HPE Community
Operating System - Linux
1752786 Members
5945 Online
108789 Solutions
New Discussion юеВ

Re: Piece of code to find null passwords from /etc/shadow

 
Senthil Prabu.S_1
Trusted Contributor

тАО03-13-2007 09:14 PM

тАО03-13-2007 09:14 PM

Piece of code to find null passwords from /etc/shadow

Hello Guru,
I am looking for piece code which helps me to find the list of users with null password [exluding accounts that are locked] on my unix machine with /etc/shadow file. It can be either in C or perl script.....

I got a piece of perl script from perl-doc which works for root user.

$pwd = (getpwuid($<))[1];
$word="";# this is null as checking for null password.
$password=crypt($word, $pwd);

But I don't know how to make use of getpwuid() to find other existing users .
Can anyone please help me to validate null passwords.

Note:
I dont want to block null-passwords, all I want is to find a list of users with weak passwords, mainly null password.

With Advance Thanks,
Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
8 REPLIES 8
Peter Godron
Honored Contributor

тАО03-13-2007 09:26 PM

тАО03-13-2007 09:26 PM

Re: Piece of code to find null passwords from /etc/shadow

Prabu,
would this not be a security risk to have/run this script ?

I would change the secrity policy, which would lock the account.

You could then use
/usr/lbin/getprpw -m lockout
Which should give to lockout reason:
0 acount enabled
1 in position
1 - password lifetime expired
2 - inactive account
3 - account time disabled
4 - too many login attempts
5 - password required and a null password
6 - admin locked it
7 - * password
0 Kudos
Senthil Prabu.S_1
Trusted Contributor

тАО03-13-2007 09:39 PM

тАО03-13-2007 09:39 PM

Re: Piece of code to find null passwords from /etc/shadow

Hi Peter,
As part of security measure, I need to do this, not a security issue at all. Once I get the list of users, later I will progress either to lock the user or to raise alarms.... So all I need is to find list of null password...

Hope now you understood my requirement....

Also I need to do this on sun10 OS, I cannot find getprpw utility on solaris box...


Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Peter Godron
Honored Contributor

тАО03-13-2007 09:48 PM

тАО03-13-2007 09:48 PM

Re: Piece of code to find null passwords from /etc/shadow

Prabu,
sorry didn't realise it was Solaris.

Have you looked at:
http://perldoc.perl.org/functions/getpwuid.html
and
http://www.die.net/doc/linux/man/man3/getpwuid.3.html
0 Kudos
Ralph Grothe
Honored Contributor

тАО03-13-2007 09:59 PM

тАО03-13-2007 09:59 PM

Re: Piece of code to find null passwords from /etc/shadow

Hi Prabu,

a "perldoc -f getpwuid" will show you what the getpw* implementations of the namesake C syscalls return in either scalar or list context.
To cycle through all of your box'es accounts one probably would use a getpwent in a while loop.

e.g.

to simply print out accounts that assigned themselves an empty password, you could loop like this

while (my @rec = getpwent) {
print "$rec[0]\n" if (crypt("", substr($rec[1],0,2)) eq $rec[1]);
}


Better yet, you implement a password regime where no one is allowed to get away with empty passwords ;-)

Madness, thy name is system administration
0 Kudos
Todd Goldsmith
New Member

тАО03-13-2007 11:37 PM

тАО03-13-2007 11:37 PM

Re: Piece of code to find null passwords from /etc/shadow

Check if you have the logins command. The following command on HP-UX will list all users with no password:

logins -p

Another very useful feature:

logins -d

shows users that have the same UID -- very useful to expose a hacker that created another root login.
0 Kudos
Senthil Prabu.S_1
Trusted Contributor

тАО03-14-2007 12:09 AM

тАО03-14-2007 12:09 AM

Re: Piece of code to find null passwords from /etc/shadow

Hi Todd,
My problem is that when a user tries to set empty password, he types return key alos, so "\n" is considered as password, which is later crypted and stored in /etc/shadow, practically there is a password set, that is "\n", which I should be able to get, logins will not help me to solve this problem.

Hope you understand my problem,

Thanks,
Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
Court Campbell
Honored Contributor

тАО03-14-2007 12:43 AM

тАО03-14-2007 12:43 AM

Re: Piece of code to find null passwords from /etc/shadow

well if the passwd command in solaris is anything like the hp-ux version you should be able to use the command

#passwd -s username


If you see an NP in the output that means that there is no password.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Senthil Prabu.S_1
Trusted Contributor

тАО03-26-2007 12:33 AM

тАО03-26-2007 12:33 AM

Re: Piece of code to find null passwords from /etc/shadow

Got the solution, so closing it.
One man's "magic" is another man's engineering. "Supernatural" is a null word.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.