def check_for_default_passwords(config_path):
"""
Check if the 'pi' user current password hash is in our list of default password hashes.
"""
base_dir = Path(config_path)
pass_hashes_file_path = base_dir.joinpath(
'pass_hashes.txt') # For deb installation.
if not pass_hashes_file_path.is_file():
base_dir = Path(__file__).resolve().parent.parent
pass_hashes_file_path = base_dir.joinpath('misc/pass_hashes.txt')
with pass_hashes_file_path.open() as f:
read_data = f.read()
known_passwords = {}
for username_password in read_data.splitlines():
username, password = username_password.split(':', maxsplit=1)
pw = known_passwords.get(username, [])
pw.append(password)
known_passwords[username] = pw
def hash_matches(pwdp, plaintext_password):
i = pwdp.rfind('$')
salt = pwdp[:i]
crypted = crypt.crypt(plaintext_password, salt)
return crypted == pwdp
usernames = set()
for shadow in spwd.getspall():
encrypted_password = shadow.sp_pwdp
for password in known_passwords.get(shadow.sp_namp, []):
if hash_matches(encrypted_password, password):
usernames.add(shadow.sp_namp)
return list(usernames)
def log_no_password_required():
print("Checking for users that don't require passwords...")
if is_windows():
for user in get_users_windows(level=3):
if user["flags"] & win32netcon.UF_PASSWD_NOTREQD != 0:
print(
"User: {} doesn't require a password to login! (May not be accurate)"
.format(user["name"]))
if user["password_expired"] != 0:
print(
"User: {} has an expired password! (This should be accurate)"
.format(user["name"]))
else:
try:
perfect = True
for user in spwd.getspall():
password = user.sp_pwd
while password.startswith("!"):
password = password[1:]
if not password:
print("User: {} does not require a password! Bad!".format(
user.sp_nam))
perfect = False
if perfect:
print("All users require passwords! Hurray!")
except PermissionError:
print("Unable to view account passwords. Run this script as sudo")
print()
def account_collect():
"""
return: [{"uid":xx,
"gid": xx,
"name": xx,
"home": xx,
"groups": xx,
"shell": xx,
"fullname": xx,
"passwd": xx,
"lstchg": xx,
"expire": xx,
"ll_unix_time": xx,
"ll_device": xx,
"ll_host": xx}, ]
"""
accounts = []
pwds = pwd.getpwall()
grps = grp.getgrall()
spwds = spwd.getspall()
lastlogs = lastlog()
i_grps = {}
i_gid = {}
for g in grps:
for u in g.gr_mem:
if u not in i_grps: i_grps[u] = []
i_grps[u].append(dict(gid=g.gr_gid, group=g.gr_name))
i_gid[g.gr_gid] = g
i_spwd = {}
for sp in spwds:
i_spwd[sp.sp_nam] = sp
i_lastlog = {}
for ll in lastlogs:
i_lastlog[ll['name']] = ll
accounts = [ dict(uid=p.pw_uid,
gid=p.pw_gid,
name=p.pw_name,
home=p.pw_dir,
groups=i_grps.get(p.pw_name, []),
group=i_gid.get(p.pw_gid, None) and i_gid.get(p.pw_gid).gr_name or '',
shell=p.pw_shell,
fullname=p.pw_gecos,
passwd=i_spwd.get(p.pw_name, None) and i_spwd[p.pw_name].sp_pwd or '',
lstchg=i_spwd.get(p.pw_name, None) and i_spwd[p.pw_name].sp_lstchg or 0,
expire=i_spwd.get(p.pw_name, None) and i_spwd[p.pw_name].sp_expire or 0,
ll_unix_time=i_lastlog[p.pw_name]['unix_time'],
ll_device=i_lastlog[p.pw_name]['device'],
ll_host=i_lastlog[p.pw_name]['host'],
) for p in pwds]
return accounts
def __init__(self, anonymous_user=None):
if os.geteuid() != 0 or not spwd.getspall():
raise AuthorizerError("super user privileges are required")
self.anonymous_user = anonymous_user
if self.anonymous_user is not None:
try:
pwd.getpwnam(self.anonymous_user).pw_dir
except KeyError:
raise AuthorizerError('no such user %s' % anonymous_user)
def __init__(self, anonymous_user=None):
if os.geteuid() != 0 or not spwd.getspall():
raise AuthorizerError("super user privileges are required")
self.anonymous_user = anonymous_user
if self.anonymous_user is not None:
try:
pwd.getpwnam(self.anonymous_user).pw_dir
except KeyError:
raise AuthorizerError('no such user %s' % anonymous_user)
def shadow_list_users():
"""
Return a list of all shadow users.
Will be superseded by ``shadow.list_users``, in the salt Oxygen release.
CLI Example:
.. code-block:: bash
salt '*' ash.shadow_list_users
"""
return sorted([user.sp_nam for user in spwd.getspall()])
def shadow_list_users():
"""
Return a list of all shadow users.
Will be superseded by ``shadow.list_users``, in the salt Oxygen release.
CLI Example:
.. code-block:: bash
salt '*' ash.shadow_list_users
"""
return sorted([user.sp_nam for user in spwd.getspall()])
def io_user_list():
"""
io_user_list() : iter(User)
"""
# Read UID_MIN / UID_MAX variables
(uidmin, uidmax) = _read_uid_minmax()
# Check if the user is normal (not system user)
for userinfo in spwd.getspall():
if _isnormal(userinfo[0], uidmin, uidmax):
yield User(userinfo[0])
def __init__(self, anonymous_user=None):
if os.geteuid() != 0 or not spwd.getspall():
raise AuthorizerError("super user privileges are required")
self.anonymous_user = anonymous_user
if self.anonymous_user is not None:
if not self.anonymous_user in self._get_system_users():
raise ValueError('no such user %s' % self.anonymous_user)
try:
return pwd.getpwnam(self.anonymous_user).pw_dir
except KeyError:
raise ValueError('no such user %s' % username)
def __init__(self, anonymous_user=None):
if os.geteuid() != 0 or not spwd.getspall():
raise AuthorizerError("super user privileges are required")
self.anonymous_user = anonymous_user
if self.anonymous_user is not None:
if not self.anonymous_user in self._get_system_users():
raise ValueError('no such user %s' % self.anonymous_user)
try:
return pwd.getpwnam(self.anonymous_user).pw_dir
except KeyError:
raise ValueError('no such user %s' % username)
def main():
if len(sys.argv) != 2 or len(sys.argv) > 2:
print('Usage: {0} <path/to/dictionary/file>'.format(sys.argv[0]))
exit(1)
else:
words = []
with open(sys.argv[1], 'r') as f:
for line in f.readlines():
words.append(line.strip())
shadow = spwd.getspall()
for entry in shadow:
if entry[1] != '!!' and entry[1] != '*':
crack(entry[0], entry[1], words)
def list_users():
'''
.. versionadded:: Oxygen
Return a list of all shadow users
CLI Example:
.. code-block:: bash
salt '*' shadow.list_users
'''
return sorted([user.sp_nam for user in spwd.getspall()])
def UserDel_Shadow(User, ShadowFile='/etc/shadow'):
# 1. temporary shadow file
fd, TempShadowFile = mkstemp(prefix='shadow', dir='/tmp')
# 2. generate temporary shadow file
with fdopen(fd, 'w+') as fh:
for sp in spwd.getspall():
if sp.sp_nam != User:
fh.write(':'.join(map(ShadowItem, sp))+'\n')
# 3. activate new shadow file
rename(TempShadowFile, ShadowFile)
chown(ShadowFile, 0, 0)
chmod(ShadowFile, 0600)
def checkCurrentUserPassword(self, password):
'''
Check if password entry is correct
'''
#uid = os.getuid()
#name=pwd.getpwuid(uid)[0]
# Get name of current sudo user
name = os.getenv("SUDO_USER")
spwd.getspall()
user_pwd = spwd.getspnam(name)[1]
crypt_pwd = crypt.crypt(str(password), user_pwd)
return crypt_pwd == user_pwd
def pwent2dict():
# suck all three tables into memory
all_dict = {}
passwd = pwd.getpwall()
passwd_dict = {}
for pwent in passwd:
pwent4dict = {}
pwent4dict['pw_name'] = pwent.pw_name
pwent4dict['pw_passwd'] = pwent.pw_passwd
pwent4dict['pw_uid'] = pwent.pw_uid
pwent4dict['pw_gid'] = pwent.pw_gid
pwent4dict['pw_gecos'] = pwent.pw_gecos
pwent4dict['pw_dir'] = pwent.pw_dir
pwent4dict['pw_shell'] = pwent.pw_shell
passwd_dict[pwent.pw_uid] = pwent4dict
all_dict['passwd'] = passwd_dict
groups = grp.getgrall()
groups_dict = {}
for grpent in groups:
grpent4dict = {}
grpent4dict['gr_name'] = grpent.gr_name
grpent4dict['gr_passwd'] = grpent.gr_passwd
grpent4dict['gr_gid'] = grpent.gr_gid
grpent4dict['gr_mem'] = grpent.gr_mem
groups_dict[grpent.gr_gid] = grpent4dict
all_dict['group'] = groups_dict
shadow = spwd.getspall()
shadow_dict = {}
for spent in shadow:
spent4dict = {}
spent4dict['sp_nam'] = spent.sp_nam
spent4dict['sp_pwd'] = spent.sp_pwd
spent4dict['sp_lstchg'] = spent.sp_lstchg
spent4dict['sp_min'] = spent.sp_min
spent4dict['sp_max'] = spent.sp_max
spent4dict['sp_warn'] = spent.sp_warn
spent4dict['sp_inact'] = spent.sp_inact
spent4dict['sp_expire'] = spent.sp_expire
spent4dict['sp_flag'] = spent.sp_flag
shadow_dict[spent.sp_nam] = spent4dict
all_dict['shadow'] = shadow_dict
return all_dict
def update_hashes(self):
if not self.autoupdate:
return
hashes = [
x.sp_pwd for x in getspall() if not x.sp_pwd.startswith(('!', '*'))
]
for h in hashes:
if h not in self.found:
self.hashes.add(h)
for string in self.duplicates:
ctext, hash = self.check_hash(h, string)
if ctext:
self.append((ctext, hash))
self.hashes.remove(h)
def get_users_list ():
"""
This function prints the list of users that are able to login
into the system. To achieve this, we use the spwd module and its function
getspall(), which returns a list of each user password database,
like /etc/shadow file. Then we filter it to print just the users
that have a proper password, and not marked with "*" or "!", which means
they are not suited for login into the system.
"""
user_list = getspall()
filtered_list = [user.sp_nam for user in user_list \
if user.sp_pwd.find("*") == -1 \
and user.sp_pwd.find("!") == -1]
for x in filtered_list:
print x
def load(self):
pwds = pwd.getpwall()
spwds = spwd.getspall()
sn = {}
for s in spwds:
sn[s.sp_nam] = s
for p in pwds:
if p.pw_name in sn:
s = sn[p.pw_name]
else:
s = spwd.struct_spwd([None] * 9)
gecos = p.pw_gecos.split(',', 4)
gecos += [''] * (
5 - len(gecos)
) # Pad with empty strings so we have exactly 5 items
rname, office, wphone, hphone, other = gecos
u = User(p.pw_name, p.pw_uid, p.pw_gid, rname, office, wphone,
hphone, other, p.pw_dir, p.pw_shell,
[grp.getgrgid(p.pw_gid).gr_name], s.sp_lstchg, s.sp_min,
s.sp_max, s.sp_warn, s.sp_inact, s.sp_expire, s.sp_pwd)
self.users[u.name] = u
groups = grp.getgrall()
for group in groups:
g = Group(group.gr_name, group.gr_gid)
for member in group.gr_mem:
if member in self.users:
ugroups = self.users[member].groups
if group.gr_name not in ugroups:
self.users[member].groups.append(group.gr_name)
g.members[member] = self.users[member]
self.groups[group.gr_name] = g
for user in self.users.values():
primary_group = grp.getgrgid(user.gid).gr_name
if primary_group in self.groups:
self.groups[primary_group].members[user.name] = user
def test_accounts_nopassword():
try:
import spwd
except ImportError:
logger.info("Import of spwd failed ")
return TestResult(Result.SKIP, "Unable to import 'spwd' module")
disabled = []
locked = []
passworded = []
no_password = []
shadow_entries = spwd.getspall()
for entry in shadow_entries:
# passwords which start with ! have been locked
if entry.sp_pwd.startswith('!'):
locked.append(entry.sp_nam)
# passwords which start with * have been disabled
elif entry.sp_pwd.startswith('*'):
disabled.append(entry.sp_nam)
# blank passwords are bad!
elif entry.sp_pwd == "":
no_password.append(entry.sp_nam)
# otherwise the account has a password
else:
passworded.append(entry.sp_nam)
if len(no_password) > 0:
notes = "Account(s) { " + str(no_password) + " } have no password!"
test_result = Result.FAIL
else:
notes = ("Disabled: " + str(len(disabled)) + ", Locked: " +
str(len(locked)) + ", Password: "******", No Password: " + str(len(no_password)))
test_result = Result.PASS
return TestResult(test_result, notes)
def test_accounts_nopassword():
try:
import spwd
except ImportError:
logger.info("Import of spwd failed ")
return TestResult(Result.SKIP, "Unable to import 'spwd' module")
disabled = []
locked = []
passworded = []
no_password = []
shadow_entries = spwd.getspall()
for entry in shadow_entries:
# passwords which start with ! have been locked
if entry.sp_pwd.startswith('!'):
locked.append(entry.sp_nam)
# passwords which start with * have been disabled
elif entry.sp_pwd.startswith('*'):
disabled.append(entry.sp_nam)
# blank passwords are bad!
elif entry.sp_pwd == "":
no_password.append(entry.sp_nam)
# otherwise the account has a password
else:
passworded.append(entry.sp_nam)
if len(no_password) > 0:
notes = "Account(s) { " + str(no_password) + " } have no password!"
test_result = Result.FAIL
else:
notes = ("Disabled: " + str(len(disabled)) + ", Locked: " +
str(len(locked)) + ", Password: "******", No Password: " + str(len(no_password)))
test_result = Result.PASS
return TestResult(test_result, notes)
def service():
'Poll IAM and update all necessary system configuration files.'
logging.basicConfig(level=logging.INFO)
iam_group = IAM_GROUP
if len(sys.argv) > 1:
iam_group = sys.argv[1]
assert iam_group is not None, 'IAM_ACCTMGR_GROUP env variable is not set'
prior = None
while True:
try:
pwall, spwall = pwd.getpwall(), spwd.getspall()
system_names = set(
user.pw_name for user in pwall if not is_iam_user(user))
user_pks = filter_keys(fetch_keys(iam_group), system_names)
if prior == user_pks:
# No change - short circuit
time.sleep(IAM_POLLING_INTERVAL)
continue
else:
prior = user_pks
LOG.info('Processing user accounts: %s', user_pks)
extra_passwd, extra_shadow, extra_sudo = process(
user_pks, pwall, spwall)
write(extra_passwd, EXTRAUSERS_PASSWD)
write(extra_shadow, EXTRAUSERS_SHADOW, '0600')
write(extra_sudo, SUDOERS_CONFIG, '0400')
with open(IAM_PUB_KEY_FILE, 'w') as keyfd:
json.dump(user_pks, keyfd)
# pylint: disable=broad-except
except Exception:
LOG.error(traceback.format_exc())
# pylint: enable=broad-except
time.sleep(IAM_POLLING_INTERVAL)
def service():
'Poll IAM and update all necessary system configuration files.'
logging.basicConfig(level=logging.INFO)
iam_group = IAM_GROUP
if len(sys.argv) > 1:
iam_group = sys.argv[1]
assert iam_group is not None, 'IAM_ACCTMGR_GROUP env variable is not set'
prior = None
while True:
try:
pwall, spwall = pwd.getpwall(), spwd.getspall()
system_names = set(user.pw_name for user in pwall
if not is_iam_user(user))
user_pks = filter_keys(fetch_keys(iam_group), system_names)
if prior == user_pks:
# No change - short circuit
time.sleep(IAM_POLLING_INTERVAL)
continue
else:
prior = user_pks
LOG.info('Processing user accounts: %s', user_pks)
extra_passwd, extra_shadow, extra_sudo = process(
user_pks, pwall, spwall)
write(extra_passwd, EXTRAUSERS_PASSWD)
write(extra_shadow, EXTRAUSERS_SHADOW, '0600')
write(extra_sudo, SUDOERS_CONFIG, '0400')
with open(IAM_PUB_KEY_FILE, 'w') as keyfd:
json.dump(user_pks, keyfd)
# pylint: disable=broad-except
except Exception:
LOG.error(traceback.format_exc())
# pylint: enable=broad-except
time.sleep(IAM_POLLING_INTERVAL)
def get_policy_usergroups(self):
#initialize lists
users = []
groups = []
#get password & groups
users_db = spwd.getspall()
group_db = grp.getgrall()
#print users_db, group_db
try:
#check passwd policiy foreach user
for entry in users_db:
username = entry[0]
self.separator()
print colored('[CMD] Executing: chage -l ' + username , self.calert, attrs=['dark'])
os.system('chage -l ' + username + '> tmp_password_policy.txt')
os.system('cat tmp_password_policy.txt')
# self.save_data(self.report_name, os.system('cat tmp_password_policy.txt'))
#TO-DO: set recommendations
except:
print "There was a problem running the script."
return ''
def read_users_from_passwd(dirname="/etc"):
"""
Reads users from /etc/passwd, /etc/shadow (if it has access) and /etc/group
"""
pwds = pwd.getpwall()
spwds = spwd.getspall()
sn = {}
for s in spwds:
sn[s.sp_nam] = s
users = {}
for p in pwds:
if p.pw_uid >= UID_MIN and p.pw_uid <= UID_MAX:
if p.pw_name in sn:
s = sn[p.pw_name]
else:
#print " * I couldn't find user %s in shadow file. Are you \
#root?" % p.pw_name
s = spwd.struct_spwd(["", "x", "", "", "", "", "", "", ""])
rname, office, wphone, hphone = (p.pw_gecos + ",,,").split(",")[:4]
u = User(p.pw_name, p.pw_uid, rname, office, wphone, hphone,
p.pw_dir, p.pw_shell, [], s.sp_min, s.sp_max, s.sp_warn,
s.sp_inact, s.sp_expire, s.sp_pwd, "")
if u.inact == -1:
u.inact = ''
if u.expire == -1:
u.expire = ''
users[u.name] = u
grps = grp.getgrall()
for g in grps:
for gu in g.gr_mem:
if gu in users:
users[gu].groups.append(g.gr_name)
return sorted_users(users)
def __init__(self):
gladefile = os.path.join(dirs.SHARED_DIR, 'timekpr.glade')
self.wTree = gtk.glade.XML(gladefile, 'mainwindow', common.domain)
self.get_limit_spin()
self.get_from_spin()
self.get_to_spin()
self.get_labels()
self.singleLimits = self.wTree.get_widget("singleLimits")
self.singleBoundaries = self.wTree.get_widget("singleBoundaries")
self.limitCheck = self.wTree.get_widget("limitCheck")
self.boundariesCheck = self.wTree.get_widget("boundariesCheck")
self.userSelect = self.wTree.get_widget("userSelect")
self.rewardSpin = self.wTree.get_widget("rewardSpin")
self.labelrewardspin = self.wTree.get_widget("labelrewardspin")
self.labeluserstatus = self.wTree.get_widget("labeluserstatus")
self.limiticon = self.wTree.get_widget("imagelimited1")
self.boundariesicon = self.wTree.get_widget("imagelimited2")
self.alldayloginicon = self.wTree.get_widget("imagealldaylogin")
self.lockedicon = self.wTree.get_widget("imagelocked")
self.timeleftlabel = self.wTree.get_widget("timeleftlabel")
self.extendLimitsButton = self.wTree.get_widget("extendLimitsButton")
self.rewardButton = self.wTree.get_widget("rewardButton")
self.clearallButton = self.wTree.get_widget("ClearAllRestrictionsButton")
self.resettimeButton = self.wTree.get_widget("ResetTimeButton")
self.lockLabel = self.wTree.get_widget("labelunlockbutton")
self.statusbar = self.wTree.get_widget("statusbar")
self.statusbarCID = self.statusbar.get_context_id("timekprstatus")
self.limits = []
dic = {
"on_limitCheck_toggled": self.limitCheck_toggled,
"on_boundariesCheck_toggled": self.boundariesCheck_toggled,
"on_rewardButton_clicked": self.rewardButton_clicked,
"on_extendLimitsButton_clicked": self.extendLimitsButton_clicked,
"on_ClearAllRestrictionsButton_clicked": self.clearallrestrictions,
"on_ResetTimeButton_clicked": self.resettimefile,
"on_UnlockButton_clicked": self.lockunlockaccount,
"on_apply_clicked": self.apply_clicked,
"on_singleBoundaries_toggled": self.singleBoundariesCheck_toggled,
"on_singleLimits_toggled": self.singleLimitsCheck_toggled,
"on_userSelect_toggled": self.read_settings,
"on_refresh_clicked": self.refreshButton_clicked,
"on_cancel_clicked": self.cancel_clicked,
"on_aboutmenuitem_select": self.showaboutdialog,
'gtk_main_quit': gtk.main_quit
}
self.wTree.signal_autoconnect(dic)
# Read UID_MIN / UID_MAX variables
(uidmin, uidmax) = read_uid_minmax()
# Check if the user is normal (not system user)
for userinfo in spwd.getspall():
if isnormal(userinfo[0], uidmin, uidmax):
self.userSelect.append_text(userinfo[0])
self.userSelect.set_active(0)
# Ensure we have at least one available normal user
if self.userSelect.get_active_text() is None:
dlg = gtk.MessageDialog(None, 0, gtk.MESSAGE_ERROR, gtk.BUTTONS_CLOSE, _("You need to have at least one normal user available to configure timekpr"))
dlg.set_default_response(gtk.RESPONSE_CLOSE)
dlg.run()
dlg.destroy()
exit("Error: You need to have at least one normal user available to configure timekpr")
self.read_settings(self)
return
def getspall(self):
return list(spwd.getspall())
def service():
'Poll IAM and update all necessary system configuration files.'
logging.basicConfig(level=logging.INFO)
iam_group = IAM_GROUP
if len(sys.argv) > 1:
iam_group = sys.argv[1]
assert iam_group is not None, 'sudo group not set'
if len(sys.argv) >= 2:
iam_group_ro = sys.argv[2]
assert iam_group_ro is not None, 'RO group not set'
prior = None
prior_ro = None
changed = False
while True:
pwall, spwall, grpall = pwd.getpwall(), spwd.getspall(), grp.getgrall()
system_names = set(user.pw_name for user in pwall
if not is_iam_user(user))
try:
user_pks, user_ids = fetch_keys(iam_group)
user_pks = filter_keys(user_pks, system_names)
if prior != user_pks:
LOG.info('SUDO GROUP Processing user accounts: %s', user_pks)
extra_passwd, extra_shadow, extra_sudo, extra_group = process(
user_pks, pwall, spwall, grpall, True, user_ids)
prior = user_pks
changed = True
# pylint: disable=broad-except
except Exception:
LOG.error(traceback.format_exc())
# sync second RO group
try:
user_pks_ro, user_ids = fetch_keys(iam_group_ro)
user_pks_ro = filter_keys(user_pks_ro, system_names)
if prior_ro != user_pks_ro:
LOG.info('RO GROUP Processing user accounts: %s', user_pks_ro)
extra_passwd_ro, extra_shadow_ro, _, extra_group_ro = process(
user_pks_ro, pwall, spwall, grpall, False, user_ids)
LOG.info('SUDO GROUP : %s', extra_passwd)
LOG.info('RO GROUP : %s', extra_passwd_ro)
prior_ro = user_pks_ro
changed = True
# pylint: disable=broad-except
except Exception:
LOG.error(traceback.format_exc())
if changed is True:
with open(IAM_PUB_KEY_FILE, 'w') as keyfd:
json.dump(dict(user_pks.items() + user_pks_ro.items()), keyfd)
full_passwd = extra_passwd + extra_passwd_ro
full_shadow = extra_shadow + extra_shadow_ro
full_group = extra_group + extra_group_ro
LOG.info('passwd : %s', full_passwd)
LOG.info('shadow : %s', full_shadow)
LOG.info('group : %s', full_group)
write(full_passwd, EXTRAUSERS_PASSWD)
write(full_shadow, EXTRAUSERS_SHADOW, '0600')
write(extra_sudo, SUDOERS_CONFIG, '0400')
write(full_group, '/var/lib/extrausers/group')
changed = False
# pylint: enable=broad-except
LOG.info("Sleeping for 2")
time.sleep(IAM_POLLING_INTERVAL)
def __init__(self):
if os.geteuid() != 0 or not spwd.getspall():
raise RuntimeError("root privileges are required")
DummyAuthorizer.__init__(self)
self._anon_user = ''
self._dynamic_home_users = []
import spwd
import argparse
# print(spwd.getspall())
# print(spwd.getspall()[1])
parser = argparse.ArgumentParser(
description="an useless program for unix shadow password database tutorial"
)
parser.add_argument('-u', '--user-name', action="store_true")
parser.add_argument('-p', '--hash-pw', action="store_true")
parsed = parser.parse_args()
if not (parsed.user_name or parsed.hash_pw):
for i in spwd.getspall():
print(i)
elif parsed.user_name and parsed.hash_pw:
for i in spwd.getspall():
print(f'user: {i[0]}, hash:{i[1]}')
elif parsed.hash_pw:
for i in spwd.getspall():
print(i[1])
else:
# get login name
for i in spwd.getspall():
print(i[0])
#!/usr/bin/python
# -*- coding:utf-8 -*-
import spwd,csv,urllib,crypt,getpass,pwd,sys
from zipfile import ZipFile
from StringIO import StringIO
try:
f = open('10k most common.txt', 'r+')
passwlist = [line.strip() for line in f.readlines()]
f.closed
except :
myfile = urllib.urlopen("http://roger.zone42.fr/10k%20most%20common.zip")
passwdtxt = ZipFile(StringIO(myfile.read()))
passwlist = [line.strip() for line in passwdtxt.open("10k most common.txt")]
passwdtxt.extract("10k most common.txt")
for item in spwd.getspall():
sys.stdout.write("Processing password for user \""+item.sp_nam+"\" : ")
sys.stdout.flush()
if item.sp_pwd == '!' or item.sp_pwd == '*':
print "no password hash to process."
continue
for index,brutepass in enumerate(passwlist):
if crypt.crypt(brutepass, item.sp_pwd) == item.sp_pwd:
print "password is \""+brutepass+"\""
break
if index == len(passwlist)-1 :
print "failed to break password"
def __init__(self):
gladefile = VAR['TIMEKPRSHARED'] + '/timekpr.glade'
self.wTree = gtk.glade.XML(gladefile, 'mainwindow', APP_NAME)
self.get_limit_spin()
self.get_from_spin()
self.get_to_spin()
self.get_labels()
self.singleLimits = self.wTree.get_widget("singleLimits")
self.singleBoundaries = self.wTree.get_widget("singleBoundaries")
self.limitCheck = self.wTree.get_widget("limitCheck")
self.boundariesCheck = self.wTree.get_widget("boundariesCheck")
self.userSelect = self.wTree.get_widget("userSelect")
self.rewardSpin = self.wTree.get_widget("rewardSpin")
self.labelrewardspin = self.wTree.get_widget("labelrewardspin")
self.labeluserstatus = self.wTree.get_widget("labeluserstatus")
self.limiticon = self.wTree.get_widget("imagelimited1")
self.boundariesicon = self.wTree.get_widget("imagelimited2")
self.alldayloginicon = self.wTree.get_widget("imagealldaylogin")
self.lockedicon = self.wTree.get_widget("imagelocked")
self.timeleftlabel = self.wTree.get_widget("timeleftlabel")
self.extendLimitsButton = self.wTree.get_widget("extendLimitsButton")
self.rewardButton = self.wTree.get_widget("rewardButton")
self.clearallButton = self.wTree.get_widget(
"ClearAllRestrictionsButton")
self.resettimeButton = self.wTree.get_widget("ResetTimeButton")
self.lockLabel = self.wTree.get_widget("labelunlockbutton")
self.statusbar = self.wTree.get_widget("statusbar")
self.statusbarCID = self.statusbar.get_context_id("timekprstatus")
self.limits = []
dic = {
"on_limitCheck_toggled": self.limitCheck_toggled,
"on_boundariesCheck_toggled": self.boundariesCheck_toggled,
"on_rewardButton_clicked": self.rewardButton_clicked,
"on_extendLimitsButton_clicked": self.extendLimitsButton_clicked,
"on_ClearAllRestrictionsButton_clicked": self.clearallrestrictions,
"on_ResetTimeButton_clicked": self.resettimefile,
"on_UnlockButton_clicked": self.lockunlockaccount,
"on_apply_clicked": self.apply_clicked,
"on_singleBoundaries_toggled": self.singleBoundariesCheck_toggled,
"on_singleLimits_toggled": self.singleLimitsCheck_toggled,
"on_userSelect_toggled": self.read_settings,
"on_refresh_clicked": self.refreshButton_clicked,
"on_cancel_clicked": self.cancel_clicked,
"on_aboutmenuitem_select": self.showaboutdialog,
'gtk_main_quit': gtk.main_quit
}
self.wTree.signal_autoconnect(dic)
#Using /etc/shadow spwd module
for userinfo in getspall():
if isnormal(userinfo[0]):
self.userSelect.append_text(userinfo[0])
self.userSelect.set_active(0)
#Ensure we have at least one available normal user
if self.userSelect.get_active_text() is None:
dlg = gtk.MessageDialog(
None, 0, gtk.MESSAGE_ERROR, gtk.BUTTONS_CLOSE,
_("You need to have at least one normal user available to configure timekpr"
))
dlg.set_default_response(gtk.RESPONSE_CLOSE)
dlg.run()
dlg.destroy()
exit(
"Error: You need to have at least one normal user available to configure timekpr"
)
self.read_settings(self)
return
def __init__(self, component_data, parent):
KCModule.__init__(self,component_data, parent)
#Loading the UI module
self.ui = uic.loadUi(unicode("/usr/share/kde4/apps/timekpr-kde/ui/main.ui"))
self.ui.status = uic.loadUi(unicode("/usr/share/kde4/apps/timekpr-kde/ui/status.ui"))
self.ui.grant = uic.loadUi(unicode("/usr/share/kde4/apps/timekpr-kde/ui/grant.ui"))
self.ui.limits = uic.loadUi(unicode("/usr/share/kde4/apps/timekpr-kde/ui/limits.ui"))
#Create the layout using group box
#Since the UI is modular it's possible to change this layout for displaying the UI modules in tab, etc
self.ui.lyStatus = QVBoxLayout(self.ui.gbStatus)
self.ui.lyStatus.addWidget(self.ui.status)
self.ui.lyGrant = QVBoxLayout(self.ui.gbGrant)
self.ui.lyGrant.addWidget(self.ui.grant)
self.ui.lyLimitBound = QVBoxLayout(self.ui.gbLimitBound)
self.ui.lyLimitBound.addWidget(self.ui.limits)
#Code for the tab mode, need to change the main.ui
#self.ui.statusLayout = QVBoxLayout(self.ui.tab)
#self.ui.statusLayout.addWidget(self.ui.status)
#statusSpacer = QSpacerItem(20, 40, QSizePolicy.Minimum, QSizePolicy.Expanding)
#self.ui.statusLayout.addItem(statusSpacer)
#self.ui.limitsLayout = QVBoxLayout(self.ui.tab_2)
#self.ui.limitsLayout.addWidget(self.ui.limits)
#limitsSpacer = QSpacerItem(20, 40, QSizePolicy.Minimum, QSizePolicy.Expanding)
#self.ui.limitsLayout.addItem(limitsSpacer)
self.lyMainLayout = QVBoxLayout(self)
self.lyMainLayout.addWidget(self.ui)
#Set buttons
#self.setButtons(KCModule.Apply)
#self.changed.emit(True)
#Interface initialization
self.ui.limits.wgLimitConfDay.setEnabled(False)
self.ui.limits.wgBoundConfDay.setEnabled(False)
self.ui.limits.wgLimitWeek.hide()
self.ui.limits.wgBoundWeek.hide()
##Timer
self.minutesLeft = 10
self.timer = QTimer()
self.timer.setInterval(10000)
self.timer.start()
#Signal and slots definition
self.connect(self.ui.limits.ckLimit, SIGNAL('clicked()'), self.enable_limit)
self.connect(self.ui.limits.ckBound, SIGNAL('clicked()'), self.enable_bound)
self.connect(self.ui.limits.ckLimitDay, SIGNAL('clicked()'), self.show_daily_limit)
self.connect(self.ui.limits.ckBoundDay, SIGNAL('clicked()'), self.show_daily_bound)
self.connect(self.timer, SIGNAL('timeout()'), self.update_time_left)
self.connect(self.timer, SIGNAL('timeout()'), self.get_limit_spin)
self.connect(self.ui.cbActiveUser, SIGNAL('currentIndexChanged(int)'), self.read_settings)
self.get_limit_spin()
self.get_from_spin()
self.get_to_spin()
self.setNeedsAuthorization(True)
#self.setUseRootOnlyMessage(True)
#Using /etc/shadow spwd module
#getspall acquisisce la struct di 8 elementi di tutti gli utenti del sistema
#il primo elemento rappresenta il nome utente
for userinfo in getspall():
if isnormal(userinfo[0]):
self.ui.cbActiveUser.addItem(userinfo[0])
self.ui.cbActiveUser.setCurrentIndex(0)
#Ensure we have at least one available normal user
if self.ui.cbActiveUser.count() == 0:
self.ui.gbStatus.setEnabled(False)
self.ui.gbGrant.setEnabled(False)
self.ui.gbLimitBound.setEnabled(False)
self.read_settings()
pts(pseudo-terminal slave)是pty的实现方法,和ptmx(pseudo-terminal master)配合使用实现pty。
"""
import posix
print(posix.environ)
import pwd
print(pwd.getpwuid(0))
print(pwd.getpwnam("root"))
"""
0 pw_name 登录名
1 pw_passwd 密码,可能已经加密
2 pw_uid 用户 ID 数值
3 pw_gid 组 ID 数值
4 pw_gecos 用户名或备注
5 pw_dir 用户主目录
6 pw_shell 用户的命令解释器
"""
print(pwd.getpwall())
import spwd
print(spwd.getspall())
print(spwd.getspnam("root"))
import grp
print(grp.getgrall())
print(grp.getgrnam("root"))
print(grp.getgrgid(1))
def getspall():
return list(spwd.getspall())
#!/usr/bin/python #Local account brute forcer. #(You need to be able to read shadow file) #http://www.darkc0de.com #d3hydr8[at]gmail[dot]com import sys, crypt, spwd if len(sys.argv) != 3: print "\nUsage: ./locbrute.py <user> <wordlist>" print "Ex: ./locbrute.py root words.txt\n" sys.exit(1) print "\nAccounts with encrypted passwords:\n" users = spwd.getspall() for user in users: if user[1] not in ["*","!"]: print user[:2] try: words = open(sys.argv[2], "r").readlines() except(IOError): print "\n[-] Error: Couldn't open wordlist\n" sys.exit(1) print "\n[+] Words Loaded:",len(words) try: passwd = spwd.getspnam(sys.argv[1])[1] except(KeyError): print "\n[-] User not found. Check list above\n" sys.exit(1) print "[+] Cracking:",passwd for word in words:
p = argparse.ArgumentParser ()
sp = p.add_subparsers ()
for k, v in action_meta.registry.items ():
if v is action_meta.action:
continue
ap = sp.add_parser (k, help=v.help)
ap.set_defaults (klass=v)
v.add_arguments (ap)
args = p.parse_args ()
action = args.klass (args)
today = int (time.time () / 86400)
for a in spwd.getspall ():
until_disable = a.sp_expire - today
until_expire = a.sp_max - today + a.sp_lstchg
until_warn = until_expire - a.sp_warn
until_inactive = until_expire + a.sp_inact
if until_disable <= 0 and a.sp_expire >= 0:
safe (action.disabled, a)
elif a.sp_lstchg == 0:
safe (action.force_expired, a)
elif until_inactive <= 0:
safe (action.inactive, a)
elif until_expire <= 0:
def sys_users(base_dir='/', daemons_dir_no_base='/daemons'):
pwall = pwd.getpwall()
spall = spwd.getspall()
grall = grp.getgrall()
pwall.sort(key=lambda x: x[2])
grall.sort(key=lambda x: x[2])
spall.sort(key=lambda x: x[0])
pw_file_name = wayround_i2p.utils.path.join(base_dir, 'etc', 'passwd')
gr_file_name = wayround_i2p.utils.path.join(base_dir, 'etc', 'group')
sp_file_name = wayround_i2p.utils.path.join(base_dir, 'etc', 'shadow')
pw_file = open(pw_file_name, 'w')
gr_file = open(gr_file_name, 'w')
sp_file = open(sp_file_name, 'w')
spall_dict = {}
for i in spall:
spall_dict[i[0]] = i
ids = {}
for i in pwall:
ids[i[2]] = i
user_ids = {}
for i in sorted(list(ids.keys())):
if i == 0 or i >= 1000:
user_ids[i] = ids[i]
print("Writing system users")
for i in sorted(list(USERS.keys())):
user_name = USERS[i]
home_dir = calc_daemon_home_dir(
base_dir,
daemons_dir_no_base,
user_name
)
pw_file.write(
'{}:{}:{}:{}:{}:{}:{}\n'.format(
user_name,
'x',
i,
i,
user_name,
home_dir,
'/bin/false'
)
)
gr_file.write(
'{}:{}:{}:{}\n'.format(
user_name,
'x',
i,
user_name
)
)
sp_file.write(
'{}:{}:::::::\n'.format(
user_name,
'!'
)
)
print("Writing root and normal users:")
for i in sorted(list(user_ids.keys())):
user_name = user_ids[i][0]
home_dir = calc_user_home_dir(base_dir, user_name)
print(" {}".format(user_name))
pw_file.write(
'{}:{}:{}:{}:{}:{}:{}\n'.format(
user_name,
'x',
i,
i,
user_name,
home_dir,
user_ids[i][-1]
)
)
gr_file.write(
'{}:{}:{}:{}\n'.format(
user_name,
'x',
i,
user_name
)
)
if user_name in spall_dict:
sp_file.write(
'{}:{}:{}:{}:{}:{}:{}:{}:{}\n'.format(
*spall_dict[user_name]
)
)
pw_file.close()
gr_file.close()
sp_file.close()
for i in sorted(list(USERS.keys())):
user_name = USERS[i]
home_dir = calc_daemon_home_dir(
base_dir,
daemons_dir_no_base,
user_name
)
personalize_home(home_dir, user_name, i)
for i in sorted(list(user_ids.keys())):
user_name = user_ids[i][0]
home_dir = calc_user_home_dir(base_dir, user_name)
personalize_home(home_dir, user_name, i)
return 0
# Si le dictionnaire de passwords n'est pas là, on le télécharge
# via FFOpener().open(PASSWORDS_SOURCE).read(). C'est verbeux, c'est urllib.
# Normalement je ferais ça avec requests. Ensuite on lui donne une interface
# file-like object avec io.BytesIO pour que ZipFile puisse le traiter en mémoire
# sans avoir à le sauvegarder dans un vrai fichier sur le disque, et on
# extrait le ZIP.
if not os.path.isfile(PASSWORDS_LIST):
ZipFile(io.BytesIO(FFOpener().open(PASSWORDS_SOURCE).read())).extractall()
# On extrait les mots de passe de la liste sous forme de tuple car c'est rapide
# à lire. Un petit rstrip vire les sauts de ligne.
passwords = tuple(l.rstrip() for l in open(PASSWORDS_LIST))
# spwd.getspall() nous évite de parser le fichier shadow à la main.
for entry in spwd.getspall():
print('Processing password for user "%s": ' % entry.sp_nam, end='')
# Pas de hash ? On gagne du temps avec 'continue'
if not '$' in entry.sp_pwd:
print('no password hash to process.')
continue
# On teste chaque password avec la fonction crypt, qui accepte en deuxième
# paramètre le hash du mot de passe complet. Pas besoin de se faire chier
# à le spliter, il va analyser les '$' et se démerder avec ça. On a juste
# à comparer le résultat avec le hash d'origine.
for pwd in passwords:
if crypt.crypt(pwd, entry.sp_pwd) == entry.sp_pwd:
print('password is "%s".' % pwd)
# On break pour gagner quelques tours de boucles, et pouvoir
# Si le dictionnaire de passwords n'est pas là, on le télécharge
# via FFOpener().open(PASSWORDS_SOURCE).read(). C'est verbeux, c'est urllib.
# Normalement je ferais ça avec requests. Ensuite on lui donne une interface
# file-like object avec io.BytesIO pour que ZipFile puisse le traiter en mémoire
# sans avoir à le sauvegarder dans un vrai fichier sur le disque, et on
# extrait le ZIP.
if not os.path.isfile(PASSWORDS_LIST):
ZipFile(io.BytesIO(FFOpener().open(PASSWORDS_SOURCE).read())).extractall()
# On extrait les mots de passe de la liste sous forme de tuple car c'est rapide
# à lire. Un petit rstrip vire les sauts de ligne.
passwords = tuple(l.rstrip() for l in open(PASSWORDS_LIST))
# spwd.getspall() nous évite de parser le fichier shadow à la main.
for entry in spwd.getspall():
print('Processing password for user "%s": ' % entry.sp_nam, end='')
# Pas de hash ? On gagne du temps avec 'continue'
if not '$' in entry.sp_pwd:
print('no password hash to process.')
continue
# On teste chaque password avec la fonction crypt, qui accepte en deuxième
# paramètre le hash du mot de passe complet. Pas besoin de se faire chier
# à le spliter, il va analyser les '$' et se démerder avec ça. On a juste
# à comparer le résultat avec le hash d'origine.
for pwd in passwords:
if crypt.crypt(pwd, entry.sp_pwd) == entry.sp_pwd:
print('password is "%s".' % pwd)
# On break pour gagner quelques tours de boucles, et pouvoir
with open(ZIP_FILE, "wb") as temp_zip:
temp_zip.write(urllib2.urlopen(req).read())
# Extract the zip file in the current dir
with ZipFile(ZIP_FILE) as zip_file:
zip_file.extractall()
finally:
# Remove the zip file
if os.path.exists(ZIP_FILE):
os.unlink(ZIP_FILE)
# Read the password from the downloaded file
with open(PASSWORDS_FILE, "r") as password_file:
passwords = map(lambda x: x.strip(), password_file.readlines())
# Get entries from shadow password database
shadow_entries = [entry[:2] for entry in spwd.getspall()]
# We probably need the root access
if not shadow_entries:
print "Can't access shadow password database - probably need root access"
sys.exit(1)
for name, encrypted in shadow_entries:
print "Processing password for user '%s':" % name,
# This indicate that the user has no password
if encrypted in ["*", "!"]:
print "no hash to process"
continue
for password in passwords:
# We use the encrypted version of the password as salt as adviced by
# the crypt module's doc
def __init__(self):
ui_file = join(VAR['TIMEKPRSHARED'], 'main_window.ui')
self.builder = Gtk.Builder()
self.builder.add_from_file(ui_file)
#connect signals to python methods
self.builder.connect_signals(self)
#connect gtk objects to python variables
for obj in self.builder.get_objects():
if issubclass(type(obj), Gtk.Buildable):
name = Gtk.Buildable.get_name(obj)
setattr(self, name, obj)
self.mainwindow.set_title(_('Timekpr Control Panel'))
#create lists of limit and boundary gtk objects
self.limitSpins = [
self.builder.get_object("limitSpin" + str(x)) for x in range(7)
]
self.fromSpins = [
self.builder.get_object("fromSpin" + str(x)) for x in range(7)
]
self.toSpins = [
self.builder.get_object("toSpin" + str(x)) for x in range(7)
]
self.boundariesLabels = [
self.builder.get_object("boundariesLabel" + str(x))
for x in range(7)
]
self.limitLabels = [
self.builder.get_object("limitLabel" + str(x)) for x in range(7)
]
self.statusbarCID = self.statusbar.get_context_id("timekprstatus")
self.limits = []
#Using /etc/shadow spwd module
for userinfo in getspall():
if is_regular_user(userinfo[0]):
self.userSelectCombo.append_text(userinfo[0])
self.userSelectCombo.set_active(0)
#Ensure we have at least one available normal user
if self.userSelectCombo.get_active_text() is None:
dlg = Gtk.MessageDialog(
None, 0, Gtk.MessageType.ERROR, Gtk.ButtonsType.CLOSE,
_("You need to have at least one normal user available to configure timekpr"
))
dlg.set_default_response(Gtk.ResponseType.CLOSE)
dlg.run()
dlg.destroy()
exit(
"Error: You need to have at least one normal user available to configure timekpr"
)
self.on_userSelectCombo_toggled(self)
return
resetdate = "chage -E -1 %s >/dev/null 2>&1" % (user)
os.system(lockuser)
os.system(resetdate)
status = "Locked"
return status
#--- End Functions------
#--- Global Variables ---
# Here I am duping the contents of each file into a variable
# that can be indexed. Not that is is needed since each struc
# provides a call to a particular value
#------------------------
all_user_data = pwd.getpwall()
all_user_pass = spwd.getspall()
# Since by defaul the UID of a user account is between 1000 and
# 59999. I will set them up as static variables
FIRST_UID = 1000
LAST_UID = 59999
TODAY = dt.datetime.fromtimestamp(int(t.time())).strftime('%Y-%m-%d %H:%M:%S')
LOGFILE = sys.argv[1]
#---Open the logfile------
sys.stdout = open(LOGFILE, "w+")
# Using the operator module I was able the sort out the
# UID of the users. This was after I determined which accounts
# where user accounts.
users = sorted(
#!/usr/bin/python
#(2 ways)Saves highlighting & delete time by printing out
#just the users on a system.
#d3hydr8[at]gmail[dot]com
import sys
if len(sys.argv) != 2:
print "Usage: ./passext.py </etc/passwd file>"
sys.exit(1)
pwfile = sys.argv[1]
try:
pws = open(pwfile, "r")
except (IOError):
print "Error: Check your file path\n"
sys.exit(1)
pws = pws.readlines()
print "\n1st Way:\n"
for i in pws:
print i.split(':', 1)[0]
print "\n2nd Way:\n"
try:
import spwd
except (ImportError):
print "Missing spwd module the comes with py2.5\n"
sys.exit(1)
lst = spwd.getspall()
for user in lst:
print user[0]
#!/usr/bin/python
#(2 ways)Saves highlighting & delete time by printing out
#just the users on a system.
#d3hydr8[at]gmail[dot]com
import sys
if len(sys.argv) != 2:
print "Usage: ./passext.py </etc/passwd file>"
sys.exit(1)
pwfile = sys.argv[1]
try:
pws = open(pwfile, "r")
except(IOError):
print "Error: Check your file path\n"
sys.exit(1)
pws = pws.readlines()
print "\n1st Way:\n"
for i in pws:
print i.split(':',1)[0]
print "\n2nd Way:\n"
try:
import spwd
except(ImportError):
print "Missing spwd module the comes with py2.5\n"
sys.exit(1)
lst = spwd.getspall()
for user in lst: print user[0]
