Modified permissions checks, issue #28 progress

* clusterd.py -- Moved the platform set to before the start string * src/core/utility.py -- Added a multi-platform (linux/windows, at least) admin check function, check_admin() -- Tweaked the Msg() function a bit more to work nicer on Windows * src/platform/*/auxiliary/smb_hashes.py -- Removed all of the getuid() calls and replaced them with check_admin()
hatRiot · Oct 8, 2014 · 31cffd6 · 31cffd6
1 parent ae9ec48
commit 31cffd6
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 18 deletions.
diff --git a/clusterd.py b/clusterd.py
@@ -105,17 +105,18 @@ def run(options):
         auxengine(fingerengine)
 
 if __name__ == "__main__":
+
     utility.header()
     options = parse(sys.argv[1:])
 
+    # set platform
+    state.platform = platform.system().lower()
+
     utility.Msg("Started at %s" % (utility.timestamp()))
 
     # log the CLI args
     utility.log(' '.join(sys.argv))
 
-    # set platform
-    state.platform = platform.system().lower()
-
     try:
         prerun(options)
 

diff --git a/src/core/utility.py b/src/core/utility.py
@@ -23,23 +23,23 @@ def Msg(string, level=LOG.INFO):
     if state.platform == 'linux':
 
         if level is LOG.INFO:
-            print "%s%s%s" % ("\033[32m", output, "\033[0m")
+            output = "%s%s%s" % ("\033[32m", output, "\033[0m")
         elif level is LOG.SUCCESS:
-            print "%s%s%s" % ("\033[1;32m", output, "\033[0m")
+            output = "%s%s%s" % ("\033[1;32m", output, "\033[0m")
         elif level is LOG.ERROR:
-            print "%s%s%s" % ("\033[31m", output, "\033[0m")
+            output = "%s%s%s" % ("\033[31m", output, "\033[0m")
         elif level is LOG.DEBUG:
             if state.isdebug:
-                print "%s%s%s" % ("\033[32m", output, "\033[0m")
+                output = "%s%s%s" % ("\033[34m", output, "\033[0m")
+            else:
+                output = None
         elif level is LOG.UPDATE:
-            print "%s%s%s" % ("\033[33m", output, "\033[0m")
-
-    else:
-        print output
+            output = "%s%s%s" % ("\033[33m", output, "\033[0m")
 
     if level is LOG.DEBUG and not state.isdebug:
         return
 
+    if output: print output
     log(string)
 
 
@@ -102,6 +102,22 @@ def local_address():
     return adapter
 
 
+def check_admin():
+    """ Check whether the running user has sufficient
+    privileges to execute "privileged" actions; this equates to
+    root on linux and administrator on windows
+    """
+
+    isAdmin = False
+    import ctypes, os
+    try:
+        isAdmin = os.getuid() == 0
+    except AttributeError:
+        isAdmin = ctypes.windll.shell32.IsUserAnAdmin() != 0
+
+    return isAdmin
+
+
 def build_request(args, kwargs):
     """ This function is used for building requests' objects by adding
     state-wide arguments, such as proxy settings, user agents, and more.

diff --git a/src/platform/jboss/auxiliary/smb_hashes.py b/src/platform/jboss/auxiliary/smb_hashes.py
@@ -5,7 +5,6 @@
 from threading import Thread
 from log import LOG
 from auxiliary import Auxiliary
-from os import getuid
 from time import sleep
 import socket
 import utility
@@ -35,7 +34,7 @@ def run(self, fingerengine, fingerprint):
         Thanks to @cd1zz for the idea for this
         """
 
-        if getuid() > 0:
+        if not utility.check_admin():
             utility.Msg("Root privs required for this module.", LOG.ERROR)
             return
 

diff --git a/src/platform/railo/auxiliary/smb_hashes.py b/src/platform/railo/auxiliary/smb_hashes.py
@@ -4,7 +4,6 @@
 from auxiliary import Auxiliary
 from threading import Thread
 from time import sleep
-from os import getuid
 from log import LOG
 import socket
 import utility
@@ -31,7 +30,7 @@ def run(self, fingerengine, fingerprint):
         datasource
         """
 
-        if getuid() > 0:
+        if not utility.check_admin():
             utility.Msg("Root privs required for this module.", LOG.ERROR)
             return
 

diff --git a/src/platform/tomcat/auxiliary/smb_hashes.py b/src/platform/tomcat/auxiliary/smb_hashes.py
@@ -31,7 +31,7 @@ def run(self, fingerengine, fingerprint):
         deploy function.
         """
 
-        if getuid() > 0:
+        if not utility.check_admin(): 
             utility.Msg("Root privs required for this module.", LOG.ERROR)
             return
 

diff --git a/src/platform/weblogic/auxiliary/smb_hashes.py b/src/platform/weblogic/auxiliary/smb_hashes.py
@@ -6,7 +6,6 @@
 from log import LOG
 from re import findall
 from time import sleep
-from os import getuid
 import socket
 import utility
 import state
@@ -29,7 +28,7 @@ def run(self, fingerengine, fingerprint):
         """ Same as JBoss/Tomcat
         """
 
-        if getuid() > 0:
+        if not utility.check_admin(): 
             utility.Msg("Root privs required for this module.", LOG.ERROR)
             return