漏洞描述
The system did not enforce password complexity policies. This allowed weak passwords to be used, increasing the risk of unauthorized access through brute-force or dictionary attacks.
weak-password-complexity: Linux Password Complexity Not Enforced
PoC代码[已公开]
id: weak-password-complexity
info:
name: Linux Password Complexity Not Enforced
author: songyaeji
severity: high
description: |
The system did not enforce password complexity policies. This allowed weak passwords to be used, increasing the risk of unauthorized access through brute-force or dictionary attacks.
reference:
- https://isms.kisa.or.kr/main/csap/notice/
metadata:
verified: true
tags: linux,local,audit,kisa,compliance,local
self-contained: true
code:
- engine:
- sh
- bash
source: |
cat /etc/security/pwquality.conf 2>/dev/null || true
- engine:
- sh
- bash
source: |
grep pam_pwquality.so /etc/pam.d/system-auth /etc/pam.d/common-password 2>/dev/null || true
matchers:
- type: regex
part: code_1_response
name: password-quality
regex:
- 'minlen\s*=\s*[0-7]' # Password length < 8 characters
- 'dcredit\s*=\s*0' # No digit requirement
- 'ucredit\s*=\s*0' # No uppercase requirement
- 'lcredit\s*=\s*0' # No lowercase requirement
- 'ocredit\s*=\s*0' # No special character requirement
condition: or
- type: word
part: code_2_response
name: pam
words:
- "pam_pwquality.so"
- type: word
part: code_2_response
words:
- "enforce_for_root"
negative: true
# digest: 4a0a00473045022100c590d02bcda1018fc91528e71c3697ea8aa7d605e1b2980e9c67a4f1e0ed51fb0220494670f4487078a52c1fae89b39bdca73a6055d5bae5f7049afce07cda8c6ff8:922c64590222798bb761d5b6d8e72950