#!/usr/bin/perl
# cPlicensing.net - scripts             Copyright(c) 2003 cPlicensing.net.
#                                       All rights Reserved.
# support@cPlicensing.net               http://cPlicensing.net
# Unauthorized copying is prohibited
#Version: 0.01

use POSIX;
use File::Find::Rule;

$outputresults          =       '1'; #Output Results to STDOUT?
$emailresults           =       '0'; #Email the Results
$disablevulnscripts     =       '0'; #Careful with this one, i havnt tested the regex that much

$searchpath             =       '/home'; #path to start search (recursive)
$admin_email            =       'admin@localhost'; #Enter Your E-Mail Address
$disablemessage         =       'FormMail Script Disabled, You are running a old version of formmail which opens a hole for spammers to spam thru the script.  Please go to http://www.scriptarchive.com/formmail.html and upgrade your formmail script';

#Sets this Scripts Priority (20 lowest, -20 highest)
setpriority(PRIO_PROCESS,0,19);

my $fmversion;
if($outputresults == 1){ print "Starting Search, This will take a while..."; }
my @files = File::Find::Rule->file
                            ->name("*.cgi","*.pl")
                            ->in("$searchpath");
print "Complete\n";

foreach $file (@files){
        undef $fmversion;
        open(FM,"$file");
        while (<FM>) {
                if(m/FormMail .* Version \s* (\d+.\d+)/x){
                        $fmversion = $1;
                        last;
                }
        }
        close(FM);
        if(!$fmversion){ next; }
        if($fmversion < "1.91"){
                push @BADVERSIONS, "$file:$fmversion";
        }
}

if($disablevulnscripts  == 1){ disablescripts(); }
if($emailresults == 1){ sendmail(); }
if($outputresults == 1){ displayresults(); }

### SUBS ###
sub sendmail {
        $hostname = `hostname`;
        chomp($hostname);
        foreach (@BADVERSIONS){
                ($file,$version) = split(":", $_, 2);
                $vulnfiles .= "$file is Version $version\n";
        }
        $subject = "FormMail Alert: Warning $hostname has Vulnerable FormMail Versions\n";
        $msg = "The following files are old vulnerable versions of matts formmail.  These scripts allow spammers to spam thru these scripts inturn making your server a open relay.  They should be upgraded immediatly!!!\n\n";
        open(SENDMAIL,"|/usr/sbin/sendmail -t");
        print SENDMAIL "To: <$admin_email>\n";
        print SENDMAIL "From: FormMailCheck\@$hostname\n";
        print SENDMAIL "Subject: $subject\n\n";
        print SENDMAIL "$msg $vulnfiles";
        close(SENDMAIL);
}

sub displayresults {
        foreach (@BADVERSIONS){
                ($file,$version) = split(":", $_, 2);
                if($disablevulnscripts  == 1){ next; }
                print "Vulnerable FormMail Found at $file Version($version)\n";
        }
}

sub disablescripts {
        foreach (@BADVERSIONS){
                ($file,undef) = split(":", $_, 2);
                chmod(0000, "$file");
                if($outputresults == 1){ print "Disabled => $file\n" };
        }
}