ComputerSecurityStudent (CSS) [Login] [Join Now]




|UNIX >> Perl Lessons >> Current Page |Views: 4332

(Perl: Lesson 12)

{ Policy Part 5: Operating System Resource Permission Checking }


Section 0. Background Information
  1. What is Operating System Resource Checking?
    • The Operating System Resources (OSR)s refers vital system files and directories that should be safe guarded from regular users.
  1. Getting Perl
    • For the purposes of these perl lesson, I will be using a perl package that comes standard on Backtrack, Ubuntu and most flavors of Linux and Unix.
    • However, if you are using Windows, instead of a Linux, Unix or MAC operating system, you still have options.
  2. Pre-Requisite
  3. Lab Notes
    • In this lab we will do the following:
      1. We will download a basic perl program that interrogates the operating system resources files and directories.
      2. The program will provide extraction examples using split.

  4. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • Your are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2013 No content replication of any kind is allowed without express written permission.

Section 1. Login to BackTrack
  1. Start Up VMWare Player
    • Instructions:
      1. Click the Start Button
      2. Type Vmplayer in the search box
      3. Click on Vmplayer

     

  2. Open a Virtual Machine
    • Instructions:
      1. Click on Open a Virtual Machine

     

  3. Open the BackTrack5R1 VM
    • Instructions:
      1. Navigate to where the BackTrack5R1 VM is located
      2. Click on on the BackTrack5R1 VM
      3. Click on the Open Button

     

  4. Edit the BackTrack5R1 VM
    • Instructions:
      1. Select BackTrack5R1 VM
      2. Click Edit virtual machine settings

     

  5. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Network Adapter
      2. Click on the Bridged Radio button
      3. Click on the OK Button

     

  6. Play the BackTrack5R1 VM
    • Instructions:
      1. Click on the BackTrack5R1 VM
      2. Click on Play virtual machine

     

  7. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.

     

  8. Bring up the GNOME
    • Instructions:
      1. Type startx

 

Section 2. Bring up a console terminal
  1. Start up a terminal window
    • Instructions:
      1. Click on the Terminal Window

     

  2. Obtain the IP Address
    • Instructions:
      1. ifconfig -a
    • Note(FYI):
      • My IP address 192.168.1.111.
      • In your case, it will probably be different.

 

Section 3. Download scan_system_resources.pl
  1. Make a student directory
    • Instructions:
      1. cd /home/student
      2. mkdir -p perl_lessons/
      3. cd perl_lessons/

     

  2. Download scan_system_resources.pl
    • Instructions:
      1. wget http://www.computersecuritystudent.com/UNIX/PERL/lesson12/scan_system_resources.pl.TXT
      2. mv scan_system_resources.pl.TXT scan_system_resources.pl
      3. chmod 700 scan_system_resources.pl
      4. perl -c scan_system_resources.pl

     

Section 4. Analyze The Code
  1. SheBang Directive
    • Instructions:
      1. vi scan_system_resources.pl
      2. :set nu
      3. Press the <Enter> key
    • Note(FYI):
      • Line 1: #!/usr/bin/perl
        • #! - is called the SheBang Directive.  SheBang is an interpreter directive that tells Linux to load the following program.
        • /usr/bin/perl - is the Perl Interpreter.  SheBang tells the program loader to run the Perl Interpreter.
      • Line 4: chomp(my $PRINT = $ARGV[0]);
        • $ARGV is a special perl array to receive command line arguments.
        • $PRINT will be used to tell the program to output data to the screen.
      • Line 7:  my $dir = "/home/student/perl_lessons";
        • Set the $dir variable to the directory location of the program.
      • Line 10: $log = "$dir/POLICY-A04.txt";
        • Set the $log variable to the output file name.
      • Line 12: open(LOG,">$log") || die "Cannot Open Filename: $!";
        • Open the log file POLICY-A04.txt.  LOG is the filehandle name. The greater than operator (>) mean to write to output.
      • Line 15: &scan_password;
        • Execute the subroutine scan_password.
      • Line 17: close(LOG);
        • Close the filehandle LOG, which is log file POLICY-A04.txt.

     

  2. Explaining Lines 19 through 32
    • Instructions:
      1. Arrow down to line 19
    • Note(FYI):
      • Line 19 through 32: sub print_it
        • This subroutine has two actions: (1) Print to Output (line 31), and (2) Print to Screen (Lines 25 to 28).
      • Line 22: chomp(my $tmp = $_[0]);
        • Assign variable $tmp to first parameter.
      • Line 25 - 28: if($PRINT eq "-v")
        • If $PRINT is equal to -v, then print output to screen.
      • Line 31: print LOG "$tmp\n";
        • Print output to the filehandle LOG, which means print to the output file POLICY-A04.txt.

     

  3. Explaining Lines 34 through 57
    • Instructions:
      1. Arrow down to line 34
    • Note(FYI):
      • Line 34: sub get_permission
        • The get_permission subroutine returns the OCTAL permission for a file or directory.
      • Line 37: chomp(my $tmp = $_[0]);
        • #Assign variable $tmp to first parameter in sub routine.
      • Line 41: chomp(my $PERM_PAIR = `stat $tmp | grep Access | grep Uid | awk '{print \$2}'`);
        • Use the Unix/Linux Utility "stat" to display the information about the file or directory.
        • Use grep to hone in on the line that contain the OCTAL value.
        • Use awk to cut out second field.
        • Note: stat --printf %a <filename> can be used to grab the OCTAL value without manipulation, but this solution is for learning purposes.
      • Line 44: $PERM_PAIR =~ s/\(|\)//g;
        • Remove both the left "(" and right ")" parenthesis.
      • Line 47: my($OCTAL,$PERM) = split(/\//,$PERM_PAIR);
        • Use split to extract the OCTAL and ASCII values from the $PERM_PAIR variable using the forward slash "/" as the delimiter.
      • Line 49-56: if($OCTAL eq "")
        • If the OCTAL permission is equal to nothing, THEN return "NA".
        • If the OCTAL permission is NOT equal to nothing, then return it.

     

  4. Explaining Lines 59 through 79
    • Instructions:
      1. Arrow down to line 59
    • Note(FYI):
      • Line 39: sub scan_system_resources
        • This sub routine will interrogate each file or directory for a required permission setting provided in the %SYSTEM_RESOURCES HASH.
      • Line 65-79: my $SYSTEM_RESOURCES = ();
        • %SYSTEM_RESOURCES or $SYSTEM_RESOURCES is a HASH.
        • This hash store the required OCTAL permission setting for each directory.
        • E.g., The directory /usr has a required OCTAL permission setting of 0750.

     

  5. Explaining Lines 82 through 91
    • Instructions:
      1. Arrow down to line 82
    • Note(FYI):
      • Line 51: foreach my $OSR (sort keys %SYSTEM_RESOURCES)
        • Check each file or directory contained in the %SYSTEM_RESOURCES hash using the foreach loop.
        • $OSR is the actual file or directory.
      • Line 85: chomp($OSR)
        • Remove hard return or end of line characters from the $OSR variable.
      • Line 88: chomp($EXISTS = `ls -ld $OSR 2>/dev/null`);
        • Check to see if the file or directory is exists.

     

  6. Explaining Lines 94 through 117
    • Instructions:
      1. Arrow down to line 94
    • Note(FYI):
      • Line 94-97: if($EXISTS eq "")
        • If the file does not exist, then print violation.
      • Line 98-118: else
        • If the file does exist, then move to next clause.
      • Line 101: my $CURRENT_PERMISSION = &get_permission($OSR);
        • Get permission of the file or directory.
      • Line 104-107: if($CURRENT_PERMISSION eq "NA")
        • If the current permission is not avaliable, then print violation.
      • Line 108-112: elsif($CURRENT_PERMISSION > $REQUIRED_PERMISSION)
        • If the current permission is greater than the required permission, then print violation.
      • Line 108-112: else
        • If the above conditions are not met, then print passed the current test.

     

  7. Save and Quit
    • Instructions:
      1. Press the <Esc> key
      2. :q!
      3. Press the <Enter> key

 

Section 5. Proof of Lab
  1. Project
    • Instructions:
      1. Your project is to DEBUG and FIX all the BUGS.
      2. perl -c scan_system_resources.pl
        • Look at compiler errors.
        • Fix compiler errors.
        • Keep compiling until the syntax reports to be OK.
  2. Proof of Lab
    • Instructions
      1. chmod 700 scan_system_resources.pl
      2. perl -c scan_system_resources.pl
      3. ./scan_system_resources.pl -v
      4. date
      5. echo "Your Name"
        • Put in your actual name in place of "Your Name"
        • e.g., echo "John Gray"
    • Proof Of Lab Instructions:
      1. Press the <Ctrl><Alt> keys simultaneously
      2. Press the <PrtScn> key
      3. Paste into a word document
      4. Upload to Moodle
     


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth