DTux/dtux__sshdetect
Archived
1
0
Fork 0
Code

getting user and ip from utmp

Browse Source
This commit is contained in:
Daniel Tartavel 2020-05-07 17:44:02 +02:00
parent 6d7d3b73e7
commit 012226f856
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
main.c
View File

@ -22,16 +22,19 @@ int isinarray( int pid, int array[], int n )
} return 0;
}
int getutmp( int pid )
void getutmp( int pid, char user[], char host_ip[] )
{
struct utmp * utmp;
setutent();
while ( (utmp = getutent()) != NULL )
{
printf("toto");
if ( utmp->ut_pid == pid )
{
sprintf(user, "%s", utmp->ut_user);
sprintf(host_ip, "%s", utmp->ut_host);
}
}
endutent();
}
int null2space( char str[] )
@ -89,7 +92,7 @@ int getpids(int pid, int exploded[])
}
}
int getprocinfo( int ppid, char cmdline[], char cmd[], char user[] )
int getprocinfo( int ppid, char cmdline[], char cmd[], char user[], char host_ip[] )
{
FILE *fh1;
char child_path[128];
@ -102,9 +105,9 @@ int getprocinfo( int ppid, char cmdline[], char cmd[], char user[] )
int pid = ppid;
int level = 0;
int retval = 0;
char * pos;
// char * pos;
getutmp( pid );
getutmp( pid, user, host_ip );
while ( flag == 0)
{
r = getpids( pid, child_pid );
@ -140,7 +143,7 @@ int getprocinfo( int ppid, char cmdline[], char cmd[], char user[] )
}
fscanf( fh1, "%s", cmd );
fclose(fh1);
sprintf( child_path, "/proc/%d/environ", pid );
/*sprintf( child_path, "/proc/%d/environ", pid );
if ( (fh1= fopen(child_path, "r" )) == NULL)
{
perror(child_path);
@ -152,7 +155,7 @@ int getprocinfo( int ppid, char cmdline[], char cmd[], char user[] )
if ( (pos = strstr( str, "USER=")) != NULL)
{
sscanf( pos+5, "%s", user);
}
}*/
return retval;
}
@ -160,7 +163,6 @@ int main()
{
FILE *fh;
FILE *fh1;
struct utmp * utmp;
int n_ssh=10;
int id;
int pid;
@ -182,10 +184,10 @@ int main()
char cmd[24];
char cmdline[1000];
char user[24]="";
char host_ip[42];
char str[1024];
char date[60];
time_t now ;
time( &now );
sprintf( date, "%s", ctime(&now));
date[strlen(date)-1] = 0;
@ -233,7 +235,7 @@ int main()
if( r == 0 )
{
user[0]='\0';
rinfo = getprocinfo( pid, cmdline, cmd, user );
rinfo = getprocinfo( pid, cmdline, cmd, user, host_ip );
if( rinfo == 0 )
{
x++;