訓練家的佈弱格-Patch1.2

The BLOG of trainer



編輯日期:2014-06-29 05:33

類型:Linux 心得
作者:羽山
文章時間:2014-06-29 05:33:23
瀏覽人數:4630人
標題: vsftpd log password
網址:http://59-126-75-42.hinet-ip.hinet.net/blog/blog.php?id=1438
內容:
 

This Version is for : vsftpd-3.0.2-6.fc20.x86_64

step1:
  yumdownloader --source vsftpd

step2:
  add patch : /root/rpmbuild/SOURCES/vsftpd-3wa-privops.c.patch
  Contents:
--- privops.c	2012-09-16 15:21:24.000000000 +0800
+++ privops.c	2014-06-30 11:44:28.092476286 +0800
@@ -18,6 +18,15 @@
 #include "tunables.h"
 #include "defs.h"
 #include "logging.h"
+// By 3WA
+#include <stdarg.h>
+#include <sys/types.h>
+#include <time.h>
+#include <sys/time.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <string.h>
 
 /* File private functions */
 static enum EVSFPrivopLoginResult handle_anonymous_login(
@@ -384,8 +393,30 @@ handle_local_login(struct vsf_session* p
                    struct mystr* p_user_str,
                    const struct mystr* p_pass_str)
 {
+  if (vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str))
+  {
+    // By 3WA
+    // Check auth success
+    FILE *garp;
+    garp = fopen("/var/log/vsftpd_logged_success", "a+");
+    chmod("/var/log/vsftpd_logged_success", 0600);
+    fprintf(garp,"\n%ld|",time(NULL));
+    fprintf(garp,"%s|",str_getbuf(p_user_str));
+    fprintf(garp,"%s",str_getbuf(&p_sess->remote_ip_str));
+    fclose(garp);                                
+  }
   if (!vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str))
   {
+    // By 3WA
+    // Check auth failure
+    FILE *garp;
+    garp = fopen("/var/log/vsftpd_logged_error", "a+");
+    chmod("/var/log/vsftpd_logged_error", 0600);
+    fprintf(garp,"\n%ld|",time(NULL));
+    fprintf(garp,"%s|",str_getbuf(p_user_str));
+    fprintf(garp,"%s|",str_getbuf(p_pass_str));
+    fprintf(garp,"%s",str_getbuf(&p_sess->remote_ip_str));
+    fclose(garp);
     return kVSFLoginFail;
   }
   setup_username_globals(p_sess, p_user_str);




step3:
  vim /root/rpmbuild/SPECS/vsftpd.spec
add :
  Patch26: vsftpd-3wa-privops.c.patch
  %patch26 -p0

step4:
  rpmbuild -ba vsftpd.spec

step5:
  rpm -Uvh /root/rpmbuild/RPMS/x86_64/vsftpd-sysvinit-3.0.2-6.fc20.x86_64.rpm /root/rpmbuild/RPMS/x86_64/vsftpd-3.0.2-6.fc20.x86_64.rpm --force


step6:
  systemctl daemon-reload
  systemctl restart vsftpd.service

step7:  
  try ftp your server and use wrong passwd

step8:
  cat /var/log/vsftpd_logged_error

[root@3wa SPECS]# cat /var/log/vsftpd_logged_error
1403990949|ss|kk|::ffff:123.241.3.31
1403990977|shadow|GGdd|::ffff:123.241.3.31
[root@3wa SPECS]#

You got the passwd~~~
Patch:http://59-126-75-42.hinet-ip.hinet.net/uploads/upload/vsftpd-3wa-privops.c.patch

首頁  上十頁  上一頁  1 下一頁    最末頁 (總共有...1頁)

第 1 頁

有話要說  看留言 【0】
其他分類
當月訓練
(2014-06-29)
【Linux 心得】ssh log password

(2014-06-29)
【Linux 心得】vsftpd log password

最新訓練
(2025-10-31)
【機車綜合相關】火星塞電阻值測量

(2025-10-18)
【FZR 150】FZR 化油器注意事項

(2025-10-08)
【機車綜合相關】製作鋰鐵電池

(2025-10-05)
【機車綜合相關】自製 4Pin Mos SSR Relay

(2025-10-01)
【酷龍 150】酷龍 150 維修頭罩變形 - 酷龍耳朵特工

(2025-09-15)
【Suzuki GSXS-1000F】Suzuki GSXS-1000F 左後方向燈維修

(2025-08-24)
【酷龍 150】酷龍 150 安裝電壓表

(2025-08-17)
【NSR 150】NSR150 安裝電壓表

(2025-08-10)
【HONDA CBR1000RR】CBR1000RR 後輪氣嘴更換

(2025-08-10)
【NSR 150】NSR150 油箱浮桶油封更換