Finding Passwords
Mikael Adolfsson
d87-man at sm.luth.se
Tue Sep 25 06:05:34 AEST 1990
guy at auspex.auspex.com (Guy Harris) writes:
>>and switch to plain "login:" if an incorrect password is entered. This
>>disables login trojans by making them unconcealable.
>Err, what's to stop the trojan horse program from exhibiting the same
>behavior as "getty" (which issues the first prompt indicated above) and
>"login" (which issues the subsequent ones)?
What's to stop the trojan horse program from executing "getty" itself.
I have planned to write such a beast (just to test the idea of course :-)
and here's how I would do it.
First I would write a pseudo-device interface (similar to rlogin).
This interface would resemble script(1) in that it could save on a
file all characters passed between a child process and the tty. Then
this program should just simply call "getty" and watch for keywords
(sent from the child process "getty", "login" or whatever) of the form
"*login: " ...followed by:
"Password:"
This parsing would make it possible to save only those parts of the
login session that had to do with "logging in". And furthermore it
would be possible to make sure that the password is correct.
--
Mikael Adolfsson # d87-man at sm.luth.se
University of Lulea, Sweden # ...{uunet,mcsun}!sunic!sm.luth.se!d87-man
More information about the Comp.unix.internals
mailing list