Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> PHP
Author Message
Erhnam
New Member
New Member


Joined: Jan 19, 2005
Posts: 1

PostPosted: Wed Jan 19, 2005 9:14 am Reply with quote

I'm trying to create a script using the files /etc/passwd and /etc/shadow to give system users access.

To not give all users access and to protect the files I'm using a perl script to generate a file with the passwords and usernames:

Perl Script:

#!/usr/bin/perl
#

open(PASSWD,"/etc/passwd");
open(SHADOW,"/etc/shadow");
open(FLATFILE,">/etc/passwd.httpd");
while(<SHADOW>){
chop;
($uname,$temppass)=split(/:/);
$pass{$uname}=$temppass;
}
while(<PASSWD>){
chop;
($uname,$temppass,$uid,$gid,$fn,$homedir,$shell)=split(/:/);
if ($temppass ne 'x'){ $pass{$uname}=$temppass; }
if ($uid>=500) {
print FLATFILE
"$uname:$pass{$uname}:$uid:$gid:$fn:$homedir:$shell\n";
}
}

close(PASSWD);
close(SHADOW);
close(FLATFILE);
chmod(0400,"/etc/passwd.httpd");
chown(65534,65534,"/etc/passwd.httpd");

Below is the php script which should give users access. The output of the password should match the password hash in the perl generated file:

<?php

$user = ($_POST['username']);
$password = ($_POST['password']);
$autharray = file("/home/httpd/vhosts/domein.nl/httpdocs/passwd.httpd");

for ($x = 0; $x < count($autharray); $x++)
{
if (eregi("^$user:", $autharray[$x]))
{
$passwd = explode(":", $autharray[$x]);
$salt = substr($passwd[1],0,2);
$cryptpw = crypt($pass,$salt);
if ($cryptpw == $passwd[1]) {
print "succes";
} else {
print "fout";
}
}
}
?>

I tried the script as posted but this gives me random hashes like:

$1$dc.cNxen$B7xUcH/RxAvJkBw5BABuz/
$1$rICJiYRz$frLxNIiD3ue7YP9BN2Wdr1
$1$FkqAPyXv$wue8h8D2B.vButyL/krXR0

does anyone of you know what could be wrong?
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> PHP

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©