Created
April 30, 2014 16:50
-
-
Save vtols/a7edc00b9679d7bcb739 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
#include <sys/types.h> | |
#include <pwd.h> | |
#include <shadow.h> | |
#include <crypt.h> | |
#include <unistd.h> | |
#include <stdlib.h> | |
#include <termios.h> | |
struct passwd *auth_sys_user(const char*username, const char *password); | |
int echo_set(int fd, int flag); | |
int main(int argc, char *argv[]) | |
{ | |
char user[80], pass[80]; | |
struct passwd *pw; | |
if (setuid(0) == -1) { | |
printf("Can't get root access\n" | |
"Probably you need to set SUID:\n" | |
" # chown root:root %s\n" | |
" # chmod u+s %s\n", | |
argv[0], argv[0]); | |
exit(-1); | |
} | |
while (1) { | |
printf("User: "); | |
gets(user); | |
printf("Password: "); | |
echo_set(STDIN_FILENO, 0); | |
gets(pass); | |
echo_set(STDIN_FILENO, 1); | |
putchar('\n'); | |
pw = auth_sys_user(user, pass); | |
memset(pass, 0, 80); | |
if (pw) { | |
printf("Auth OK: uid %d\n", pw->pw_uid); | |
break; | |
} else { | |
printf("Auth FAIL\n"); | |
sleep(2); | |
putchar('\n'); | |
} | |
} | |
setuid(pw->pw_uid); | |
char *bash_argv[] = { "/bin/bash", NULL }; | |
execvp("/bin/bash", bash_argv); | |
return 0; | |
} | |
struct passwd *auth_sys_user(const char *username, | |
const char *password) { | |
struct passwd *pw; | |
struct spwd *sp; | |
char *encrypted, *correct; | |
/* Cheack user existance */ | |
pw = getpwnam(username); | |
endpwent(); | |
if (!pw) | |
return NULL; | |
/* Get shadow entry */ | |
sp = getspnam(pw->pw_name); | |
endspent(); | |
/* Encrypt password */ | |
correct = sp ? sp->sp_pwdp : pw->pw_passwd; | |
encrypted = crypt(password, correct); | |
/* Compare with correct password */ | |
return strcmp(encrypted, correct) ? NULL : pw; | |
} | |
int echo_set(int fd, int flag) | |
{ | |
struct termios ts; | |
/* Get terminal attributes */ | |
if (tcgetattr(fd, &ts) != 0) | |
return -1; | |
/* Set/unset echo flag */ | |
if (flag) | |
ts.c_lflag |= ECHO; | |
else | |
ts.c_lflag &= ~ECHO; | |
/* Set modified attributes */ | |
if (tcsetattr(fd, TCSAFLUSH, &ts) != 0) | |
return -1; | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment