1
0
This commit is contained in:
Daniel Tartavel 2020-05-06 18:50:57 +02:00
parent 7f42eabe90
commit a08c4a9a83

19
main.c
View File

@ -96,7 +96,7 @@ int getprocinfo( int ppid, char cmdline[], char cmd[], char user[] )
if( level == 0 && r == 2 ) if( level == 0 && r == 2 )
{ {
flag = 1; flag = 1;
retval = 2; retval = -1;
}else if ( r != -1 ) }else if ( r != -1 )
{ {
level++; level++;
@ -132,10 +132,12 @@ int getprocinfo( int ppid, char cmdline[], char cmd[], char user[] )
return 5; return 5;
} }
fgets( str, 1024, fh1); fgets( str, 1024, fh1);
null2space( str );
pos = strstr( str, "USER=") +5;
sscanf( pos, "%s", user);
fclose(fh1); fclose(fh1);
null2space( str );
if ( (pos = strstr( str, "USER=")) != NULL)
{
sscanf( pos, "%s", user);
}
return retval; return retval;
} }
@ -162,7 +164,7 @@ int main()
char logfile[] = "/var/log/sshdetect.log"; char logfile[] = "/var/log/sshdetect.log";
char cmd[24]; char cmd[24];
char cmdline[1000]; char cmdline[1000];
char user[24]; char user[24]="";
char str[1024]; char str[1024];
char date[60]; char date[60];
time_t now ; time_t now ;
@ -213,6 +215,7 @@ int main()
r = isinarray(pid, childrens, x); r = isinarray(pid, childrens, x);
if( r == 0 ) if( r == 0 )
{ {
user[0]='\0';
rinfo = getprocinfo( pid, cmdline, cmd, user ); rinfo = getprocinfo( pid, cmdline, cmd, user );
if( rinfo == 0 ) if( rinfo == 0 )
{ {
@ -223,7 +226,13 @@ int main()
time( &now ); time( &now );
sprintf( date, "%s", ctime(&now)); sprintf( date, "%s", ctime(&now));
date[strlen(date)-1] = 0; date[strlen(date)-1] = 0;
if (user[0] == '\0')
{
sprintf( str, "%s \"%s: tunnel ouvert le %s avec la commande: %s %s\"", commande, HOSTNAME, date, cmd, cmdline );
}else
{
sprintf( str, "%s \"%s: %s s'est connecté le %s avec la commande: %s %s\"", commande, HOSTNAME, user, date, cmd, cmdline ); sprintf( str, "%s \"%s: %s s'est connecté le %s avec la commande: %s %s\"", commande, HOSTNAME, user, date, cmd, cmdline );
}
if ( start != 1 ) if ( start != 1 )
{ {
id=fork(); id=fork();