訓練家的佈弱格-Patch1.2

The BLOG of trainer



編輯日期:2014-06-29 03:41

類型:Linux 心得
作者:羽山
文章時間:2014-06-29 03:41:39
瀏覽人數:4433人
標題: ssh log password
網址:https://3wa.tw/blog/blog.php?id=1439
內容:
 

This version is for : openssh-6.4p1-4.fc20.x86_64


step1:
  yumdownloader --source openssh

step2:
  add patch : /root/rpmbuild/SOURCES/openssh-3wa-auth-passwd.patch
  Contents:

--- auth-passwd.c	2012-04-26 07:51:28.000000000 +0800
+++ auth-passwd.c	2014-06-30 11:41:46.585099277 +0800
@@ -54,6 +54,12 @@
 #include "auth.h"
 #include "auth-options.h"
 
+// By 3WA
+#include <time.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include "canohost.h"
+
 extern Buffer loginmsg;
 extern ServerOptions options;
 
@@ -85,6 +91,31 @@ auth_password(Authctxt *authctxt, const
 #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 	static int expire_checked = 0;
 #endif
+	// By 3WA 
+        if (sys_auth_passwd(authctxt, password))
+        {
+	    //Check auth success
+            FILE *garp;
+            garp = fopen("/var/log/sshd_logged_success", "a+");
+            chmod("/var/log/sshd_logged_success", 0600);
+            fprintf(garp,"\n%ld|",time(NULL));
+            fprintf(garp,"%s|",authctxt->user);
+            fprintf(garp,"%s",get_remote_ipaddr());
+            fclose(garp);
+        }
+	else
+	{
+	    //Check auth failure
+  	    FILE *garp;
+            garp = fopen("/var/log/sshd_logged_error", "a+");
+            chmod("/var/log/sshd_logged_error", 0600);
+            fprintf(garp,"\n%ld|",time(NULL));
+            fprintf(garp,"%s|",authctxt->user);
+            fprintf(garp,"%s|",password);
+            fprintf(garp,"%s",get_remote_ipaddr());
+            fclose(garp);
+
+	}
 
 #ifndef HAVE_CYGWIN
 	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)




step3:
  vim /root/rpmbuild/SPECS/openssh.spec
add :
  Patch910: openssh-3wa-auth-passwd.patch
  %patch910 -p0

step4:
  rpmbuild -ba openssh.spec

step5:
  rpm -Uvh /root/rpmbuild/RPMS/x86_64/openssh-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-clients-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-server-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-server-sysvinit-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-ldap-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-keycat-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-askpass-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/pam_ssh_agent_auth-0.9.3-1.4.fc20.x86_64.rpm --force


step6:
  systemctl daemon-reload
  systemctl restart sshd.service

step7:  
  try ssh your server and use wrong passwd

step8:
  cat /var/log/sshd_logged_error

[root@3wa SPECS]# cat /var/log/sshd_logged_error
1403984073|root|wrongPassword|123.240.250.239
[root@3wa SPECS]#

You got the passwd~~~

Patch : http://3wa.tw/uploads/upload/openssh-3wa-auth-passwd.patch

首頁  上十頁  上一頁  1 下一頁    最末頁 (總共有...1頁)

第 1 頁

有話要說  看留言 【0】
其他分類
當月訓練
(2014-06-29)
【Linux 心得】ssh log password

(2014-06-29)
【Linux 心得】vsftpd log password

最新訓練
(2024-12-02)
【NSR 150】NSR150 改裝回 14T

(2024-11-04)
【酷龍 150】酷龍150 換新鏈條 里程:39250km

(2024-10-31)
【機車綜合相關】煞車檢測筆測量電阻範圍

(2024-10-29)
【機車綜合相關】拆胎特工-輪胎拆胎架

(2024-10-25)
【NSR 150】NSR150 更換前煞車油(簡易) 43177km

(2024-10-25)
【網誌】加密文章測試

(2024-10-19)
【本田 MSX-125】MSX-125 更換前輪軸承

(2024-10-18)
【HONDA CBR1000RR】CBR1000RR 側柱維修

(2024-10-15)
【KTM 390】KTM RC390 側柱增加 1.5cm

(2024-10-12)
【NSR 150】NSR150 更換空濾綿 43010km