Tom
Tom

Reputation: 1618

BASH get salt and encrypted root password from shadow to variable

I'm looking for a way to compare the password a user enters in to a script against the root users password stored in /etc/shadow

I can do this with a perl command, but I need to get the salt and existing password from shadow to compare against.

I know I can grep /etc/shadow for root which results in a string similar to:

mal:$6$23QKDPc5E$SWlkjRWexrXYgc98F.:12825:0:90:5:30:13096:

What I'd like to do is get the salt 23QKDPc5E and password SWlkjRWexrXYgc98F. from this string to their own variables.

is there an easy way to do that ?

Only way I can think of is to split the string on $ and then split the final result on :

This will give me two arrays containing the values I need, but there must be a neater way..

Thanks

Upvotes: 1

Views: 3182

Answers (2)

AnythingIsFine
AnythingIsFine

Reputation: 1807

A similar approach as proposed in @Viktor Khilin 's answer, but by issuing only 1 command would be:

# Get the algorithm used for generating the password for user "root", first field of the hash in `/etc/shadow`
awk -F[:$] '$1 == "root" {print $3}' /etc/shadow

# Get the SALT, 2nd field of the hash in `/etc/shadow`:   
awk -F[:$] '$1 == "root" {print $4}' /etc/shadow

# get the password hash, 3rd field in `/etc/shadow`:
awk -F[:$] '$1 == "root" {print $5}' /etc/shadow

Explanation:

The hash field itself in /etc/shadow is comprised of three different fields. They are separated by '$' and represent:

  1. Some characters which represents the cryptographic hashing mechanism used to generate the actual hash
  2. A randomly generated salt to safeguard against rainbow table attacks
  3. The hash which results from joining the users password with the stored salt and running it through the hashing mechanism specified in the first field

Original source regarding /etc/shadow file format can be found here (ignore the expired HTTPS cert warning)

Upvotes: 3

sahaquiel
sahaquiel

Reputation: 1838

Using awk:

grep root /etc/shadow | awk -F'$' '{print $3}'

Output:

23QKDPc5E


grep root /etc/shadow | awk -F'$' '{print $4}' | awk -F: '{print $1}'

Output:

23QKDPc5E$SWlkjRWexrXYgc98F.

Finally code:

#!/bin/bash

# something you want here...

salt=$(grep root /etc/shadow | awk -F'$' '{print $3}')
password=$(grep root /etc/shadow | awk -F'$' '{print $4}' | awk -F: '{print $1}')
...
echo "${salt}"
echo "${password}"

Upvotes: 1

Related Questions