#!/bin/sh
#
# This script runs every day, trying to crack passwords, and then calls
# mailer to warn the users (and maybe also root) about that.

JOHNDIR=/usr/sbin
PASSWD=/etc/passwd
SHADOW=/etc/shadow

PASSFILE=`grep -e "[ ]*passfile[ ]*=[ ]*" /etc/john-mail.conf |
          sed -e "s/#.*//" -e "s/.*=[ ]*//"`

if [ -z $PASSFILE ]; then
       mail -s "John cronjob is not configured yet!" root <<EOF
John was set up to run every day, but it needs you to specify a
temporary file, with a "passfile=" line in /etc/john-mail.conf.

Thank you,

John the Ripper, an automated password cracking tool.
EOF
       exit 0
fi

TMPFILE=`mktemp $PASSFILE.XXXXXX` || exit 1

chmod og-rwx $TMPFILE


if [ -f $SHADOW ]; then
       $JOHNDIR/unshadow $PASSWD $SHADOW >> $TMPFILE
else
       cat $PASSWD >> $TMPFILE
fi


if [ ! -f /var/lock/john ]; then
       touch /var/lock/john
       $JOHNDIR/john -single $TMPFILE
       rm -f /var/lock/john
       $JOHNDIR/mailer $TMPFILE
       rm -f $TMPFILE
else
       mail -s "John is running" root <<EOF
John is running at $HOSTNAME -- either the cronjob lasted too long,
or someone else is running john.
EOF
fi
