From aa393557558367cbab00332722acac2a784ae4fb Mon Sep 17 00:00:00 2001 From: Cutieguwu Date: Mon, 12 Jun 2023 19:48:09 -0400 Subject: [PATCH] Update Detectowor.py Made lists global Added OS detection for Linux and Windows Added list threats[] for later --- Detectowor.py | 59 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 53 insertions(+), 6 deletions(-) diff --git a/Detectowor.py b/Detectowor.py index 3259c07..ee58595 100644 --- a/Detectowor.py +++ b/Detectowor.py @@ -1,16 +1,34 @@ from sys import exit +from os import name as osname -#Need some form of OS detection for Windows vs Linux +#Temporarily hard coded library into script + +def init_lib(): + global threats + threats = ["Fractureiser", "Skyrage"] def init_lib_linux_filesearch(): - sus_linux_files_fractureiser["~/.config/.data/lib.jar", "~/.config/systemd/user/systemd-utility.service", "/etc/systemd/system/systemd-utility.service"] - sus_linux_files_skyrage["/bin/vmd-gnu", "/etc/systemd/system/vmd-gnu.service"] + + #Fractureiser + global sus_linux_files_fractureiser + sus_linux_files_fractureiser = ["~/.config/.data/lib.jar", "~/.config/systemd/user/systemd-utility.service", "/etc/systemd/system/systemd-utility.service"] + + #Skyrage + global sus_linux_files_skyrage + sus_linux_files_skyrage = ["/bin/vmd-gnu", "/etc/systemd/system/vmd-gnu.service"] def init_lib_win_filesearch(): - sus_win_files_fractureiser[r'%LOCALAPPDATA%\\Microsoft Edge\\libWebGL64.jar'] - sus_win_files_skyrage[r'%AppData%\\Microsoft\\Start Menu\\Programs\\Startup\\jawaw.jar', r'%AppData%\\..\\LocalLow\\Microsoft\\Internet Explorer\\DOMStore\\microsoft-vm-core'] + + #Fractureiser + global sus_win_files_fractureiser + sus_win_files_fractureiser = [r'%LOCALAPPDATA%\\Microsoft Edge\\libWebGL64.jar'] + + #Skyrage + global sus_win_files_skyrage + sus_win_files_skyrage = [r'%AppData%\\Microsoft\\Start Menu\\Programs\\Startup\\jawaw.jar', r'%AppData%\\..\\LocalLow\\Microsoft\\Internet Explorer\\DOMStore\\microsoft-vm-core'] def init_lib_linux(): + print("Initializing Linux Library: File Locations") init_lib_linux_filesearch() print("Signature checks not implemented yet.") @@ -18,4 +36,33 @@ def init_lib_win(): init_lib_win_filesearch() print("Signature checks not implemented yet.") -# if OS is Windows, do Windows inits, elif OS is Linux, do Windows inits \ No newline at end of file +def scan_linux(): + l = 0 + i = len(sus_linux_files_fractureiser) + for i in sus_linux_files_fractureiser: + print(i) #Do check for files. If not found raise exception filenotfound and continue to next without report. If found, report file found and possible related threat. + l = l + 1 + +def run(): + + init_lib() + # if OS is Windows, do Windows inits and scan, elif OS is Linux, do Linux inits and scan + + if osname == "nt": + print("Windows system detected.") + print("Ending here; Not implemented yet.") + exit() + elif osname == "posix": + print("Posix compliant (Linux) system detected") + init_lib_linux() + + scan_linux() + + #Insert final summary here + + exit() +try: + while True: + run() +except KeyboardInterrupt: + exit() \ No newline at end of file