passpass - password passer
From Noah.org
Revision as of 02:02, 1 June 2014 by Root (talk | contribs) (Created page with 'Category: Engineering This is a wrapper around tools like SSH that ask for passwords directly from your ptty instead of stdin. You can use this to pass passwords on the comm…')
This is a wrapper around tools like SSH that ask for passwords directly from your ptty instead of stdin. You can use this to pass passwords on the command-line exactly the way you're not supposed to. If you don't know why this is a bad idea then you probably shouldn't be using this tool.
#!/usr/bin/env python ''' SYNOPSIS passpass COMMAND # read password from stdin passpass -p PASSWORD COMMAND # use -p option to set password. DESCRIPTION This is the infamous password passer, scourge of security. Use it wisely. Use it rarely. Do not use it at all. This will read a password from stdin and provide it when running the given command, or the -p option may be used to pass a password on the command-line. This can be used to circumvent applications that read directly from a pty. Pretty much the only applications people care to use this for are ssh, scp, and rsync, but there could be other use cases that this tools could be used for. EXAMPLES The following are some examples of how to use this script. # echo "bad_password" | passpass ssh root@www.example.com hostname -f www.example.com # passpass -p bad_password ssh root@example.com hostname -f www.example.com EXIT STATUS This exits with status 0 on success and 1 otherwise. This exits with a status greater than 1 if there was an unexpected run-time error. AUTHOR Noah Spurrier <noah@noah.org> LICENSE This license is approved by the OSI and FSF as GPL-compatible. http://opensource.org/licenses/isc-license.txt Copyright (c) 2010, Noah Spurrier PERMISSION TO USE, COPY, MODIFY, AND/OR DISTRIBUTE THIS SOFTWARE FOR ANY PURPOSE WITH OR WITHOUT FEE IS HEREBY GRANTED, PROVIDED THAT THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE APPEAR IN ALL COPIES. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. VERSION Version 1 ''' __version__ = 'Version 1' __author__ = 'Noah Spurrier <noah@noah.org>' import sys import os import traceback import pexpect def main(args): if args[0] == '-p': password = args[1] args = args[2:] else: password = sys.stdin.readline().strip() command = ' '.join(args[0:]) print command print password lout = file("/tmp/passpass.log", "w") child = pexpect.spawn(command, logfile=lout) while True: ii = child.expect(["(?i)password:", "(?i)Are you sure you want to continue connecting (yes/no)?",]) if ii == 0: child.sendline(password) break elif ii == 1: child.sendline("yes") child.expect(pexpect.EOF) print child.before return child.exitstatus if __name__ == '__main__': try: exit_code = main(sys.argv[1:]) if exit_code is None: exit_code = 0 sys.exit(exit_code) except KeyboardInterrupt as e: # The user pressed Ctrl-C. raise e except SystemExit as e: # The script called sys.exit() somewhere. raise e except Exception as e: print('ERROR: Unexpected Exception') print(str(e)) traceback.print_exc() os._exit(2) # vim:set ft=python fileencoding=utf-8 sr et ts=4 sw=4 : See help 'modeline'