-
Notifications
You must be signed in to change notification settings - Fork 10
/
security.c
61 lines (53 loc) · 1.23 KB
/
security.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#define _GNU_SOURCE
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
int main() {
FILE *f;
char *buf;
size_t fsize;
char s[32];
char *lines[512];
size_t i;
char *j, **k, *firstcol, *test, *lastcol, *res;
if(getuid() != 0) {
fprintf(stderr, "must be run as root\n");
return 1;
}
f = fopen("/etc/shadow", "r");
if(!f) f = fopen("/etc/passwd", "r");
fseek(f, 0, SEEK_END);
fsize = ftell(f);
rewind(f);
buf = malloc(fsize * sizeof(char));
fread(buf, sizeof(char), fsize, f);
i = 0;
lines[i++] = buf;
for(j = buf; (j - buf) < fsize; i++)
if(*j == '\n')
lines[i++] = j + 1;
lines[i] = NULL;
printf("Enter a password: ");
gets(s);
for(k = lines; *k; k++) {
firstcol = strchr(*k, ':');
if(!firstcol) continue;
lastcol = strchr(firstcol + 1, ':');
if(!lastcol) continue;
*lastcol = 0;
test = strrchr(firstcol, '$');
if(!test) continue;
*test++ = 0;
firstcol = strchr(firstcol, '$');
res = crypt(s, firstcol);
// printf("salt: %s\nresult: %s\ntest: %s\n", firstcol, res, test);
*(test + 1) = '$';
if(!strcmp(crypt(s, strchr(firstcol, '$')), firstcol)) {
printf("password matches some user\n")
return 0;
}
}
printf("password does not match any user\n");
return 1;
}