Skip to content

sec_handover is a program that tries to handover a password to a program in a secure way.

License

Notifications You must be signed in to change notification settings

dead-end/sec_handover

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

sec_handover

Description

sec_handover is a program that tries to handover a password to a program in a secure way. This is best explained with an example.

Example

Assume you have the shell script /tmp/example.sh, that requires a password and you do not what the store the password unencrypted in the filesystem. The password can be read from stdin like the following example:

#!/bin/bash

echo "SHELL Called with: $*"
read -sp "SHELL Password: " password

sleep 10

echo "SHELL Found password: $password"
exit 0

You can create a configuration file called /tmp/example.sign, which contains the command, including the args (in this case arg1 and arg2)and a list of files, which the command is based of. All files have to be given with absolut paths.

[cmd]
/bin/bash /tmp/example.sh arg1 arg2

[hash]
/bin/bash
/tmp/example.sh

Now you can sign the file /tmp/example.sign with the following command. At this point you are asked for the password, you want to hand over to the script. The result is stored in an output file, here called /tmp/example.launch.

./sec_handover -s /tmp/example.sign -o /tmp/example.launch
Enter password:
Reenter password:

The output or launch file /tmp/example.launch is an encrypted file. The unencrypted content of the file looks like the following. It contains the origional command including the arguments. For each file in the "hash" list an hmac is computed. With the hmacs manipulations on the files can be detected. The last thing is the password from the sign call.

[cmd]
/bin/bash /tmp/example.sh arg1 arg2
[hash]
21a1ec01b71db95338ba88da2ffcd64f34e174e6f765ee65b3903a1a7e1223bb1d9fa8d08f540d62c619b3372511e2a1d92b9164a61e6cafaa4aa66216be5781=/bin/bash
03c42c9417b11af7b960027028c78ac96251e30b669ec474aff335555d18a05ac0663e788153360230eca44e88987836ede40bdaadf0a364651b835d0a68b1d0=/tmp/example.sh
[password]
changeit

Now you can call the sec_handover with the launch file, which starts the shell script and hands over the password.

./sec_handover -l /tmp/example.launch
SHELL Called with: arg1 arg2
SHELL Found password: changeit

Installation

The program is currrently bound to linux operating systems, because it uses the system call ptrace to avoid debuging. It requires the lib libgcrypt for encryption (https://www.gnupg.org/related_software/libgcrypt/). To build the program simply call:

make
make secure

The first call builds the program. During the build process an AES key is created and compiled into the program. The source files of the key are removed in the second step.

Docker example for centos

The docker directory contains a docker file. The docker file is a working description, which shows how to install libgcrypt on centos with form its sources. It shows how to build sec_handover with this installation and how to compile sec_handover statically.

TODO's

  • Allow dynamic arguments on the launch call like ./sec_handover -l /tmp/example.launch arg3 arg4
  • Consider environment variables.
  • Allow a switch user to a user for the execv call.

About

sec_handover is a program that tries to handover a password to a program in a secure way.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published