#!/bin/sh
#
#     tiger - A UN*X security checking system
#     Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2, or (at your option)
#    any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#     Please see the file `COPYING' for the complete copyright notice.
#
# crack_run - created 06/14/93
#
# 08/15/2003 - jfs - Commented out code which is no longer is used in
#              Tara since probably only works for older Crack versions.
# 08/14/2003 - jfs - Preserve, for backwards compatibility the definition
#                    of CRACK, REPORTER and CRACKDIR if available
#                    (exported through the site configuration)
# 08/13/2003 - jfs - Use Location overrides in the tigerrc configuration file
# 08/09/2003 - jfs - Added RM to dependancies.
# 08/08/2003 - jfs - Improved temporary file creation.
# 05/01/2003 - jfs - Fixed dependancies.
#
# TODO: 
# This script must be tested further. Also it seems that REPORTER is 
# no longer a part of CRACK so it might only be needed in older versions...
# There are two code pieces, one for the old version (with REPORTER)
# and another with the newer version, maybe the code should be selected
# once a version has been determined...
#
#-----------------------------------------------------------------------------
#
TigerInstallDir='.'

#
# Set default base directory.
# Order or preference:
#      -B option
#      TIGERHOMEDIR environment variable
#      TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}

for parm
do
   case $parm in
   -B) basedir=$2; break;;
   esac
done

#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
  echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
  exit 1
}

. $basedir/config

. $BASEDIR/initdefs

#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
  haveallcmds AWK CAT GEN_PASSWD_SETS RM WAIT || exit 1
  haveallfiles BASEDIR WORKDIR || exit 1
  haveallvars TESTLINK HOSTNAME
  
  echo "--CONFIG-- [init003c] $0: Configuration ok..."
  exit 0
}

#------------------------------------------------------------------------
echo
echo "# Running Crack on password files..."


# Crack binary location|override + default check
# Which, find, user-supplied var or tigexp's findcmd?:
if [ -z "$CRACK" ] 
then
  if [ -z "${Tiger_CRACK_LOC_OVERRIDE}" ]
  then
    CRACK=`which crack`
  else
    CRACK=${Tiger_CRACK_LOC_OVERRIDE}
  fi
fi
# Reporter binary location|override + default check
if [ -z "$REPORTER" ] 
then
if [ -z "${Tiger_CRACKREPORTER_LOC_OVERRIDE}" ]
then
   REPORTER=`which crack-reporter`
else
   REPORTER=${Tiger_CRACKREPORTER_LOC_OVERRIDE}
fi
fi
# Crack directory location
if [ -z "$CRACKDIR" ]
then
if [ -z "${Tiger_CRACKDIR_LOC_OVERRIDE}" ]
then
   CRACKDIR=/usr/lib/crack
else
   CRACKDIR=${Tiger_CRACKDIR_LOC_OVERRIDE}
fi
fi


# Tara (which this cod was derived from, has removed the following
# it is thus removed but the code below should be revised). Maybe
# the REPORTER stuff is needed for older versions of Crack?
#haveallcmds RM CRACK REPORTER || exit 1
#
#if [ -e "$CRACK" -a -d "$CRACKDIR" ]; then
#	cd $CRACKDIR
#	$CRACKDIR/scripts/shadmrg.sv > $CRACKDIR/run/tmppass
#	$CRACK $CRACKDIR/run/tmppass
#	sleep 60
#	$CRACKDIR/scripts/plaster
#	$REPORTER -quiet
#	$RM $CRACKDIR/run/tmppass
#	make tidy
#fi 
#
#exit 0
########################################################################
# TODO: Check this part, this could work for more passwd sets (like if
# using NIS, but it is not thoroughly tested)

haveallcmds CRACK GEN_PASSWD_SETS CAT EXPR WAIT || exit 1

localflag=
[ "$Tiger_Crack_Local" = 'Y' ] && localflag="-l"

count=1
pid=$$

safe_temp $WORKDIR/pass.list.$$ $WORKDIR/crack.out.$pid.$count  $WORKDIR/file.list.$$ $WORKDIR/guess.list.$$

trap 'delete $WORKDIR/pass.list.$$ $WORKDIR/crack.out.$pid.$count \
$WORKDIR/file.list.$$ $WORKDIR/guess.list.$$ ; exit 1' 1 2 3 15

$GEN_PASSWD_SET -p $localflag $WORKDIR/pass.list.$$

{
  while read pass_set
  do
    outfile=$WORKDIR/crack.out.$pid.$count
    {
      $CAT $pass_set.src
      $CRACK -f $pass_set 
    } > $outfile 2>&1 < /dev/null &
    echo $outfile
    count=`$EXPR $count + 1`
  done < $WORKDIR/pass.list.$$
  $WAIT
} > $WORKDIR/file.list.$$


while read filename
do
  {
    read source
    $AWK '$5 == "Guessed" { print $6, $10; }' > $WORKDIR/guess.list.$$
    [ -s "$WORKDIR/guess.list.$$" ] && {
      echo "--WARN-- [crk001w] The following login id's have weak passwords:"
      $CAT $WORKDIR/guess.list.$$
    }
    delete $WORKDIR/guess.list.$$
  } < $filename
  delete $filename
done < $WORKDIR/file.list.$$

# Cleanup temporary files
[ ! -n "$Tiger_PasswdFiles" ] && {
while read pass_set
do
  delete $pass_set $pass_set.src
done < $WORKDIR/pass.list.$$
}

delete $WORKDIR/file.list.$$ $WORKDIR/pass.list.$$
exit 0
