#!/usr/bin/perl
# $Date: 2021-12-10 $
# $Revision: 2.3.0 $
# $Source: /root/bin/submitsh $
# $Author: Julian Fondren $
# Submit shells to Julian Fondren for Updating Scan
# (doc tba)
# Please submit all bug reports at jira.endurance.com
# (C) 2014 - Newfold Digital Inc.
use strict;
use warnings;
use version; our $VERSION = qv('3.0');
use Getopt::Long;
use Digest::MD5 qw(md5_hex);
use LWP::Simple;
use Sys::Hostname;
use File::Slurp;
use IO::Compress::Gzip qw(gzip);

my $hostname = hostname;
my $false;

GetOptions( 'false|f' => \$false, );
$false = $false ? "true" : "false";

if (defined($ARGV[0])) {
    do_submit($ARGV[0]);
} else {
    usage();
}

sub do_submit {
    my ($file) = @_;
    my ($content, $md5);
    {
        my $malware = read_file($file);
        $md5 = md5_hex($malware);
        gzip \$malware => \$content;
    }
    my @stats = stat $file;
    my $user = getpwuid $stats['4'];
    my $ruser = defined($ENV{'RUSER'}) ? $ENV{'RUSER'}
        : defined($ENV{'SYSADMIN'}) ? $ENV{'SYSADMIN'}
        : 'unk';

    my $ua = LWP::UserAgent->new;
    $ua->agent('submitsh-potteryreporter');
    $ua->ssl_opts(verify_hostname => 0);
    my $res = $ua->post('https://reports.soc.newfold.com/report/submitsh?'
        ."server=$hostname&md5=$md5&user=$user&false=$false&key=87__poiKJln&ruser=$ruser",
        Content => $content);
    if ($res->is_success) {
        print "Report submitted for $file ($md5)\n";
    } else {
        die "Failed to send report: ".$res->status_line;
    }
}

sub usage {
    die <<'END_USAGE';

  Usage: submitsh [OPTIONS] FILENAME
  Options:
    --false, -f     Mark as false positive
    --help, -h      Show this usage

END_USAGE
}