Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 May 2013, 17:19
All times are UTC - 4

 Forum index » Off-Topic Area » Programming
Check user & password in scripts
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [5 Posts]  
Author Message
goingnuts

Joined: 07 Dec 2008
Posts: 626
PostPosted: Tue 04 Dec 2012, 16:27    Post subject:  Check user & password in scripts  
Checking a match of username and password in a shell program can be tricky. From various sources I have put together below source for a small utility that seems to do the job:
Code:
/* compile with:
 * diet gcc chkpswd.c -Os -s -o check_password -lcrypt
 */
#include <stdlib.h>
#include <stdio.h>
#include <pwd.h>
#include <shadow.h>
#include <string.h>
#include <crypt.h>
#include <unistd.h>
#include <libgen.h>
/* example: ./check_password username password && echo "success" || echo "failure"
 * returns 0 if username and password in /etc/shadow match - 1 if not.   
 */
int check_pass(const char *plainpw, const char *cryptpw) {
    return strcmp(crypt(plainpw,cryptpw), cryptpw) == 0;
}
int main(int argc, char **argv) {
    if (argc != 3) {
       printf("usage:\n\t%s [username] [password]\n", basename(argv[0]));
        return 1;
    }
    if ( ! getuid() == 0) {
       printf("You need to be root\n");
        return 1;
    }
    if ( ! getpwnam(argv[1]) ) {
      printf("No such user %s\n", argv[1]);
      return 1;
   }
   if ( check_pass(argv[2], (getspnam(argv[1]))->sp_pwdp) ) {
      //printf("Seems OK\n");
      return 0;
   } else {
      //printf("NOT OK\n");
      return 1;   
   }
}
check_password.gz
Description  static build of check_password
 gz

 Download 
Filename  check_password.gz 
Filesize  16.73 KB 
Downloaded  111 Time(s) 
Back to top
View user's profile Send private message Visit poster's website 
jamesbond

Joined: 26 Feb 2007
Posts: 1542
Location: The Blue Marble
PostPosted: Tue 04 Dec 2012, 18:38    Post subject:  
Can't resist ... Twisted Evil
Code:
#!/bin/dash
for p in $(cat one-million-words-dictionary); do
    check_password root "$p" && echo "root password is $p" && break
done

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13
Back to top
View user's profile Send private message 
goingnuts

Joined: 07 Dec 2008
Posts: 626
PostPosted: Wed 05 Dec 2012, 00:46    Post subject:  
Quote:
Can't resist ... Twisted Evil

Me neither... Smile

Code:
#!/bin/dash
whoami | grep root && su spot
check_password root woofwoof
Back to top
View user's profile Send private message Visit poster's website 
amigo

Joined: 02 Apr 2007
Posts: 1759
PostPosted: Wed 05 Dec 2012, 05:19    Post subject:  
Couldn't that be done using 'getent'?
Back to top
View user's profile Send private message 
goingnuts

Joined: 07 Dec 2008
Posts: 626
PostPosted: Wed 05 Dec 2012, 15:27    Post subject:  
amigo: Not sure - think 'getent' only lookup the values and cant see how it would validate a given plain text password for a given user...
I use the 'check_password' in script like below:
Code:
#!/bin/sh
echo -n "Enter username:"
read username
echo -n "Enter password:"
read password

check_password $username $password && \
echo "Access granted..." || echo "Access denied..."

as part of a rewrite of mu´s minixdm
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 1 [5 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Programming
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.0520s ][ Queries: 13 (0.0059s) ][ GZIP on ]