Migrate all modules to their own subfolder

Handles #375
2025-01-18 04:03:14 -08:00 · 2019-02-18 11:16:34 -05:00
parent c28c31aedb
commit 8030380f89
123 changed files with 51 additions and 51 deletions
--- a/modules/security/dns.go
+++ b/modules/security/dns.go
@@ -0,0 +1,65 @@
+package security
+
+import (
+	"os/exec"
+	"runtime"
+	"strings"
+
+	"github.com/wtfutil/wtf/wtf"
+)
+
+/* -------------------- Exported Functions -------------------- */
+
+func DnsServers() []string {
+	switch runtime.GOOS {
+	case "linux":
+		return dnsLinux()
+	case "darwin":
+		return dnsMacOS()
+	case "windows":
+		return dnsWindows()
+	default:
+		return []string{runtime.GOOS}
+	}
+}
+
+/* -------------------- Unexported Functions -------------------- */
+
+func dnsLinux() []string {
+	// This may be very Ubuntu specific
+	cmd := exec.Command("nmcli", "device", "show")
+	out := wtf.ExecuteCommand(cmd)
+
+	lines := strings.Split(out, "\n")
+
+	dns := []string{}
+
+	for _, l := range lines {
+		if strings.HasPrefix(l, "IP4.DNS") {
+			parts := strings.Split(l, ":")
+			dns = append(dns, strings.TrimSpace(parts[1]))
+		}
+	}
+	return dns
+}
+
+func dnsMacOS() []string {
+	cmdString := `scutil --dns | head -n 7 | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'`
+	cmd := exec.Command("sh", "-c", cmdString)
+	out := wtf.ExecuteCommand(cmd)
+
+	lines := strings.Split(out, "\n")
+
+	if len(lines) > 0 {
+		return lines
+	}
+
+	return []string{}
+}
+
+func dnsWindows() []string {
+
+	cmd := exec.Command("powershell.exe", "-NoProfile", "Get-DnsClientServerAddress | Select-Object –ExpandProperty ServerAddresses")
+
+	return []string{wtf.ExecuteCommand(cmd)}
+}
--- a/modules/security/firewall.go
+++ b/modules/security/firewall.go
@@ -0,0 +1,128 @@
+package security
+
+import (
+	"bytes"
+	"os/exec"
+	"os/user"
+	"runtime"
+	"strings"
+
+	"github.com/wtfutil/wtf/wtf"
+)
+
+const osxFirewallCmd = "/usr/libexec/ApplicationFirewall/socketfilterfw"
+
+/* -------------------- Exported Functions -------------------- */
+
+func FirewallState() string {
+	switch runtime.GOOS {
+	case "linux":
+		return firewallStateLinux()
+	case "darwin":
+		return firewallStateMacOS()
+	case "windows":
+		return firewallStateWindows()
+	default:
+		return ""
+	}
+}
+
+func FirewallStealthState() string {
+	switch runtime.GOOS {
+	case "linux":
+		return firewallStealthStateLinux()
+	case "darwin":
+		return firewallStealthStateMacOS()
+	case "windows":
+		return firewallStealthStateWindows()
+	default:
+		return ""
+	}
+}
+
+/* -------------------- Unexported Functions -------------------- */
+
+func firewallStateLinux() string { // might be very Ubuntu specific
+	user, _ := user.Current()
+
+	if strings.Contains(user.Username, "root") {
+		cmd := exec.Command("ufw", "status")
+
+		var o bytes.Buffer
+		cmd.Stdout = &o
+		if err := cmd.Run(); err != nil {
+			return "[red]NA[white]"
+		}
+
+		if strings.Contains(o.String(), "inactive") {
+			return "[red]Disabled[white]"
+		} else {
+			return "[green]Enabled[white]"
+		}
+	} else {
+		return "[red]N/A[white]"
+	}
+}
+
+func firewallStateMacOS() string {
+	cmd := exec.Command(osxFirewallCmd, "--getglobalstate")
+	str := wtf.ExecuteCommand(cmd)
+
+	return statusLabel(str)
+}
+
+func firewallStateWindows() string {
+    // The raw way to do this in PS, not using netsh, nor registry, is the following:
+    //   if (((Get-NetFirewallProfile | select name,enabled) 
+    //                                | where { $_.Enabled -eq $True } | measure ).Count -eq 3) 
+    //   { Write-Host "OK" -ForegroundColor Green} else { Write-Host "OFF" -ForegroundColor Red }
+
+    cmd := exec.Command("powershell.exe", "-NoProfile", 
+    	"-Command", "& { ((Get-NetFirewallProfile | select name,enabled) | where { $_.Enabled -eq $True } | measure ).Count }")
+
+    fwStat := wtf.ExecuteCommand(cmd)
+	fwStat = strings.TrimSpace(fwStat)    // Always sanitize PowerShell output:  "3\r\n"
+	//fmt.Printf("%d %q\n", len(fwStat), fwStat)
+
+	switch fwStat {
+		case "3":
+			return "[green]Good[white] (3/3)"
+		case "2":
+			return "[orange]Poor[white] (2/3)"
+		case "1":
+			return "[yellow]Bad[white] (1/3)"
+		case "0":
+			return "[red]Disabled[white]"
+		default:	
+			return "[white]N/A[white]"
+	}
+}
+
+/* -------------------- Getting Stealth State ------------------- */
+// "Stealth": Not responding to pings from unauthorized devices
+
+func firewallStealthStateLinux() string {
+	return "[white]N/A[white]"
+}
+
+func firewallStealthStateMacOS() string {
+	cmd := exec.Command(osxFirewallCmd, "--getstealthmode")
+	str := wtf.ExecuteCommand(cmd)
+
+	return statusLabel(str)
+}
+
+func firewallStealthStateWindows() string {
+	return "[white]N/A[white]"
+}
+
+
+func statusLabel(str string) string {
+	label := "off"
+
+	if strings.Contains(str, "enabled") {
+		label = "on"
+	}
+
+	return label
+}
--- a/modules/security/security_data.go
+++ b/modules/security/security_data.go
@@ -0,0 +1,30 @@
+package security
+
+type SecurityData struct {
+	Dns             []string
+	FirewallEnabled string
+	FirewallStealth string
+	LoggedInUsers   []string
+	WifiEncryption  string
+	WifiName        string
+}
+
+func NewSecurityData() *SecurityData {
+	return &SecurityData{}
+}
+
+func (data SecurityData) DnsAt(idx int) string {
+	if len(data.Dns) > idx {
+		return data.Dns[idx]
+	}
+	return ""
+}
+
+func (data *SecurityData) Fetch() {
+	data.Dns = DnsServers()
+	data.FirewallEnabled = FirewallState()
+	data.FirewallStealth = FirewallStealthState()
+	data.LoggedInUsers = LoggedInUsers()
+	data.WifiName = WifiName()
+	data.WifiEncryption = WifiEncryption()
+}
--- a/modules/security/users.go
+++ b/modules/security/users.go
@@ -0,0 +1,100 @@
+package security
+
+// http://applehelpwriter.com/2017/05/21/how-to-reveal-hidden-users/
+
+import (
+	"os/exec"
+	"runtime"
+	"strings"
+
+	"github.com/wtfutil/wtf/wtf"
+)
+
+/* -------------------- Exported Functions -------------------- */
+
+func LoggedInUsers() []string {
+	switch runtime.GOOS {
+	case "linux":
+		return loggedInUsersLinux()
+	case "darwin":
+		return loggedInUsersMacOs()
+	case "windows":
+		return loggedInUsersWindows()
+	default:
+		return []string{}
+	}
+}
+
+/* -------------------- Unexported Functions -------------------- */
+
+func cleanUsers(users []string) []string {
+	rejects := []string{"_", "root", "nobody", "daemon", "Guest"}
+	cleaned := []string{}
+
+	for _, user := range users {
+		clean := true
+
+		for _, reject := range rejects {
+			if strings.HasPrefix(user, reject) {
+				clean = false
+				continue
+			}
+		}
+
+		if clean && user != "" {
+			cleaned = append(cleaned, user)
+		}
+	}
+
+	return cleaned
+}
+
+func loggedInUsersLinux() []string {
+	cmd := exec.Command("who", "-us")
+	users := wtf.ExecuteCommand(cmd)
+
+	cleaned := []string{}
+
+	for _, user := range strings.Split(users, "\n") {
+		clean := true
+		col := strings.Split(user, " ")
+
+		if len(col) > 0 {
+			for _, cleanedU := range cleaned {
+				u := strings.TrimSpace(col[0])
+				if len(u) == 0 || strings.Compare(cleanedU, col[0]) == 0 {
+					clean = false
+				}
+			}
+			if clean {
+				cleaned = append(cleaned, col[0])
+			}
+		}
+	}
+
+	return cleaned
+}
+
+func loggedInUsersMacOs() []string {
+	cmd := exec.Command("dscl", []string{".", "-list", "/Users"}...)
+	users := wtf.ExecuteCommand(cmd)
+
+	return cleanUsers(strings.Split(users, "\n"))
+}
+
+func loggedInUsersWindows() []string {
+    // We can use either one:
+    // 		(Get-WMIObject -class Win32_ComputerSystem | select username).username
+    // 		[System.Security.Principal.WindowsIdentity]::GetCurrent().Name
+    // The original was: 
+    //		cmd := exec.Command("powershell.exe", "(query user) -replace '\\s{2,}', ','") 	
+    // But that didn't work!
+	// The real powershell command reads:
+	// 	 powershell.exe -NoProfile -Command "& { [System.Security.Principal.WindowsIdentity]::GetCurrent().Name }"
+    // But we here have to write it as: 
+    cmd := exec.Command("powershell.exe", "-NoProfile", "-Command", "& { [System.Security.Principal.WindowsIdentity]::GetCurrent().Name }")
+    // ToDo:  Make list for multi-user systems
+
+    users := wtf.ExecuteCommand(cmd)
+    return cleanUsers(strings.Split(users, "\n"))
+}
--- a/modules/security/widget.go
+++ b/modules/security/widget.go
@@ -0,0 +1,73 @@
+package security
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/rivo/tview"
+	"github.com/wtfutil/wtf/wtf"
+)
+
+type Widget struct {
+	wtf.TextWidget
+}
+
+func NewWidget(app *tview.Application) *Widget {
+	widget := Widget{
+		TextWidget: wtf.NewTextWidget(app, "Security", "security", false),
+	}
+
+	return &widget
+}
+
+/* -------------------- Exported Functions -------------------- */
+
+func (widget *Widget) Refresh() {
+
+	if widget.Disabled() {
+		return
+	}
+
+	data := NewSecurityData()
+	data.Fetch()
+
+	widget.View.SetText(widget.contentFrom(data))
+}
+
+/* -------------------- Unexported Functions -------------------- */
+
+func (widget *Widget) contentFrom(data *SecurityData) string {
+	str := " [red]WiFi[white]\n"
+	str = str + fmt.Sprintf(" %8s: %s\n", "Network", data.WifiName)
+	str = str + fmt.Sprintf(" %8s: %s\n", "Crypto", data.WifiEncryption)
+	str = str + "\n"
+
+	str = str + " [red]Firewall[white]\n"
+	str = str + fmt.Sprintf(" %8s: %4s\n", "Status", data.FirewallEnabled)
+	str = str + fmt.Sprintf(" %8s: %4s\n", "Stealth", data.FirewallStealth)
+	str = str + "\n"
+
+	str = str + " [red]Users[white]\n"
+	str = str + fmt.Sprintf("  %s", strings.Join(data.LoggedInUsers, "\n "))
+	str = str + "\n"
+
+	str = str + " [red]DNS[white]\n"
+	//str = str + fmt.Sprintf(" %8s: [%s]%-3s[white]   %-16s\n", "Enabled", widget.labelColor(data.FirewallEnabled), data.FirewallEnabled, data.DnsAt(0))
+	//str = str + fmt.Sprintf(" %8s: [%s]%-3s[white]   %-16s\n", "Stealth", widget.labelColor(data.FirewallStealth), data.FirewallStealth, data.DnsAt(1))
+	str = str + fmt.Sprintf("  %12s\n", data.DnsAt(0))
+	str = str + fmt.Sprintf("  %12s\n", data.DnsAt(1))
+	str = str + "\n"
+
+	return str
+}
+
+func (widget *Widget) labelColor(label string) string {
+	switch label {
+	case "on":
+		return "green"
+	case "off":
+		return "red"
+	default:
+		return "white"
+	}
+}
--- a/modules/security/wifi.go
+++ b/modules/security/wifi.go
@@ -0,0 +1,121 @@
+package security
+
+import (
+	"os/exec"
+	"runtime"
+	"strings"
+
+	"github.com/wtfutil/wtf/wtf"
+)
+
+// https://github.com/yelinaung/wifi-name/blob/master/wifi-name.go
+const osxWifiCmd = "/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport"
+const osxWifiArg = "-I"
+
+/* -------------------- Exported Functions -------------------- */
+
+func WifiEncryption() string {
+	switch runtime.GOOS {
+	case "linux":
+		return wifiEncryptionLinux()
+	case "darwin":
+		return wifiEncryptionMacOS()
+	case "windows":
+		return wifiEncryptionWindows()
+	default:
+		return ""
+	}
+}
+
+func WifiName() string {
+	switch runtime.GOOS {
+	case "linux":
+		return wifiNameLinux()
+	case "darwin":
+		return wifiNameMacOS()
+	case "windows":
+		return wifiNameWindows()
+	default:
+		return ""
+	}
+}
+
+/* -------------------- Unexported Functions -------------------- */
+
+func wifiEncryptionLinux() string {
+	cmd := exec.Command("nmcli", "-t", "-f", "in-use,security", "dev", "wifi")
+	out := wtf.ExecuteCommand(cmd)
+
+	name := wtf.FindMatch(`\*:(.+)`, out)
+
+	if len(name) > 0 {
+		return name[0][1]
+	}
+
+	return ""
+}
+
+func wifiEncryptionMacOS() string {
+	name := wtf.FindMatch(`s*auth: (.+)s*`, wifiInfo())
+	return matchStr(name)
+}
+
+func wifiInfo() string {
+	cmd := exec.Command(osxWifiCmd, osxWifiArg)
+	return wtf.ExecuteCommand(cmd)
+}
+
+func wifiNameLinux() string {
+	cmd := exec.Command("nmcli", "-t", "-f", "in-use,ssid", "dev", "wifi")
+	out := wtf.ExecuteCommand(cmd)
+	name := wtf.FindMatch(`\*:(.+)`, out)
+	if len(name) > 0 {
+		return name[0][1]
+	}
+	return ""
+}
+
+func wifiNameMacOS() string {
+	name := wtf.FindMatch(`s*SSID: (.+)s*`, wifiInfo())
+	return matchStr(name)
+}
+
+func matchStr(data [][]string) string {
+	if len(data) <= 1 {
+		return ""
+	}
+
+	return data[1][1]
+}
+
+//Windows
+func wifiEncryptionWindows() string {
+	return parseWlanNetsh("Authentication")
+}
+
+func wifiNameWindows() string {
+	return parseWlanNetsh("SSID")
+}
+
+func parseWlanNetsh(target string) string {
+	cmd := exec.Command("netsh.exe", "wlan", "show", "interfaces")
+	out, err := cmd.Output()
+	if err != nil {
+		return ""
+	}
+	splits := strings.Split(string(out), "\n")
+	var words []string
+	for _, line := range splits {
+		token := strings.Split(string(line), ":")
+		for _, word := range token {
+			words = append(words, strings.TrimSpace(word))
+		}
+	}
+	for i, token := range words {
+		switch token {
+		case target:
+			return words[i+1]
+		}
+	}
+	return "N/A"
+}