User Tools

Site Tools


ldif2passwd.pl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
ldif2passwd.pl [2006/11/13 13:35]
205.252.23.14
ldif2passwd.pl [2006/11/13 14:50] (current)
andi old revision restored
Line 1: Line 1:
 +====== ldif2passwd.pl ======
  
 +This Perl-Script helps you to build a passwd file from your LDAP data. This is useful to feed it into a password cracker (like [[http://www.openwall.com/john/|john]]) to test for weak passwords.
 +
 +It's just a quick hack. Only passwords are Base64 decoded to decode other fields as well hacke the source.
 +
 +<code perl>
 +#!/usr/bin/perl
 +use MIME::Base64;
 +
 +my %user;
 +while (<>){
 +  $line = $_;
 +
 +  #skip comments
 +  next if($line =~ m/^#/);
 +
 +  #trim whitespaces
 +  $line =~ s/\s*$//;
 +  $line =~ s/^\s*//;
 +
 +  if($line eq ''){
 +    # print old user
 +    if($user{'login'} ne ''){
 +      print join(':',$user{'login'},
 +                     $user{'pass'},
 +                     $user{'uid'},
 +                     $user{'gid'},
 +                     $user{'gecos'},
 +                     $user{'home'},
 +                     $user{'shell'});
 +      print "\n";
 +    }
 +    # initialize new user
 +    %user = ();
 +    next
 +  }
 +
 +  if($line =~ m/^uidNumber(::?) (.*)/i){
 +    $user{'uid'  = $2;
 +  }if($line =~ m/^userPassword(::?) (.*)/i){
 +    if($1 eq '::'){
 +      $user{'pass'}=  decode_base64($2);
 +      $user{'pass'}=~ s/{.*}//;
 +    }else{
 +      $user{'pass'}= $2;
 +    }
 +  }elsif($line =~ m/^uid(::?) (.*)/i){
 +    $user{'login'} = $2;
 +  }elsif($line =~ m/^gidNumber(::?) (.*)/i){
 +    $user{'gid'  = $2
 +  }elsif($line =~ m/^gecos(::?) (.*)/i){
 +    $user{'gecos'} = $2
 +  }elsif($line =~ m/^loginShell(::?) (.*)/i){
 +    $user{'home' = $2
 +  }elsif($line =~ m/^homeDirectory(::?) (.*)/i){
 +    $user{'shell'} = $2
 +  }
 +}
 +</code>
 +
 +**Usage:**
 +
 +  $> ldapsearch -L -D 'cn=admin,dc=foo,dc=bar' -w pass -x -b 'ou=people,dc=foo,dc=bar' 'objectclass=posixAccount' |\
 +     perl ldif2passwd.pl > passwd.1
ldif2passwd.pl.txt ยท Last modified: 2006/11/13 14:50 by andi