void genSSHkeyForHosts(const std::string& uid,
const std::string& directory,
QueryData& results) {
// Get list of files in directory
boost::filesystem::path keys_dir = directory;
keys_dir /= kSSHUserKeysDir;
std::vector<std::string> files_list;
auto status = listFilesInDirectory(keys_dir, files_list, false);
if (!status.ok()) {
return;
}
// Go through each file
for (const auto& kfile : files_list) {
std::string keys_content;
if (!forensicReadFile(kfile, keys_content).ok()) {
// Cannot read a specific keys file.
continue;
}
if (keys_content.find("PRIVATE KEY") != std::string::npos) {
// File is private key, create record for it
Row r;
r["uid"] = uid;
r["path"] = kfile;
r["encrypted"] = INTEGER(0);
// Check to see if the file is encrypted
if (keys_content.find("ENCRYPTED") != std::string::npos) {
r["encrypted"] = INTEGER(1);
}
results.push_back(r);
}
}
}
QueryData genCronTab(QueryContext& context) {
QueryData results;
auto system_lines = cronFromFile(kSystemCron);
for (const auto& line : system_lines) {
genCronLine(kSystemCron, line, results);
}
std::vector<std::string> user_crons;
auto status = listFilesInDirectory(kUserCronsPath, user_crons);
if (!status.ok()) {
LOG(INFO) << "Could not list user crons from: " << kUserCronsPath << " ("
<< status.toString() << ")";
return results;
}
// The user-based crons are identified by their path.
for (const auto& user_path : user_crons) {
auto user_lines = cronFromFile(user_path);
for (const auto& line : user_lines) {
genCronLine(user_path, line, results);
}
}
return results;
}
QueryData genXattr(QueryContext &context) {
QueryData results;
auto paths = context.constraints["path"].getAll(EQUALS);
for (const auto &path_string : paths) {
boost::filesystem::path path = path_string;
// Folders can have extended attributes too
if (!(boost::filesystem::is_regular_file(path) ||
boost::filesystem::is_directory(path))) {
continue;
}
getFileData(results, path.string());
}
auto directories = context.constraints["directory"].getAll(EQUALS);
for (const auto &directory : directories) {
if (!boost::filesystem::is_directory(directory)) {
continue;
}
std::vector<std::string> files;
listFilesInDirectory(directory, files);
for (auto &file : files) {
getFileData(results, file);
}
}
return results;
}
void VoxGame::UpdateCharactersPulldown()
{
m_pCharacterPulldown->RemoveAllPullDownMenuItems();
m_pCharacterPulldown->ResetPullDownMenu();
m_pMainWindow->RemoveComponent(m_pCharacterPulldown);
char importDirectory[128];
sprintf(importDirectory, "media/gamedata/models/Human/*.*");
vector<string> listFiles;
listFiles = listFilesInDirectory(importDirectory);
for (unsigned int i = 0; i < listFiles.size(); i++)
{
if (strcmp(listFiles[i].c_str(), ".") == 0 || strcmp(listFiles[i].c_str(), "..") == 0)
{
continue;
}
int lastindex = (int)listFiles[i].find_last_of(".");
if(lastindex != -1)
{
string characterName = listFiles[i].substr(0, lastindex);
string extension = listFiles[i].substr(lastindex);
if (strcmp(extension.c_str(), ".qb") == 0)
{
m_pCharacterPulldown->AddPulldownItem(characterName);
}
}
}
m_pMainWindow->AddComponent(m_pCharacterPulldown);
m_pCharacterPulldown->AddEventListeners();
}
TEST_F(FilesystemTests, test_list_files_in_directorty) {
std::vector<std::string> results;
auto s = listFilesInDirectory("/etc", results);
EXPECT_TRUE(s.ok());
EXPECT_EQ(s.toString(), "OK");
EXPECT_NE(std::find(results.begin(), results.end(), "/etc/hosts"),
results.end());
}
QueryData genADConfig(QueryContext& context) {
QueryData results;
// Not common to have multiple domains configured, but iterate over any file
// within the known-path for AD plists.
std::vector<std::string> configs;
if (listFilesInDirectory(kADConfigPath, configs).ok()) {
for (const auto& path : configs) {
genADConfig(path, results);
}
}
return results;
}
void genControlInfo(const std::string& mib_path,
QueryData& results,
const std::map<std::string, std::string>& config) {
if (isDirectory(mib_path).ok()) {
// Iterate through the subitems and items.
std::vector<std::string> items;
if (listDirectoriesInDirectory(mib_path, items).ok()) {
for (const auto& item : items) {
genControlInfo(item, results, config);
}
}
if (listFilesInDirectory(mib_path, items).ok()) {
for (const auto& item : items) {
genControlInfo(item, results, config);
}
}
return;
}
// This is a file (leaf-control).
Row r;
r["name"] = mib_path.substr(kSystemControlPath.size());
std::replace(r["name"].begin(), r["name"].end(), '/', '.');
// No known way to convert name MIB to int array.
r["subsystem"] = osquery::split(r.at("name"), ".")[0];
if (isReadable(mib_path).ok()) {
std::string content;
readFile(mib_path, content);
boost::trim(content);
r["current_value"] = content;
}
if (config.count(r.at("name")) > 0) {
r["config_value"] = config.at(r.at("name"));
}
r["type"] = "string";
results.push_back(r);
}
void genKeychains(const std::string& path, CFMutableArrayRef& keychains) {
std::vector<std::string> paths;
// Support both a directory and explicit path search.
if (isDirectory(path).ok()) {
// Try to list every file in the given keychain search path.
if (!listFilesInDirectory(path, paths).ok()) {
return;
}
} else {
// The explicit path search comes from a query predicate.
paths.push_back(path);
}
for (const auto& keychain_path : paths) {
SecKeychainRef keychain = nullptr;
auto status = SecKeychainOpen(keychain_path.c_str(), &keychain);
if (status == 0 && keychain != nullptr) {
CFArrayAppendValue(keychains, keychain);
}
}
}
void genSSHkeyForHosts(const std::string& uid,
const std::string& gid,
const std::string& directory,
QueryData& results) {
auto dropper = DropPrivileges::get();
if (!dropper->dropTo(uid, gid)) {
VLOG(1) << "Cannot drop privileges to UID " << uid;
return;
}
// Get list of files in directory
boost::filesystem::path keys_dir = directory;
keys_dir /= kSSHUserKeysDir;
std::vector<std::string> files_list;
auto status = listFilesInDirectory(keys_dir, files_list, false);
if (!status.ok()) {
return;
}
// Go through each file
for (const auto& kfile : files_list) {
std::string keys_content;
if (!forensicReadFile(kfile, keys_content).ok()) {
// Cannot read a specific keys file.
continue;
}
if (keys_content.find("PRIVATE KEY") != std::string::npos) {
// File is private key, create record for it
Row r;
r["uid"] = uid;
r["path"] = kfile;
r["encrypted"] =
(keys_content.find("ENCRYPTED") != std::string::npos) ? "1" : "0";
results.push_back(r);
}
}
}
TEST_F(FilesystemTests, test_list_files_in_directory_not_found) {
std::vector<std::string> not_found_vector;
auto not_found = listFilesInDirectory("/foo/bar", not_found_vector);
EXPECT_FALSE(not_found.ok());
EXPECT_EQ(not_found.toString(), "Directory not found: /foo/bar");
}
TEST_F(FilesystemTests, test_list_files_in_directory_not_dir) {
std::vector<std::string> not_dir_vector;
auto not_dir = listFilesInDirectory("/etc/hosts", not_dir_vector);
EXPECT_FALSE(not_dir.ok());
EXPECT_EQ(not_dir.toString(), "Supplied path is not a directory: /etc/hosts");
}
void ModMenu::CreateHUDModButtons()
{
int buttonWidth = m_modButtonWidth;
int buttonHeight = m_modButtonheight;
int buttonSpacer = m_modButtonSpace;
int buttonAndSpacerWidth = buttonWidth + buttonSpacer;
int buttonAndSpacerHeight = buttonHeight + buttonSpacer;
int buttonX = -(m_modWindowWidth-42);
int buttonY = m_modWindowHeight - buttonHeight - 17;
char importDirectory[128];
#ifdef _WIN32
sprintf(importDirectory, "media/textures/gui/*.*");
#elif __linux__
sprintf(importDirectory, "media/textures/gui/*.*");
#endif //_WIN32
vector<string> listFiles;
listFiles = listFilesInDirectory(importDirectory);
int modButtonCounter = 0;
int yCounter = 0;
while (modButtonCounter < listFiles.size())
{
if (strcmp(listFiles[modButtonCounter].c_str(), ".") == 0 || strcmp(listFiles[modButtonCounter].c_str(), "..") == 0)
{
modButtonCounter++;
continue;
}
buttonX = -(m_modWindowWidth - 42);
for (int x = 0; x < 3 && modButtonCounter < listFiles.size(); x++)
{
Button* m_pNewButton = new Button(m_pRenderer, m_pFrontendManager->GetFrontendFont_35(), "");
m_pNewButton->SetDimensions(buttonX, buttonY, buttonWidth, buttonHeight);
m_pNewButton->SetPressedOffset(0, -1);
m_pNewButton->AddText(m_pRenderer, m_pFrontendManager->GetFrontendFont_18(), m_pFrontendManager->GetFrontendFont_18_Outline(), listFiles[modButtonCounter].c_str(), Colour(1.0f, 1.0f, 1.0f, 1.0f), 7, buttonHeight - 20, true, Colour(0.0f, 0.0f, 0.0f, 1.0f));
ModButtonData* pModButtonData = new ModButtonData();
pModButtonData->m_pModMenu = this;
pModButtonData->m_pModButton = m_pNewButton;
pModButtonData->m_modName = listFiles[modButtonCounter];
pModButtonData->m_toggled = false;
pModButtonData->m_allowToggleOff = false;
pModButtonData->m_allowMultipleSelection = false;
pModButtonData->m_gameplayButton = false;
pModButtonData->m_graphicsButton = false;
pModButtonData->m_soundButton = false;
pModButtonData->m_HUDButton = true;
pModButtonData->m_miscButton = false;
m_pNewButton->SetCallBackFunction(_ModButtonPressed);
m_pNewButton->SetCallBackData(pModButtonData);
m_vpModButtonData.push_back(pModButtonData);
m_pModsScrollbar->AddScrollAreaItem(m_pNewButton);
m_vpHUDModButtons.push_back(m_pNewButton);
buttonX += buttonAndSpacerWidth;
modButtonCounter++;
}
yCounter++;
buttonY -= buttonAndSpacerHeight;
}
}