PERFECT. Thanks a lot.
Hopefully not to seem greedy but since I don't know perl or expect, Do you
know a way I could "wrap this up" in a restricted shell so that say a low
level support person could log on, and this script would prompt for a
username/password to check, and loop until "exit". Something they couldn't
break out of? I do know shell programming. I know how to pass parameters
to your scripts (I think). Would it be secure for me to just write a script
and assign it as a shell?
Thanks again,
Scott
-----Original Message-----
From: David Taylor <[EMAIL PROTECTED]>
To: RedHat List <[EMAIL PROTECTED]>
Date: Sunday, November 28, 1999 4:33 PM
Subject: Re: shell=false [more]
>> What I REALLY want is to be able to check a users POP password/userid.
>> Is there a way using telnet to port 109? I get a prompt, I just don't
>> know how to feed it a login/password. Would this work? how?
>
>Not too long ago I needed a way to authenticate users without getting
>access to the shadowed password file. So, I wrote a script that used
>the POP3 port (110) to authenticate users. I wrote both an Expect
>script and a Perl script. Each script takes a username and password and
>sets an exit status depending upon the validity of the user (0 for
>valid, 1 for invalid). I wrote two scripts simply as a mental exercise.
>
>The Expect Script:
>==================
>#!/local/usr/bin/expect
>
># Turn off logging
>log_user 0
>
># Check args
>if {$argc != 2} {
> exit 1
>}
>
># Get command line arguments
>set username [lindex $argv 0]
>set password [lindex $argv 1]
>
># Open POP3 connection
>spawn telnet localhost 110
>
># Try to login
>send "user $username\r"
>send "pass $password\r"
>
># Did we succeed?
>expect -re ".OK.*messages.*\n" { send "quit\r"
> exit 0 }
>
>exit 1
>-----
>
>The Perl Script:
>================
>#!/local/usr/bin/perl -w
>
>use strict;
>use IO::Socket;
>
>my $username = shift || exit 1;
>my $password = shift || exit 1;
>my $hostname = shift || "localhost";
>my $portnum = 110;
>my $conn;
>my $line;
>
># Establish POP3 connection
>$conn = IO::Socket::INET->new(Proto => "tcp",
> PeerAddr => $hostname,
> PeerPort => $portnum) || exit 1;
>
>sub sendcmd {
> defined($line = <$conn>) || exit 1;
> $line =~ /\+OK.*/ || exit 1;
> print $conn "$_[0]\n";
>}
>
>sendcmd ("user $username");
>sendcmd ("pass $password");
>sendcmd ("quit");
>-----
>
>Hope that helps.
>
>--
>David
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
