exploit the possibilities

Fake sshd Tool

Fake sshd Tool
Posted Jan 17, 2012
Authored by James Stevenson | Site stev.org

This is a fake sshd which can be used to log common login attempts which are typically used by scammers / spammers / script kiddies to attempt to gain access to servers. It does not modify OpenSSH and uses libssh instead. There is no valid way to login to a shell, can be used to tarpit / delay attackers and can be used to steal the entries used in a dictionary attack.

tags | tool, shell, encryption
MD5 | e7d4f36de596e2a2e00b56015c6f0750

Fake sshd Tool

Change Mirror Download
/*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* $Id: fake-sshd.c,v 1.7 2012/01/04 09:30:00 james.stevenson Exp $
*
* Author:
* NAME: James Stevenson
* WWW: http://www.stev.org
*
*/


#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <syslog.h>

#include <arpa/inet.h>
#include <netinet/in.h>

#include <sys/types.h>
#include <sys/wait.h>
#include <sys/socket.h>

#include <libssh/libssh.h>
#include <libssh/server.h>


int use_syslog = 0;
int verbose = 0;

void logger(const char *fmt, ...) {
va_list ap;
va_start(ap, fmt);
vprintf(fmt, ap);
printf("\n");

if (use_syslog)
vsyslog(LOG_NOTICE, fmt, ap);

va_end(ap);
}

void handle_sigchild(int signum) {
int status = -1;
int pid = wait(&status);
if (verbose > 0)
logger("Process %d Exited", pid);
}

void print_help(FILE *fp, char *app) {

fprintf(fp, "Usage: %s [<options>]\n", app);
fprintf(fp, "\n");
fprintf(fp, "\t-a <secs> Failed Auth delay\n");
fprintf(fp, "\t-b <str> Set the banner\n");
fprintf(fp, "\t-h Print this help and exit\n");
fprintf(fp, "\t-m <n> Max attempts per connection\n");
fprintf(fp, "\t-p <port> Port to listen on\n");
fprintf(fp, "\t-r <file> Path to rsa key\n");
fprintf(fp, "\t-d <file> Path to dsa key\n");
fprintf(fp, "\t-s Log to syslog\n");
fprintf(fp, "\t-t <secs> Timeout\n");
fprintf(fp, "\t-v Verbose. Repeat for more info\n");
fprintf(fp, "\t-w <secs> Delay after connection\n");
fprintf(fp, "\t-z Multiple Delay by 2 each failure\n");
fprintf(fp, "\n");
}

int main(int argc, char **argv) {
ssh_bind sshbind;
ssh_session session;
int r = -1;
int auth = 0;
int c;
int delay = 0;
char *port = "22";
char *dsakey = "/home/james/etc/ssh/ssh_host_dsa_key";
char *rsakey = "/home/james/etc/ssh/ssh_host_rsa_key";
char *banner = 0;
int timeout = 0;
int authdelay = 0;
int doubledelay = 0;
int maxfail = 0;

while( (c = getopt(argc, argv, "a:b:hm:p:r:d:st:vw:z")) != -1) {
switch(c) {
case 'a':
authdelay = atoi(optarg);
break;
case 'b':
banner = optarg;
break;
case 'p':
port = optarg;
break;
case 'h':
print_help(stdout, argv[0]);
exit(EXIT_SUCCESS);
break;
case 'm':
maxfail = atoi(optarg);
break;
case 'r':
rsakey = optarg;
break;
case 'd':
dsakey = optarg;
break;
case 's':
use_syslog = 1;
break;
case 't':
timeout = atoi(optarg);
break;
case 'v':
verbose++;
break;
case 'w':
delay = atoi(optarg);
break;
case 'z':
doubledelay = 1;
break;
default:
break;
}
}

if (dsakey == NULL) {
if (access("/etc/ssh/ssh_host_rsa_key", R_OK) == 0)
rsakey = "/etc/ssh/ssh_host_rsa_key";
}

if (rsakey == NULL) {
if (access("/etc/ssh/ssh_host_dsa_key", R_OK) == 0)
dsakey = "/etc/ssh/ssh_host_dsa_key";
}

if (rsakey == NULL || dsakey == NULL) {
print_help(stderr, argv[0]);
exit(EXIT_FAILURE);
}

sshbind = ssh_bind_new();
session = ssh_new();

ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT_STR, port);

ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY, dsakey);
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, rsakey);

if (banner != NULL)
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BANNER, banner);

if (ssh_bind_listen(sshbind) < 0) {
logger("Error listening to socket: %s", ssh_get_error(sshbind));
exit(EXIT_FAILURE);
}

if (timeout > 0)
ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &timeout);



signal(SIGCHLD, &handle_sigchild);

restart:
r = ssh_bind_accept(sshbind, session);

if (r == SSH_ERROR) {
logger("Error accepting connection: %s", ssh_get_error(sshbind));
goto restart;
}

int ret = fork();

if (fork < 0) {
logger("fork: %s", strerror(errno));
logger("exiting ...");
exit(EXIT_FAILURE);
}

int sockfd = ssh_get_fd(session);
struct sockaddr_in peer;
socklen_t peer_len = sizeof(peer);
char *peername = 0;
int attempts = 0;

if (ret > 0) {
if (verbose > 0)
logger("Started Process %d", ret);
goto restart;
}

ret = getpeername(sockfd, (struct sockaddr *) &peer, &peer_len);
peername = inet_ntoa(peer.sin_addr);
logger("Connection From %s:%d", peername, peer.sin_port);

if (ssh_handle_key_exchange(session)) {
logger("ssh_handle_key_exchange: %s", ssh_get_error(session));
goto error;
}

do {
ssh_message message = ssh_message_get(session);
if (message == NULL)
break;

switch(ssh_message_type(message)) {
case SSH_REQUEST_AUTH:
switch(ssh_message_subtype(message)) {
case SSH_AUTH_METHOD_PASSWORD:
attempts++;
logger("IP: %s USER: %s PASS: %s", peername, ssh_message_auth_user(message), ssh_message_auth_password(message));
if (authdelay > 0)
sleep(authdelay);
if (doubledelay)
authdelay *= 2;
if (attempts > maxfail) {
if (verbose > 1)
logger("Max failures reached");
goto error;
}
case SSH_AUTH_METHOD_NONE:
if (verbose > 1)
logger("AUTH_METHOD_NONE Requested");
// break missing on purpose
default:
if (verbose > 1)
logger("REQUEST_AUTH: %d", ssh_message_subtype(message));
ssh_message_auth_set_methods(message, SSH_AUTH_METHOD_PASSWORD);
ssh_message_reply_default(message);
break;
}
break;
default:
if (verbose > 0)
logger("Message Type: %d", ssh_message_type(message));
ssh_message_reply_default(message);
break;
}
ssh_message_free(message);
} while(auth == 0);

error:
ssh_disconnect(session);
logger("Connection Closed From %s", peername);

return 0;
}

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    4 Files
  • 21
    Oct 21st
    5 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close