Unverified Commit bf6bb5da authored by UltimateByte's avatar UltimateByte Committed by GitHub
Browse files

Various improvements

parent cc8081ba
......@@ -86,10 +86,6 @@ fi
# Check for passwords being domain name, example domain@domain.tld has domain as a password
fn_check_password_domain(){
if [ "${check_password_domain}" == "on" ]; then
maildomain="$(echo "${mailaddress}" | awk -F "@" '{print $2}')"
maildomainonly="$(echo "${maildomain}" | awk -F "." '{print $1}')"
mailext="$(echo "${maildomain}" | awk -F "." '{print $2}')"
maildomainext="${maildomainonly}${mailext}"
if [ "${mailpassword}" == "${maildomain}" ]||[ "${mailpassword}" == "${maildomainonly}" ]||[ "${mailpassword}" == "${maildomainext}" ]; then
test="fail"
reason="Password is domain name"
......@@ -104,7 +100,7 @@ fi
fn_check_password_simple(){
if [ "${check_password_simple}" == "on" ]; then
mailname="$(echo "${mailaddress}" | awk -F "@" '{print $1}')"
easypasswordslist=( "azerty" "qwerty" "hello" "salut" "azerty123" "qwerty123" "baseball" "dragon" "football" "monkey" "letmein" "111111" "mustang" "access" "shadow" "master" "superman" "696969" "123123" "batman" "trustno1" "1234" "12345" "123456" "1234567" "12345678" "123456789" "2017" "cacao" "banane" "fraise" "framboise" "bepo" "admin" "password" "motdepasse" "pompidou" "macron" "chirac" "1789" "asterix" "obelix" "tintin" "hobbit" "freudon" "wordpress" "joomla" )
easypasswordslist=( "azerty" "qwerty" "hello" "salut" "azerty123" "qwertyuiop" "azertyuiop" "google" "haisoft" "yahoo" "facebook" "microsoft" "qwerty123" "soleil" "mirage" "baseball" "dragon" "football" "monkey" "letmein" "111111" "mustang" "access" "shadow" "master" "superman" "696969" "123123" "batman" "trustno1" "1234" "12345" "123456" "1234567" "12345678" "123456789" "2017" "cacao" "banane" "fraise" "framboise" "bepo" "admin" "password" "motdepasse" "pompidou" "macron" "chirac" "1789" "asterix" "obelix" "tintin" "hobbit" "freudon" "wordpress" "joomla" )
if [[ "${easypasswordslist[@]}" =~ "${mailpassword}" ]]; then
test="fail"
reason="Password is too easy"
......@@ -141,40 +137,54 @@ fn_check_password_global(){
if [ -n "${reasons}" ]; then
error+=("[NOT SECURE] | ${mailaddress} | ${mailpassword} | ${reasons}")
unsecuredcount=$((unsecuredcount+1))
# List domain as problematic
if [[ ! ${unsecureddomains[@]} =~ "${maildomain}" ]]; then
unsecureddomains+=( "${maildomain}" )
unsecureddomainscount=$((unsecureddomains+1))
fi
fi
}
# Actually check for bad passwords
unsecuredcount=0
if [ -f "check_auth.txt" ]; then
echo ""
fn_echo "Testing mail addresses..."
echo ""
totalmailaddresses=0
unsecuredcount=0
unsecureddomainscount=0
# Loop through all mail address
while read -r line ; do
totalmailaddresses=$((totalmailaddresses+1))
# Get mail address and password into variables
mailaddress="$(echo "${line}" | awk '{print $2}')"
mailpassword="$(echo "${line}" | awk -F "|" '{print $4}' | awk '{print $1}')"
maildomain="$(echo "${mailaddress}" | awk -F "@" '{print $2}')"
maildomainonly="$(echo "${maildomain}" | awk -F "." '{print $1}')"
mailext="$(echo "${maildomain}" | awk -F "." '{print $2}')"
maildomainext="${maildomainonly}${mailext}"
echo -en "\e[1A"
echo -e "\r\e[0K ${totalmailaddresses} - ${mailaddress}"
fn_check_password_global
done < <(cat check_auth.txt)
fi
echo ""
echo ""
# Display unsecured mail addresses
fn_logecho "Unsecured email addresses:"
for ((index=0; index < ${#error[@]}; index++)); do
echo -en "${error[index]}\n"
done
for ((index=0; index < ${#unsecureddomains[@]}; index++)); do
fn_logecho "Unsecured domain: ${unsecureddomains[index]}"
done
if [ -f "check_auth.txt" ];then
rm -f check_auth.txt
fi
fn_logecho "Total addresses: ${totalmailaddresses}"
fn_logecho "Unsecured addresses: ${unsecuredcount}"
fn_logecho "Unsecured addresses: ${unsecuredcount}"
fn_logecho "Unsecured domains: ${unsecureddomainscount}"
fn_duration
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment