发信人: cinc(Commander)
整理人: hackerbay(2002-09-06 16:48:52), 站内信件
|
以前写的通过 web 修改系统邮件用户(/etc/master.passwd) 的一个 cgi 程序:
如果你使用系统用户作为邮件用户,应该用的着。:)
apache owner: nobody.nogroup
Installation
-----------------------------------------------------------------------------
login as root
修改 Showform() 函数中的 单位名称和域名
#cc -lcrypt -o chgpwd chgpwd.c
#cp chgpwd /path/to/cgi-bin/
#cd /path/to/cgi-bin/
#chown root.nogroup chgpwd (所有者和权限的设置有些忘记了,好像是这样的)
#chmod 4550 chgpwd
#ls -l chgpwd
-r-sr-x--- 1 root nogroup 7408 Aug 14 22:50 chgpwd
# 浏览 http://mail.mydomain.com/cgi-bin/chgpwd 测试
-----------------------------------------------------------------------------
chgpwd.c
-----------------------------------------------------------------------------
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <pwd.h>
void Showform();
char* GetParameter(char* name , char* querystring);
int main(){
struct passwd * account;
char* querystring;
char* username;
char* oldpwd;
char* newpwd1;
char* newpwd2;
char command[100];
int length;
char * ptr;
printf ("Content-type:text/html\n\n");
ptr = getenv("CONTENT_LENGTH");
if (!ptr ){
Showform();
}else{ // Perform Input
length = atoi(ptr);
querystring = (char*) malloc (length+1);
fread (querystring , sizeof(char),length,stdin);
// Parse Parameter
username = GetParameter("username" ,querystring);
oldpwd = GetParameter("oldpwd" ,querystring);
newpwd1 = GetParameter("newpwd1" ,querystring);
newpwd2 = GetParameter("newpwd2" ,querystring);
if (strcmp(username,"root")==0){
Showform(4);
exit(4);
}
// printf ("%s:%s:%s:%s",username,oldpwd,newpwd1,newpwd2);
// Check Validity
setuid(0);
// Check username , password
while (account=getpwent()){
// Find this User
if (strcmp(username,account->pw_name)==0){
// Found
// printf ("%s",crypt(oldpwd,account->pw_passwd));
// Username Password can't login
if (strcmp(account->pw_passwd,crypt(oldpwd,account->pw_passwd))!=0){
Showform (1);
exit(1);
}
// Two New Password Not Match
if (strcmp(newpwd1,newpwd2) !=0){
Showform (2);
exit(2);
}
// New Password too Short
if (strlen(newpwd1) < 4 ){
Showform (3);
exit(3);
}
// Start Modify
strcpy (command , "chpass -p '");
strcat (command , crypt(newpwd1,account->pw_passwd));
strcat (command , "' ");
strcat (command , username);
// printf ("Command:%s",command);
system (command);
Showform(0);
}
}
}
return 0;
}
void Showform(int errorcode){
printf ("<Html>
<Title>Change Password</Title>
<Body>
修改邮箱密码:某某单位\n
<form Method=post>\n
用户帐号:<Input type=text name=username>@mydomain.com<p>\n
旧的密码:<Input type=password name=oldpwd><p>\n
新的密码:<Input type=password name=newpwd1><p>\n
再次输入:<Input type=password name=newpwd2><p>\n
<Input type=submit name=submit value=确认><p>\n
</form>\n");
switch (errorcode){
case 0 : printf ("修改成功") ; break;
case 1 : printf ("用户名和旧密码无法登录"); break;
case 2 : printf ("新密码两次输入不符"); break;
case 3 : printf ("密码长度必须大于3"); break;
case 4 : printf ("不能修改root的密码"); break;
}
printf ("</Body></Html>");
}
char* GetParameter(char* name , char* querystring){
char string[200];
char* start,end;
char* parameter;
int i=0;
parameter = (char*)malloc(20);
strcpy (string , querystring);
strcat (string,"&");
start = strstr (querystring,name);
start += strlen(name)+1;
while ((*start) != '&'){
parameter [i++]=*start;
start++;
}
parameter[i]='\0';
return parameter;
}
-----------------------------------------------------------------------------
---- 前途是光明的
道路是曲折的
|
|