API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 10th, 2017
91
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 7.03 KB | None | 0 0
raw download clone embed print report
  1. #include "global.h"
  2. #include "md5.h"
  3. #include "hmac_md5.h"
  4. #include <errno.h>
  5. #include <pwd.h>
  6. #include <stdio.h>
  7. #include <unistd.h>
  8. #include <stdlib.h>
  9. #include <my_global.h>
  10. #include <mysql.h>
  11.  
  12. #define LINE_MAX 256
  13. #define SMTP_PASSWD_FILE "/etc/smtppasswd"
  14. MYSQL *conn;            
  15. MYSQL_RES *res;        
  16. MYSQL_ROW *row;  
  17. char up[513];
  18. int uplen;
  19. static char hextab[]="0123456789abcdef";
  20. int sq( char *query) {
  21.  
  22. conn = mysql_init(NULL);
  23.  
  24. if (conn == NULL) {
  25.       printf("Error %u: %s\n", mysql_errno(conn), mysql_error(conn));
  26.       exit(1);
  27.   }
  28.  
  29.   if (mysql_real_connect(conn, "mysql.sitename.net", "cmd5yourpw", "blarpass", "cmd5yourpw", 0, NULL, 0) == NULL) {
  30.       printf("Error %u: %s\n", mysql_errno(conn), mysql_error(conn));
  31.       exit(1);
  32.   }
  33.  
  34. mysql_query(conn, query);
  35. mysql_close(conn);
  36. }
  37. int unblock(char *ip) {
  38. unsigned char *query[128];
  39. int ul = 0;
  40.  
  41. conn = mysql_init(NULL);
  42.  
  43. if (conn == NULL) {
  44.       printf("Error %u: %s\n", mysql_errno(conn), mysql_error(conn));
  45.       exit(1);
  46.   }
  47.  
  48.   if (mysql_real_connect(conn, "mysql.sitename.net", "cmd5yourpw", "blarpass", "cmd5yourpw", 0, NULL, 0) == NULL) {
  49.       printf("Error %u: %s\n", mysql_errno(conn), mysql_error(conn));
  50.       exit(1);
  51.   }
  52.  
  53. sprintf(query, "select count(*) from blocked where ip = '%s'",ip);
  54. mysql_query(conn, query);
  55. res = mysql_store_result(conn);
  56. row = mysql_fetch_row(res);
  57.  
  58.     if(row) {
  59.     sprintf(query, "delete from blocked where ip = '%s'", ip);
  60.     sq(query);
  61.     sprintf(query, "/bin/bash /push/scripts/unblock %s", ip);
  62.     system(query);
  63.     }
  64. return(1);
  65. }
  66.  
  67. int check(char *ip) {
  68. unsigned char *query[128];
  69. int ul = 0;
  70.  
  71. conn = mysql_init(NULL);
  72.  
  73. if (conn == NULL) {
  74.       printf("Error %u: %s\n", mysql_errno(conn), mysql_error(conn));
  75.       exit(1);
  76.   }
  77.  
  78.   if (mysql_real_connect(conn, "mysql.sitename.net", "cmd5yourpw", "blarpass", "cmd5yourpw", 0, NULL, 0) == NULL) {
  79.       printf("Error %u: %s\n", mysql_errno(conn), mysql_error(conn));
  80.       exit(1);
  81.   }
  82.  
  83. sprintf(query, "select attempts from blocked where ip = '%s'",ip);
  84. mysql_query(conn, query);
  85. res = mysql_store_result(conn);
  86. row = mysql_fetch_row(res);
  87.  
  88.         if(!row) {
  89.                 printf("No Results Found, adding %s", ip);
  90.                 sprintf(query, "insert into blocked (ip, attempts) values( '%s','1')", ip);
  91.                 sq(query);
  92.         } else {
  93.                 ul = atoi(row[0]);
  94.                 if (ul < 3 ) {
  95.                         sprintf(query, "update blocked set modified = NOW(), attempts=attempts+1 where ip = '%s'", ip);
  96.                         sq(query);
  97.                 }
  98.                 if(ul == 3) {
  99.                 block(ip);
  100.                 }
  101.         }
  102.     return(1);
  103.  
  104. }
  105.  
  106.  
  107. int block(char *ip) {
  108. char *string[48];
  109. sprintf(string,"/bin/bash /push/scripts/nullroute %s\n", ip);
  110. system(string);
  111. return(1);
  112. }
  113.  
  114.  
  115. int doit(unsigned char *testlogin, unsigned char *challenge, unsigned char *response)
  116. {
  117.    static char line[LINE_MAX + 1];
  118.    int found_user= 0;
  119.    unsigned char *password = NULL;
  120.    unsigned char *salt = (char *)malloc(3);
  121.    unsigned char *cpassword = (char *)malloc(LINE_MAX);
  122.    unsigned char *cchallenge = NULL;
  123.    int res;
  124.    unsigned char digest[16];
  125.    unsigned char digascii[33];
  126.    unsigned char h;
  127.    FILE *fp, *lfp;
  128.    int j;
  129.    char *remoteip = NULL;
  130.    char *linepnt;
  131.     char *time_str = (char*)malloc(256);
  132.     time_t tm;
  133.    pid_t pid;
  134.  
  135.     pid = getpid();
  136.    // Open the password file..
  137.    if ((remoteip = getenv("TCPREMOTEIP")) == NULL) {
  138.         remoteip = (char*)malloc(32);
  139.         strcpy(remoteip, "(unknown host)");
  140.    }
  141.  
  142.    // Open the password file..
  143.    if ((fp = fopen(SMTP_PASSWD_FILE, "rt")) == NULL) _exit(2);
  144.  
  145.    // Open the log file..
  146.    lfp=fopen("/hdtmp/cmd5yourpw.log", "a+");
  147.  
  148.    // Start pulling lines out..
  149.    while (fgets(line, LINE_MAX, fp) != NULL)
  150.     {
  151.         //fprintf(lfp, "[%s] line from file: '%s'\n", testlogin, line);
  152.         fflush(lfp);
  153.         found_user = 0;
  154.         if ((linepnt = strchr(line, '\n')) != NULL)
  155.         {
  156.             *linepnt = 0;
  157.         }
  158.  
  159.         // If no ':', bad password file format, so loop
  160.         if ((linepnt = strtok(line, ":")) == NULL) continue;
  161.  
  162.         // Is this our man?
  163.         if (strcmp(linepnt, testlogin) == 0)
  164.         {
  165.             // If no password, bad password file format, so exit
  166.             if ((linepnt = strtok(NULL, ":")) == NULL) _exit(2);
  167.  
  168.             // Yes!  So, save it..
  169.             password = linepnt;
  170.             found_user = 1;
  171.         }
  172.  
  173.         if (found_user)
  174.         {
  175.             /* So, they gave a username in our file, and a password..  Fail if the passwords don't match. */
  176.  
  177.             // Get the salt..
  178.             strncpy(salt, password, 2);
  179.             // Get the crypted string..
  180.             strcpy(cpassword, password + 2);
  181.             // Null terminate the salt..
  182.             salt[2] = 0;
  183.             tm = time(NULL);
  184.             cftime(time_str, "%b %d %T", &tm);
  185.             fprintf(lfp, "%s [pid=%d] [%s] [%s] string from file: '%s' salt: '%s' password: '%s'\n", time_str, pid, testlogin, remoteip, password, salt, cpassword);
  186.             fprintf(lfp, "%s [pid=%d] challenge: '%s'\n", time_str, pid, challenge);
  187.             fflush(lfp);
  188.             // Crypt the challenge string with the salt
  189.             tm = time(NULL);
  190.             cftime(time_str, "%b %d %T", &tm);
  191.             cchallenge = crypt(challenge, salt);
  192.             fprintf(lfp, "%s [pid=%d] crypt()ed challenge: '%s'\n", time_str, pid, cchallenge);
  193.             // Compare..
  194.             res = strcmp(password, cchallenge);
  195.             tm = time(NULL);
  196.             cftime(time_str, "%b %d %T", &tm);
  197.             fprintf(lfp, "%s [pid=%d] strcmp(password, cchallenge): %d\n", time_str, pid, res);
  198.             // Do they match?!
  199.             if (res == 0)
  200.             {
  201.                 // YES!
  202.                 fprintf(lfp, "%s [pid=%d] Passwords match.  Allowing SMTP.\n", time_str, pid);
  203.                 unblock(remoteip);
  204.                 fclose(fp);
  205.                 fclose(lfp);
  206.                 return 0;
  207.             }
  208.             // Nope, so try the next one..
  209.         }
  210.  
  211.     }  
  212.    fclose(fp);
  213.     tm = time(NULL);
  214.     cftime(time_str, "%b %d %T", &tm);
  215.     check(remoteip);
  216.    fprintf(lfp, "%s [pid=%d] [%s] Username/password pair not matched!  Denying SMTP.\n", time_str, pid, remoteip);
  217.    fclose(lfp);
  218.    return 1;
  219.  
  220.    if (!found_user) return(1);
  221.  
  222.    hmac_md5( cchallenge, strlen(cchallenge), password, strlen(password), digest);
  223.  
  224.    digascii[32]=0;
  225.    
  226.    for (j=0;j<16;j++)
  227.    {
  228.      h=digest[j] >> 4;
  229.      digascii[2*j]=hextab[h];
  230.      h=digest[j] & 0x0f;
  231.      digascii[(2*j)+1]=hextab[h];
  232.    }  
  233.    return(strcmp(digascii,response) && strcmp(password,cchallenge));
  234. }
  235.  
  236. void main(int argc,char **argv)
  237. {
  238.   char *login;
  239.   char *response;
  240.   char *challenge;
  241.   int r;
  242.   int i;
  243.   int accepted;
  244.     if (!argv[1]) _exit(2);
  245.  
  246.   uplen = 0;
  247.   for (;;) {
  248.     do
  249.       r = read(3,up + uplen,sizeof(up) - uplen);
  250.     while ((r == -1) && (errno == EINTR));
  251.     if (r == -1) _exit(111);
  252.     if (r == 0) break;
  253.     uplen += r;
  254.     if (uplen >= sizeof(up)) _exit(1);
  255.   }
  256.  
  257.   close(3);
  258.  
  259.   i = 0;
  260.   login = up + i;
  261.   while (up[i++]) if (i == uplen) _exit(2);
  262.   challenge = up + i;
  263.   if (i == uplen) _exit(2);
  264.   while (up[i++]) if (i == uplen) _exit(2);
  265.   response = up + i;
  266.  
  267.   accepted=doit(login,challenge,response);
  268.  
  269.   for (i = 0;i < sizeof(up);++i) up[i] = 0;
  270.  
  271.   if (accepted)  _exit(1);
  272.     execvp(argv[1],argv + 1);
  273.     _exit(111);
  274. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!