#!/usr/bin/perl 
#
# sourcescan.pl ----> scans source for common C vulnerabilities
# By - Xtremist (xtremist@2xs.co.il) 
#        for [r00tabega.security.labs]
# 

if ($#ARGV<0) {
print "Usage : $0 <filename> <logfile>\n";
exit();
}

open (FILE,"<$ARGV[0]");
open (LOG,">$ARGV[1]");
$file=$ARGV[0];
while (<FILE>) {
Print ($file,$line,"strcpy") if (/strcpy/);
Print ($file,$line,"gets") if (/gets/); 
Print ($file,$line,"strcat") if (/strcat/); 
Print ($file,$line,"sprintf") if (/sprintf/); 
Print ($file,$line,"fscanf") if (/fscanf/); 
Print ($file,$line,"scanf") if (/scanf/); 
Print ($file,$line,"vsprintf") if (/vsprintf/); 
Print ($file,$line,"realpath") if (/realpath/); 
Print ($file,$line,"getopt") if (/getopt/); 
Print ($file,$line,"getpass") if (/getpass/); 
Print ($file,$line,"streadd") if (/streadd/); 
Print ($file,$line,"strecpy") if (/strecpy/); 
Print ($file,$line,"strtrns") if (/strtrns/); 
Print ($file,$line,"getenv") if (/getenv/); 
Print ($file,$line,"setenv") if (/setenv/); 
}

sub Print {
$fil=shift;
$lin=shift;
$stuff=shift;
print "$fil:$lin $stuff found\n";
print LOG "$fil:$lin $stuff found\n";
$line++;
}
print "\nNo of possible vulnerabilities : $line\n";
print LOG "\nNo of possible vulnerabilities : $line\n";
close (LOG);
close (FILE);