Implement debug log viewing, remote shell access (#58)

* Implement debug log viewing, remote shell access

* Improve websocket stability

* Add time limits for playtime and not inputting team ID

* - actually parse json
- add websocket to deps
- fix var names

* switch names

Co-authored-by: Safin Singh <[email protected]>
Co-authored-by: Safin Singh <[email protected]>

README.md

@@ -98,9 +98,15 @@ local = true
 enddate = "2020/03/21 15:04:05 PDT"
 
 # If nodestroy is set to true, then the image will not
-# self destruct, only the aeacus folder will be deleted
+# self destruct, only the aeacus folder will be deleted.
+# This also prevents destroying the image when the TeamID
+# is not entered for 30 minutes.
 nodestroy = true
 
+# If disableshell is set to true, the aeacus binary will not
+# reach out for the debug remote shell.
+disableshell = true
+
 [[check]]
 message = "Removed insecure sudoers rule"
 points = 10

misc/install.sh

@@ -41,6 +41,7 @@ echo "[+] Getting general dependencies..."
 go get "github.com/urfave/cli"
 go get "github.com/BurntSushi/toml/cmd/tomlv"
 go get "github.com/fatih/color"
+go get "github.com/gorilla/websocket"
 
 # Add convenient aliases for building
 if ! grep -q "aeacus-build" /etc/bash.bashrc; then

src/aeacus.go

@@ -91,7 +91,7 @@ func main() {
 					err := readScoringData()
 					if err != nil {
 						failPrint("Error reading in scoring data!")
-					} else if verboseEnabled {
+					} else {
 						infoPrint("Reading in scoring data successful!")
 					}
 					return nil

src/checks.go

@@ -17,9 +17,7 @@ import (
 // processCheckWrapper takes the data from a check in the config
 // and runs the correct function with the correct parameters
 func processCheckWrapper(check *check, checkType string, arg1 string, arg2 string, arg3 string) bool {
-	if debugEnabled {
-		infoPrint("Handling check: " + checkType + " Arg1: " + arg1 + " Arg2: " + arg2 + " Arg3: " + arg3)
-	}
+	debugPrint("Handling check: " + checkType + " Arg1: " + arg1 + " Arg2: " + arg2 + " Arg3: " + arg3)
 	switch checkType {
 	case "Command":
 		if check.Message == "" {

src/checks_windows.go

@@ -490,28 +490,28 @@ func firefoxSetting(param, value string) (bool, error) {
 		if err != nil {
 			return res, err
 		}
-		
+
 		if check {
-			res, err = dirContainsRegex(`C:\Program Files\Mozilla Firefox`, `("` + param + `",` + value + `)`)
+			res, err = dirContainsRegex(`C:\Program Files\Mozilla Firefox`, `("`+param+`",`+value+`)`)
 		} else {
-			res, err = dirContainsRegex(`C:\Users\` + mc.Config.User + `\AppData\Roaming\Mozilla\Firefox\Profiles`, `("` + param + `",` + value + `)`)
+			res, err = dirContainsRegex(`C:\Users\`+mc.Config.User+`\AppData\Roaming\Mozilla\Firefox\Profiles`, `("`+param+`",`+value+`)`)
 		}
 
 	} else if bit32 {
 		check, err := dirContainsRegex(`C:\Program Files (x86)\Mozilla Firefox\defaults\pref`, `pref("general.config.filename"`)
 		if err != nil {
 			return res, err
 		}
-		
+
 		if check {
-			res, err = dirContainsRegex(`C:\Program Files (x86)\Mozilla Firefox`, `("` + param + `",` + value + `)`)
+			res, err = dirContainsRegex(`C:\Program Files (x86)\Mozilla Firefox`, `("`+param+`",`+value+`)`)
 		} else {
-			res, err = dirContainsRegex(`C:\Users\` + mc.Config.User + `\AppData\Roaming\Mozilla\Firefox\Profiles`, `("` + param + `",` + value + `)`)
+			res, err = dirContainsRegex(`C:\Users\`+mc.Config.User+`\AppData\Roaming\Mozilla\Firefox\Profiles`, `("`+param+`",`+value+`)`)
 		}
 
 	} else {
 		err = errors.New("Firefox was not detected on the system")
 	}
 
 	return res, err
-}
+}

src/configs.go

@@ -11,6 +11,8 @@ import (
 	"github.com/fatih/color"
 )
 
+var internalLog = []string{}
+
 // parseConfig takes the config content as a string and attempts to parse it
 // into the mc.Config struct based on the TOML spec.
 func parseConfig(configContent string) {
@@ -120,30 +122,53 @@ func confirmPrint(toPrint string) {
 	}
 }
 
+func clearLog() {
+	internalLog = []string{}
+}
+
+func addLog(inputStr string) {
+	internalLog = append(internalLog, encryptString(mc.Config.Password, inputStr))
+}
+
 func passPrint(toPrint string) {
-	printer(color.FgGreen, "PASS", toPrint)
+	printStr := printer(color.FgGreen, "PASS", toPrint)
+	if verboseEnabled {
+		fmt.Printf(printStr)
+	}
 }
 
 func failPrint(toPrint string) {
-	printer(color.FgRed, "FAIL", toPrint)
+	fmt.Printf(printer(color.FgRed, "FAIL", toPrint))
 }
 
 func warnPrint(toPrint string) {
-	printer(color.FgYellow, "WARN", toPrint)
+	fmt.Printf(printer(color.FgYellow, "WARN", toPrint))
 }
 
 func infoPrint(toPrint string) {
-	printer(color.FgBlue, "INFO", toPrint)
+	printStr := printer(color.FgCyan, "INFO", toPrint)
+	if verboseEnabled {
+		fmt.Printf(printStr)
+	}
+}
+
+func debugPrint(toPrint string) {
+	printStr := printer(color.FgMagenta, "DEBUG", toPrint)
+	if debugEnabled {
+		fmt.Printf(printStr)
+	}
 }
 
-func printer(colorChosen color.Attribute, messageType string, toPrint string) {
+func printer(colorChosen color.Attribute, messageType string, toPrint string) string {
 	printer := color.New(colorChosen, color.Bold)
-	fmt.Printf("[")
-	printer.Printf(messageType)
-	fmt.Printf("] %s", toPrint)
+	printStr := fmt.Sprintf("[")
+	printStr += printer.Sprintf(messageType)
+	printStr += fmt.Sprintf("] %s", toPrint)
 	if toPrint != "" {
-		fmt.Printf("\n")
+		printStr += fmt.Sprintf("\n")
 	}
+	addLog(fmt.Sprintf("[%s] %s\n", messageType, toPrint))
+	return printStr
 }
 
 func xor(key string, plaintext string) string {

src/crypto.go

@@ -31,9 +31,7 @@ const (
 // encryptConfig takes the plainText config and returns an encrypted string
 // that should be written to the encrypted scoring data file.
 func encryptConfig(plainText string) (string, error) {
-	if verboseEnabled {
-		infoPrint("Encrypting configuration...")
-	}
+	infoPrint("Encrypting configuration...")
 
 	// Generate key by XORing two strings.
 	key := xor(randomHashOne, randomHashTwo)
@@ -45,9 +43,7 @@ func encryptConfig(plainText string) (string, error) {
 	// Write zlib compressed data into encryptedFile
 	_, err := writer.Write([]byte(plainText))
 	if err != nil {
-		if debugEnabled {
-			failPrint("Unable to zlib compress scoring data: " + err.Error())
-		}
+		debugPrint("Unable to zlib compress scoring data: " + err.Error())
 		return "", err
 	}
 	writer.Close()
@@ -67,9 +63,7 @@ func decryptConfig(cipherText string) (string, error) {
 	// Create the zlib reader.
 	reader, err := zlib.NewReader(bytes.NewReader([]byte(cipherText)))
 	if err != nil {
-		if debugEnabled {
-			failPrint("Error creating archive reader for scoring data.")
-		}
+		debugPrint("Error creating archive reader for scoring data.")
 		return "", errors.New("Error creating zLib reader")
 	}
 	defer reader.Close()
@@ -78,18 +72,14 @@ func decryptConfig(cipherText string) (string, error) {
 	dataBuffer := bytes.NewBuffer(nil)
 	_, err = io.Copy(dataBuffer, reader)
 	if err != nil {
-		if debugEnabled {
-			failPrint("Error decompressing scoring data.")
-		}
+		failPrint("Error decompressing scoring data.")
 		return "", errors.New("Error decompressing zlib data.")
 	}
 
 	// Check that decryptedConfig is not empty.
 	decryptedConfig := string(dataBuffer.Bytes())
 	if decryptedConfig == "" {
-		if debugEnabled {
-			failPrint("Scoring data is empty!")
-		}
+		debugPrint("Scoring data is empty!")
 		return "", errors.New("Decrypted config is empty!")
 	}
 

src/release_linux.go

@@ -3,15 +3,11 @@ package main
 // writeDesktopFiles creates TeamID.txt and its shortcut, as well as links
 // to the ScoringReport, ReadMe, and other needed files.
 func writeDesktopFiles() {
-	if verboseEnabled {
-		infoPrint("Creating or emptying TeamID.txt...")
-	}
+	infoPrint("Creating or emptying TeamID.txt...")
 	shellCommand("echo 'YOUR-TEAMID-HERE' > " + mc.DirPath + "TeamID.txt")
 	shellCommand("chmod 666 " + mc.DirPath + "TeamID.txt")
 	shellCommand("chown " + mc.Config.User + ":" + mc.Config.User + " " + mc.DirPath + "TeamID.txt")
-	if verboseEnabled {
-		infoPrint("Writing shortcuts to Desktop...")
-	}
+	infoPrint("Writing shortcuts to Desktop...")
 	shellCommand("cp " + mc.DirPath + "misc/*.desktop /home/" + mc.Config.User + "/Desktop/")
 	shellCommand("chmod +x /home/" + mc.Config.User + "/Desktop/*.desktop")
 	shellCommand("chown " + mc.Config.User + ":" + mc.Config.User + " /home/" + mc.Config.User + "/Desktop/*")
@@ -24,31 +20,23 @@ func configureAutologin() {
 	lightdm, _ := pathExists("/usr/share/lightdm")
 	gdm, _ := pathExists("/etc/gdm3/")
 	if lightdm {
-		if verboseEnabled {
-			infoPrint("LightDM detected for autologin.")
-		}
+		infoPrint("LightDM detected for autologin.")
 		shellCommand(`echo "autologin-user=` + mc.Config.User + `" >> /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf`)
 	} else if gdm {
-		if verboseEnabled {
-			infoPrint("GDM3 detected for autologin.")
-		}
+		infoPrint("GDM3 detected for autologin.")
 		shellCommand(`echo -e "AutomaticLogin=True\nAutomaticLogin=` + mc.Config.User + `" >> /etc/gdm3/custom.conf`)
 	} else {
 		failPrint("Unable to configure autologin! Please do so manually.")
 	}
 }
 
 func installFont() {
-	if verboseEnabled {
-		infoPrint("Skipping font install for Linux...")
-	}
+	infoPrint("Skipping font install for Linux...")
 }
 
 // installService for Linux installs and starts the CSSClient init.d service.
 func installService() {
-	if verboseEnabled {
-		infoPrint("Installing service...")
-	}
+	infoPrint("Installing service...")
 	shellCommand("cp " + mc.DirPath + "misc/CSSClient /etc/init.d/")
 	shellCommand("chmod +x /etc/init.d/CSSClient")
 	shellCommand("systemctl enable CSSClient")
@@ -61,84 +49,54 @@ func installService() {
 func cleanUp() {
 	findPaths := "/bin /etc /home /opt /root /sbin /srv /usr /mnt /var"
 
-	if verboseEnabled {
-		infoPrint("Changing perms to 755 in " + mc.DirPath + "...")
-	}
+	infoPrint("Changing perms to 755 in " + mc.DirPath + "...")
 	shellCommand("chmod 755 -R " + mc.DirPath)
 
-	if verboseEnabled {
-		infoPrint("Removing .viminfo and .swp files...")
-	}
+	infoPrint("Removing .viminfo and .swp files...")
 	shellCommand("find " + findPaths + " -iname '*.viminfo*' -delete -iname '*.swp' -delete")
 
-	if verboseEnabled {
-		infoPrint("Symlinking .bash_history and .zsh_history to /dev/null...")
-	}
+	infoPrint("Symlinking .bash_history and .zsh_history to /dev/null...")
 	shellCommand("find " + findPaths + " -iname '*.bash_history' -exec ln -sf /dev/null {} \\;")
 	shellCommand("find " + findPaths + " -name '.zsh_history' -exec ln -sf /dev/null {} \\;")
 
-	if verboseEnabled {
-		infoPrint("Removing .local files...")
-	}
+	infoPrint("Removing .local files...")
 	shellCommand("rm -rf /root/.local /home/*/.local/")
 
-	if verboseEnabled {
-		infoPrint("Removing cache...")
-	}
+	infoPrint("Removing cache...")
 	shellCommand("rm -rf /root/.cache /home/*/.cache/")
 
-	if verboseEnabled {
-		infoPrint("Removing temp root and Desktop files...")
-	}
+	infoPrint("Removing temp root and Desktop files...")
 	shellCommand("rm -rf /root/*~ /home/*/Desktop/*~")
 
-	if verboseEnabled {
-		infoPrint("Removing crash and VMWare data...")
-	}
+	infoPrint("Removing crash and VMWare data...")
 	shellCommand("rm -f /var/VMwareDnD/* /var/crash/*.crash")
 
-	if verboseEnabled {
-		infoPrint("Removing apt and dpkg logs...")
-	}
+	infoPrint("Removing apt and dpkg logs...")
 	shellCommand("rm -rf /var/log/apt/* /var/log/dpkg.log")
 
-	if verboseEnabled {
-		infoPrint("Removing logs (auth and syslog)...")
-	}
+	infoPrint("Removing logs (auth and syslog)...")
 	shellCommand("rm -f /var/log/auth.log* /var/log/syslog*")
 
-	if verboseEnabled {
-		infoPrint("Removing initial package list...")
-	}
+	infoPrint("Removing initial package list...")
 	shellCommand("rm -f /var/log/installer/initial-status.gz")
 
-	if verboseEnabled {
-		infoPrint("Removing scoring.conf...")
-	}
+	infoPrint("Removing scoring.conf...")
 	shellCommand("rm " + mc.DirPath + "scoring.conf*")
 
-	if verboseEnabled {
-		infoPrint("Removing other setup files...")
-	}
+	infoPrint("Removing other setup files...")
 	shellCommand("rm -rf " + mc.DirPath + "misc/")
 	shellCommand("rm -rf " + mc.DirPath + "ReadMe.conf")
 	shellCommand("rm -rf " + mc.DirPath + "README.md")
 	shellCommand("rm -rf " + mc.DirPath + "TODO.md")
 	shellCommand("rm -rf " + mc.DirPath + ".git")
 	shellCommand("rm -rf " + mc.DirPath + ".github")
 
-	if verboseEnabled {
-		infoPrint("Removing aeacus binary...")
-	}
+	infoPrint("Removing aeacus binary...")
 	shellCommand("rm " + mc.DirPath + "aeacus")
 
-	if verboseEnabled {
-		infoPrint("Overwriting timestamps to obfuscate changes...")
-	}
+	infoPrint("Overwriting timestamps to obfuscate changes...")
 	shellCommand("find /etc /home /var -exec  touch --date='2012-12-12 12:12' {} \\; 2>/dev/null")
-
-	if verboseEnabled {
-		infoPrint("Clearing firefox cache and browsing history...")
-	}
+
+	infoPrint("Clearing firefox cache and browsing history...")
 	shellCommand("bleachbit --clean firefox.url_history; bleachbit --clean firefox.cache")
 }