Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: WTMP file

From: Dan Yefimov <dan () D00M integrate com ru>
Date: Thu, 6 Nov 2003 18:34:13 +0300 (MSK)
On Wed, 5 Nov 2003, BORJA RUIZ CASTRO MORON wrote:


Hi! I╢m coding an aplication for remove user entries in WTMP.
I think the code is OK,but it does not work! :P
Could somebody take a look please? 

Thanks a lot! :D 


 ----------------------------------------------
#include <stdio.h>
#include <fcntl.h>
#include <pwd.h>
#include <unistd.h>
#include <utmp.h>
#include <sys/time.h> 

#define WTMP "/var/log/wtmp" 

int main (int argc, char **argv){ 

int fd; 

struct passwd *acceso;
struct utmp rosita;
setutent(); 

if (argc<2) {
 printf("Usage: %s <user>\n",argv[0]);
 exit(-1);
 }
if((fd=open(WTMP,O_WRONLY))<0) {
 printf("\nFile not found.\n\n");
 exit(-1);
 } 

if ((acceso=getpwnam(argv[1]))==NULL) {
 printf("\nUnknow user :P\n\n");
 exit(-1);
 } 

// Our info 

rosita.ut_type=DEAD_PROCESS;
memset(rosita.ut_line,0,UT_LINESIZE);
memset(rosita.ut_user,0,UT_NAMESIZE);
memset(rosita.ut_host,0,UT_HOSTSIZE);
rosita.ut_time=0; 

while((acceso=getpwent())!=NULL) { 

lseek(fd,sizeof(struct utmp)*acceso->pw_uid,SEEK_SET);
pututline(&rosita);
} 

endutent(); 

close(fd);
return(0);
} 



It won't work because utmp/wtmp files aren't ordered by uid. For this program to 
work you should scan utmp file for records related to the given uid.
-- 

    Sincerely Your, Dan.
Previous By Date Next
Previous By Thread Next

Current thread: