Vulnerability Development mailing list archives
Re: WTMP file
From: Dan Yefimov <dan () D00M integrate com ru>
Date: Thu, 6 Nov 2003 18:34:13 +0300 (MSK)
On Wed, 5 Nov 2003, BORJA RUIZ CASTRO MORON wrote:
Hi! I╢m coding an aplication for remove user entries in WTMP. I think the code is OK,but it does not work! :P Could somebody take a look please? Thanks a lot! :D ---------------------------------------------- #include <stdio.h> #include <fcntl.h> #include <pwd.h> #include <unistd.h> #include <utmp.h> #include <sys/time.h> #define WTMP "/var/log/wtmp" int main (int argc, char **argv){ int fd; struct passwd *acceso; struct utmp rosita; setutent(); if (argc<2) { printf("Usage: %s <user>\n",argv[0]); exit(-1); } if((fd=open(WTMP,O_WRONLY))<0) { printf("\nFile not found.\n\n"); exit(-1); } if ((acceso=getpwnam(argv[1]))==NULL) { printf("\nUnknow user :P\n\n"); exit(-1); } // Our info rosita.ut_type=DEAD_PROCESS; memset(rosita.ut_line,0,UT_LINESIZE); memset(rosita.ut_user,0,UT_NAMESIZE); memset(rosita.ut_host,0,UT_HOSTSIZE); rosita.ut_time=0; while((acceso=getpwent())!=NULL) { lseek(fd,sizeof(struct utmp)*acceso->pw_uid,SEEK_SET); pututline(&rosita); } endutent(); close(fd); return(0); }
It won't work because utmp/wtmp files aren't ordered by uid. For this program to work you should scan utmp file for records related to the given uid. -- Sincerely Your, Dan.
Current thread:
- WTMP file BORJA RUIZ CASTRO MORON (Nov 05)
- Re: WTMP file Valdis . Kletnieks (Nov 06)
- Re: WTMP file Dan Yefimov (Nov 06)
- <Possible follow-ups>
- RE: WTMP file Odhner, Christian (Nov 06)