Shell script to Finding Accounts with No Password ( null password account )
Posted in Monitoring
A password is a form of secret authentication data that is used to control access to a resource. The password is kept secret from those not allowed access, and those wishing to gain access are tested on whether or not they know the password and are granted or denied access accordingly.
This script find out all accounts with null password.
#!/bin/bash # Shell script to Finding Accounts with No Password # Useful to improve system security # Copyright (c) 2005 nixCraft project # This script is licensed under GNU GPL version 2.0 or above # For more info, please visit: # http://cyberciti.biz/shell_scripting/bmsinstall.php # TODO # - Disable all account w/o password # - Send an email to admin # ------------------------------------------------------------------------- # This script is part of nixCraft shell script collection (NSSC) # Visit http://bash.cyberciti.biz/ for more information. # ------------------------------------------------------------------------- SPATH="/usr/local/etc/bashmonscripts" INITBMS="$SPATH/defaults.conf" [ ! -f $INITBMS ] && exit 1 || . $INITBMS if ( isRootUser ); then $GREP -v -E "^#" $SHADOW_FILE | $AWK -F: '$2 == "" { print $1 }' else echo "Permission denied [$($ID -u)]" fi
Download - Email this to a friend - Printable version
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: /etc/shadow, authentication data, awk command, bash shell script, email, exit 1, fi, grep command, linux, password account, shell scripting, system security, unix ~ Last updated on: April 10, 2008
