password tester

1. #!/usr/bin/env node
2.  
3. var user = 'mc';
4. var password = 'password';
5.  
6. var async = require('async');
7. var hash = require('sha512crypt-node');
8. var fs = require('fs');
9.  
10. function etc_shadow(user, plaintext, inner_callback) {
11.   // return true if error, false if auth failed, string for user if successful
12.   var passwd = require('etc-passwd');
13.  
14.   fs.stat('/etc/shadow', function(err, stat_info) {
15.     if (err)
16.       inner_callback(true);
17.     else {
18.       passwd.getShadow({username: user}, function(err, shadow_info) {
19.         if (shadow_info && shadow_info.password == '!')
20.           inner_callback(false);
21.         else if (shadow_info) {
22.           var password_parts = shadow_info['password'].split(/\$/);
23.           var salt = password_parts[2];
24.           var new_hash = hash.sha512crypt(plaintext, salt);
25.  
26.           var passed = (new_hash == shadow_info['password'] ? user : false);
27.           inner_callback(passed);
28.         } else {
29.           inner_callback(true);
30.         }
31.       })
32.     }
33.   })
34. }
35.  
36. function posix(user, plaintext,inner_callback) {
37.   // return true if error, false if auth failed, string for user if successful
38.   try {
39.     var crypt = require('apache-crypt');
40.     var posix = require('posix');
41.   } catch (e) {
42.     inner_callback(true);
43.     return;
44.   }
45.  
46.   try {
47.     var user_data = posix.getpwnam(user);
48.     if (crypt(plaintext, user_data.passwd) == user_data.passwd)
49.       inner_callback(user);
50.     else if (user_data) {
51.       // the crypt hash method fails on FreeNAS so try the sha512
52.       var password_parts = user_data.passwd.split(/\$/);
53.       var salt = password_parts[2];
54.       var new_hash = hash.sha512crypt(plaintext, salt);
55.  
56.       var passed = (new_hash == user_data.passwd ? user : false);
57.       inner_callback(passed);
58.         } else
59.       inner_callback(false);
60.   } catch (e) {
61.     inner_callback(true);
62.   }
63. }
64.  
65. function pam(user, plaintext, inner_callback) {
66.   // return true if error, false if auth failed, string for user if successful
67.   try {
68.     var pam = require('authenticate-pam');
69.   } catch (e) {
70.     inner_callback(true);
71.     return;
72.   }
73.  
74.   pam.authenticate(user, plaintext, function(err) {
75.     if (err)
76.       inner_callback(false);
77.     else
78.       inner_callback(user);
79.   })
80. }
81.  
82. async.series([
83.   function(cb) {
84.     etc_shadow(user, password, function(retval) {
85.       console.log('testing etc_shadow');
86.       console.log('expected value: ' + user);
87.       console.log('returned value: ' + retval);
88.       console.log();
89.       cb();
90.     })
91.   },
92.   function(cb) {
93.     posix(user, password, function(retval) {
94.       console.log('testing posix');
95.       console.log('expected value: ' + user);
96.       console.log('returned value: ' + retval);
97.       console.log();
98.       cb();
99.     })
100.   },
101.   function(cb) {
102.     pam(user, password, function(retval) {
103.       console.log('testing pam');
104.       console.log('expected value: ' + user);
105.       console.log('returned value: ' + retval);
106.       console.log();
107.       cb();
108.     })
109.   }
110. ],
111. function(err) {})