?
Solved

How can check login(give any login user and password) successfully or not through programmer by python?

Posted on 2003-03-30
15
Medium Priority
?
267 Views
Last Modified: 2010-04-21
give any user and password, How can I check whether the user can login to the system or not.
in another word, How can I check the user and password is the system user and the password is correct.

best regards!
wait for your answer.
0
Comment
Question by:lakeryu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +4
15 Comments
 
LVL 7

Expert Comment

by:glassd
ID: 8237059
Not sure I quite understand.

If you know the user and password, and you are already logged in, you can try changing user with the command:

su <username>

You will then be prompted for the password. If this works then revert back to the original user:

exit

and try changing user again with:

su - <username>

The '-' will cause the login scripts (.profile, .login, .cshrc and/or .bashrc) to be read, as they would be if you logged in as that user.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 8237168
import posix
posix.system("su -c user 'pwd'")
0
 
LVL 2

Expert Comment

by:GP1628
ID: 8239800
Only by logging in as far as I know.

If you want something automatic you could use one of the "auto-login" scripts used for automating FTP uploads and just use the part that logs in.

Gandalf  Parker

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:lakeryu
ID: 8243656
I mean that in web login page, I know username and password
how can I check the username and password is vaild or not?

wait for your answer, thanks!
0
 
LVL 7

Expert Comment

by:glassd
ID: 8243710
Are you dealing with the user names and passwords in the /etc/passwd file. Are you running any scripting languages (like PHP).

It should be possible to take the username from the login screen and find the password encryption from the passwd file. Then take the password entered on the login screen, encrypt it and check it against the known encryption.

I have done this on Solaris but not with MD5 encrytion. The method I used to encrypt the password was to write a bit of C code to call the crypt() function. There must be a similar function on Linux for MD5 encryption.
0
 

Author Comment

by:lakeryu
ID: 8243760
No, the username and password is input by user, and I  write it with python.
0
 
LVL 2

Accepted Solution

by:
bkrahmer earned 200 total points
ID: 8243906
I believe the PAM API will do what you want.  There is something like pam_authenticate().  Here is a link to a python library even:  http://www.pangalactic.org/PyPAM/

brian
0
 
LVL 2

Expert Comment

by:GP1628
ID: 8245589
Im still confused.

(A) You want to make sure the login and password they give you works on an account which already exists on that machine?

or

(B) you want to check and see if what they gave you COULD work as a login and password. Not too short, not too long, no bad characters in it.

Gandalf  Parker
0
 

Author Comment

by:lakeryu
ID: 8250289
I think it is A. not B
0
 
LVL 2

Expert Comment

by:GP1628
ID: 8250983
OK, the only way I know of to do that would be to "become" that user and login. Some of the responses already given will do that. It will take a CGI of some sort since I dont think there is a way to do it in html.
I take it for granted this is some sort of linux or unix machine that the webpage is on?

For example the reference to PAM is the only one which might actually just check, but its for Python. There may be one for whatever language you use for the CGI.

The FTP one I mentioned would let you login as the user and check to see if it let you, then just log back out.

The su method mentioned does pretty much the same thing by logging in as the user just long enough to do one command, the pwd command to see what directory its in.

Gandalf  Parker
0
 
LVL 2

Expert Comment

by:bkrahmer
ID: 8251087
Gandalf, please re-read the title of this question, and the question itself once again....   Good, now you will see that I have posted the optimal solution....

brian
0
 
LVL 2

Expert Comment

by:GP1628
ID: 8251315
Yes I did miss the Python reference. The title is cutoff when viewing the list of questions. I thought more clarification was needed.

Your response does appear to be the most specific to the question.

Gandalf  Parker
0
 
LVL 3

Expert Comment

by:dileepan_k
ID: 8278530
'getpwname' can be used to get the system password in the encrypted format. Using the 'crypt' API the password can be encrypted and compared with the above. Both are 'C' APIs. This as a standalone program, should have setuid set (s bit) for super user privilage.
0
 
LVL 20

Expert Comment

by:jmcg
ID: 10225249
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: bkrahmer {http:#8243906}

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

jmcg
EE Cleanup Volunteer
0

Featured Post

Learn by Doing. Anytime. Anywhere.

Do you like to learn by doing?
Our labs and exercises give you the chance to do just that: Learn by performing actions on real environments.

Hands-on, scenario-based labs give you experience on real environments provided by us so you don't have to worry about breaking anything.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever been frustrated by having to click seven times in order to retrieve a small bit of information from the web, always the same seven clicks, scrolling down and down until you reach your target? When you know the benefits of the command l…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question