[ale] Ports and Crypt
Jacob Langseth
jlangseth at esisys.com
Thu Aug 21 16:46:46 EDT 1997
> I'm thinking of doing some port based stuff on my machine, such as
> telnet to port 4133 and get a rather detailed report of what's going on
> with the machine. The problem is I'm paranoid by default. I'd like to
> use /etc/passwd to restrict who can/can't access it. I've got down
> alot of the details. My problem is I want to use a perl script and a
> subroutine that requests a passwd then compares it agains an entry
> in /etc/passwd. Does anyone have a quick tutorial on how to encrypt
> the string the user gives so I can do a comparison or some other
> good ideas?
It's been a while since I've coded perl, but it probably has a getpwent()
function which will retrieve the encrypted value from /etc/passwd. Once this
has been read (say into $CorrectPassword), the crypt(3) check will look
something like:
if (crypt( $ReadPassword, substr( $CorrectPassword, 0, 2 ) ) !=
$CorrectPassword) {
# bad password
}
A good reference might be the O'Rielly book on Perl, which contains a sample
implementation of 'passwd'. You might also find something on the perl
repository web site (though I don't have the url handy).
I wrote something a while back that returns a crypt(3) value of anything passed
to it on the command line. It should work as an example.
Good luck!
#!/usr/local/bin/perl
# pcrypt.pl -- <langseth at cc.gatech.edu> -- 10/29/95
#
# USAGE: pcrypt.pl [PHRASE]
#
# Return the crypt(3) value of PHRASE, where PHRASE defaults to
# 'Why are you wasting your time?'
if ( $ARGV[0] ) {
while ( $ARGV[0] ) {
$phrase .= "$ARGV[0] ";
shift;
}
} else {
$phrase = "Why are you wasting your time?";
}
print( "Encrypting: \n $phrase\n" );
@saltset = ('a'..'z','A'..'Z','0'..'9','.','/');
foreach $_ ( split(' ',$phrase) ) {
# generate a hopefully unique salt
$now = time;
($pert1, $pert2) = unpack("C2", $_);
$week = $now / (60*60*24*7) + $pert1 + $pert2 - length($_);
$salt = $saltset[$week % 64] . $saltset[($now + ord(substr($_,0,1))) % 64];
# return crypt(3) equivalent
$passwd = crypt( $_, $salt );
print( "\t$passwd\n" );
}
exit 0;
#EOF#
--
Jacob Langseth Enhanced Systems, Inc.
CTI Engineer Email for PGP key
<jlangseth at esisys.com> #include <std_disclaimer.h>
More information about the Ale
mailing list