API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 30th, 2016
149
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.66 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. # -*- coding: utf-8 -*-
  3. '''Trouve les users avec un password en MD5 et tente la récupération par dictionnaire'''
  4. __author__ = u'DELGEHIER Cedric'
  5. __email__ = u'cedric.delgehier@worldline.com'
  6. __maintainer__ = u'DELGEHIER Cedric'
  7. __date__ = u'20160326'
  8. __version__ = u'0.1'
  9.  
  10. # check : authconfig --test|grep -B2 hashing
  11.  
  12. #1 = MD5 hashing algorithm.
  13. #2 = Blowfish Algorithm is in use.
  14. #2a = eksblowfish Algorithm
  15. #5 = SHA-256 Algorithm
  16. #6 = SHA-512 Algorithm
  17.  
  18. from crypt import crypt
  19.  
  20. debug = False
  21.  
  22. def testByDico (user, passwd):
  23. '''
  24. Compare le mot de passe crypté trouvé dans le shadow a une liste de mots
  25.  
  26. :param user: le user trouvé dans le shadow
  27. :param passwd: le champ password du shadow
  28. :return:
  29. '''
  30. if debug:
  31. print '\ttest by dico for {} pass'.format(user, passwd)
  32. try:
  33. algo, salt, encrypted = passwd.split("$")[1], passwd.split("$")[2], passwd.split("$")[3]
  34. algo_salt = '$' + algo + '$' + salt + '$'
  35. except IndexError as e:
  36. return
  37.  
  38. #MD5 only
  39. if algo == '1':
  40. with open ('./rockyou.txt', 'r') as dico:
  41. if debug:
  42. print '\tdico open'
  43. print 'Search the {} password'.format(user)
  44. for password in dico.readlines():
  45. password = password.strip('\n')
  46. password_crypt = crypt(password, algo_salt)
  47.  
  48. if password_crypt == passwd:
  49. print '\033[1;32m{} password found : {}\033[1;m'.format(user, password)
  50. return
  51. print '\t\033[1;31m{} password not found :s\033[1;m'.format(user)
  52.  
  53.  
  54. if __name__ == '__main__':
  55. with open('./shadow','r') as s:
  56. if debug:
  57. print 'shadow open'
  58. for line in s.readlines():
  59. line = line.replace('\n','').split(':')
  60. #if not any(c in line[1] for c in ['*', '!', '#']):
  61. if line.__len__() > 1 and not line[0].startswith('#') and line[1] not in ['*', '!', 'x']:
  62. user = line[0]
  63. passwd = line[1]
  64. testByDico (user, passwd)
  65.  
  66.  
  67. # Correction du systeme
  68. # $ authconfig --passalgo=sha512 --update
  69.  
  70. # création d'un shadow à partir du passwd et optionnellement d'un shadow existant. (suppression des passwords inutiles)
  71. # $ pwconv
  72.  
  73. # reattribution d'un mot de passe dans cet algo pour tous les users
  74. # $ for u in $(awk -F: '{if ( $1 != "root" && $2 ~ /^!?[[:alnum:]\.\/\$]/ ) print $1}' /etc/shadow); do passwd --stdin $u <<<$u; done
  75.  
  76. # force les users a changer leur password lors du prochain login
  77. # $ for u in $(awk -F: '{if ( $1 != "root" && $2 ~ /^!?[[:alnum:]\.\/\$]/ ) print $1}' /etc/shadow); do chage -d0 $u; done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!