File: honey.c

package info (click to toggle)
ccstools 1.7.2-20100401-3
  • links: PTS
  • area: main
  • in suites: squeeze
  • size: 984 kB
  • ctags: 1,080
  • sloc: ansic: 20,286; sh: 890; makefile: 80
file content (92 lines) | stat: -rw-r--r-- 2,256 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
 
/*
 * honey.c
 *
 * An example program for CERBERUS.
 * ( http://sourceforge.jp/projects/tomoyo/document/winf2005-en.pdf )
 *
 * Copyright (C) 2005-2009  NTT DATA CORPORATION
 *
 * Version: 1.7.0   2009/09/03
 */
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
#include <string.h>
#include <stdlib.h>
#include <termios.h>
#include <sys/types.h>
#include <pwd.h>

static const char *get_shell(void)
{
	static char *shell = NULL;
	if (!shell) {
		struct passwd *pw = getpwuid(getuid());
		shell = pw ? pw->pw_shell : "/bin/sh";
	}
	return shell;
}

#define MAX_PASSWORD_LEN  10
#define PASSWORD_LEN       7

int main(int argc, char *argv[])
{
	static struct timeval tv[MAX_PASSWORD_LEN+1];
	static int buffer[MAX_PASSWORD_LEN];
	static const long min_interval[PASSWORD_LEN] = { 1000, 1000, 100, 100,
							 100, 100, 2000 };
	static const long max_interval[PASSWORD_LEN] = { 20000, 20000, 10000,
							 10000, 5000, 5000,
							 3000 };
	static const int password[PASSWORD_LEN] = { 'l', 'c', '2', '0', '0',
						    '5', '\n' };
	struct termios tp;
	struct termios tp0;
	int i = 0;
	struct timezone tz;
	int trial;
	const char *shell = get_shell();
	tcgetattr(0, &tp0);
	tp = tp0;
	tp.c_lflag &= ~ICANON;
	tp.c_cc[VTIME] = 0;
	tp.c_cc[VMIN] = 1;
	for (trial = 0; trial < 3; trial++) {
		memset(tv, 0, sizeof(tv));
		memset(buffer, 0, sizeof(buffer));
		printf("Password: ");
		gettimeofday(&tv[0], &tz);
		tcsetattr(0, TCSANOW, &tp);
		for (i = 0; i < MAX_PASSWORD_LEN; i++) {
			buffer[i] = getc(stdin);
			gettimeofday(&tv[i+1], &tz);
			if (buffer[i] == '\n')
				break;
		}
		tcsetattr(0, TCSANOW, &tp0);
		if (i == PASSWORD_LEN - 1) {
			for (i = 0; i < PASSWORD_LEN; i++) {
				long diff = (tv[i+1].tv_sec - tv[i].tv_sec)
					* 1000
					+ (tv[i+1].tv_usec - tv[i].tv_usec)
					/ 1000;
				if (diff < min_interval[i] ||
				    diff > max_interval[i]) {
					/* printf("Wrong interval %lu <= %lu "
					   "<= %lu for %d\n", min_interval[i],
					   diff, max_interval[i], i); */
					break;
				} else if (password[i] != buffer[i]) {
					/* printf("Wrong password\n"); */
					break;
				}
			}
			if (i == PASSWORD_LEN && shell)
				execlp(shell, shell, NULL);
		}
		sleep(3);
	}
	printf("Authentication Failure\n");
	return 0;
}