Quick little script to rattle through a sudoers file and make recommendations

sudocheck.pl

#! /usr/bin/perl -w
# EDW
# Quick little script to rattle through a sudoers file and make recommendations

if ($^O eq "MSWin32") { print "Windows....really....use *nix\n"; exit; }

$file = "/etc/sudoers";
$line="\="x50;

if ($#ARGV != 0) { 
 print "No paramater file supplied......"; sleep (2);
 print "using ",$file,"\n"; sleep (5);
 $ARGV[0] = $file;
}

open (SUDO, "$ARGV[0]") || die ("Couldnt open $ARGV[0]\n"); @sudo=<SUDO>;
system ("clear");

print "\nAnalysis of $ARGV[0] starting.....\n\n";
sleep(1); #keep the suspense going....
print "$line\nThe Following Issues Have Been Identified:\n$line\n";

$n = 0;
foreach (@sudo) {
chomp();
  $n++;
  next if /^#/;
  print "[+] ($n) Roots Settings - $_\n" if $_ =~ /root/i;
  print "[+] ($n) Use of NOPASSWD - $_ \n" if $_ =~ /NOPASSWD/i;
  print "[+] ($n) USER_ALIAS Defined - $_ \n" if $_ =~ /USER_ALIAS/i;
  print "[+] ($n) Cmnd_Alias Defined - $_ \n" if $_ =~ /Cmnd_Alias/i;
  print "[+] ($n) System Groups Defined - $_ \n" if $_ =~ /^\%/i;
}

print"$line\nAdvanced Checks (Common/Security Defaults)\n$line\n";
@list = ("passprompt","badpass_message","passwd_tries","pssswd_timeout","timestamp_timeout","syslog","logfile","lecture","insults","mail_always","root_sudo");

foreach $item (@list) {
  @AU=grep(/$item/i, @sudo);
  if ($#AU eq -1) {
    print "[+] No $item Defined\n";
  } else {
    print "[-] $item Defined:\n\t- @AU";
}}

chomp ($d = `date +%H:%M:%S`);
print "$line\nFinished at $d - Diolch SLM!\n$line\n";