coast/rdo
1
0
Fork 0
forked from soccera/rdo
Code Pull requests Activity
rdo/rdo.c
sw1tchbl4d3 f63e1b660a First Commit
2021-07-13 21:33:12 +02:00

89 lines
1.9 KiB
C
Raw Blame History

#include <pwd.h>
#include <shadow.h>
#include <crypt.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <termios.h>
void getpwd(char* password){
struct termios raw;
tcgetattr(STDIN_FILENO, &raw);
raw.c_lflag &= ~ECHO;
tcsetattr(STDIN_FILENO, 0, &raw);
printf("Password: ");
fgets(password, 128, stdin);
password[strcspn(password, "\n")] = 0;
raw.c_lflag |= ECHO;
tcsetattr(STDIN_FILENO, 0, &raw);
printf("\n");
}
void runprog(int argc, char** argv) {
for(int i=0; i<argc; i++)
argv[i] = argv[i + 1];
setuid(0);
setgid(0);
if (execvp(argv[0], argv) != 0) perror(argv[0]);
}
int main(int argc, char** argv) {
if (argc < 2) {
fprintf(stderr, "Please specify a program to run.\n");
return -1;
}
FILE* fp = fopen("/etc/rdo/username", "r");
if (fp == NULL) {
fprintf(stderr, "The file /etc/rdo/username could not be read.\n");
return -2;
}
int ruid = getuid();
if (ruid == 0) {
fclose(fp);
runprog(argc, argv);
return 0;
}
char username[64];
fgets(username, 64, fp);
fclose(fp);
username[strcspn(username, "\n")] = 0;
struct passwd* p = getpwnam(username);
if (!p) {
fprintf(stderr, "The user in the username file does not exist.\n");
return -3;
}
int uid = p->pw_uid;
if (uid != ruid && ruid != 0) {
fprintf(stderr, "You are not in the username file.\n");
return -4;
}
struct spwd* shadowEntry = getspnam(username);
if (!shadowEntry) {
fprintf(stderr, "Could not get shadow entry, suid bit not set or username invalid?\n");
return -5;
}
int tries = 0;
char password[128];
while (tries < 3) {
getpwd(password);
if (strcmp(shadowEntry->sp_pwdp, crypt(password, shadowEntry->sp_pwdp)) == 0) {
runprog(argc, argv);
return 0;
}
fprintf(stderr, "Wrong password.\n");
tries++;
}
return -5;
}
View git blame Copy permalink