Skip to content

Commit

Permalink
Merge pull request #625 from exploide/linux-improvements
Browse files Browse the repository at this point in the history
Improved multiple Linux modules
  • Loading branch information
AlessandroZ authored Aug 7, 2023
2 parents 8c9f962 + 3b58592 commit 0cc1563
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 15 deletions.
2 changes: 1 addition & 1 deletion Linux/lazagne/softwares/sysadmin/env_variable.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ def run(self):
known_tokens = set()

blacklist = (
'PWD', 'OLDPWD', 'SYSTEMD_NSS_BYPASS_BUS'
'PWD', 'OLDPWD', 'SYSTEMD_NSS_BYPASS_BUS', 'SYSTEMD_NSS_DYNAMIC_BYPASS'
)

proxies = (
Expand Down
7 changes: 4 additions & 3 deletions Linux/lazagne/softwares/sysadmin/fstab.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,12 @@ def run(self):
try:
with open(path) as fstab:
for line in fstab:
if line.startswith('#'):
line = line.strip()
if not line or line.startswith('#'):
continue

filesystem, mount_point, _type, options, dump, _pass = line.strip().split()
if 'password' in options:
filesystem, mount_point, _type, options, dump, _pass = line.split()
if 'pass' in options or 'cred' in options:
pwd_found.append({
'Filesystem': filesystem,
'Mount Point': mount_point,
Expand Down
12 changes: 6 additions & 6 deletions Linux/lazagne/softwares/sysadmin/shadow.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ def dictionary_attack(self, user, crypt_pwd):
'1': 'MD5',
'2': 'Blowfish',
'5': 'SHA-256',
'6': 'SHA-512', # Used by all modern computers
'6': 'SHA-512',
}

# For Debug information
Expand Down Expand Up @@ -63,16 +63,16 @@ def dictionary_attack(self, user, crypt_pwd):
return False

def run(self):
# Need admin privilege
if os.getuid() == 0:
shadow_file = '/etc/shadow'
if os.access(shadow_file, os.R_OK):
pwd_found = []
with open('/etc/shadow', 'r') as shadow_file:
with open(shadow_file, 'r') as shadow_file:
for line in shadow_file.readlines():
user_hash = line.replace('\n', '')
line = user_hash.split(':')

# Check if a password is defined
if not line[1] in ['x', '*', '!']:
if not line[1] in ['x', '*', '!', '!!']:
user = line[0]
crypt_pwd = line[1]

Expand All @@ -84,8 +84,8 @@ def run(self):
else:
# No clear text password found - save hash
pwd_found.append({
'Login': user_hash.split(':')[0].replace('\n', ''),
'Hash': ':'.join(user_hash.split(':')[1:]),
'Login': user_hash.split(':')[0].replace('\n', '')
})

return pwd_found
12 changes: 7 additions & 5 deletions Linux/lazagne/softwares/wallet/libsecret.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
from lazagne.config.module_info import ModuleInfo
from lazagne.config import homes
from binascii import hexlify
import pwd
import traceback

try:
Expand Down Expand Up @@ -80,12 +81,13 @@ def run(self):

for item in storage:
values = {
'created': str(datetime.datetime.fromtimestamp(item.get_created())),
'modified': str(datetime.datetime.fromtimestamp(item.get_modified())),
'content-type': item.get_secret_content_type(),
'label': item.get_label(),
'Owner': pwd.getpwuid(uid).pw_name,
'Collection': label,
'Label': item.get_label(),
'Content-Type': item.get_secret_content_type(),
'Password': item.get_secret().decode('utf8'),
'collection': label,
'Created': str(datetime.datetime.fromtimestamp(item.get_created())),
'Modified': str(datetime.datetime.fromtimestamp(item.get_modified())),
}

# for k, v in item.get_attributes().iteritems():
Expand Down

0 comments on commit 0cc1563

Please sign in to comment.