Email Sanity Check

255 views
Skip to first unread message

Mustafa Qasim

unread,
Feb 16, 2015, 7:13:47 AM2/16/15
to securit...@googlegroups.com
Hi,

The Setup script which is used to configure SO tools Snorby, Sguill, Bro etc. doesn't sanity check the email address it takes for Snorby login. I had a typo at that point ( typed .com] ) and was locked out of Snorby until I looked at the actual email address stored in the database via ROR console.

It would be if it checks for a proper formated email address.

Thanks
------
Mustafa Qasim
GREM, GCFE


Doug Burks

unread,
Feb 16, 2015, 10:01:52 AM2/16/15
to securit...@googlegroups.com
Hi Mustafa,

/usr/bin/sosetup does some light sanity checking of the email address:

        # Ask for email address for Snorby
        EMAIL_CONFIRMED="no"
        while [ $EMAIL_CONFIRMED = "no" ]; do
                TEXT="What is your email address?\r\rThis will be used when logging into Snorby."
                SNORBY_EMAIL=`zenity --title="$TITLE" --text="$TEXT" --entry`
                [ x$SNORBY_EMAIL = "x" ] && exit
                if [[ "$SNORBY_EMAIL" != *?"@"?*.?* ]] ; then
                        zenity --error --text="Invalid email address\! \r \
\r \
Please ensure your email address is of the form: \r \
                else
                        EMAIL_CONFIRMED="yes"
                fi
        done

Patches are always welcome!  :)



--
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To post to this group, send email to securit...@googlegroups.com.
Visit this group at http://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.



--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com

Mustafa Qasim

unread,
Feb 17, 2015, 12:09:15 PM2/17/15
to securit...@googlegroups.com
Dough,

This if condition patch with fix the issue I encountered

 if [[ "$SNORBY_EMAIL" != *?"@"?*.?*[[:alpha:]] ]] ; then

it will make sure the email address doesn't end with ] { ≈ or similar typos.

Thanks

------
Mustafa Qasim
GREM, GCFE



Doug Burks

unread,
Feb 18, 2015, 9:40:50 AM2/18/15
to securit...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages