github.com/wtfutil/wtf@v0.43.0/modules/security/users.go

github.com/wtfutil/wtf@v0.43.0/modules/security/users.go (about)

     1  package security
     2  
     3  // http://applehelpwriter.com/2017/05/21/how-to-reveal-hidden-users/
     4  
     5  import (
     6  	"os/exec"
     7  	"runtime"
     8  	"strings"
     9  
    10  	"github.com/wtfutil/wtf/utils"
    11  )
    12  
    13  /* -------------------- Exported Functions -------------------- */
    14  
    15  func LoggedInUsers() []string {
    16  	switch runtime.GOOS {
    17  	case "linux":
    18  		return loggedInUsersLinux()
    19  	case "darwin":
    20  		return loggedInUsersMacOs()
    21  	case "windows":
    22  		return loggedInUsersWindows()
    23  	default:
    24  		return []string{}
    25  	}
    26  }
    27  
    28  /* -------------------- Unexported Functions -------------------- */
    29  
    30  func cleanUsers(users []string) []string {
    31  	rejects := []string{"_", "root", "nobody", "daemon", "Guest"}
    32  	cleaned := []string{}
    33  
    34  	for _, user := range users {
    35  		clean := true
    36  
    37  		for _, reject := range rejects {
    38  			if strings.HasPrefix(user, reject) {
    39  				clean = false
    40  				continue
    41  			}
    42  		}
    43  
    44  		if clean && user != "" {
    45  			cleaned = append(cleaned, user)
    46  		}
    47  	}
    48  
    49  	return cleaned
    50  }
    51  
    52  func loggedInUsersLinux() []string {
    53  	cmd := exec.Command("who", "-us")
    54  	users := utils.ExecuteCommand(cmd)
    55  
    56  	cleaned := []string{}
    57  
    58  	for _, user := range strings.Split(users, "\n") {
    59  		clean := true
    60  		col := strings.Split(user, " ")
    61  
    62  		if len(col) > 0 {
    63  			for _, cleanedU := range cleaned {
    64  				u := strings.TrimSpace(col[0])
    65  				if u == "" || strings.Compare(cleanedU, col[0]) == 0 {
    66  					clean = false
    67  				}
    68  			}
    69  			if clean {
    70  				cleaned = append(cleaned, col[0])
    71  			}
    72  		}
    73  	}
    74  
    75  	return cleaned
    76  }
    77  
    78  func loggedInUsersMacOs() []string {
    79  	cmd := exec.Command("dscl", []string{".", "-list", "/Users"}...)
    80  	users := utils.ExecuteCommand(cmd)
    81  
    82  	return cleanUsers(strings.Split(users, "\n"))
    83  }
    84  
    85  func loggedInUsersWindows() []string {
    86  	// We can use either one:
    87  	// 		(Get-WMIObject -class Win32_ComputerSystem | select username).username
    88  	// 		[System.Security.Principal.WindowsIdentity]::GetCurrent().Name
    89  	// The original was:
    90  	//		cmd := exec.Command("powershell.exe", "(query user) -replace '\\s{2,}', ','")
    91  	// But that didn't work!
    92  	// The real powershell command reads:
    93  	// 	 powershell.exe -NoProfile -Command "& { [System.Security.Principal.WindowsIdentity]::GetCurrent().Name }"
    94  	// But we here have to write it as:
    95  	cmd := exec.Command("powershell.exe", "-NoProfile", "-Command", "& { [System.Security.Principal.WindowsIdentity]::GetCurrent().Name }")
    96  	// ToDo:  Make list for multi-user systems
    97  
    98  	users := utils.ExecuteCommand(cmd)
    99  	return cleanUsers(strings.Split(users, "\n"))
   100  }