訓練家的佈弱格-Patch1.2

The BLOG of trainer



編輯日期:2014-06-29 03:41

類型:Linux 心得
作者:羽山
文章時間:2014-06-29 03:41:39
瀏覽人數:3936人
標題: ssh log password
網址:https://3wa.tw/blog/blog.php?id=1439
內容:
 

This version is for : openssh-6.4p1-4.fc20.x86_64


step1:
  yumdownloader --source openssh

step2:
  add patch : /root/rpmbuild/SOURCES/openssh-3wa-auth-passwd.patch
  Contents:

--- auth-passwd.c	2012-04-26 07:51:28.000000000 +0800
+++ auth-passwd.c	2014-06-30 11:41:46.585099277 +0800
@@ -54,6 +54,12 @@
 #include "auth.h"
 #include "auth-options.h"
 
+// By 3WA
+#include <time.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include "canohost.h"
+
 extern Buffer loginmsg;
 extern ServerOptions options;
 
@@ -85,6 +91,31 @@ auth_password(Authctxt *authctxt, const
 #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 	static int expire_checked = 0;
 #endif
+	// By 3WA 
+        if (sys_auth_passwd(authctxt, password))
+        {
+	    //Check auth success
+            FILE *garp;
+            garp = fopen("/var/log/sshd_logged_success", "a+");
+            chmod("/var/log/sshd_logged_success", 0600);
+            fprintf(garp,"\n%ld|",time(NULL));
+            fprintf(garp,"%s|",authctxt->user);
+            fprintf(garp,"%s",get_remote_ipaddr());
+            fclose(garp);
+        }
+	else
+	{
+	    //Check auth failure
+  	    FILE *garp;
+            garp = fopen("/var/log/sshd_logged_error", "a+");
+            chmod("/var/log/sshd_logged_error", 0600);
+            fprintf(garp,"\n%ld|",time(NULL));
+            fprintf(garp,"%s|",authctxt->user);
+            fprintf(garp,"%s|",password);
+            fprintf(garp,"%s",get_remote_ipaddr());
+            fclose(garp);
+
+	}
 
 #ifndef HAVE_CYGWIN
 	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)




step3:
  vim /root/rpmbuild/SPECS/openssh.spec
add :
  Patch910: openssh-3wa-auth-passwd.patch
  %patch910 -p0

step4:
  rpmbuild -ba openssh.spec

step5:
  rpm -Uvh /root/rpmbuild/RPMS/x86_64/openssh-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-clients-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-server-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-server-sysvinit-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-ldap-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-keycat-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-askpass-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/pam_ssh_agent_auth-0.9.3-1.4.fc20.x86_64.rpm --force


step6:
  systemctl daemon-reload
  systemctl restart sshd.service

step7:  
  try ssh your server and use wrong passwd

step8:
  cat /var/log/sshd_logged_error

[root@3wa SPECS]# cat /var/log/sshd_logged_error
1403984073|root|wrongPassword|123.240.250.239
[root@3wa SPECS]#

You got the passwd~~~

Patch : http://3wa.tw/uploads/upload/openssh-3wa-auth-passwd.patch

首頁  上十頁  上一頁  1 下一頁    最末頁 (總共有...1頁)

第 1 頁

有話要說  看留言 【0】
其他分類
當月訓練
(2014-06-29)
【Linux 心得】ssh log password

(2014-06-29)
【Linux 心得】vsftpd log password

最新訓練
(2024-03-09)
【HONDA CBR1000RR】CBR1000RR 原廠管

(2024-02-24)
【NSR 150】NSR150 整理後卡鉗

(2024-02-14)
【機車綜合相關】買了牧田的打氣機與心得

(2024-02-10)
【NSR 150】NSR150 整流器接頭重作

(2024-02-09)
【機車綜合相關】鋰電、鋰鐵電池、電源充電器

(2024-01-07)
【NSR 150】NSR150 貨架耳朵斷裂維修

(2024-01-06)
【KTM 390】KTM Duke390 維修發電問題 電盤內仁

(2023-12-29)
【NSR 150】NSR150 改可調拉桿

(2023-11-20)
【遊戲 / 生活】防盜洗手罐

(2023-11-17)
【KTM 390】KTM Duke390 製作鋰鐵電池