RE: WTMP file

From: Odhner, Christian (Christian.Odhner_at_netapp.com)
Date: 11/05/03

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: WTMP file" 
    Date: Wed, 5 Nov 2003 14:35:58 -0800
To: "BORJA RUIZ CASTRO MORON" <padre@fedro.ugr.es>, <vuln-dev@securityfocus.com>

    Are you maybe testing on a system that has wtmpx, like solaris?

    -Chris

    -----Original Message-----
    From: BORJA RUIZ CASTRO MORON [mailto:padre@fedro.ugr.es]
    Sent: Wednesday, November 05, 2003 8:59 AM
    To: vuln-dev@securityfocus.com
    Subject: WTMP file

    Hi! I´m coding an aplication for remove user entries in WTMP.
    I think the code is OK,but it does not work! :P
    Could somebody take a look please?

    Thanks a lot! :D

     ----------------------------------------------
    #include <stdio.h>
    #include <fcntl.h>
    #include <pwd.h>
    #include <unistd.h>
    #include <utmp.h>
    #include <sys/time.h>

    #define WTMP "/var/log/wtmp"

    int main (int argc, char **argv){

    int fd;

    struct passwd *acceso;
    struct utmp rosita;
    setutent();

    if (argc<2) {
     printf("Usage: %s <user>\n",argv[0]);
     exit(-1);
     }
    if((fd=open(WTMP,O_WRONLY))<0) {
     printf("\nFile not found.\n\n");
     exit(-1);
     }

    if ((acceso=getpwnam(argv[1]))==NULL) {
     printf("\nUnknow user :P\n\n");
     exit(-1);
     }

    // Our info

    rosita.ut_type=DEAD_PROCESS;
    memset(rosita.ut_line,0,UT_LINESIZE);
    memset(rosita.ut_user,0,UT_NAMESIZE);
    memset(rosita.ut_host,0,UT_HOSTSIZE);
    rosita.ut_time=0;

    while((acceso=getpwent())!=NULL) {

    lseek(fd,sizeof(struct utmp)*acceso->pw_uid,SEEK_SET);
    pututline(&rosita);
    }

    endutent();

    close(fd);
    return(0);
    }

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: WTMP file"