52 lines
933 B
Go
52 lines
933 B
Go
package check
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"os/exec"
|
|
"strings"
|
|
)
|
|
|
|
func AuthorizedKeys() bool {
|
|
suspicious := false
|
|
|
|
dirs, _ := ioutil.ReadDir("/home")
|
|
for _, dir := range dirs {
|
|
|
|
if !dir.IsDir() {
|
|
continue
|
|
}
|
|
|
|
suspicious2 := fileAnalysis("/home/"+dir.Name()+"/.ssh/authorized_keys", dir.Name())
|
|
if suspicious2 {
|
|
suspicious = true
|
|
}
|
|
}
|
|
|
|
suspicious2 := fileAnalysis("/root/.ssh/authorized_keys", "root")
|
|
if suspicious2 {
|
|
suspicious = true
|
|
}
|
|
|
|
return suspicious
|
|
}
|
|
|
|
func fileAnalysis(file string, user string) bool {
|
|
suspicious := false
|
|
|
|
if FileExist(file) {
|
|
c := exec.Command(
|
|
"bash", "-c",
|
|
"cat "+file+" 2>/dev/null |awk '{print $3}'",
|
|
)
|
|
output, _ := c.CombinedOutput()
|
|
shell_process3 := strings.Split(string(output), "\n")
|
|
if len(shell_process3) > 0 {
|
|
fmt.Printf("用户 %s 存在免密登录的证书,证书位置: %s \n", user, file)
|
|
}
|
|
suspicious = true
|
|
}
|
|
return suspicious
|
|
|
|
}
|