Added additional file types and also exit code.

thorhs · 1lann · commit 0b7e58ee05a7 · 2021-12-13T09:32:17.000-08:00
I added .ear and .zip to types of file to test.

Also added an exit code if a match is found.
Exit codes:
* 0: No match found
* 1: Error
* 2: Error parsing flags
* 3: Match was found

This enables integration with Ansible, e.g:

```yaml
---
- hosts: all
  become: true
  tasks:
  - name: Copy log4shelldetect to remote host
    copy:
      src: /home/XXX/log4shelldetect
      dest: /tmp/log4shelldetect
      mode: "0555"

  - name: Search for log4j
    shell:
      cmd: "/tmp/log4shelldetect -mode=list /"
    register: log4shelldetect
    changed_when: log4shelldetect.rc == 3
    failed_when: log4shelldetect.rc == 1 or log4shelldetect.rc == 2

  - name:
    copy:
      dest: "/home/XXX/log4shelldetect.out/{{ ansible_fqdn }}"
      content: "{{ log4shelldetect.stdout }}\n"
    when: log4shelldetect.rc == 3
    delegate_to: localhost
```
diff --git a/main.go b/main.go
@@ -60,7 +60,7 @@ func main() {
 		Callback: func(osPathname string, de *godirwalk.Dirent) error {
 			// For each file in the directory, check if it ends in ".jar"
 			ext := strings.ToLower(filepath.Ext(osPathname))
-			if ext == ".jar" || ext == ".war" {
+			if ext == ".jar" || ext == ".war" || ext == ".ear" || ext == ".zip" {
 				pool <- struct{}{}
 				// If it is, take a goroutine (thread) from the thread pool
 				// and check the jar.
@@ -89,6 +89,8 @@ func main() {
 	for i := 0; i < cap(pool); i++ {
 		pool <- struct{}{}
 	}
+
+	os.Exit(found)
 }
 
 // checkJar checks a given jar file and returns a status and description for whether
@@ -194,7 +196,7 @@ func checkJar(pathToFile string, rd io.ReaderAt, size int64, depth int) (status
 
 			// If there is a jar in the jar, recurse into it.
 			ext := strings.ToLower(path.Ext(file.Name))
-			if ext == ".jar" || ext == ".war" {
+			if ext == ".jar" || ext == ".war" || ext == ".ear" || ext == ".zip" {
 				var subStatus Status
 				var subDesc string
 				// If the jar is larger than 500 MB, this can be dangerous
@@ -285,6 +287,8 @@ const (
 	StatusVulnerable
 )
 
+var found = 0
+
 // printStatus takes in the path to the file, status and description, and
 // prints the result out to stdout.
 func printStatus(fileName string, status Status, desc string) {
@@ -295,6 +299,7 @@ func printStatus(fileName string, status Status, desc string) {
 	if *mode == "list" {
 		if status == StatusVulnerable || status == StatusMaybe {
 			fmt.Println(fileName)
+			found = 3
 		}
 
 		return
@@ -309,12 +314,15 @@ func printStatus(fileName string, status Status, desc string) {
 	case StatusPatched:
 		c = color.New(color.FgGreen)
 		c.Print("PATCHED ")
+		found = 3
 	case StatusVulnerable:
 		c = color.New(color.FgRed)
 		c.Print("VULNRBL ")
+		found = 3
 	case StatusMaybe:
 		c = color.New(color.FgRed)
 		c.Print("MAYBE   ")
+		found = 3
 	case StatusUnknown:
 		c = color.New(color.FgYellow)
 		c.Print("UNKNOWN ")
