Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #if 0
- shc Version 3.8.9b, Generic Script Compiler
- Copyright (c) 1994-2015 Francisco Rosales <frosal@fi.upm.es>
- ./shc-3.8.9b/shc -v -r -T -f /home/qqq
- #endif
- static char data [] =
- #define lsto_z 1
- #define lsto ((&data[0]))
- "\271"
- #define pswd_z 256
- #define pswd ((&data[35]))
- "\207\072\157\012\355\040\220\125\365\023\225\253\316\232\272\145"
- "\361\034\100\246\053\311\032\062\165\207\363\376\223\173\343\032"
- "\265\122\050\063\041\316\064\166\144\211\241\160\213\304\115\357"
- "\054\055\233\347\054\214\045\234\317\261\223\365\062\253\347\042"
- "\244\017\125\306\336\212\074\103\024\336\264\240\242\001\217\316"
- "\057\052\265\133\266\333\370\206\215\214\174\300\067\144\342\334"
- "\164\070\242\123\302\336\227\326\274\113\166\137\115\006\056\174"
- "\060\344\330\347\300\321\156\115\135\353\015\224\120\360\160\304"
- "\050\022\030\353\361\257\302\256\373\071\016\110\077\074\304\157"
- "\041\235\127\341\156\305\057\313\261\075\137\001\055\320\305\126"
- "\343\336\102\324\216\004\203\211\075\221\321\175\316\226\355\360"
- "\063\104\321\241\012\000\154\273\075\314\274\153\235\202\302\200"
- "\140\004\125\357\010\330\170\106\152\111\303\071\340\261\051\023"
- "\365\372\265\377\373\042\273\071\356\167\245\213\372\147\014\133"
- "\153\141\112\163\072\302\272\244\014\176\336\354\057\007\000\045"
- "\002\265\045\375\327\340\067\305\130\334\121\122\103\135\255\256"
- "\277\367\042\371\272\335\236\306\133\174\262\213\203\262\260\205"
- "\150\325\203\077\266\272\005\016\227\127\141\332\264\017\211\163"
- "\006\253\045\243\162\265\370\150\311\216\024\230\050\317\376\032"
- "\353\077\301\026\011\333\110\176\143\073\175\366\266\140\021\154"
- "\263\066\017\045\354\010\216\266\226\242\116\277\161\115\331\134"
- "\214\232\163\225\166\273\024\331\366\221\320\255"
- #define chk2_z 19
- #define chk2 ((&data[353]))
- "\245\030\050\313\216\244\016\370\066\077\365\172\337\017\052\121"
- "\024\266\315\060\300\324\043"
- #define msg1_z 42
- #define msg1 ((&data[374]))
- "\272\307\277\376\114\050\346\274\366\355\201\273\040\047\330\351"
- "\373\167\362\252\123\147\134\036\034\044\144\371\061\157\106\305"
- "\322\327\004\005\327\235\064\004\276\223\356\236\374\011\206"
- #define tst1_z 22
- #define tst1 ((&data[421]))
- "\312\343\374\302\060\034\106\053\305\000\004\235\026\134\136\035"
- "\327\001\307\110\025\142\037\144\373\076"
- #define chk1_z 22
- #define chk1 ((&data[447]))
- "\215\113\215\050\074\121\334\250\335\343\105\376\151\012\115\063"
- "\241\271\063\304\232\024\300\177\360\037\034\235\021"
- #define date_z 1
- #define date ((&data[474]))
- "\360"
- #define shll_z 8
- #define shll ((&data[477]))
- "\032\021\333\117\125\223\006\173\165\352\333"
- #define text_z 29
- #define text ((&data[492]))
- "\336\137\105\065\300\020\065\331\243\174\072\225\323\336\200\333"
- "\052\003\322\360\030\050\172\257\135\311\206\051\335\143\115\267"
- "\055\225\102\031\273\116\222\055\107"
- #define inlo_z 3
- #define inlo ((&data[527]))
- "\144\323\121"
- #define xecc_z 15
- #define xecc ((&data[532]))
- "\120\223\020\026\242\364\220\024\375\304\251\236\162\246\122\223"
- "\005\214\006\251"
- #define msg2_z 19
- #define msg2 ((&data[552]))
- "\176\143\352\242\236\224\256\361\205\353\205\350\011\145\024\266"
- "\025\022\232\336\131\231\127\072"
- #define rlax_z 1
- #define rlax ((&data[574]))
- "\201"
- #define opts_z 1
- #define opts ((&data[575]))
- "\320"
- #define tst2_z 19
- #define tst2 ((&data[576]))
- "\227\121\113\317\326\067\050\204\340\237\375\312\171\122\276\315"
- "\152\206\316\131\140\046\171"/* End of data[] */;
- #define hide_z 4096
- #define DEBUGEXEC 0 /* Define as 1 to debug execvp calls */
- #define TRACEABLE 1 /* Define as 1 to enable ptrace the executable */
- /* rtc.c */
- #include <sys/stat.h>
- #include <sys/types.h>
- #include <errno.h>
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include <time.h>
- #include <unistd.h>
- /* 'Alleged RC4' */
- static unsigned char stte[256], indx, jndx, kndx;
- /*
- * Reset arc4 stte.
- */
- void stte_0(void)
- {
- indx = jndx = kndx = 0;
- do {
- stte[indx] = indx;
- } while (++indx);
- }
- /*
- * Set key. Can be used more than once.
- */
- void key(void * str, int len)
- {
- unsigned char tmp, * ptr = (unsigned char *)str;
- while (len > 0) {
- do {
- tmp = stte[indx];
- kndx += tmp;
- kndx += ptr[(int)indx % len];
- stte[indx] = stte[kndx];
- stte[kndx] = tmp;
- } while (++indx);
- ptr += 256;
- len -= 256;
- }
- }
- /*
- * Crypt data.
- */
- void arc4(void * str, int len)
- {
- unsigned char tmp, * ptr = (unsigned char *)str;
- while (len > 0) {
- indx++;
- tmp = stte[indx];
- jndx += tmp;
- stte[indx] = stte[jndx];
- stte[jndx] = tmp;
- tmp += stte[indx];
- *ptr ^= stte[tmp];
- ptr++;
- len--;
- }
- }
- /* End of ARC4 */
- /*
- * Key with file invariants.
- */
- int key_with_file(char * file)
- {
- struct stat statf[1];
- struct stat control[1];
- if (stat(file, statf) < 0)
- return -1;
- /* Turn on stable fields */
- memset(control, 0, sizeof(control));
- control->st_ino = statf->st_ino;
- control->st_dev = statf->st_dev;
- control->st_rdev = statf->st_rdev;
- control->st_uid = statf->st_uid;
- control->st_gid = statf->st_gid;
- control->st_size = statf->st_size;
- control->st_mtime = statf->st_mtime;
- control->st_ctime = statf->st_ctime;
- key(control, sizeof(control));
- return 0;
- }
- #if DEBUGEXEC
- void debugexec(char * sh11, int argc, char ** argv)
- {
- int i;
- fprintf(stderr, "shll=%s\n", sh11 ? sh11 : "<null>");
- fprintf(stderr, "argc=%d\n", argc);
- if (!argv) {
- fprintf(stderr, "argv=<null>\n");
- } else {
- for (i = 0; i <= argc ; i++)
- fprintf(stderr, "argv[%d]=%.60s\n", i, argv[i] ? argv[i] : "<null>");
- }
- }
- #endif /* DEBUGEXEC */
- void rmarg(char ** argv, char * arg)
- {
- for (; argv && *argv && *argv != arg; argv++);
- for (; argv && *argv; argv++)
- *argv = argv[1];
- }
- int chkenv(int argc)
- {
- char buff[512];
- unsigned long mask, m;
- int l, a, c;
- char * string;
- extern char ** environ;
- mask = (unsigned long)&chkenv;
- mask ^= (unsigned long)getpid() * ~mask;
- sprintf(buff, "x%lx", mask);
- string = getenv(buff);
- #if DEBUGEXEC
- fprintf(stderr, "getenv(%s)=%s\n", buff, string ? string : "<null>");
- #endif
- l = strlen(buff);
- if (!string) {
- /* 1st */
- sprintf(&buff[l], "=%lu %d", mask, argc);
- putenv(strdup(buff));
- return 0;
- }
- c = sscanf(string, "%lu %d%c", &m, &a, buff);
- if (c == 2 && m == mask) {
- /* 3rd */
- rmarg(environ, &string[-l - 1]);
- return 1 + (argc - a);
- }
- return -1;
- }
- #if !TRACEABLE
- #define _LINUX_SOURCE_COMPAT
- #include <sys/ptrace.h>
- #include <sys/types.h>
- #include <sys/wait.h>
- #include <fcntl.h>
- #include <signal.h>
- #include <stdio.h>
- #include <unistd.h>
- #if !defined(PTRACE_ATTACH) && defined(PT_ATTACH)
- # define PTRACE_ATTACH PT_ATTACH
- #endif
- void untraceable(char * argv0)
- {
- char proc[80];
- int pid, mine;
- switch(pid = fork()) {
- case 0:
- pid = getppid();
- /* For problematic SunOS ptrace */
- #if defined(__FreeBSD__)
- sprintf(proc, "/proc/%d/mem", (int)pid);
- #else
- sprintf(proc, "/proc/%d/as", (int)pid);
- #endif
- close(0);
- mine = !open(proc, O_RDWR|O_EXCL);
- if (!mine && errno != EBUSY)
- mine = !ptrace(PTRACE_ATTACH, pid, 0, 0);
- if (mine) {
- kill(pid, SIGCONT);
- } else {
- perror(argv0);
- kill(pid, SIGKILL);
- }
- _exit(mine);
- case -1:
- break;
- default:
- if (pid == waitpid(pid, 0, 0))
- return;
- }
- perror(argv0);
- _exit(1);
- }
- #endif /* !TRACEABLE */
- char * xsh(int argc, char ** argv)
- {
- char * scrpt;
- int ret, i, j;
- char ** varg;
- char * me = argv[0];
- stte_0();
- key(pswd, pswd_z);
- arc4(msg1, msg1_z);
- arc4(date, date_z);
- if (date[0] && (atoll(date)<time(NULL)))
- return msg1;
- arc4(shll, shll_z);
- arc4(inlo, inlo_z);
- arc4(xecc, xecc_z);
- arc4(lsto, lsto_z);
- arc4(tst1, tst1_z);
- key(tst1, tst1_z);
- arc4(chk1, chk1_z);
- if ((chk1_z != tst1_z) || memcmp(tst1, chk1, tst1_z))
- return tst1;
- ret = chkenv(argc);
- arc4(msg2, msg2_z);
- if (ret < 0)
- return msg2;
- varg = (char **)calloc(argc + 10, sizeof(char *));
- if (!varg)
- return 0;
- if (ret) {
- arc4(rlax, rlax_z);
- if (!rlax[0] && key_with_file(shll))
- return shll;
- arc4(opts, opts_z);
- arc4(text, text_z);
- arc4(tst2, tst2_z);
- key(tst2, tst2_z);
- arc4(chk2, chk2_z);
- if ((chk2_z != tst2_z) || memcmp(tst2, chk2, tst2_z))
- return tst2;
- /* Prepend hide_z spaces to script text to hide it. */
- scrpt = malloc(hide_z + text_z);
- if (!scrpt)
- return 0;
- memset(scrpt, (int) ' ', hide_z);
- memcpy(&scrpt[hide_z], text, text_z);
- } else { /* Reexecute */
- if (*xecc) {
- scrpt = malloc(512);
- if (!scrpt)
- return 0;
- sprintf(scrpt, xecc, me);
- } else {
- scrpt = me;
- }
- }
- j = 0;
- varg[j++] = argv[0]; /* My own name at execution */
- if (ret && *opts)
- varg[j++] = opts; /* Options on 1st line of code */
- if (*inlo)
- varg[j++] = inlo; /* Option introducing inline code */
- varg[j++] = scrpt; /* The script itself */
- if (*lsto)
- varg[j++] = lsto; /* Option meaning last option */
- i = (ret > 1) ? ret : 0; /* Args numbering correction */
- while (i < argc)
- varg[j++] = argv[i++]; /* Main run-time arguments */
- varg[j] = 0; /* NULL terminated array */
- #if DEBUGEXEC
- debugexec(shll, j, varg);
- #endif
- execvp(shll, varg);
- return shll;
- }
- int main(int argc, char ** argv)
- {
- #if DEBUGEXEC
- debugexec("main", argc, argv);
- #endif
- #if !TRACEABLE
- untraceable(argv[0]);
- #endif
- argv[1] = xsh(argc, argv);
- fprintf(stderr, "%s%s%s: %s\n", argv[0],
- errno ? ": " : "",
- errno ? strerror(errno) : "",
- argv[1] ? argv[1] : "<null>"
- );
- return 1;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement