[Chugalug] silly perl one liner to randomize passwords

Dan Lyke danlyke at flutterby.com
Thu Mar 6 00:17:01 UTC 2014


On Wed, 05 Mar 2014 18:46:07 -0500
Rod <rod-lists at epbfi.com> wrote:
> I remember the perl script to decode dvd's. It was a popular end tag
> on emails.
> damn perl is some black magic.

Not gonna deny that Perl is some black magic, but if you format it and
unwrap the "-p":


# Reads 4x the argument count as base 64 bytes, substitutes out any
# non \w ([A-Za-z_0-9]) chars, returns the count bytes as random.

sub r
{
   $l=shift;

   # Open the filehandle "R" as the pipe of base64 encoding
   # reading from /dev/urandom

   open(R,"base64 /dev/urandom|")||die$!;
   sysread(R,$R,$l*4);
   close(R);

   $R=~s/[^\w]//g;
   substr($R,0,$l)

   # return is assumed. People doing this in my code will be thrashed.
}


# '-p' puts an assumed
#     while (<>) { ... print $_; }
# around your '-e' argument. 'while (<>)' is shorthand for
# 'while we can read a line from the file into $_'

while (<>)
{
  # Split the passwd line into an array based on ':' as a separator
  @P=split/:/;

  # If the password field [1] is '$6'
  if($P[1]=~/\$6/)
  {
     # $s is 8 random bytes, $p is 16 random bytes
     $s=&r(8);
     $p=&r(16);

     # Replace the password with $p, salted with $r

     $P[1]=crypt($p,"\$6\$$s");

     # rebuild the new password line
     $_=join(":", at P);
  }
  print $_;
}


See? Nothin' to it.

Dan


More information about the Chugalug mailing list