diff --git a/cmd/tpm-vuln-checker/cmds.go b/cmd/tpm-vuln-checker/cmds.go index 3f71527..11f7c19 100644 --- a/cmd/tpm-vuln-checker/cmds.go +++ b/cmd/tpm-vuln-checker/cmds.go @@ -21,7 +21,6 @@ import ( "github.com/immune-gmbh/tpm-vuln-checker/pkg/cve201715361" "github.com/immune-gmbh/tpm-vuln-checker/pkg/cve20231017" "github.com/immune-gmbh/tpm-vuln-checker/pkg/tss" - "github.com/manifoldco/promptui" ) var ( @@ -33,13 +32,15 @@ var ( type context struct { Emulator bool + URL string } type versionCmd struct { } type checkCmd struct { - NonInteractive bool `flag optional name:"auto-upload" help:"Always uploads anonymized data without asking"` + Upload bool `flag optional name:"upload" help:"Always uploads anonymized data without asking"` + Verbose bool `flag optional name:"verbose" help:"Verbose TPM device info"` } func (v *versionCmd) Run(ctx *context) error { @@ -47,7 +48,7 @@ func (v *versionCmd) Run(ctx *context) error { return nil } -func (v *checkCmd) Run(ctx *context) error { +func (c *checkCmd) Run(ctx *context) error { socket, err := tss.NewTPM(ctx.Emulator) if err != nil { return err @@ -62,6 +63,9 @@ func (v *checkCmd) Run(ctx *context) error { } fmt.Printf("TPM Manufacturer: \t\t%s\nTPM Spec Revision: \t\t%s\nTPM Family: \t\t\t%s\n", tpmInfo.Manufacturer.String(), tpmInfo.SpecRevision.String(), tpmInfo.Family.String()) + if c.Verbose { + // TODO + } fmt.Printf("\nStarting TPM vulnerabilities checks.. This may take few seconds!\n\n") vulnerable, cveData20231017, err := cve20231017.IsVulnerable(socket) if err != nil { @@ -90,22 +94,12 @@ func (v *checkCmd) Run(ctx *context) error { } } fmt.Println() - if v.NonInteractive { - if err := cloud.UploadAnonData(tpmInfo, cveData20231017, cveData201715361); err != nil { - return err - } - } else { - prompt := promptui.Prompt{ - Label: "Do you want to upload this data anonymized for analysis and tpm firmware update support", - IsConfirm: true, - } - fmt.Println() - _, err := prompt.Run() - if err != nil { - return nil - } - if err := cloud.UploadAnonData(tpmInfo, cveData20231017, cveData201715361); err != nil { + fmt.Println() + if c.Upload { + if err := cloud.UploadAnonData(ctx.URL, tpmInfo, cveData20231017, cveData201715361); err != nil { return err + } else { + fmt.Printf("Upload Complete! Thank you for the TPM metrics :)") } } return nil @@ -113,6 +107,7 @@ func (v *checkCmd) Run(ctx *context) error { var cli struct { Emulator bool `help:"Enable emulator mode."` + URL string `help:"Custom upload url."` Version versionCmd `cmd help:"Prints the version of the program"` - Check checkCmd `short:"c" cmd help:"Check TPM for CVE 2023-1017-1018"` + Check checkCmd `short:"c" cmd help:"Checks for TPM vulnerabilities"` } diff --git a/cmd/tpm-vuln-checker/main.go b/cmd/tpm-vuln-checker/main.go index 39c0256..2db3709 100644 --- a/cmd/tpm-vuln-checker/main.go +++ b/cmd/tpm-vuln-checker/main.go @@ -49,7 +49,7 @@ func main() { Compact: true, Summary: true, })) - err := ctx.Run(&context{Emulator: cli.Emulator}) + err := ctx.Run(&context{Emulator: cli.Emulator, URL: cli.URL}) fmt.Println() ctx.FatalIfErrorf(err) } diff --git a/go.mod b/go.mod index e3b684b..6737fef 100644 --- a/go.mod +++ b/go.mod @@ -6,11 +6,9 @@ require ( github.com/alecthomas/kong v0.7.1 github.com/fatih/color v1.14.1 github.com/google/go-tpm v0.3.3 - github.com/manifoldco/promptui v0.9.0 ) require ( - github.com/chzyer/readline v1.5.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.17 // indirect golang.org/x/sys v0.6.0 // indirect diff --git a/go.sum b/go.sum index 1f60eb8..8fbfc21 100644 --- a/go.sum +++ b/go.sum @@ -12,15 +12,6 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/logex v1.2.0 h1:+eqR0HfOetur4tgnC8ftU5imRnhi4te+BadWS95c5AM= -github.com/chzyer/logex v1.2.0/go.mod h1:9+9sk7u7pGNWYMkh0hdiL++6OeibzJccyQU4p4MedaY= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/readline v1.5.0 h1:lSwwFrbNviGePhkewF1az4oLmcwqCZijQ2/Wi3BGHAI= -github.com/chzyer/readline v1.5.0/go.mod h1:x22KAscuvRqlLoK9CsoYsmxoXZMMFVyOl86cAH8qUic= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/chzyer/test v0.0.0-20210722231415-061457976a23 h1:dZ0/VyGgQdVGAss6Ju0dt5P0QltE0SFY5Woh6hbIfiQ= -github.com/chzyer/test v0.0.0-20210722231415-061457976a23/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= @@ -88,8 +79,6 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= -github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= @@ -162,11 +151,9 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20210629170331-7dc0b73dc9fb/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/pkg/cloud/cloud.go b/pkg/cloud/cloud.go index a8f838a..fcfa9b7 100644 --- a/pkg/cloud/cloud.go +++ b/pkg/cloud/cloud.go @@ -27,7 +27,7 @@ import ( "github.com/immune-gmbh/tpm-vuln-checker/pkg/tss" ) -const ( +var ( uploadURL = "https://upload.vuln.immune.gmbh" ) @@ -37,7 +37,7 @@ type AnonInfo struct { CVEData201715361 *cve201715361.CVEData `json:"cveData-201715361"` } -func UploadAnonData(info *tss.TPM20Info, cveData20231017 *cve20231017.CVEData, cveData201715361 *cve201715361.CVEData) error { +func UploadAnonData(customURL string, info *tss.TPM20Info, cveData20231017 *cve20231017.CVEData, cveData201715361 *cve201715361.CVEData) error { if info == nil { return fmt.Errorf("tpm info is nil") } @@ -55,6 +55,9 @@ func UploadAnonData(info *tss.TPM20Info, cveData20231017 *cve20231017.CVEData, c part, _ := writer.CreateFormFile("file", id+".json") io.Copy(part, bytes.NewReader(data)) writer.Close() + if customURL != "" { + uploadURL = customURL + } request, err := http.NewRequest("POST", uploadURL, body) if err != nil { return err