Merge pull request #256 from slimm609/add_fortifyProc

add fortifyProc

Author: slimm609

.github/workflows/pull_request.yml

@@ -19,4 +19,7 @@ jobs:
             exit 1
           fi
       - name: ubuntu checksec
-        run: docker-compose run checksec-ubuntu
+        run: |
+          curl -L "https://github.com/docker/compose/releases/download/v2.29.2/docker-compose-linux-x86_64" -o /usr/local/bin/docker-compose
+          chmod +x /usr/local/bin/docker-compose
+          docker-compose run checksec-ubuntu

cmd/fortifyFile.go

@@ -3,6 +3,8 @@ package cmd
 import (
 	"checksec/pkg/checksec"
 	"checksec/pkg/utils"
+	"fmt"
+	"os"
 
 	"github.com/spf13/cobra"
 )
@@ -12,6 +14,10 @@ var fortifyFileCmd = &cobra.Command{
 	Use:   "fortifyFile",
 	Short: "Check Fortify for binary file",
 	Run: func(cmd *cobra.Command, args []string) {
+		if len(args) != 1 {
+			fmt.Printf("Error: no filename provided")
+			os.Exit(1)
+		}
 		file := args[0]
 
 		utils.CheckElfExists(file)

cmd/fortifyProc.go

@@ -1,7 +1,11 @@
 package cmd
 
 import (
+	"checksec/pkg/checksec"
+	"checksec/pkg/utils"
 	"fmt"
+	"os"
+	"path/filepath"
 
 	"github.com/spf13/cobra"
 )
@@ -11,20 +15,57 @@ var fortifyProcCmd = &cobra.Command{
 	Use:   "fortifyProc",
 	Short: "Check Fortify for running process",
 	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("fortifyProc called")
+		if len(args) != 1 {
+			fmt.Printf("Error: no process id provided")
+			os.Exit(1)
+		}
+		proc := args[0]
+
+		file, err := os.Readlink(filepath.Join("/proc", proc, "exe"))
+		if err != nil {
+			fmt.Printf("Error: Pid %s not found", proc)
+			os.Exit(1)
+		}
+
+		utils.CheckElfExists(file)
+		binary := utils.GetBinary(file)
+		fortify := checksec.Fortify(file, binary)
+		output := []interface{}{
+			map[string]interface{}{
+				"name": file,
+				"checks": map[string]interface{}{
+					"fortify_source": fortify.Output,
+					"fortified":      fortify.Fortified,
+					"fortifyable":    fortify.Fortifiable,
+					"noFortify":      fortify.NoFortify,
+					"libcSupport":    fortify.LibcSupport,
+					"numLibcFunc":    fortify.NumLibcFunc,
+					"numFileFunc":    fortify.NumFileFunc,
+				},
+			},
+		}
+		color := []interface{}{
+			map[string]interface{}{
+				"name": file,
+				"checks": map[string]interface{}{
+					"fortified":           fortify.Fortified,
+					"fortifiedColor":      "unset",
+					"noFortify":           fortify.NoFortify,
+					"fortifyable":         fortify.Fortifiable,
+					"fortifyableColor":    "unset",
+					"fortify_source":      fortify.Output,
+					"fortify_sourceColor": fortify.Color,
+					"libcSupport":         fortify.LibcSupport,
+					"libcSupportColor":    fortify.LibcSupportColor,
+					"numLibcFunc":         fortify.NumLibcFunc,
+					"numFileFunc":         fortify.NumFileFunc,
+				},
+			},
+		}
+		utils.FortifyPrinter(outputFormat, output, color)
 	},
 }
 
 func init() {
 	rootCmd.AddCommand(fortifyProcCmd)
-
-	// Here you will define your flags and configuration settings.
-
-	// Cobra supports Persistent Flags which will work for this command
-	// and all subcommands, e.g.:
-	// fortifyProcCmd.PersistentFlags().String("foo", "", "A help for foo")
-
-	// Cobra supports local flags which will only run when this command
-	// is called directly, e.g.:
-	// fortifyProcCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
 }

cmd/kernel.go

@@ -27,14 +27,4 @@ var kernelCmd = &cobra.Command{
 
 func init() {
 	rootCmd.AddCommand(kernelCmd)
-
-	// Here you will define your flags and configuration settings.
-
-	// Cobra supports Persistent Flags which will work for this command
-	// and all subcommands, e.g.:
-	// kernelCmd.PersistentFlags().String("foo", "", "A help for foo")
-
-	// Cobra supports local flags which will only run when this command
-	// is called directly, e.g.:
-	// kernelCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
 }

cmd/procLibs.go

@@ -17,14 +17,4 @@ var procLibsCmd = &cobra.Command{
 
 func init() {
 	rootCmd.AddCommand(procLibsCmd)
-
-	// Here you will define your flags and configuration settings.
-
-	// Cobra supports Persistent Flags which will work for this command
-	// and all subcommands, e.g.:
-	// procLibsCmd.PersistentFlags().String("foo", "", "A help for foo")
-
-	// Cobra supports local flags which will only run when this command
-	// is called directly, e.g.:
-	// procLibsCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
 }