.Print("MAYBE ") + found = 3 case StatusUnknown: c = color.New(color.FgYellow) c.Print("UNKNOWN ")