Article 1192 of alt.bbs.waffle: Relay-Version: VMS News - V6.0-2 01/02/91 VAX/VMS V5.3; site ecl.psu.edu Path: psuecl!psuvm!ysub!usenet.ins.cwru.edu!agate!riacs!stanford.edu!apple!amdahl!birdsong!larry Newsgroups: alt.bbs.waffle Subject: Re: format of waffle password file Message-ID: From: larry@birdsong.UUCP (Lawrence T. Hardiman) Date: 3 Apr 91 05:27:43 GMT Organization: The Birdsong Company Lines: 226 Recently, someone on the alt.bbs.waffle newsgroup asked for the format of the waffle password file. Well, I had looked at it before, but had not tried to figure out each field. My curiosity over ran me. Here is the result of my attempt to reverse engineer the file.... Note: this is the MS-DOS password file. The waffle password file is a direct access file and may be accessed using fseek() and fread(). Each record in the file contains the password entry for a single user. The size of a single record is RECSIZE (0x100) bytes. The first record (record zero) in the file is a dummy record and does not conform to the format of a password record. Record zero contains the DOS EOF character (0x1A) to inhibit inspection by some programs. The file is ordered in ascending sequence on the "user" field. Each record contains 26 fields; all fields are characer strings, with each field separated by the 0x0A character. Strings are not null terminated. Fields appear in the record in the order: USER PROTOCOL GROUP ACCOUNT PASSWORD IDENTITY PHONE SHELL EDITOR RESERVED MONITOR PRIVELEGE ACCESS CALLS LAST_ON COMMENT POSTS MESSAGES VOTED UPLOAD DOWNLOAD MAIL NAME LEVEL TERMINAL NEWSCAN The field names are the names displayed in the prompts for the waffle ADMIN EDIT and ADMIN X commands. There is a maximum length for some fields in the record. That length is enforced by the ADMIN EDIT or the ADMIN X command in waffle. Other fields do not seem to have a length enforced by the ADMIN command and can be input with long strings. This produces unpredictable results and a corrupt password file! The following program, wafpwlst, reads and lists the password file. Included in the source, and not used, are field name #defines so that individual fields may be addressed by name in the array of fields from the password file record. Maximum field lengths are arbitrarily limited to 66 characters. You play with it! ----------------- cut here ----------------------- @begin(verbatim) /* * wafpwlst.c -- list the entries in the waffle password file * * syntax: wafwplst * * wafwplst reads the waffle password file and lists its fields * with field names. */ #include /* * define attributes of the waffle password file */ #define RECSIZE 0x100 #define NUMFIELDS 26 #define MAXFLDSIZE 66 char buf[RECSIZE]; /* A buffer to hold a password filerecord */ /* * An array of strings big enough to operate on each field in * the password record */ char wafpw[NUMFIELDS][MAXFLDSIZE]; /* * Waffle Password file field ordering. */ #define USER wafwp[0]; #define PROTOCOL wafwp[1]; #define GROUP wafwp[2]; #define ACCOUNT wafwp[3]; #define PASSWORD wafwp[4]; #define IDENTITY wafwp[5]; #define PHONE wafwp[6]; #define SHELL wafwp[7]; #define EDITOR wafwp[8]; #define RESERVED wafwp[9]; #define MONITOR wafwp[10]; #define PRIVELEGE wafwp[11]; #define ACCESS wafwp[12]; #define CALLS wafwp[13]; #define LAST_ON wafwp[14]; #define COMMENT wafwp[15]; #define POSTS wafwp[16]; #define MESSAGES wafwp[17]; #define VOTED wafwp[18]; #define UPLOAD wafwp[19]; #define DOWNLOAD wafwp[20]; #define MAIL wafwp[21]; #define NAME wafwp[22]; #define LEVEL wafwp[23]; #define TERMINAL wafwp[24]; #define NEWSCAN wafwp[25]; /* * names of the fields for use in displaying the records */ const char fieldname[NUMFIELDS][12] = { "User", "Protocol", "Group", "Account", "Password", "Identity", "Phone", "Shell", "Editor", "Reserved", "Monitor", "Privelege", "Access", "Calls", "Last On", "Comment", "Posts", "Messages", "Voted", "Uplaod", "Download", "Mail", "Name", "Level", "Terminal", "Newscan" }; /* End fieldname initialization */ int r, i; /* some work areas.... */ int rct = 1; /* record counter */ FILE *filea; /* to read the password file */ char *sp; /* to decompose the record in buf[] */ int main() { /* * Open the password file for read, binary */ if ( (filea = fopen("password", "rb")) == NULL) { printf("Cannot open input file\n"); exit(1); } /* * Step over dummy record zero in the file */ fseek(filea, RECSIZE, SEEK_SET); /* * for each record in the file... */ while( (r = fread(buf, 0x100, 1, filea)) == 1 ) { /* * tokenize the record in buf into null terminated strings */ for (i = 0; i < RECSIZE; i++) if ( *(buf + i) == 0x0a) *(buf + i) = 0x00; /* * copy the strings in buf[] into the array of strings */ sp = buf; for(i = 0; i < NUMFIELDS; i++) { strcpy(wafpw[i], sp); while( *(sp++) ) ; } /* * display the fields in the array of strings */ printf("\nRecord %d\n", rct++); for(i = 0; i < NUMFIELDS; i++) printf("%12s: %s\n", *(fieldname + i), *(wafpw + i) ); } /* end while */ printf("\n\nEnd of File on input\n"); return 0; } /* end main() -- wafwplst.c */ @end(verbatim) +--larry@birdsong.uucp----------------------------------------------+