|
Home > Archive > Unix Programming > April 2006 > feeding passwd a username/passwd combo
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
feeding passwd a username/passwd combo
|
|
| Name goes here 2006-04-11, 9:59 am |
| Hi.
I'm not a frequent unix programmer so my code is a bit week. Essentialy I'm
trying to feed /bin/passwd an account name and password combination and have
passwd do its work. I try to detach from the controlling tty, feed passwd
the username / password combo etc.. but when I run this code, it still
prompts for a passwd. What am I doing wrong? Below is the code: BTW, solaris
10.
#include <stdio.h>
#include <fcntl.h>
#include <stdlib.h>
#include <sys/ioctl.h>
#include <pwd.h>
#include <errno.h>
#include <unistd.h>
#include <string.h>
#include <termios.h>
#define PASSWD "/usr/bin/passwd"
#define LENGTH 1024
int ChangePass(char *passwd_binary, char *user, char *pwd);
int main( int argc, char **argv)
{
int fd;
char name[LENGTH];
char newpw[LENGTH];
if (geteuid() != 0) {
fprintf(stderr, "program must be suid root, exiting...\n");
exit(1);
}
if (argc < 3) {
fprintf(stderr, "usage: %s: username password\n",argv[0]);
exit(1);
}
strncpy(name,argv[1],9);
if (isatty(0)) {
fprintf(stdout, "before strncpy newpw\n");
strncpy(newpw, argv[2], 9);
fprintf(stdout, "after strncpy newpw\n");
} else {
/* noninteractive, so .... */
fprintf(stdout, "in noneinteractive\n");
if (read(0, newpw, LENGTH) <= 0) {
fprintf(stderr, "Failed getting new password, exiting...\n");
exit(1);
}
}
/* Lose controlling tty */
if ((fd = open("/dev/tty", O_RDWR)) >= 0)
{
ioctl(fd, TIOCNOTTY,0);
close(fd);
}
if (isatty(0))
if ( ! ChangePass(PASSWD,name,newpw))
exit(1);
if (isatty(0))
fprintf(stdout, "\tSuccessfully changed Unix password.\n");
exit(0);
}
int ChangePass(char *passwd_binary, char *user, char *pwd)
{
char cmd[LENGTH];
FILE *cmd_pipe;
int cmd_status;
strncpy(cmd, passwd_binary, LENGTH);
strncat(cmd, " ", LENGTH - 1);
strncat(cmd, user, LENGTH - strlen(cmd));
fprintf(stdout, "debug cmd = %s\n", cmd);
sleep(2);
if ((cmd_pipe = popen(cmd, "w")) == NULL) {
fprintf(stdout, "Failed to open pipe to '%s', exiting...\n", cmd);
return 1;
}
sleep(3);
fprintf(cmd_pipe, "%s\n", pwd);
fflush(cmd_pipe);
sleep(2);
fprintf(cmd_pipe, "%s\n", pwd);
fflush(cmd_pipe);
sleep(2);
if ((cmd_status = pclose(cmd_pipe)) != 0) {
fprintf(stdout, "%s failed with code %d, exiting...\n",cmd, cmd_status);
return 1;
}
return 1;
}
| |
| Fletcher Glenn 2006-04-11, 9:59 am |
| Name goes here wrote:
> Hi.
>
> I'm not a frequent unix programmer so my code is a bit week. Essentialy I'm
> trying to feed /bin/passwd an account name and password combination and have
> passwd do its work. I try to detach from the controlling tty, feed passwd
> the username / password combo etc.. but when I run this code, it still
> prompts for a passwd. What am I doing wrong? Below is the code: BTW, solaris
> 10.
>
> #include <stdio.h>
> #include <fcntl.h>
> #include <stdlib.h>
> #include <sys/ioctl.h>
> #include <pwd.h>
> #include <errno.h>
> #include <unistd.h>
> #include <string.h>
> #include <termios.h>
>
> #define PASSWD "/usr/bin/passwd"
> #define LENGTH 1024
>
> int ChangePass(char *passwd_binary, char *user, char *pwd);
>
> int main( int argc, char **argv)
> {
> int fd;
> char name[LENGTH];
> char newpw[LENGTH];
>
> if (geteuid() != 0) {
> fprintf(stderr, "program must be suid root, exiting...\n");
> exit(1);
> }
>
> if (argc < 3) {
> fprintf(stderr, "usage: %s: username password\n",argv[0]);
> exit(1);
> }
>
> strncpy(name,argv[1],9);
>
> if (isatty(0)) {
>
> fprintf(stdout, "before strncpy newpw\n");
> strncpy(newpw, argv[2], 9);
> fprintf(stdout, "after strncpy newpw\n");
>
> } else {
> /* noninteractive, so .... */
> fprintf(stdout, "in noneinteractive\n");
> if (read(0, newpw, LENGTH) <= 0) {
> fprintf(stderr, "Failed getting new password, exiting...\n");
> exit(1);
> }
> }
>
> /* Lose controlling tty */
>
> if ((fd = open("/dev/tty", O_RDWR)) >= 0)
> {
> ioctl(fd, TIOCNOTTY,0);
> close(fd);
> }
>
> if (isatty(0))
> if ( ! ChangePass(PASSWD,name,newpw))
> exit(1);
>
> if (isatty(0))
> fprintf(stdout, "\tSuccessfully changed Unix password.\n");
>
>
> exit(0);
> }
>
>
> int ChangePass(char *passwd_binary, char *user, char *pwd)
> {
> char cmd[LENGTH];
> FILE *cmd_pipe;
> int cmd_status;
>
> strncpy(cmd, passwd_binary, LENGTH);
> strncat(cmd, " ", LENGTH - 1);
> strncat(cmd, user, LENGTH - strlen(cmd));
> fprintf(stdout, "debug cmd = %s\n", cmd);
> sleep(2);
>
> if ((cmd_pipe = popen(cmd, "w")) == NULL) {
> fprintf(stdout, "Failed to open pipe to '%s', exiting...\n", cmd);
> return 1;
> }
>
> sleep(3);
> fprintf(cmd_pipe, "%s\n", pwd);
> fflush(cmd_pipe);
> sleep(2);
> fprintf(cmd_pipe, "%s\n", pwd);
> fflush(cmd_pipe);
> sleep(2);
>
> if ((cmd_status = pclose(cmd_pipe)) != 0) {
> fprintf(stdout, "%s failed with code %d, exiting...\n",cmd, cmd_status);
> return 1;
> }
>
> return 1;
> }
>
>
>
>
>
Two thing are wrong.
#1. Here is a direct quote from the passwd man page:
When used to change a password, passwd prompts everyone for
their old password, if any. It then prompts for the new
password twice.
#2 It is certain that passwd uses getpass(3). This function insists
that the password come from the controlling tty. You cannot get around
this. In the past I've had to create and use a pty in order to interact
with getpass().
--
Fletcher Glenn
| |
| Name goes here 2006-04-11, 9:59 am |
|
"Fletcher Glenn" <fletcher@removethisfoglight.com> wrote in message
news:tlwZf.62687$H71.35633@newssvr13.news.prodigy.com...
>
> Two thing are wrong.
>
> #1. Here is a direct quote from the passwd man page:
>
> When used to change a password, passwd prompts everyone for
> their old password, if any. It then prompts for the new
> password twice.
>
> #2 It is certain that passwd uses getpass(3). This function insists
> that the password come from the controlling tty. You cannot get around
> this. In the past I've had to create and use a pty in order to interact
> with getpass().
>
> --
>
> Fletcher Glenn
>
In this case, root is running the command and is taking the username as an
argument, then all you had to give it was the new password, not the old one.
At least thats the way it works on this system. Regarding getpass(), didn't
know about that one. I will investigate further.
Thank you
| |
| Michael Wojcik 2006-04-27, 7:55 am |
|
In article <443a511a@dolphin>, "Name goes here" <someone@dev.null> writes:
> "Fletcher Glenn" <fletcher@removethisfoglight.com> wrote in message
> news:tlwZf.62687$H71.35633@newssvr13.news.prodigy.com...
>
> Regarding getpass(), didn't
> know about that one. I will investigate further.
The key point is "create and use a pty". Password-stuffing is one of
the classic (if infelicitous) applications of pseudo-ttys, which are
among the more esoteric features of Unix programming. I suggest you
either consult Stevens (_Advanced programming in the UNIX Environment_)
or a similar reference, or use a facilty designed to simplify the use
of ptys, such as Expect.
--
Michael Wojcik michael.wojcik@microfocus.com
Most people believe that anything that is true is true for a reason.
These theorems show that some things are true for no reason at all,
i.e., accidentally, or at random. -- G J Chaitin
|
|
|
|
|