spark-store-project/spark-store
15
0
Fork 0
mirror of https://gitee.com/spark-store-project/spark-store synced 2025-09-26 13:02:20 +08:00
Code Issues 1 Packages Projects Releases Wiki Activity
spark-store/tool/ss-feedback/sender-d_aarch64.sh.c

830 lines
27 KiB
C
Raw Blame History

#if 0
shc Version 4.0.3, Generic Shell Script Compiler
GNU GPL Version 3 Md Jahidul Hamid <jahidulhamid@yahoo.com>
shc -f sender-d.sh
#endif
static char data [] =
#define chk2_z 19
#define chk2 ((&data[4]))
"\243\223\200\353\204\320\241\001\062\064\032\054\240\071\234\017"
"\210\070\320\212\121\124\300\135\224\153"
#define date_z 1
#define date ((&data[26]))
"\252"
#define tst1_z 22
#define tst1 ((&data[32]))
"\177\300\304\252\172\313\215\230\106\002\255\125\364\101\341\135"
"\161\335\007\042\234\014\101\114\172\324\143\307\066\236"
#define rlax_z 1
#define rlax ((&data[57]))
"\377"
#define msg2_z 19
#define msg2 ((&data[60]))
"\010\164\351\102\052\206\050\160\045\362\330\325\051\106\211\217"
"\020\302\217\320\234\171\300\027"
#define pswd_z 256
#define pswd ((&data[98]))
"\152\326\156\232\175\121\037\170\341\237\070\245\111\263\155\177"
"\307\025\210\226\053\222\335\204\166\203\021\074\275\314\333\275"
"\355\076\205\170\123\201\346\270\137\131\364\033\152\167\274\062"
"\215\104\311\271\327\246\075\115\052\117\212\350\033\146\245\011"
"\244\053\201\370\255\150\261\015\302\245\051\054\035\345\137\252"
"\051\050\143\001\317\241\116\371\360\331\341\014\077\207\025\344"
"\263\227\334\140\377\216\156\301\063\227\356\120\174\115\372\246"
"\165\136\247\105\377\366\076\360\317\040\374\016\247\021\362\132"
"\250\317\273\250\135\051\152\221\300\130\342\075\246\334\343\034"
"\073\213\141\072\201\237\053\121\300\047\140\147\071\123\302\342"
"\042\176\212\200\250\364\022\151\115\364\246\363\321\212\017\014"
"\025\160\107\227\020\162\350\320\231\110\070\323\234\373\265\276"
"\171\077\077\042\064\121\213\201\106\061\164\027\274\203\043\322"
"\364\152\151\004\335\122\325\167\233\015\112\067\011\377\366\202"
"\077\066\245\163\210\060\364\316\142\151\345\036\354\011\360\341"
"\164\132\346\121\254\273\310\110\311\023\200\322\023\166\125\122"
"\254\372\305\064\052\272\003\214\043\350\253\020\362\233\362\146"
#define inlo_z 3
#define inlo ((&data[354]))
"\077\312\066"
#define msg1_z 65
#define msg1 ((&data[369]))
"\242\311\123\033\211\152\051\313\155\224\242\334\066\100\363\065"
"\105\013\132\157\324\242\137\067\144\215\353\267\116\040\366\261"
"\257\301\143\350\043\260\343\342\230\061\076\106\133\350\223\102"
"\222\051\265\352\116\220\116\054\340\042\140\117\150\135\341\266"
"\147\073\125\031\375\217\147\053\036\041\313\257\265\056\040\056"
"\116\230\017\355\320\264\066\203\041\266\325"
#define shll_z 10
#define shll ((&data[448]))
"\044\170\147\062\333\277\214\244\122\356\377\367"
#define chk1_z 22
#define chk1 ((&data[464]))
"\223\122\266\274\152\146\300\203\222\104\264\157\033\126\362\342"
"\167\271\127\371\137\202\067\371\014\044\036"
#define xecc_z 15
#define xecc ((&data[488]))
"\000\372\316\341\375\256\014\324\121\207\341\240\215\364\227\320"
"\177\340\056"
#define text_z 1976
#define text ((&data[739]))
"\272\111\362\361\314\024\247\242\123\277\167\123\266\357\034\001"
"\203\156\270\100\215\334\220\115\334\020\056\013\336\246\111\231"
"\360\073\212\274\117\061\136\243\360\326\366\247\306\023\251\111"
"\201\141\211\016\075\032\134\032\053\212\045\011\061\156\242\041"
"\252\054\336\371\136\075\235\116\024\224\366\333\247\237\044\051"
"\001\256\070\076\311\224\130\365\037\176\376\121\355\240\162\227"
"\315\121\221\053\216\056\172\243\302\161\176\152\020\243\223\022"
"\122\313\121\034\140\252\021\177\050\017\320\025\260\103\254\176"
"\224\075\251\043\154\044\306\056\225\105\230\246\350\054\271\072"
"\370\012\126\130\264\147\330\334\167\251\362\047\355\237\245\201"
"\334\117\245\110\164\154\167\012\261\020\260\231\075\151\323\065"
"\164\052\215\050\221\146\005\010\017\367\060\374\226\326\176\163"
"\045\043\274\232\220\064\244\101\104\124\332\202\276\256\267\063"
"\330\105\133\152\253\140\163\272\127\243\267\356\172\065\141\237"
"\131\035\071\351\121\336\053\226\062\001\274\136\064\173\013\367"
"\240\163\111\332\006\143\304\010\250\201\241\124\105\221\330\106"
"\016\163\175\026\202\137\075\077\174\056\153\031\377\306\325\340"
"\127\272\221\034\340\006\230\252\141\020\004\317\211\046\157\057"
"\126\376\001\171\372\154\136\005\305\167\053\022\332\223\205\153"
"\200\202\166\001\313\325\006\303\370\300\362\150\245\024\165\212"
"\131\162\252\174\363\273\156\231\037\176\204\326\301\256\001\060"
"\273\266\222\242\373\347\317\154\200\341\317\005\101\166\343\163"
"\276\000\321\267\314\375\260\323\304\243\264\141\017\350\206\110"
"\314\043\156\132\224\113\225\307\205\011\323\031\327\355\207\375"
"\121\310\252\101\173\316\213\356\011\167\271\017\356\377\334\155"
"\314\160\142\164\262\160\027\071\115\376\015\052\251\047\031\167"
"\073\277\246\066\312\304\107\366\262\107\065\255\214\121\234\027"
"\234\144\144\372\323\331\310\165\171\027\223\263\162\172\227\001"
"\143\355\102\036\372\077\011\245\042\265\371\350\224\311\233\127"
"\104\134\260\117\232\130\335\375\303\117\155\013\343\340\015\311"
"\107\266\137\233\006\332\250\223\116\350\132\135\014\053\156\044"
"\356\171\146\343\107\100\074\116\135\372\025\121\273\007\313\273"
"\337\215\030\321\105\342\066\313\355\001\305\205\342\277\300\037"
"\333\145\341\343\315\153\242\033\035\045\076\222\130\222\362\254"
"\211\270\035\021\153\105\022\263\104\134\263\267\377\271\037\045"
"\346\033\236\157\213\115\255\025\346\164\132\242\112\341\116\323"
"\104\072\251\173\067\135\126\103\031\376\247\131\177\034\124\121"
"\231\016\046\300\337\070\175\150\222\112\204\224\274\275\200\362"
"\100\005\171\070\315\046\336\333\201\377\365\204\047\351\171\120"
"\161\103\241\045\366\224\135\356\061\121\223\370\336\233\113\153"
"\061\123\103\150\270\033\273\007\305\020\352\111\264\325\001\223"
"\013\370\001\020\311\266\064\366\336\172\170\324\114\152\332\264"
"\336\151\366\231\352\303\064\325\041\002\337\134\123\363\222\015"
"\270\172\304\073\361\100\116\135\262\251\351\257\116\254\367\010"
"\212\202\016\206\145\317\174\307\347\146\322\110\351\366\012\145"
"\164\044\126\076\070\321\115\207\377\156\202\031\144\144\142\027"
"\051\306\171\370\334\047\063\073\222\037\235\126\026\034\170\027"
"\061\036\021\273\047\222\056\136\260\366\322\175\025\072\116\101"
"\177\116\032\174\274\303\152\010\027\130\341\320\331\221\350\343"
"\266\135\001\030\302\074\033\236\337\332\042\052\217\061\066\354"
"\255\055\344\147\054\342\137\274\031\067\327\314\105\146\070\146"
"\251\057\013\232\161\226\263\142\352\302\345\347\207\173\003\057"
"\174\373\224\112\060\057\160\020\060\211\041\302\106\342\055\266"
"\041\055\251\363\222\117\367\235\177\340\372\076\135\214\105\220"
"\121\320\344\030\134\054\110\070\061\334\066\215\245\077\104\335"
"\176\240\360\111\270\075\346\266\321\167\150\344\106\030\316\325"
"\141\125\033\355\036\253\361\041\257\314\274\221\073\066\341\220"
"\333\070\133\305\224\065\267\220\201\035\327\164\304\366\364\132"
"\263\142\334\050\140\071\237\230\277\317\146\324\270\170\311\254"
"\215\343\125\021\337\161\343\276\334\156\156\165\254\165\275\253"
"\273\174\375\172\133\374\222\024\213\055\242\031\170\241\175\220"
"\222\041\322\144\165\003\154\261\044\246\255\066\000\264\051\204"
"\314\077\275\133\104\242\365\276\031\173\023\206\144\335\031\210"
"\260\125\263\135\000\330\124\163\103\026\177\336\166\005\174\170"
"\244\203\076\064\323\347\316\057\057\327\123\157\230\035\326\232"
"\111\221\211\224\344\241\367\256\146\132\331\174\177\174\037\172"
"\144\313\371\231\303\032\002\351\265\253\245\110\335\116\262\252"
"\223\004\253\152\301\272\201\275\270\000\030\372\340\355\261\157"
"\111\315\321\035\345\140\253\332\154\224\367\033\256\313\247\146"
"\253\106\001\322\144\370\312\013\130\065\303\261\056\173\317\171"
"\045\171\263\223\241\021\151\003\217\144\201\152\174\154\334\015"
"\202\321\140\217\024\271\311\075\321\063\102\372\166\050\013\100"
"\320\274\227\023\354\125\105\031\353\014\164\221\047\124\043\234"
"\055\214\020\350\137\155\300\036\256\104\252\145\300\236\344\203"
"\142\022\053\371\074\153\104\305\201\121\330\261\155\064\050\237"
"\037\041\346\321\134\351\355\163\272\176\157\140\037\026\125\053"
"\110\210\045\222\211\154\020\161\333\244\077\372\214\062\203\204"
"\107\343\237\010\333\031\002\140\000\301\137\364\365\271\021\240"
"\217\271\146\060\267\314\206\132\051\131\353\000\222\053\234\115"
"\355\000\314\227\220\357\127\042\356\263\046\036\031\014\314\113"
"\234\350\306\103\360\162\206\200\341\314\016\210\366\036\373\046"
"\067\077\063\271\355\214\174\040\336\100\046\125\206\300\167\023"
"\377\302\036\107\201\233\307\201\175\137\105\012\121\237\154\166"
"\224\031\305\223\167\177\322\053\252\030\163\214\171\025\307\111"
"\177\150\071\071\257\170\361\330\115\337\246\117\066\020\260\013"
"\061\131\140\300\067\246\303\061\164\244\276\343\200\120\112\124"
"\030\204\166\340\360\114\146\226\101\242\150\133\205\071\350\237"
"\214\120\157\007\005\010\030\135\166\220\015\175\156\234\204\214"
"\306\177\072\274\102\100\316\015\023\330\051\113\221\132\261\321"
"\332\306\252\051\043\357\174\222\132\025\130\103\154\274\123\167"
"\274\150\013\024\321\122\120\262\075\200\147\377\242\343\202\162"
"\026\073\350\350\037\057\215\377\013\260\343\346\104\255\011\206"
"\232\032\273\012\071\344\204\132\001\331\147\267\154\277\200\360"
"\321\215\040\266\276\022\254\211\317\117\221\051\112\036\057\367"
"\043\340\213\007\033\326\140\071\076\043\215\043\325\317\322\340"
"\035\062\343\107\150\352\175\067\276\174\013\135\241\041\134\342"
"\312\354\153\123\017\036\211\332\134\264\231\232\355\022\277\021"
"\124\310\001\362\175\336\072\155\334\057\176\003\027\071\134\147"
"\302\122\331\236\107\204\012\306\310\362\157\323\242\102\001\346"
"\226\021\355\214\220\131\212\151\115\311\307\353\011\363\130\053"
"\053\117\356\073\217\350\350\256\312\366\216\277\053\036\077\126"
"\101\140\236\101\236\165\065\266\137\261\325\253\075\276\115\055"
"\340\240\227\360\176\335\147\266\077\135\100\233\250\344\264\234"
"\247\004\072\017\353\315\340\213\375\214\025\306\225\161\076\121"
"\111\110\241\366\023\316\030\147\266\144\206\233\322\136\304\230"
"\250\341\142\356\210\341\274\332\171\215\104\072\312\265\157\252"
"\235\321\143\017\074\157\000\160\231\325\144\104\122\330\063\134"
"\356\333\111\322\221\245\037\337\124\132\321\257\224\215\226\133"
"\047\074\051\375\313\366\276\115\252\341\316\076\334\270\162\322"
"\361\115\344\331\215\013\002\332\234\121\331\056\027\037\354\044"
"\222\266\202\131\210\257\173\211\320\174\253\200\143\147\022\015"
"\060\367\116\354\241\243\303\200\274\130\217\100\011\270\156\234"
"\204\374\203\072\334\225\310\005\011\057\205\135\166\022\250\156"
"\267\241\207\237\372\311\261\175\301\145\117\151\063\253\130\133"
"\272\155\321\113\333\341\204\377\337\121\063\232\217\272\214\376"
"\333\176\347\357\131\121\355\015\141\345\126\165\123\156\105\222"
"\317\206\010\316\035\031\300\171\126\327\221\067\336\366\102\043"
"\277\226\027\065\152\157\221\261\157\151\035\153\031\350\327\341"
"\152\314\121\062\031\247\174\101\056\227\312\160\230\062\325\357"
"\252\032\152\147\111\056\300\057\320\371\351\020\156\300\171\335"
"\103\030\312\326\045\166\164\026\247\004\214\357\212\176\160\166"
"\043\012\021\302\236\337\036\221\351\122\156\151\342\375\212\146"
"\246\311\075\256\231\220\332\013\033\143\342\124\074\206\317\110"
"\200\023\202\026\311\055\001\121\103\070\101\313\003\105\254\165"
"\031\262\171\207\264\213\311\055\307\205\263\343\203\246\125\047"
"\343\044\253\341\336\174\142\005\004\154\364\001\240\303\232\140"
"\036\335\124\011\051\350\207\040\133\112\370\233\303\225\065\047"
"\327\105\223\276\277\143\046\044\077\356\007\121\116\247\261\010"
"\075\161\060\112\222\003\002\146\035\347\364\341\166\346\015\327"
"\001\235\140\221\353\062\315\300\335\202\000\375\163\325\125\176"
"\355\165\152\107\071\234\235\004\101\176\327\245\116\235\210\260"
"\333\263\106\347\253\147\371\127\027\146\341\250\245\151\214\243"
"\355\261\141\054\150\261\225\256\144\000\373\325\305\260\033\101"
"\233\101\042\340\004\356\237\240\051\036\211\232\375\263\073\174"
"\301\047\132\375\070\134\250\213\143\127\247\246\334\073\003\032"
"\142\171\243\106\220\346\106\060\214\335\057\025\110\153\323\267"
"\307\377\373\215\364\220\320\267\315\350\147\171\374\106\251\170"
"\374\314\077\241\363\324\240\371\250\235\221\232\377\317\262\343"
"\144\005\031\361\264\320\045\214\025\200\367\300\340\152\173\070"
"\016\063\046\210\151\210\050\302\246\142\254\370\100\327\217\163"
"\335\250\145\221\170\212\036\216\012\025\117\353\200\312\044\217"
"\375\113\027\146\323\100\051\172\242\326\162\343\256\001\126\214"
"\251\274\036\042\106\074\260\121\122\377\075\323\312\141\142\310"
"\254\172\057\200\272\131\372\135\057\155\101\336\156\230\152\030"
"\124\210\073\233\305\353\355\030\353\052\353\266\214\116\177\071"
"\310\256\271\203\007\264\341\067"
#define lsto_z 1
#define lsto ((&data[2834]))
"\342"
#define opts_z 1
#define opts ((&data[2835]))
"\274"
#define tst2_z 19
#define tst2 ((&data[2836]))
"\336\142\207\373\012\000\172\246\303\040\137\300\262\323\167\203"
"\130\253\276"/* End of data[] */;
#define hide_z 4096
#define SETUID 0 /* Define as 1 to call setuid(0) at start of script */
#define DEBUGEXEC 0 /* Define as 1 to debug execvp calls */
#define TRACEABLE 1 /* Define as 1 to enable ptrace the executable */
#define HARDENING 0 /* Define as 1 to disable ptrace/dump the executable */
#define BUSYBOXON 0 /* Define as 1 to enable work with busybox */
#if HARDENING
static const char * shc_x[] = {
"/*",
" * Copyright 2019 - Intika <intika@librefox.org>",
" * Replace ******** with secret read from fd 21",
" * Also change arguments location of sub commands (sh script commands)",
" * gcc -Wall -fpic -shared -o shc_secret.so shc_secret.c -ldl",
" */",
"",
"#define _GNU_SOURCE /* needed to get RTLD_NEXT defined in dlfcn.h */",
"#define PLACEHOLDER \"********\"",
"#include <dlfcn.h>",
"#include <stdlib.h>",
"#include <string.h>",
"#include <unistd.h>",
"#include <stdio.h>",
"#include <signal.h>",
"",
"static char secret[128000]; //max size",
"typedef int (*pfi)(int, char **, char **);",
"static pfi real_main;",
"",
"// copy argv to new location",
"char **copyargs(int argc, char** argv){",
" char **newargv = malloc((argc+1)*sizeof(*argv));",
" char *from,*to;",
" int i,len;",
"",
" for(i = 0; i<argc; i++){",
" from = argv[i];",
" len = strlen(from)+1;",
" to = malloc(len);",
" memcpy(to,from,len);",
" // zap old argv space",
" memset(from,'\\0',len);",
" newargv[i] = to;",
" argv[i] = 0;",
" }",
" newargv[argc] = 0;",
" return newargv;",
"}",
"",
"static int mymain(int argc, char** argv, char** env) {",
" //fprintf(stderr, \"Inject main argc = %d\\n\", argc);",
" return real_main(argc, copyargs(argc,argv), env);",
"}",
"",
"int __libc_start_main(int (*main) (int, char**, char**),",
" int argc,",
" char **argv,",
" void (*init) (void),",
" void (*fini)(void),",
" void (*rtld_fini)(void),",
" void (*stack_end)){",
" static int (*real___libc_start_main)() = NULL;",
" int n;",
"",
" if (!real___libc_start_main) {",
" real___libc_start_main = dlsym(RTLD_NEXT, \"__libc_start_main\");",
" if (!real___libc_start_main) abort();",
" }",
"",
" n = read(21, secret, sizeof(secret));",
" if (n > 0) {",
" int i;",
"",
" if (secret[n - 1] == '\\n') secret[--n] = '\\0';",
" for (i = 1; i < argc; i++)",
" if (strcmp(argv[i], PLACEHOLDER) == 0)",
" argv[i] = secret;",
" }",
"",
" real_main = main;",
"",
" return real___libc_start_main(mymain, argc, argv, init, fini, rtld_fini, stack_end);",
"}",
"",
0};
#endif /* HARDENING */
/* rtc.c */
#include <sys/stat.h>
#include <sys/types.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <unistd.h>
/* 'Alleged RC4' */
static unsigned char stte[256], indx, jndx, kndx;
/*
* Reset arc4 stte.
*/
void stte_0(void)
{
indx = jndx = kndx = 0;
do {
stte[indx] = indx;
} while (++indx);
}
/*
* Set key. Can be used more than once.
*/
void key(void * str, int len)
{
unsigned char tmp, * ptr = (unsigned char *)str;
while (len > 0) {
do {
tmp = stte[indx];
kndx += tmp;
kndx += ptr[(int)indx % len];
stte[indx] = stte[kndx];
stte[kndx] = tmp;
} while (++indx);
ptr += 256;
len -= 256;
}
}
/*
* Crypt data.
*/
void arc4(void * str, int len)
{
unsigned char tmp, * ptr = (unsigned char *)str;
while (len > 0) {
indx++;
tmp = stte[indx];
jndx += tmp;
stte[indx] = stte[jndx];
stte[jndx] = tmp;
tmp += stte[indx];
*ptr ^= stte[tmp];
ptr++;
len--;
}
}
/* End of ARC4 */
#if HARDENING
#include <sys/ptrace.h>
#include <sys/wait.h>
#include <signal.h>
#include <sys/prctl.h>
#define PR_SET_PTRACER 0x59616d61
/* Seccomp Sandboxing Init */
#include <stdlib.h>
#include <stdio.h>
#include <stddef.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/prctl.h>
#include <sys/syscall.h>
#include <sys/socket.h>
#include <linux/filter.h>
#include <linux/seccomp.h>
#include <linux/audit.h>
#define ArchField offsetof(struct seccomp_data, arch)
#define Allow(syscall) \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, SYS_##syscall, 0, 1), \
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW)
struct sock_filter filter[] = {
/* validate arch */
BPF_STMT(BPF_LD+BPF_W+BPF_ABS, ArchField),
BPF_JUMP( BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_X86_64, 1, 0),
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL),
/* load syscall */
BPF_STMT(BPF_LD+BPF_W+BPF_ABS, offsetof(struct seccomp_data, nr)),
/* list of allowed syscalls */
Allow(exit_group), /* exits a process */
Allow(brk), /* for malloc(), inside libc */
Allow(mmap), /* also for malloc() */
Allow(munmap), /* for free(), inside libc */
/* and if we don't match above, die */
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL),
};
struct sock_fprog filterprog = {
.len = sizeof(filter)/sizeof(filter[0]),
.filter = filter
};
/* Seccomp Sandboxing - Set up the restricted environment */
void seccomp_hardening() {
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
perror("Could not start seccomp:");
exit(1);
}
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &filterprog) == -1) {
perror("Could not start seccomp:");
exit(1);
}
}
/* End Seccomp Sandboxing Init */
void shc_x_file() {
FILE *fp;
int line = 0;
if ((fp = fopen("/tmp/shc_x.c", "w")) == NULL ) {exit(1); exit(1);}
for (line = 0; shc_x[line]; line++) fprintf(fp, "%s\n", shc_x[line]);
fflush(fp);fclose(fp);
}
int make() {
char * cc, * cflags, * ldflags;
char cmd[4096];
cc = getenv("CC");
if (!cc) cc = "cc";
sprintf(cmd, "%s %s -o %s %s", cc, "-Wall -fpic -shared", "/tmp/shc_x.so", "/tmp/shc_x.c -ldl");
if (system(cmd)) {remove("/tmp/shc_x.c"); return -1;}
remove("/tmp/shc_x.c"); return 0;
}
void arc4_hardrun(void * str, int len) {
//Decode locally
char tmp2[len];
char tmp3[len+1024];
memcpy(tmp2, str, len);
unsigned char tmp, * ptr = (unsigned char *)tmp2;
int lentmp = len;
int pid, status;
pid = fork();
shc_x_file();
if (make()) {exit(1);}
setenv("LD_PRELOAD","/tmp/shc_x.so",1);
if(pid==0) {
//Start tracing to protect from dump & trace
if (ptrace(PTRACE_TRACEME, 0, 0, 0) < 0) {
kill(getpid(), SIGKILL);
_exit(1);
}
//Decode Bash
while (len > 0) {
indx++;
tmp = stte[indx];
jndx += tmp;
stte[indx] = stte[jndx];
stte[jndx] = tmp;
tmp += stte[indx];
*ptr ^= stte[tmp];
ptr++;
len--;
}
//Do the magic
sprintf(tmp3, "%s %s", "'********' 21<<<", tmp2);
//Exec bash script //fork execl with 'sh -c'
system(tmp2);
//Empty script variable
memcpy(tmp2, str, lentmp);
//Clean temp
remove("/tmp/shc_x.so");
//Sinal to detach ptrace
ptrace(PTRACE_DETACH, 0, 0, 0);
exit(0);
}
else {wait(&status);}
/* Seccomp Sandboxing - Start */
seccomp_hardening();
exit(0);
}
#endif /* HARDENING */
/*
* Key with file invariants.
*/
int key_with_file(char * file)
{
struct stat statf[1];
struct stat control[1];
if (stat(file, statf) < 0)
return -1;
/* Turn on stable fields */
memset(control, 0, sizeof(control));
control->st_ino = statf->st_ino;
control->st_dev = statf->st_dev;
control->st_rdev = statf->st_rdev;
control->st_uid = statf->st_uid;
control->st_gid = statf->st_gid;
control->st_size = statf->st_size;
control->st_mtime = statf->st_mtime;
control->st_ctime = statf->st_ctime;
key(control, sizeof(control));
return 0;
}
#if DEBUGEXEC
void debugexec(char * sh11, int argc, char ** argv)
{
int i;
fprintf(stderr, "shll=%s\n", sh11 ? sh11 : "<null>");
fprintf(stderr, "argc=%d\n", argc);
if (!argv) {
fprintf(stderr, "argv=<null>\n");
} else {
for (i = 0; i <= argc ; i++)
fprintf(stderr, "argv[%d]=%.60s\n", i, argv[i] ? argv[i] : "<null>");
}
}
#endif /* DEBUGEXEC */
void rmarg(char ** argv, char * arg)
{
for (; argv && *argv && *argv != arg; argv++);
for (; argv && *argv; argv++)
*argv = argv[1];
}
void chkenv_end(void);
int chkenv(int argc)
{
char buff[512];
unsigned long mask, m;
int l, a, c;
char * string;
extern char ** environ;
mask = (unsigned long)getpid();
stte_0();
key(&chkenv, (void*)&chkenv_end - (void*)&chkenv);
key(&data, sizeof(data));
key(&mask, sizeof(mask));
arc4(&mask, sizeof(mask));
sprintf(buff, "x%lx", mask);
string = getenv(buff);
#if DEBUGEXEC
fprintf(stderr, "getenv(%s)=%s\n", buff, string ? string : "<null>");
#endif
l = strlen(buff);
if (!string) {
/* 1st */
sprintf(&buff[l], "=%lu %d", mask, argc);
putenv(strdup(buff));
return 0;
}
c = sscanf(string, "%lu %d%c", &m, &a, buff);
if (c == 2 && m == mask) {
/* 3rd */
rmarg(environ, &string[-l - 1]);
return 1 + (argc - a);
}
return -1;
}
void chkenv_end(void){}
#if HARDENING
static void gets_process_name(const pid_t pid, char * name) {
char procfile[BUFSIZ];
sprintf(procfile, "/proc/%d/cmdline", pid);
FILE* f = fopen(procfile, "r");
if (f) {
size_t size;
size = fread(name, sizeof (char), sizeof (procfile), f);
if (size > 0) {
if ('\n' == name[size - 1])
name[size - 1] = '\0';
}
fclose(f);
}
}
void hardening() {
prctl(PR_SET_DUMPABLE, 0);
prctl(PR_SET_PTRACER, -1);
int pid = getppid();
char name[256] = {0};
gets_process_name(pid, name);
if ( (strcmp(name, "bash") != 0)
&& (strcmp(name, "/bin/bash") != 0)
&& (strcmp(name, "sh") != 0)
&& (strcmp(name, "/bin/sh") != 0)
&& (strcmp(name, "sudo") != 0)
&& (strcmp(name, "/bin/sudo") != 0)
&& (strcmp(name, "/usr/bin/sudo") != 0)
&& (strcmp(name, "gksudo") != 0)
&& (strcmp(name, "/bin/gksudo") != 0)
&& (strcmp(name, "/usr/bin/gksudo") != 0)
&& (strcmp(name, "kdesu") != 0)
&& (strcmp(name, "/bin/kdesu") != 0)
&& (strcmp(name, "/usr/bin/kdesu") != 0)
)
{
printf("Operation not permitted\n");
kill(getpid(), SIGKILL);
exit(1);
}
}
#endif /* HARDENING */
#if !TRACEABLE
#define _LINUX_SOURCE_COMPAT
#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
#include <unistd.h>
#if !defined(PT_ATTACHEXC) /* New replacement for PT_ATTACH */
#if !defined(PTRACE_ATTACH) && defined(PT_ATTACH)
#define PT_ATTACHEXC PT_ATTACH
#elif defined(PTRACE_ATTACH)
#define PT_ATTACHEXC PTRACE_ATTACH
#endif
#endif
void untraceable(char * argv0)
{
char proc[80];
int pid, mine;
switch(pid = fork()) {
case 0:
pid = getppid();
/* For problematic SunOS ptrace */
#if defined(__FreeBSD__)
sprintf(proc, "/proc/%d/mem", (int)pid);
#else
sprintf(proc, "/proc/%d/as", (int)pid);
#endif
close(0);
mine = !open(proc, O_RDWR|O_EXCL);
if (!mine && errno != EBUSY)
mine = !ptrace(PT_ATTACHEXC, pid, 0, 0);
if (mine) {
kill(pid, SIGCONT);
} else {
perror(argv0);
kill(pid, SIGKILL);
}
_exit(mine);
case -1:
break;
default:
if (pid == waitpid(pid, 0, 0))
return;
}
perror(argv0);
_exit(1);
}
#endif /* !TRACEABLE */
char * xsh(int argc, char ** argv)
{
char * scrpt;
int ret, i, j;
char ** varg;
char * me = argv[0];
if (me == NULL) { me = getenv("_"); }
if (me == 0) { fprintf(stderr, "E: neither argv[0] nor $_ works."); exit(1); }
ret = chkenv(argc);
stte_0();
key(pswd, pswd_z);
arc4(msg1, msg1_z);
arc4(date, date_z);
if (date[0] && (atoll(date)<time(NULL)))
return msg1;
arc4(shll, shll_z);
arc4(inlo, inlo_z);
arc4(xecc, xecc_z);
arc4(lsto, lsto_z);
arc4(tst1, tst1_z);
key(tst1, tst1_z);
arc4(chk1, chk1_z);
if ((chk1_z != tst1_z) || memcmp(tst1, chk1, tst1_z))
return tst1;
arc4(msg2, msg2_z);
if (ret < 0)
return msg2;
varg = (char **)calloc(argc + 10, sizeof(char *));
if (!varg)
return 0;
if (ret) {
arc4(rlax, rlax_z);
if (!rlax[0] && key_with_file(shll))
return shll;
arc4(opts, opts_z);
#if HARDENING
arc4_hardrun(text, text_z);
exit(0);
/* Seccomp Sandboxing - Start */
seccomp_hardening();
#endif
arc4(text, text_z);
arc4(tst2, tst2_z);
key(tst2, tst2_z);
arc4(chk2, chk2_z);
if ((chk2_z != tst2_z) || memcmp(tst2, chk2, tst2_z))
return tst2;
/* Prepend hide_z spaces to script text to hide it. */
scrpt = malloc(hide_z + text_z);
if (!scrpt)
return 0;
memset(scrpt, (int) ' ', hide_z);
memcpy(&scrpt[hide_z], text, text_z);
} else { /* Reexecute */
if (*xecc) {
scrpt = malloc(512);
if (!scrpt)
return 0;
sprintf(scrpt, xecc, me);
} else {
scrpt = me;
}
}
j = 0;
#if BUSYBOXON
varg[j++] = "busybox";
varg[j++] = "sh";
#else
varg[j++] = argv[0]; /* My own name at execution */
#endif
if (ret && *opts)
varg[j++] = opts; /* Options on 1st line of code */
if (*inlo)
varg[j++] = inlo; /* Option introducing inline code */
varg[j++] = scrpt; /* The script itself */
if (*lsto)
varg[j++] = lsto; /* Option meaning last option */
i = (ret > 1) ? ret : 0; /* Args numbering correction */
while (i < argc)
varg[j++] = argv[i++]; /* Main run-time arguments */
varg[j] = 0; /* NULL terminated array */
#if DEBUGEXEC
debugexec(shll, j, varg);
#endif
execvp(shll, varg);
return shll;
}
int main(int argc, char ** argv)
{
#if SETUID
setuid(0);
#endif
#if DEBUGEXEC
debugexec("main", argc, argv);
#endif
#if HARDENING
hardening();
#endif
#if !TRACEABLE
untraceable(argv[0]);
#endif
argv[1] = xsh(argc, argv);
fprintf(stderr, "%s%s%s: %s\n", argv[0],
errno ? ": " : "",
errno ? strerror(errno) : "",
argv[1] ? argv[1] : "<null>"
);
return 1;
}
Reference in New Issue View Git Blame Copy Permalink