From 666a1c42cddd1687ea6978a91986e8e2cd009e55 Mon Sep 17 00:00:00 2001
From: AlexClineBB <alex.cline@brandingbrand.com>
Date: Wed, 31 May 2017 11:21:31 -0400
Subject: [PATCH] Match the entire username when running check12

When a password-enabled user with a short name (e.g. "bc") is matched against
another user whose username contains the first (e.g. "abcd"), check12 would
erroneously display the second user "abcd" as having a password and no MFA.

This change ensures that grep matches the whole word.
---
 prowler | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prowler b/prowler
index cbb9bf37..0babb90b 100755
--- a/prowler
+++ b/prowler
@@ -269,7 +269,7 @@ check12(){
   COMMAND12_LIST_USERS_WITH_PASSWORD_ENABLED=$(cat $TEMP_REPORT_FILE|awk -F, '{ print $1,$4 }' |grep true | awk '{ print $1 }')
   COMMAND12=$(
     for i in $COMMAND12_LIST_USERS_WITH_PASSWORD_ENABLED; do
-      cat $TEMP_REPORT_FILE|awk -F, '{ print $1,$8 }' |grep $i| grep false | awk '{ print $1 }'|tr '\n' ' ';
+      cat $TEMP_REPORT_FILE|awk -F, '{ print $1,$8 }' |grep -w $i| grep false | awk '{ print $1 }'|tr '\n' ' ';
     done)
   echo -e "\n$TITLE12"
     if [[ $COMMAND12 ]]; then