-
Notifications
You must be signed in to change notification settings - Fork 10
John
pyllyukko edited this page Nov 12, 2024
·
2 revisions
The idea behind Debian's cronjob (see the README) is great, but the script has few flaws in it.
First of all, it leaves unshadowed copy around, as the TMPFILE created in john_start() isn't removed in john_stop(). The john_start() removes older copies with L133, but the one file after the last start always remains.
The script contains some hints why it is so, but it doesn't seem to work this way:
# $TMPFILE is the file with the temporary passwords unshadowed. It
# will be passed to john if this is not a restore session. $PASSFILE is
# the same. The difference is that we may set $TMPFILE to "" in the case
# of a restore session, but $PASSFILE is kept so we can use the mailer
# later.
The script doesn't seem to notify about weak passwords (call John's mailer) unless the restore functionality is used:
if [ ! -z "$RESTOREFILE" -a -f "$RESTOREFILE" ] ; then
# But use the latest shadow file
TMPFILE=`mktemp $PASSFILE.XXXXXX` || exit 1
chmod og-rwx $TMPFILE
if [ -n "$SHADOW" -a -f "$SHADOW" ]; then
$JOHNDIR/unshadow $PASSWD $SHADOW >> $TMPFILE
else
cat $PASSWD >> $TMPFILE
fi
# Move to the directory where john.pot resides
OUTPUT=`$JOHNDIR/mailer $TMPFILE 2>&1`
# Mailer mails to root if there is something relevant
# this could be done by configuring john-mail.msg too..
if [ -n "$OUTPUT" ]; then
echo $OUTPUT
fi
rm -f $TMPFILE
fi
mailer isn't called anywhere else in the script.