covermyass/cmd/root.go

100 lines
3.3 KiB
Go
Raw Normal View History

2022-10-31 10:20:17 +00:00
package cmd
import (
"fmt"
2022-11-17 13:29:51 +00:00
"github.com/sirupsen/logrus"
2022-10-31 10:20:17 +00:00
"github.com/spf13/cobra"
"github.com/sundowndev/covermyass/v2/build"
"github.com/sundowndev/covermyass/v2/lib/analysis"
"github.com/sundowndev/covermyass/v2/lib/filter"
"github.com/sundowndev/covermyass/v2/lib/output"
2022-11-17 13:29:51 +00:00
"github.com/sundowndev/covermyass/v2/lib/shred"
2022-10-31 10:20:17 +00:00
"os"
)
type RootCmdOptions struct {
2022-10-31 14:59:20 +00:00
List bool
ExcludeReadOnly bool
2022-11-01 10:28:27 +00:00
Write bool
Zero bool
Iterations int
2022-10-31 10:20:17 +00:00
//ExtraPaths []string
FilterRules []string
2022-10-31 10:20:17 +00:00
}
func NewRootCmd() *cobra.Command {
opts := &RootCmdOptions{}
cmd := &cobra.Command{
Use: "covermyass",
Short: "Post-exploitation tool for covering tracks on Linux, Darwin and Windows.",
2022-11-01 09:52:52 +00:00
Long: "Covermyass is a post-exploitation tool for pen-testers that finds then erases log files on the current machine. The tool scans the filesystem and look for known log files that can be erased. Files are overwritten multiple times with random data, in order to make it harder for even very expensive hardware probing to recover the data. Running this tool with root privileges is safe and even recommended to avoid access permission errors. This tool does not perform any network call.",
Example: `
Overwrite log files as well as those found by path /db/*.log
covermyass --write -p /db/*.log
Overwrite log files 5 times with a final overwrite with zeros to hide shredding
covermyass --write -z -n 5
`,
2022-10-31 10:20:17 +00:00
Version: build.String(),
RunE: func(cmd *cobra.Command, args []string) error {
if opts.List {
opts.Write = false
} else {
output.ChangePrinter(output.NewConsolePrinter())
}
filterEngine := filter.NewEngine()
err := filterEngine.AddRule(opts.FilterRules...)
if err != nil {
return err
}
2022-10-31 14:59:20 +00:00
analyzer := analysis.NewAnalyzer(filterEngine)
a, err := analyzer.Analyze()
2022-10-31 10:20:17 +00:00
if err != nil {
2022-10-31 14:59:20 +00:00
return err
2022-10-31 10:20:17 +00:00
}
if opts.List {
for _, result := range a.Results() {
2022-10-31 14:59:20 +00:00
if opts.ExcludeReadOnly && result.ReadOnly {
continue
}
2022-10-31 10:20:17 +00:00
fmt.Println(result.Path)
}
return nil
}
a.Write(os.Stdout)
2022-11-17 13:29:51 +00:00
if opts.Write {
shredOptions := &shred.ShredderOptions{
Zero: opts.Zero,
Iterations: opts.Iterations,
}
s := shred.New(shredOptions)
for _, result := range a.Results() {
logrus.
WithField("path", result.Path).
Debug("Shredding file")
if err := s.Write(result.Path); err != nil {
2022-11-29 11:41:10 +00:00
return fmt.Errorf("error writing file %s: %s", result.Path, err)
2022-11-17 13:29:51 +00:00
}
}
output.Printf("\nShredded %d files %d times\n", len(a.Results()), opts.Iterations)
2022-11-17 13:29:51 +00:00
}
2022-10-31 10:20:17 +00:00
return nil
},
}
2022-11-01 10:28:27 +00:00
cmd.PersistentFlags().BoolVarP(&opts.List, "list", "l", false, "Show files in a simple list format. This will prevent any write operation")
cmd.PersistentFlags().BoolVar(&opts.Write, "write", false, "Erase found log files. This WILL shred the files!")
cmd.PersistentFlags().BoolVar(&opts.ExcludeReadOnly, "no-read-only", false, "Exclude read-only files in the list. Must be used with --list")
cmd.PersistentFlags().BoolVarP(&opts.Zero, "zero", "z", false, "Add a final overwrite with zeros to hide shredding")
cmd.PersistentFlags().IntVarP(&opts.Iterations, "iterations", "n", 3, "Overwrite N times instead of the default")
cmd.PersistentFlags().StringSliceVarP(&opts.FilterRules, "filter", "f", []string{}, "File paths to ignore (supports glob patterns)")
2022-10-31 10:20:17 +00:00
return cmd
}