-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathblockchain_passwd_check.sh
66 lines (59 loc) · 1.86 KB
/
blockchain_passwd_check.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/bin/bash
### Config
# Requiered percentage of valid replies for connection approval
required_fract=60
### Verify root privileges
# If the EUID is not 0 (root), notify on prompt and crash
if [[ $EUID -ne 0 ]]; then
echo "I must be opened with root privileges"
exit 1
fi
### Infinite loop
while true; do
### Wait for a user to connect
while true; do
connected_username=$(who | grep totoadmin)
# When the user tries to connect
if [[ ! -z $connected_username ]]; then
echo $connected_username
username=$(echo $connected_username | awk '{print $1}')
echo username
# Leave the loop
break
fi
done
### Variables
local_hash=$(cat /etc/shadow | grep $username)
dsh_output=$(dsh -g blockchain -c "cat /etc/shadow | grep $username")
index=1
# Quantity of valid replies
valid=0
# Quantity of invalid replies
invalid=0
for response in $dsh_output; do
response_conv=$response
# If the username associated hash matches the one our /etc/shadow, add a valid reply
if [[ "$response_conv" == "$local_hash" ]]; then
valid=$((valid + 1))
echo "Response $index is valid"
# Else, add an invalid reply
else
invalid=$((invalid + 1))
echo "Response $index is invalid"
fi
index=$((index + 1))
done
echo "Valid : $valid"
echo "Invalid : $invalid"
# Calculate the valid/invalid ratio
fract=$(echo "scale=2; $valid/$index*100" | bc -l)
# Keeping the integer part
fract_corr=$(echo "${fract%.*}")
# If the obtained ratio is greater than the minimum required one, autorize the connection
if [[ fract_corr -gt required_fract ]]; then
echo "Autorisé"
else
echo "Non autorisé"
killall -u $username
fi
done