I know there are many other ways to do this but I want to know how to fill in the password question of the windows the run as command automatically.
system("runas /user:\"benedikt\" \"xy.exe\"");
is there any way to do this? I googled a long time but i only found a lot of tools doing wat I want to do and not a way to do this for myself.
PS: I do not want to use any .Net functions.
OK, I'm going out on a limb here, because I'm not 100% sure that there isn't some (convoluted) way to achieve what you are looking for using stock runas. However, Why doesn't the RunAs program accept a password on the command line?, suggests there isn't - deliberately so to prevent "security issues" with plain-text passwords in command lines, batch files and tools that can view a command line (like Process Explorer).
BTW, a simple echo <password> | runas /user:<user> <command> doesn't seem to work either (it skips over the prompt for the password, but the password itself is not read by runas it seems).
So I guess you have to resort to some other means, like using the real API behind it all: CreateProcessWithLogin.
Related
I have a project in C++ (https://ari-web.xyz/gh/kos) and
it's like sudo but in C++ and doesn't use PAM, I want it
to keep it this way but is there a way to validate the
password of a user without using shadow.h? some people also
don't have /etc/shadow for security reasons so...
Is there another way to do it?
Thanks in advance :)
I am using paramiko library to connect with a specialized environment. Its based on linux but when we SSH in it provide its own shell. We can write help to get list of all commands that are supported in that session.
I am using paramiko with python2.7 to provide a CLI client (it automates few things) that connect with the host and let us run the supported commands. Now I would like to provide tab-completion in the client CLI. I am not sure how this can be done. I am thinking there would be some support or some specialize character that can be send to get back response but I am not sure how it can be accomplished.
I am hoping to avoid sending help command, parse the list of commands supported, and then provide a local tab-completion based on list of command. I want a more generic and dynamic solution.
Any or all ideas are welcome.
You can try simulating the partial input and the Tab key press and parsing the results, undoing the simulated input afterwards. But that is not a good idea. You will have to end up re-implementing terminal emulation, what is an insane task. Without a full terminal implementation, you can never be sure that you never get an output that you won't be able to parse.
The shell is a black box with input and output. It should only be used as such. You should never try to "understand" its output.
Using the help command is a way more reliable solution.
My question is similar to this question, but i didn't get my answer.
I am trying to design a judge.
The users of the online judge system submit their source code, then
the server program compiles and runs it. So the server program must
keep the server safe.
And there are a lot of things a user can use to make changes to the server.
How can i change the permission of a program? So that compiled code won't be able to do anything except printing something!
P.S: searching for suspicioius words is not a good idea. For instance, The user can use the following command instead of word system in C++:
#define glue(a,b) a ## b
glue(sys,tem) ("rm *"); //DO NOT RUN THIS CODE
So actually user used the following code without using the word system:
system ("rm *"); //DO NOT RUN THIS CODE
The are two options for you: the one you are currently looking into - trying to make your compiler, aka the server process that runs the user provided source code detect "exploits". And that might be hard. If you allow users to send you c++ source code, there is a lot of things that become possible. I guess you would need some real c++ gurus in order to get that solution even "half way secure".
So, option two: you have to run that user-provided input within some sort of sandbox. Examples could be:
A docker container (but for sure: a non-privileged container; run by a user, not root)
A virtual machine
If you are serious about what you are doing, you would probably focus on option 2 first (because that gives you a lot of benefit, at medium cost); but you definitely want to look into option 1, too (because one could learn from that a lot).
You can run them in a chroot jail, with user id set to nobody or some nonce account if nobody actually can do something significant. (You can use su or sudo for this.) Or even in their own VM. Pipe the output into a file, and read it from your judge program.
I have an expect script in which I am currently looking for multiple prompt types and sending commands in response. I am aware of regular expression matching using "-re" but I'd like to know of the correct way to achieve this.
For example, I have these prompt types:
[user#hostname ~]#
user#hostname --->
/ >
-bash-3.00$
cli>
Is this the correct/sufficient expression to detect all the above?
set multiPrompt "(%|#|cli\>|\$|\-\-\-\>)"
expect -re $multiPrompt
send "$someCommand\r"
Also, I have a list of commands, some of them cause the prompt to change after they are executed on the remote system. Due to the change in prompt, the remaining commands are not getting sent because my expect script is unable to detect the change and perform the send action.
What I'm trying to do is create a pool of possible prompts, so that my expect script sends the commands across without missing any of them. Is my approach correct?
While using a regular expression to detect the prompts is the right thing, choosing a good one is tricky when you've got such a wide range of possibilities. For example, I bet that this RE would work:
set multiPrompt {[#>$] }
(It just detects the end of the prompt, and ignores all the stuff before it. There's virtually always a space at the end of the prompt, used to visually separate what users type from the prompt.)
However, the problem is that this RE is fairly likely to match other things. You might instead be better off changing the prompt to a known-and-unique value (typically by setting the PS1 environment variable on the remote device) so that you get reliable detection. Mind you, that's only suitable when you're not exposing the prompts back to users, which is true for some uses of expect and not others…
I know it's an old thread, but for anyone searching on this I hope this helps. I am a UNIX sysadmin and have a handful of expect scripts my program calls on for various admin functions. This is the one solution I found that works in all my use cases:
set prompt "(%|#|>|\\$ )"
set prompt [string trim $prompt]
The [string trim $prompt] handles the scenarios where some prompts have a space before the input and some don't by trimming off the space when it looks at the prompt. Example: "password:" vs. "password: "
I need to programmely switch the current user to another,then the followed code should be executed in the environment(such as path,authority..) of another user.
I've find the 'chroot()','setuid()' may be associated with my case, but these functions need the root authority, I don't have root authority, but I have the password of the second user. what should I do?
I have tried shell "su - " can switch current user, can this command help me in my C++ code?
Don't laugh at me if my question is very stupid, I'm a true freshman on linux. :)
Thanks!
when clients connect to the server,
the server transfer the data what they
need,but the precondition is the
correct username and password.
If your primary requirement is to authenticate, then try man pam. There are also some libraries allowing to auth over LDAP. Unfortunately I have no personal experience implementing neither.
Otherwise, recreating complete user environment is unreliable and error prone. Imaging a typo or endless loop but in user's ~/.profile.
I haven't done that for some time, but I would also have tried to dig in direction of "su", figuring out user shell (from /etc/passwd) and trying to exec() it as if it was a login shell (with "-"). But after that you would need somehow to communicate a command for execution to it and that's a problem: shells run differently in batch more and in interactive mode. As a possible hack, expect (man expect) comes to mind, but it is still IMO too unreliable.
I have in past used ssh under expect (to input the password), but it was breaking on customized user profiles every other time. With expect, to send a command, one has to recognize somehow that shell has finished initialization (execution of profile and rc files). But since many people customize the shell prompt and their profile/rc files print extra info, it was quite often that expect was recognizing shell prompt too soon.
BTW, depending on number of users, one can try a setup where users manually start the server under their own account. The server would have access only to the information which is only accessible to the user.
You can use the system function to execute shell commands on the operating system.
You could take a look at the source code of the login command, or you could try using the exec()-family functions to call on login.
EDIT: Seems like you will need root access in any case.
Is setuid what you're looking for?
I think the key point here is that you can't change the user of the running process (easily). All the programs like 'su' are effectively starting a new process as the specified user.
Therefore, in your design I would recommend seperating off the functionality that needs to be done into a different executable and then investigate using execve() to start it.