crypt, pwd, getpass - Quick examples using python

crypt() is a weak module because it uses only two letters as a salt which can be easily brute-forced to find the correct plaintext password for the given salt value.
crypt() is used to check the unix password and salt value.
plaintext or cleartext can be chosen randomly or from dictionary words to crack the passwords of the users (function returns once the plaintext and salt values are equal)

crypt.crypt(plaintext, salt) == salt

pwd() is an interesting module which helps to fetch the 7 fields from operating system (password database entries)

----------------------------------------------------------------------

| Data descriptors defined here:

| pw_dir

| home directory

| pw_gecos

| real name

| pw_gid

| group id

| pw_name

| user name

| pw_passwd

| password

| pw_shell

| shell program

| pw_uid

| user id

----------------------------------------------------------------------

some of the main function in the pwd() are

pwd.getpwuid() returns the values on given uid (user id)

eg:

pwd.getpwuid(501)

pwd.getpwnam() returns the values on given user name

eg:

pwd.getpwnam('root')

pwd.getpwall() returns all the entries from password database

No parameter needs to passed

pwd.struct_passwd()and pwd.struct_pwent() looks like a similar return types. It returns the str

eg:

getpass() is used to get the password in CLI (both windows and unix) and prints as plain or clear text

eg:
getpass.getpass()

crypt, pwd, getpass - Quick examples using python #!/usr/bin/python import pwd from tabulate import tabulate def main(): pwd_headers = ["pw_name", "pw_passwd", "pw_uid", "pw_gid", "pw_gecos", "pw_dir", "pw_shell"] passwd_entries = pwd.getpwall() pwd_list = [] for (pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell) in passwd_entries: pwd_list.append([pw_name, pw_passwd, str(pw_uid), str(pw_gid), pw_gecos, pw_dir, pw_shell]) #for entry in passwd_entries: # pwd_list.append([entry.pw_name, entry.pw_passwd, str(entry.pw_uid), str(entry.pw_gid), entry.pw_gecos, entry.pw_dir, entry.pw_shell]) print tabulate(pwd_list, pwd_headers, tablefmt='rst') if __name__ == "__main__": main() print pwd.getpwuid(0) print pwd.getpwnam('root') >>> pwd.struct_pwent(['root', 'toor', '502', '20', 'Vijay', '/var/root/', '/bin/sh']) pwd.struct_passwd(pw_name='root', pw_passwd='toor', pw_uid='502', pw_gid='20', pw_gecos='Vijay', pw_dir='/var/root/', pw_shell='/bin/sh') >>> pwd.struct_passwd(['root', 'toor', '502', '20', 'Vijay', '/var/root/', '/bin/sh']) pwd.struct_passwd(pw_name='root', pw_passwd='toor', pw_uid='502', pw_gid='20', pw_gecos='Vijay', pw_dir='/var/root/', pw_shell='/bin/sh') #!/usr/bin/python import crypt, getpass, pwd def main(): print "##### This programs helps to understand the username/password storage in Operating System #######\n" username = raw_input('Python login:') try: cryptedpasswd = pwd.getpwnam(username).pw_passwd except KeyError: print "Sorry user name not found" return 0 except exception as er: print "Exception: "+str(er) return 0 if cryptedpasswd: if 'x' in cryptedpasswd or '*' in cryptedpasswd: raise NotImplementedError("Sorry, currently no support for shadow passwords") cleartext = getpass.getpass() print "salted value: "+str(crypt.crypt(cleartext, cryptedpasswd)) return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd else: return 1 if __name__ == "__main__": try: main() except NotImplementedError: print "Sorry, currently no support for shadow passwords"

Developer Notes

Search This Blog

crypt, pwd, getpass - Quick examples using python

Comments

Post a Comment