mirrors/pspy
1
0
Fork 0
mirror of https://github.com/DominicBreuker/pspy.git synced 2025-12-20 19:24:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

change banner

Browse Source
This commit is contained in:
Dominic Breuker
2019-08-21 23:43:00 +02:00
parent 6f434e1d5b
commit 3bd4885e22
2 changed files with 24 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -1,6 +1,6 @@
<img src="images/logo.svg" align="left" />
# pspy - unprivileged linux process snooping
# pspy - unprivileged Linux process snooping
[![Go Report Card](https://goreportcard.com/badge/github.com/DominicBreuker/pspy)](https://goreportcard.com/report/github.com/DominicBreuker/pspy)
[![Maintainability](https://api.codeclimate.com/v1/badges/23328b2549a76aa11dd5/maintainability)](https://codeclimate.com/github/DominicBreuker/pspy/maintainability)
@@ -12,7 +12,7 @@ It allows you to see commands run by other users, cron jobs, etc. as they execut
Great for enumeration of Linux systems in CTFs.
Also great to demonstrate your colleagues why passing secrets as arguments on the command line is a bad idea.
The tool gathers it's info from procfs scans.
The tool gathers the info from procfs scans.
Inotify watchers placed on selected parts of the file system trigger these scans to catch short-lived processes.
## Getting started
@@ -21,13 +21,13 @@ Inotify watchers placed on selected parts of the file system trigger these scans
Get the tool onto the Linux machine you want to inspect.
First get the binaries. Download the released binaries here:
- 32 bit big, static version: `pspy32` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.0.0/pspy32)
- 64 bit big, static version: `pspy64` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.0.0/pspy64)
- 32 bit small version: `pspy32s` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.0.0/pspy32s)
- 64 bit small version: `pspy64s` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.0.0/pspy64s)
- 32 bit big, static version: `pspy32` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.1.0/pspy32)
- 64 bit big, static version: `pspy64` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.1.0/pspy64)
- 32 bit small version: `pspy32s` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.1.0/pspy32s)
- 64 bit small version: `pspy64s` [download](https://github.com/DominicBreuker/pspy/releases/download/v1.1.0/pspy64s)
The statically compiled files should work on any Linux system but are quite huge (~4MB).
If size is an issue, try the smaller versions which depend on libc and are compressed with UPX (<1MB).
If size is an issue, try the smaller versions which depend on libc and are compressed with UPX (~1MB).
### Build

30
cmd/root.go
View File

@@ -5,7 +5,6 @@ import (
"log"
"os"
"os/signal"
"strings"
"syscall"
"time"
@@ -17,15 +16,20 @@ import (
"github.com/spf13/cobra"
)
var bannerLines = []string{
" _____ _____ _______ __",
" | __ \\ / ____| __ \\ \\ / /",
" | |__) | (___ | |__) \\ \\_/ / ",
" | ___/ \\___ \\| ___/ \\ / ",
" | | ____) | | | | ",
" |_| |_____/|_| |_| ",
helpText,
}
var banner = `
██▓███ ██████ ██▓███ ▓██ ██▓
▓██░ ██▒▒██ ▒ ▓██░ ██▒▒██ ██▒
▓██░ ██▓▒░ ▓██▄ ▓██░ ██▓▒ ▒██ ██░
▒██▄█▓▒ ▒ ▒ ██▒▒██▄█▓▒ ▒ ░ ▐██▓░
▒██▒ ░ ░▒██████▒▒▒██▒ ░ ░ ░ ██▒▓░
▒▓▒░ ░ ░▒ ▒▓▒ ▒ ░▒▓▒░ ░ ░ ██▒▒▒
░▒ ░ ░ ░▒ ░ ░░▒ ░ ▓██ ░▒░
░░ ░ ░ ░ ░░ ▒ ▒ ░░
░ ░ ░
░ ░
`
var helpText = `
pspy monitors the system for file system events and new processes.
@@ -33,11 +37,9 @@ It prints these envents to the console.
File system events are monitored with inotify.
Processes are monitored by scanning /proc, using file system events as triggers.
pspy does not require root permissions do operate.
Check our https://github.com/dominicbreuker/pspy for more information.
Check out https://github.com/dominicbreuker/pspy for more information.
`
var banner = strings.Join(bannerLines, "\n")
var rootCmd = &cobra.Command{
Use: "pspy",
Short: "pspy can watch your system for new processes and file system events",
@@ -75,6 +77,8 @@ func init() {
func root(cmd *cobra.Command, args []string) {
logger := logging.NewLogger(debug)
logger.Infof("%s", banner)
cfg := &config.Config{
RDirs: rDirs,
Dirs: dirs,