(Perl:
Lesson 12)
{ Policy Part 5:
Operating System Resource Permission Checking }
Section 0. Background
Information |
- What is Operating System Resource Checking?
- The Operating System Resources (OSR)s
refers vital system files and directories that should be safe guarded
from regular users.
- Getting Perl
- For the purposes of these perl lesson, I
will be using a perl package that comes standard on Backtrack, Ubuntu
and most flavors of Linux and Unix.
- However, if you are using Windows, instead
of a Linux, Unix or MAC operating system, you still have options.
- Pre-Requisite
-
Lab
Notes
- In this lab we will do the following:
- We will download a basic perl program
that interrogates the operating system resources files and
directories.
- The program will provide extraction
examples using split.
- Legal Disclaimer
- As a condition of your use of this Web
site, you warrant to computersecuritystudent.com that you will not use
this Web site for any purpose that is unlawful or
that is prohibited by these terms, conditions, and notices.
- In accordance with UCC § 2-316, this
product is provided with "no warranties, either express or implied." The
information contained is provided "as-is", with "no guarantee of
merchantability."
- In addition, this is a teaching website
that does not condone malicious behavior of
any kind.
- Your are on notice, that continuing
and/or using this lab outside your "own" test environment
is considered malicious and is against the law.
- © 2013 No content replication of any
kind is allowed without express written permission.
Section 1.
Login to BackTrack |
- Start Up VMWare Player
- Instructions:
- Click the Start Button
- Type Vmplayer in the search box
- Click on Vmplayer
-
- Open a Virtual Machine
- Instructions:
- Click on Open a Virtual Machine
-
- Open the BackTrack5R1 VM
- Instructions:
- Navigate to where the BackTrack5R1 VM
is located
- Click on on the BackTrack5R1 VM
- Click on the Open Button
-
- Edit the BackTrack5R1 VM
- Instructions:
- Select BackTrack5R1 VM
- Click Edit virtual machine settings
-
- Edit Virtual Machine Settings
- Instructions:
- Click on Network Adapter
- Click on the Bridged Radio button
- Click on the OK Button
- Play the BackTrack5R1 VM
- Instructions:
- Click on the BackTrack5R1 VM
- Click on Play virtual machine
-
- Login to BackTrack
- Instructions:
- Login: root
- Password: toor or <whatever you changed
it to>.
-
- Bring up the GNOME
- Instructions:
- Type startx
-
Section 2.
Bring up a
console terminal |
- Start up a terminal window
- Instructions:
- Click on the Terminal Window
- Obtain the IP Address
- Instructions:
- ifconfig -a
- Note(FYI):
- My IP address 192.168.1.111.
- In your case, it will probably be
different.
-
Section 3.
Download scan_system_resources.pl |
- Make a student directory
- Instructions:
- cd /home/student
- mkdir -p perl_lessons/
- cd perl_lessons/
- Download scan_system_resources.pl
- Instructions:
- wget http://www.computersecuritystudent.com/UNIX/PERL/lesson12/scan_system_resources.pl.TXT
- mv scan_system_resources.pl.TXT
scan_system_resources.pl
- chmod 700 scan_system_resources.pl
- perl -c scan_system_resources.pl
Section 4.
Analyze The Code |
- SheBang Directive
- Instructions:
- vi scan_system_resources.pl
- :set nu
- Press the <Enter> key
- Note(FYI):
- Line 1: #!/usr/bin/perl
- #! - is called the SheBang Directive.
SheBang is an interpreter directive that tells Linux to load the
following program.
- /usr/bin/perl - is the Perl
Interpreter. SheBang tells the program loader to run the Perl
Interpreter.
- Line 4: chomp(my $PRINT = $ARGV[0]);
- $ARGV is a special perl array to
receive command line arguments.
- $PRINT will be used to tell the program
to output data to the screen.
- Line 7: my $dir = "/home/student/perl_lessons";
- Set the $dir variable to the directory
location of the program.
- Line 10: $log = "$dir/POLICY-A04.txt";
- Set the $log variable to the output
file name.
- Line 12: open(LOG,">$log") || die
"Cannot Open Filename: $!";
- Open the log file POLICY-A04.txt.
LOG is the filehandle name. The greater than operator (>) mean to
write to output.
- Line 15: &scan_password;
- Execute the subroutine scan_password.
- Line 17: close(LOG);
- Close the filehandle LOG, which is log
file POLICY-A04.txt.
- Explaining Lines 19 through 32
- Instructions:
- Arrow down to line 19
- Note(FYI):
- Line 19 through 32: sub print_it
- This subroutine has two actions: (1)
Print to Output (line 31), and (2) Print to Screen (Lines 25 to 28).
- Line 22: chomp(my $tmp = $_[0]);
- Assign variable $tmp to first
parameter.
- Line 25 - 28: if($PRINT eq "-v")
- If $PRINT is equal to -v, then print
output to screen.
- Line 31: print LOG "$tmp\n";
- Print output to the filehandle LOG,
which means print to the output file POLICY-A04.txt.
- Explaining Lines 34 through 57
- Instructions:
- Arrow down to line 34
- Note(FYI):
- Line 34: sub get_permission
- The get_permission subroutine
returns the OCTAL permission for a file or directory.
- Line 37: chomp(my $tmp = $_[0]);
- #Assign variable $tmp to first
parameter in sub routine.
- Line 41:
chomp(my $PERM_PAIR = `stat $tmp | grep Access | grep Uid | awk
'{print \$2}'`);
- Use the Unix/Linux Utility "stat"
to display the information about the file or directory.
- Use grep to hone in on the line
that contain the OCTAL value.
- Use awk to cut out second field.
- Note: stat --printf %a
<filename> can be used to grab the OCTAL value without
manipulation, but this solution is for learning purposes.
- Line 44: $PERM_PAIR =~ s/\(|\)//g;
- Remove both the left "(" and right
")" parenthesis.
- Line 47: my($OCTAL,$PERM) =
split(/\//,$PERM_PAIR);
- Use split to extract the OCTAL and
ASCII values from the $PERM_PAIR variable using the forward
slash "/" as the delimiter.
- Line 49-56: if($OCTAL eq "")
- If the OCTAL permission is equal to
nothing, THEN return "NA".
- If the OCTAL permission is NOT
equal to nothing, then return it.
- Explaining Lines 59 through 79
- Instructions:
- Arrow down to line 59
- Note(FYI):
- Line 39: sub scan_system_resources
- This sub routine will interrogate
each file or directory for a required permission setting
provided in the %SYSTEM_RESOURCES HASH.
- Line 65-79: my $SYSTEM_RESOURCES = ();
- %SYSTEM_RESOURCES or $SYSTEM_RESOURCES
is a HASH.
- This hash store the required OCTAL
permission setting for each directory.
- E.g., The directory /usr has a required
OCTAL permission setting of 0750.
- Explaining Lines 82 through 91
- Instructions:
- Arrow down to line 82
- Note(FYI):
- Line 51: foreach my $OSR (sort keys %SYSTEM_RESOURCES)
- Check each file or directory
contained in the %SYSTEM_RESOURCES hash using the foreach loop.
- $OSR is the actual file or
directory.
- Line 85: chomp($OSR)
- Remove hard return or end of line
characters from the $OSR variable.
- Line 88: chomp($EXISTS = `ls -ld $OSR
2>/dev/null`);
- Check to see if the file or directory
is exists.
- Explaining Lines 94 through 117
- Instructions:
- Arrow down to line 94
- Note(FYI):
- Line 94-97: if($EXISTS eq "")
- If the file does not exist, then print
violation.
- Line 98-118: else
- If the file does exist, then move to
next clause.
- Line 101: my $CURRENT_PERMISSION = &get_permission($OSR);
- Get permission of the file or
directory.
- Line 104-107: if($CURRENT_PERMISSION eq
"NA")
- If the current permission is not
avaliable, then print violation.
- Line 108-112: elsif($CURRENT_PERMISSION
> $REQUIRED_PERMISSION)
- If the current permission is greater
than the required permission, then print violation.
- Line 108-112: else
- If the above conditions are not met,
then print passed the current test.
- Save and Quit
- Instructions:
- Press the <Esc> key
- :q!
- Press the <Enter> key
- Project
- Instructions:
- Your project is to DEBUG and FIX all
the BUGS.
- perl -c scan_system_resources.pl
- Look at compiler errors.
- Fix compiler errors.
- Keep compiling until the syntax
reports to be OK.
- Proof of Lab
- Instructions
- chmod 700 scan_system_resources.pl
- perl -c scan_system_resources.pl
- ./scan_system_resources.pl -v
- date
- echo "Your Name"
- Put in your actual name in place of
"Your Name"
- e.g., echo "John Gray"
-
Proof Of Lab
Instructions:
- Press the <Ctrl><Alt> keys
simultaneously
- Press the <PrtScn> key
- Paste into a word document
- Upload to Moodle
|
 
|