Jump to content

Two Factor Auth


snoj

Recommended Posts

If I've got the wrong place, I'm so sorry ahead of time!

A week or so ago I was watching Hak5 1106 and I wondered why the guys didn't use an encrypted volume or loop device to provide an update-able shadow file. So I hacked what I call DrinkAllTheMilk together on and off in the days since then.

I'd really like to know what you all think. I'm fairly new to using Linux as a primary OS as well as scripting/programming specifically for it. I wrote the majority of it in PHP as I am most familiar with the language and wasn't wanting to learn Perl specifically at this time. Since I based this off KillAllTheHumans, a lot of the code is lifted or heavily influence by int0x80 and godsflaw.

The approach I took to do this was two fold. The first part is a service written in php to listen for signals and then does and undoes the shadow stuff depending on that signal. The second part is a script that is executed from udev that takes care of the thumb drive mounting and unmounting and signaling the php service for further action. These probably could be combined into one udev executed script. At the time, I figured it would be faster for udev execution to split these tasks out. This was especially true when I was matching against the usb subsystem instead of kernal sd* in udev and needed more time to figure out what to do.

Thank you!

Source: https://github.com/snoj/DrinkAllTheMilk

[edit] Some spelling corrections and readability.

Edited by snoj
Link to comment
Share on other sites

Very cool! Encrypted volume was not an idea I had considered. That's awesome :D

Today has been a long day and I still have lots to do, so give me some time to look through the code in the next few days and then I can adequately contribute to the thread :]

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...