moonq/backdoor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

actually trying to die..

Browse Source
This commit is contained in:
Ville Rantanen
2019-07-08 10:36:14 +03:00
parent 2177356ac1
commit 62a22639b1
3 changed files with 91 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Makefile
View File

@@ -17,13 +17,16 @@ build:
-e "s,{{BACKDOORURL}},$${BACKDOORURL},g" \ -e "s,{{BACKDOORURL}},$${BACKDOORURL},g" \
-e "s,{{BACKDOORURLPATH}},$${BACKDOORURLPATH},g" \ -e "s,{{BACKDOORURLPATH}},$${BACKDOORURLPATH},g" \
src/ssh-backdoor-open > scripts/ssh-backdoor-open && \ src/ssh-backdoor-open > scripts/ssh-backdoor-open && \
chmod +x scripts/* && \
true' true'
install: build install: build
bash -c '. config.env && \ bash -c '. config.env && \
cp -v scripts/ssh-backdoor-open "$${BACKDOORURLPATH}" && \ cp -av scripts/ssh-backdoor-open "$${BACKDOORURLPATH}" && \
mkdir -p ${PREFIX} && \ mkdir -p ${PREFIX} && \
cp -v scripts/ssh-backdoor ${PREFIX}/ssh-backdoor && \ cp -av scripts/ssh-backdoor ${PREFIX}/ssh-backdoor && \
cp -av scripts/ssh-backdoor-connect-local ${PREFIX}/ssh-backdoor-connect-local && \
cp -av scripts/ssh-backdoor-connect ${PREFIX}/ssh-backdoor-connect && \
true' true'
clean: clean:

90
src/ssh-backdoor
View File

@@ -2,6 +2,7 @@
from datetime import timedelta, datetime from datetime import timedelta, datetime
from tabulate import tabulate from tabulate import tabulate
import psutil
import random import random
import sqlite3 import sqlite3
import time, os, sys import time, os, sys
@@ -27,6 +28,14 @@ def setup_options():
default = False, default = False,
help = "Clear the database of everything, first" help = "Clear the database of everything, first"
) )
parser.add_argument(
"--kill",
action = 'store',
dest = 'kill',
default = None,
type = str,
help="Kill processes of given ID"
)
parser.add_argument( parser.add_argument(
"--list","-l", "--list","-l",
action = 'store_true', action = 'store_true',
@@ -75,12 +84,23 @@ def setup_options():
return options return options
def eprint(s):
ewrite(str(s) + "\n")
def ewrite(s):
sys.stderr.write(str(s))
sys.stderr.flush()
class DataBase: class DataBase:
def __init__(self, DB): def __init__(self, DB):
self.alive = 7 * 24 * 3600 # 7 days self.alive = 7 * 24 * 3600 # 7 days
self.DBfile = DB self.DBfile = DB
self.conn = None self.conn = None
self.db = None self.db = None
self.id = None
self.to_die = False
if not os.path.exists(self.DBfile): if not os.path.exists(self.DBfile):
self.createDB() self.createDB()
self.conn_init() self.conn_init()
@@ -124,23 +144,64 @@ class DataBase:
self.db.execute("DELETE FROM ports WHERE id = ?", (row[0],)) self.db.execute("DELETE FROM ports WHERE id = ?", (row[0],))
self.conn_end() self.conn_end()
def die(self): def die(self):
""" kills process, and parents, if set to die """ eprint("\n\nDying by request\n\n")
parent = self.get_pid()
if parent > 1:
try:
os.kill(parent, 9)
except OSError:
pass pass
sys.exit(1)
def check_die(self):
""" kills process, and parents, if set to die """
if self.id == None:
return
self.db = self.conn.cursor()
self.db.execute("SELECT id,pid,die FROM ports WHERE id = ?", (self.id,))
result = self.db.fetchall()
if len(result) == 0:
return None
to_die = result[0][2]
# if parent process is 1, then ssh connection has died
self.to_die = self.to_die or to_die == 1 or result[0][1] == 1
if self.to_die:
self.die()
def set_to_die(self, id):
""" set to die """
self.db = self.conn.cursor()
self.db.execute("SELECT id FROM ports WHERE id = ?", (id,))
result = self.db.fetchall()
if len(result) == 0:
eprint("No such ID found")
return None
self.db.execute("UPDATE ports SET die = 1 WHERE id = ?",
(id,)
)
self.conn_end()
def update(self, id): def update(self, id):
self.id = id
port = self.get_port(id) port = self.get_port(id)
if port == None: if port == None:
port = self.new_port() port = self.new_port()
parent = self.get_pid()
self.db = self.conn.cursor() self.db = self.conn.cursor()
self.db.execute("INSERT OR REPLACE INTO ports(id,port,date,pid,host) \ self.db.execute("INSERT OR REPLACE INTO ports(id,port,date,pid,host,die) \
VALUES(?,?,?,?,?)",( VALUES(?,?,?,?,?,?)",(
id, id,
port, port,
int(time.time()), int(time.time()),
self.get_pid(), parent,
os.getenv("SSH_CLIENT","-").split(" ")[0] os.getenv("SSH_CLIENT","-").split(" ")[0],
self.to_die
) )
) )
self.conn_end() self.conn_end()
@@ -197,38 +258,47 @@ if __name__ == "__main__":
opts=setup_options() opts=setup_options()
db = DataBase(opts.DB) db = DataBase(opts.DB)
start_time = time.time() start_time = time.time()
if opts.clear: if opts.clear:
db.clear() db.clear()
if opts.list_names: if opts.list_names:
for row in db.list(): for row in db.list():
if row[5]: if row[5]:
print(row[0]) print(row[0])
sys.exit(0) sys.exit(0)
if opts.list: if opts.list:
print(tabulate( print(tabulate(
db.list(), db.list(),
headers = ['Id','Port','Host','Age','PID','Alive'] headers = ['Id','Port','Host','Age','PID','Alive']
)) ))
if opts.query != None: if opts.query != None:
port = db.get_port(opts.query) port = db.get_port(opts.query)
if port == None: if port == None:
sys.exit(1) sys.exit(1)
print(port) print(port)
sys.exit(0) sys.exit(0)
if opts.kill:
db.set_to_die(opts.kill)
sys.exit(0)
if opts.id != None: if opts.id != None:
print(db.update(opts.id)) print(db.update(opts.id))
if opts.wait: if opts.wait:
sys.stderr.write( ewrite(
" Connected\r" " Connected\r"
) )
while True: while True:
if time.time() - start_time > 3600: if time.time() - start_time > 3600:
sys.exit(0) sys.exit(0)
db.check_die()
db.update(opts.id) db.update(opts.id)
for i in range(10): for i in range(10):
db.die() time.sleep(1)#0 * random.random())
time.sleep(3 + random.random()) ewrite(
sys.stderr.write(
" " + " " +
time.strftime("%c") + time.strftime("%c") +
"\r" "\r"

9
src/ssh-backdoor-open
View File

@@ -2,7 +2,6 @@
export PATH=$PATH:/usr/local/bin export PATH=$PATH:/usr/local/bin
set -x
if [[ "$1" = update ]]; then if [[ "$1" = update ]]; then
set -e set -e
curl --fail {{BACKDOORURL}} > /tmp/ssh-backdoor-open && { curl --fail {{BACKDOORURL}} > /tmp/ssh-backdoor-open && {
@@ -14,11 +13,13 @@ if [[ "$1" = update ]]; then
fi fi
_ssh() { _ssh() {
timeout 3700 ssh \ timeout -k 10 3700 ssh \
-o UserKnownHostsFile=/dev/null \ -o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \ -o StrictHostKeyChecking=no \
-o ConnectTimeout=10 \ -o ConnectTimeout=10 \
-p ${BACKDOORPORT} -o ServerAliveInterval=15 \
-o ServerAliveCountMax=3 \
-p ${BACKDOORPORT} \
${BACKDOORHOST} \ ${BACKDOORHOST} \
"$@" "$@"
#~ -o "ExitOnForwardFailure yes" \ #~ -o "ExitOnForwardFailure yes" \
@@ -28,6 +29,7 @@ BACKDOORHOST={{BACKDOORHOST}}
BACKDOORPORT={{BACKDOORPORT}} BACKDOORPORT={{BACKDOORPORT}}
USER=$( id -u -n ) USER=$( id -u -n )
echo use of ssh-add is encouraged echo use of ssh-add is encouraged
( sleep 3; printf "%d\r" $SECONDS ) &
while true; do while true; do
port=$( _ssh bin/ssh-backdoor $USER@$HOSTNAME ) port=$( _ssh bin/ssh-backdoor $USER@$HOSTNAME )
[[ -z "$port" ]] && { sleep 2; continue; } [[ -z "$port" ]] && { sleep 2; continue; }
@@ -42,3 +44,4 @@ while true; do
} }
sleep 10 sleep 10
done done
kill %1