System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Is there tool or script to validate UNIX servers where processes running with embedded passwords.

 
DharmaRao G
Advisor

Is there tool or script to validate UNIX servers where processes running with embedded passwords.

Is there any tool or script to validate UNIX servers where processes running with embedded passwords.
9 REPLIES

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

Do you want to look for processes or scripts?
The latter is easier. For processes, that would just look like data.
DharmaRao G
Advisor

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

Need script for that can validate multiple UNIX servers.
OldSchool
Honored Contributor

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

"Need script for that can validate multiple UNIX servers."

ok...fine.....*what* exactly do you mean by that tho?
DharmaRao G
Advisor

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

I mean if it's easier to find out embedded passwords within scripts. Please let me know how?

Thanks,
D
James R. Ferguson
Acclaimed Contributor

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

Hi:

> I mean if it's easier to find out embedded passwords within scripts. Please let me know how?

Well, you can certainly parse scripts (Ascii text files) in numerous ways looking for tokens and syntax that suggest or surround passwords.

Regards!

...JRF...
OldSchool
Honored Contributor

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

"I mean if it's easier to find out embedded passwords within scripts. Please let me know how?"

there is absolutely nothing "easy" about this task, as there are many possibilities to deal with.

Consider that you'd need to locate every text file on the system (that part *is* straightforward), then you'd have to be able to determine if it's a script (can't rely on #! line as it's not manditory) nor can you rely on its executable status (as a plain text file can be "sourced" as in ". ./my_text").

then you have to figure out if a something that looks like a password is in the script, and that isn't straight forward at all.

Consider that an "expect" script might have something like:

expect "Password:"
or
expect "assword:"
or
expect "word:"

any of which would/could be followed by a line that contains the password to be sent.

then consider a scripted ftp in a "here-doc", as in:

ftp that_server <<-EOF
myuser
mypass
cd /dumb
put dumber
EOF

the password is there, but how do you know where / what to look at?

You'd almost have to look at every single text file individually. In any case, this is not a trivial task.

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

I suppose you can brute force the whole thing. Just take every "token" (may be hard since passwords can contain control chars) and then use this as a dictionary attack on every password in /etc/passwd.
DharmaRao G
Advisor

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

Hi Team,

It can be in clear-text, as far as encrypted check to see if what are the top encryption types - may be like E.g., md5 hash.

Also please suggest what are the tools to find out if in case user is logging through encrypted password mode.

Regards
Dr

Re: Is there tool or script to validate UNIX servers where processes running with embedded passwords.

>if in case user is logging through encrypted password mode.

Do you mean using ssh vs remsh?