First commit

README.txt

@@ -0,0 +1,20 @@
+CRASS -- the "code review audit script scanner" started as a source code grep-er with a set of carefully selected high-potential strings that may result in problems. By now it is searching for strings in general that are simply interesting for an analysts. Simplicity is the key: You don't need anything than a couple of standard *nix command line tools, while the project still serves as a "what can go wrong" collection of things we see over the years.
+
+While the grep script is still the main focus of the project, the tool should also be able to analyze directories full of unknown things a bit smarter: 
+
+- A script to unpack and make things bigger (bloat-it.sh: unpack zips, decompile jars, etc.)
+- A script to clean and make things smaller (depending on the use case we want to remove .svn, .git folders, etc.)
+- A script to get an overview about existing files (find-it.sh: using the "file" command)
+- A script to compare two versions (diff-it.sh: using the "diff" command)
+- A script to visualize the contents (visualize-it.sh)
+- A script to extract interesting information (extract-it.sh: mainly meta data, for example exif information from pictures)
+- A script to find interesting things for security people (grep-it.sh: using the gnu version of "grep"): 
+ - It is not a real static analysis tool and it's not in any way a replacement for all the tools out there, but it is kind of language independent...
+ - It's also not only for source code. It should be helpful in all cases where you have too much data to look through manually: You customer sent you a zip file with whatever. You achieved access to a server and want to look for further problems and sensitive information. You harvested/looted data off a server/client/share/...
+
+Some characteristics:
+- The scripts can be run independently (it is important to keep it this way), but main.sh is showing what the idea of using them all together would be.
+- grep-it.sh is the main focus of the project and is usually best maintained.
+- Tested under MAC OSX ONLY (with gnu-grep from mac ports)
+
+This scripts aren't very advanced - exactly what's needed if you don't know where to start.

bloat-it.sh

@@ -0,0 +1,63 @@
+#!/bin/bash
+#
+# ----------------------------------------------------------------------------
+# "THE BEER-WARE LICENSE" (Revision 42):
+# <floyd at floyd dot ch> wrote this file. As long as you retain this notice you
+# can do whatever you want with this stuff. If we meet some day, and you think
+# this stuff is worth it, you can buy me a beer in return
+# floyd http://floyd.ch @floyd_ch <floyd at floyd dot ch>
+# July 2013
+# ----------------------------------------------------------------------------
+
+#NEVER RUN THIS SCRIPT on directories which you haven't backup'ed
+#THIS IS A VERY DANGEROUS SCRIPT THAT DELETES
+#I REPEAT, THIS IS A VERY DANGEROUS SCRIPT THAT DELETES
+
+if [ $# -ne 1 ]
+then
+  echo "Usage: `basename $0` dir-to-bloat"
+  exit 0
+fi
+
+DIR=${1%/}
+
+echo "#Bloating $DIR"
+
+UNZIP_CMD="unzip"
+JAR_CMD="jar"
+JAR_CMD="tar"
+GZIP_CMD="gzip"
+
+if [ -e ./java_decompile.sh ]
+then
+    JAR_BEHAVIOR="./java_decompile.sh"
+else
+    echo "###"
+    echo "# Warning: You haven't chosen how to decompile .jar files."
+    echo "# Please copy one of the java_decompile-*.sh files to java_decompile.sh"
+    echo "# for now .jar are going to be unzipped and nothing more."
+    echo "###"
+    sleep 1
+    JAR_BEHAVIOR="$JAR_CMD xf"
+fi
+
+
+for loops in 1 2 3 4 5
+do
+    echo "#Round $loops"
+    echo "#unzip all files and delete the zip file afterwards"
+    find "$DIR" -depth -iname '*.zip' -exec echo '#Unpacking {}' \; -execdir $UNZIP_CMD -n '{}' \; -delete
+
+    echo "#untar all tar files and delete afterwards"
+    find "$DIR" -depth -iname '*.tar' -exec echo '#Unpacking {}' \; -execdir $TAR_CMD -xf '{}' \; -delete
+
+    echo "#ungzip all gz files and delete afterwards"
+    find "$DIR" -depth -iname '*.gz' -exec echo '#Unpacking {}' \; -execdir $GZIP_CMD -d '{}' \; -delete
+
+    echo "#handling all jar files and delete afterwards"
+    find "$DIR" -depth -iname '*.jar' -exec echo '#Unpacking {}' \; -execdir $JAR_BEHAVIOR '{}' \; -delete
+
+done
+
+
+

clean-it.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+#
+# ----------------------------------------------------------------------------
+# "THE BEER-WARE LICENSE" (Revision 42):
+# <floyd at floyd dot ch> wrote this file. As long as you retain this notice you
+# can do whatever you want with this stuff. If we meet some day, and you think
+# this stuff is worth it, you can buy me a beer in return
+# floyd http://floyd.ch @floyd_ch <floyd at floyd dot ch>
+# July 2013
+# ----------------------------------------------------------------------------
+
+
+if [ $# -ne 1 ]
+then
+  echo "Usage: `basename $0` dir-to-clean"
+  exit 0
+fi
+
+DIR=${1%/}
+
+echo "#Cleaning $DIR"
+
+echo "Don't care about .svn stuff"
+find "$DIR" -type d -iname ".svn" -exec rm -rf {} \;
+echo "Don't care about .DS_Store files"
+find "$DIR" -type f -name ".DS_Store" -exec rm -rf {} \;
+echo "Don't care about files ending in ~"
+find "$DIR" -type f -iname "*~" -exec rm -rf {} \;
+echo "Don't care about the Android R.java file (it's autogenerated)"
+find "$DIR" -type f -name "R.java" -exec rm -rf {} \;
+
+#delete all empty files and directories
+echo "Removing empty files/directories"
+find "$DIR" -size 0 -delete

diff-it.sh

@@ -0,0 +1,76 @@
+#!/bin/bash
+#
+# ----------------------------------------------------------------------------
+# "THE BEER-WARE LICENSE" (Revision 42):
+# <floyd at floyd dot ch> wrote this file. As long as you retain this notice you
+# can do whatever you want with this stuff. If we meet some day, and you think
+# this stuff is worth it, you can buy me a beer in return
+# floyd http://floyd.ch @floyd_ch <floyd at floyd dot ch>
+# July 2013
+# ----------------------------------------------------------------------------
+
+TARGET="./diff-output"
+
+if [ $# -lt 2 ]
+then
+  echo "Usage: `basename $0` old-dir new-dir [output-dir]"
+  exit 0
+fi
+
+if [ $# -eq 3 ]
+then
+  #argument without last /
+  TARGET=${3%/}
+fi
+
+#remove last / of arguments
+ONE=${1%/}
+TWO=${2%/}
+CUR="`pwd`"
+
+echo "#Diffing $1 and $2"
+
+
+mkdir "$TARGET"
+
+cd "$ONE"
+find . -type f -print | sort -u > "$CUR/$TARGET/file-list-ONE.txt"
+cd "$CUR" #TWO can be relative, so go back first
+cd "$TWO"
+find . -type f -print | sort -u > "$CUR/$TARGET/file-list-TWO.txt"
+cd "$CUR"
+
+#Summary: Which files differ at all?
+diff -E -b -w -r -q "./$ONE" "./$TWO" > "$TARGET/different-files.txt"
+
+#Summary: Which files are new/were deleted
+echo "Checking which files differ, were added or removed"
+comm -23 "$TARGET/file-list-ONE.txt" "$TARGET/file-list-TWO.txt" > "$TARGET/removed-files.txt"
+comm -13 "$TARGET/file-list-ONE.txt" "$TARGET/file-list-TWO.txt" > "$TARGET/new-files.txt"
+comm -12 "$TARGET/file-list-ONE.txt" "$TARGET/file-list-TWO.txt" > "$TARGET/common-files.txt"
+
+#The details of all diffs: This is what we should normally check...
+echo "Producing the main diff"
+diff -E -b -w -r "./$ONE" "./$TWO" > "$TARGET/diff-everything.txt"
+
+#do it separately for each file extension, so if we're in a hurry, we can e.g. only look at .java files
+#these types will generate a diff file each
+types="java jsp m h properties xml c cpp"
+for t in $types; do
+	grep -E "\.$t$" "$TARGET/common-files.txt" > "$TARGET/common-$t.txt"
+done
+#getting files with other extensions than $types, will create one file for all of them
+grep -vE ".*\.(`echo $types | tr " " "|"`)$" "$TARGET/common-files.txt" > "$TARGET/common-others.txt"
+
+types="$types others"
+for t in $types; do
+	#generate the diff
+	echo "Diffing $t files"
+	#uncomment to generate the two-sided comparison - WARN: it's not possible to print filenames and line numbers this way
+	#cat common-$t.txt | xargs -I {} -n1 diff -E -b -w -y --strip-trailing-cr --suppress-common-lines -W 200 --tabsize=4 -t $ONE/{} $TWO/{} > diff-$t.txt
+	cat "$TARGET/common-$t.txt" | xargs -I {} diff -E -b -w -u "$ONE/{}" "$TWO/{}" > "$TARGET/diff-$t.txt"
+done
+
+
+echo "Cleaning up, removing empty files in $TARGET"
+find $TARGET -type f -size 0 -maxdepth 1 -delete

extract-it.sh

@@ -0,0 +1,5 @@
+#TODO: E.g. extract metadata out of word files and images
+#for example for images with ImageMagick:
+#identify -verbose image.jpg
+#exiftool-5.12 is another option
+#e.g. make longitude/latitude link on google maps