Created
August 25, 2016 10:19
-
-
Save llandeilocymro/1286180bf0991e923816dc207704f5f7 to your computer and use it in GitHub Desktop.
Quick little script to rattle through a sudoers file and make recommendations
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/perl -w | |
# EDW | |
# Quick little script to rattle through a sudoers file and make recommendations | |
if ($^O eq "MSWin32") { print "Windows....really....use *nix\n"; exit; } | |
$file = "/etc/sudoers"; | |
$line="\="x50; | |
if ($#ARGV != 0) { | |
print "No paramater file supplied......"; sleep (2); | |
print "using ",$file,"\n"; sleep (5); | |
$ARGV[0] = $file; | |
} | |
open (SUDO, "$ARGV[0]") || die ("Couldnt open $ARGV[0]\n"); @sudo=<SUDO>; | |
system ("clear"); | |
print "\nAnalysis of $ARGV[0] starting.....\n\n"; | |
sleep(1); #keep the suspense going.... | |
print "$line\nThe Following Issues Have Been Identified:\n$line\n"; | |
$n = 0; | |
foreach (@sudo) { | |
chomp(); | |
$n++; | |
next if /^#/; | |
print "[+] ($n) Roots Settings - $_\n" if $_ =~ /root/i; | |
print "[+] ($n) Use of NOPASSWD - $_ \n" if $_ =~ /NOPASSWD/i; | |
print "[+] ($n) USER_ALIAS Defined - $_ \n" if $_ =~ /USER_ALIAS/i; | |
print "[+] ($n) Cmnd_Alias Defined - $_ \n" if $_ =~ /Cmnd_Alias/i; | |
print "[+] ($n) System Groups Defined - $_ \n" if $_ =~ /^\%/i; | |
} | |
print"$line\nAdvanced Checks (Common/Security Defaults)\n$line\n"; | |
@list = ("passprompt","badpass_message","passwd_tries","pssswd_timeout","timestamp_timeout","syslog","logfile","lecture","insults","mail_always","root_sudo"); | |
foreach $item (@list) { | |
@AU=grep(/$item/i, @sudo); | |
if ($#AU eq -1) { | |
print "[+] No $item Defined\n"; | |
} else { | |
print "[-] $item Defined:\n\t- @AU"; | |
}} | |
chomp ($d = `date +%H:%M:%S`); | |
print "$line\nFinished at $d - Diolch SLM!\n$line\n"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment