Last active
August 29, 2015 14:23
-
-
Save JamesTheBard/87a99b0cfe0ad6496adf to your computer and use it in GitHub Desktop.
Privilege users parsing script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/perl | |
| use strict; | |
| use warnings; | |
| use File::Spec; | |
| our %file_path = ( | |
| "PASSWD" => "etc/passwd", | |
| "GROUP" => "etc/group", | |
| "SUDOERS" => "etc/sudoers", | |
| ); | |
| sub read_file { | |
| my $file = shift; | |
| open (FH, "< $file"); | |
| my @lines; | |
| while(<FH>) { | |
| push @lines, $_; | |
| } | |
| close FH; | |
| return @lines; | |
| } | |
| sub parse_sudoers { | |
| # The only variable: BASE_PATH | |
| my $BASE_PATH = shift; | |
| # An array that holds all of the names that are found. | |
| my @usernames; | |
| my $sudoers_file = File::Spec->catfile($BASE_PATH, $file_path{SUDOERS}); | |
| my @sudoers = read_file($sudoers_file); | |
| # Grab the groups and users from the sudoers file. Make sure that the | |
| # 'Defaults' parameter is not injested. | |
| my @groups = grep(/^%/, @sudoers); | |
| my @users = grep(/^\w+/ && /^(?!Defaults)/, @sudoers); | |
| # Grab each username and throw it into @usernames | |
| foreach my $user (@users) { | |
| $user =~ /^(\w+)/; | |
| push @usernames, $1; | |
| } | |
| # Grab each group... | |
| foreach my $group (@groups) { | |
| $group =~ /^%(\w+)/; | |
| # ...find the users in that group and toss those into @usernames. | |
| foreach my $user (get_group_users($BASE_PATH, $1)) { | |
| $user =~ /^(\w+)/; | |
| push @usernames, $1; | |
| } | |
| } | |
| # Makes sure there aren't duplicates in the @usernames array. | |
| my %seen; | |
| my @unique = grep { !$seen{$_}++ } @usernames; | |
| # Print the users out with their associated comment. | |
| foreach my $user (@unique) { | |
| print "$user:"; | |
| print get_user_comment($BASE_PATH, $user); | |
| print "\n"; | |
| } | |
| } | |
| # Parse the group file, grab all of the users of $GROUP and return them as | |
| # an array. | |
| # get_group_users(BASE_PATH, GROUP) | |
| sub get_group_users { | |
| my $BASE_PATH = shift; | |
| my $GROUP = shift; | |
| my $full_path = File::Spec->catfile($BASE_PATH, $file_path{GROUP}); | |
| my @content = read_file($full_path); | |
| my @groups = grep(/^$GROUP:/, @content); | |
| foreach my $group (@groups) { | |
| my @fields = split(":", $group); | |
| my @users = split(",", $fields[3]); | |
| return @users; | |
| } | |
| } | |
| # Parse the passwd file, grab the comment field of a given user and return | |
| # it. | |
| # get_user_comment(BASE_PATH, USER) | |
| sub get_user_comment { | |
| my $BASE_PATH = shift; | |
| my $USER = shift; | |
| my $full_path = File::Spec->catfile($BASE_PATH, $file_path{PASSWD}); | |
| my @passwd_content = read_file($full_path); | |
| my @users = grep(/^$USER:/, @passwd_content); | |
| foreach my $user (@users) { | |
| my @temp = split(":", $user); | |
| return $temp[4]; | |
| } | |
| } | |
| parse_sudoers(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment