Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

please help to fix this base64 decoding script

Posted on 2004-08-23
7
Medium Priority
?
621 Views
Last Modified: 2010-08-05
I have a ldap liff file which I experted from our mail servers database and I wish to run this against a password cracker called Lumberjack to make sure everyone is using secure passwords. I need to enter the system admin password to export this file anyway so I am not bypassing security in any way.

My ldif file has the passwords base64 encoded and the author made the following perl script available via their website at http://www.phenoelit.de/lj/

#!/usr/bin/perl -w

use MIME::Base64;

die "supply file name\n" unless ($file=shift);

die "could not open file\n" unless (open(FD_IN,$file));
while () {
      if ((/^\r/)||(/^\r\n/)) { print "---\n"; }
      if (/dn:+\s+(.+)$/) { print "DN: ".$1."\n"; }
      if (/cn:+\s+(.+)$/) {
            $cnu=decode_base64($1);
            print "CN: ".$cnu."\n";
      }
      if (/userpassword:+\s+(.+)$/i) {
            $pwu=decode_base64($1);
            print "Password: ".$pwu."\n";
      }
}
close FD_IN;

The problem is that whenever I run it against the file I get loads of these errors and the program just appears to go round in an endless loop.

Use of uninitialized value in pattern match (m//) at ./decodeldif line 9.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 9.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 10.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 11.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 15.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 9.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 9.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 10.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 11.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 15.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 9.
Use of uninitialized value in pattern match (m//) at ./decodeldif line 9.

Thanks
0
Comment
Question by:grblades
  • 4
  • 3
7 Comments
 
LVL 18

Expert Comment

by:kandura
ID: 11871586
that's because you have an empty while condition!

It looks like you intended to write

    while(<FD_IN>) {

0
 
LVL 18

Expert Comment

by:kandura
ID: 11871612
If you want to avoid the warnings, then at least turn on strict as well.

    use strict;
    use warnings;   # you already have this through the -w switch on the first line

That will probably tell you that there are a number of variables which are not defined: $file, $cnu, $pwu.

0
 
LVL 36

Author Comment

by:grblades
ID: 11871746
Thanks. I now get the following errors :-

Global symbol "$file" requires explicit package name at ./decodeldif line 4.
Global symbol "$file" requires explicit package name at ./decodeldif line 5.
Global symbol "$cnu" requires explicit package name at ./decodeldif line 10.
Global symbol "$cnu" requires explicit package name at ./decodeldif line 11.
Global symbol "$pwu" requires explicit package name at ./decodeldif line 14.
Global symbol "$pwu" requires explicit package name at ./decodeldif line 15.
Execution of ./decodeldif aborted due to compilation errors.

New source :-

use MIME::Base64;
use strict;
die "supply file name\n" unless ($file=shift);
die "could not open file\n" unless (open(FD_IN,$file));
while (<FD_IN>) {
        if ((/^\r/)||(/^\r\n/)) { print "---\n"; }
        if (/dn:+\s+(.+)$/) { print "DN: ".$1."\n"; }
        if (/cn:+\s+(.+)$/) {
                $cnu=decode_base64($1);
                print "CN: ".$cnu."\n";
        }
        if (/userpassword:+\s+(.+)$/i) {
                $pwu=decode_base64($1);
                print "Password: ".$pwu."\n";
        }
}
close FD_IN;
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 18

Accepted Solution

by:
kandura earned 1000 total points
ID: 11871795
exactly :-)

Add a line below the "use strict" to declare your variables:

    my ($file, $cnu, $pwu);
0
 
LVL 36

Author Comment

by:grblades
ID: 11872293
Thanks it is working now. I had to comment out a bit as the usernames did not need decoding and and to do a bit of fiddling with grep and sed afterwards but it is now working great.
0
 
LVL 18

Expert Comment

by:kandura
ID: 11872386
I just checked that website, and they forgot to html encode their perl source code. The <FD_IN> was in there, but our browsers interpret that as an html tag ;)
0
 
LVL 36

Author Comment

by:grblades
ID: 11872437
:)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Microsoft Windows, if  when you click or type the name of a .pl file, you get an error "is not recognized as an internal or external command, operable program or batch file", then this means you do not have the .pl file extension associated with …
A year or so back I was asked to have a play with MongoDB; within half an hour I had downloaded (http://www.mongodb.org/downloads),  installed and started the daemon, and had a console window open. After an hour or two of playing at the command …
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question