-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathDuplicateAccs.pl
85 lines (67 loc) · 2.29 KB
/
DuplicateAccs.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/usr/bin/perl
use strict;
use warnings;
my $usersdir = "/home/diablo/var/users";
my $ignore = "admin|public-gate|public-mule";
my %data;
sub error {
my $msg = shift;
print STDERR "Error: $msg\n";
}
# Read the accountfile and save the passhash1, lastlogin_ip and lastlogin_owner
# in a hash of hashes: $data{username}->{$key} = $value
foreach my $accountfile (<$usersdir/*>) {
my $username = $accountfile;
$username =~ s|^.*/||g;
next if($username =~ /($ignore)/);
unless(-f $accountfile) {
error("Skipping $accountfile. Not a regular file.");
next;
}
unless(-r $accountfile) {
error("Skipping $accountfile. Not readable.");
next;
}
open(FILE, "$accountfile") or error($!);
my @filecontent = grep {/BNET\\\\acct\\\\/} <FILE>;
close(FILE) or error($!);
foreach(@filecontent) {
chomp();
if(/^\"BNET\\\\acct\\\\(.*)\"=\"(.*)\"$/) {
my $hashkey = $1;
my $hashval = $2;
next unless($hashkey =~ m/passhash1|lastlogin_ip|lastlogin_owner/);
$data{$username}->{$hashkey} = $hashval;
}
}
}
sub warning {
my $type = shift;
my $acc = shift;
my $compareacc = shift;
my $value = shift;
if($type eq "PASS") {
print "$type: $acc and $compareacc have the same password ($value)\n";
} elsif($type eq "IP") {
print "$type: $acc and $compareacc have the same lastlogin IP address ($value)\n";
} elsif($type eq "USER") {
print "$type: $acc and $compareacc have the same lastlogin windows user ($value)\n";
}
}
# Yes, this looks a bit weird. Why not use foreach(keys(...)). This is faster because it
# compares every pair only once. foreach(...) { foreach(..) } would compare a lot more
# already compared pairs.
my @keys = sort keys %data;
for(my $i=0; $i<=$#keys; $i++) {
for(my $j=$i+1; $j<=$#keys; $j++) {
if($data{$keys[$i]}->{'passhash1'} eq $data{$keys[$j]}->{'passhash1'}) {
warning("PASS", $keys[$i], $keys[$j], $data{$keys[$i]}->{'passhash1'});
}
if($data{$keys[$i]}->{'lastlogin_ip'} eq $data{$keys[$j]}->{'lastlogin_ip'}) {
warning("IP", $keys[$i], $keys[$j], $data{$keys[$i]}->{'lastlogin_ip'});
}
if($data{$keys[$i]}->{'lastlogin_owner'} eq $data{$keys[$j]}->{'lastlogin_owner'}) {
warning("USER", $keys[$i], $keys[$j], $data{$keys[$i]}->{'lastlogin_owner'});
}
}
}