#include #include #include #include #include #include #define log_fajl "/var/log/vmlogged.log" #define VER "VMshell 0.25b" #define __OPASNOST__ 1 #define __SIGURNOST__ 0 #define __NE_USPEH__ 0 #define __USPEH__ 1 typedef enum izlaz {NETACNO, TACNO} EGZIT; EGZIT izadji,sukorisnik; EGZIT dozvola,compdozvola,opasnost; FILE *log; int tokc = 0,tok = 0, x = 0, z = 0, upozorenje, brojac; char cmline[1024], kcela[1024], uid[1024], scantext[512], *cmtok[512], *delovi[512], *svptr, *svptrs, *s, *es; void scanic(void); void scanend(char *); void clrscr(void); int main(int argc, char **argv, char **envp) { // ********deljenje********** getpw(getuid(), uid); // preraditi getpw... umesto ovog glupavog punjenja... for(z = 0; z < 1024; z++) if (uid[z] == '\n') uid[z] = 0; es = (char *) strtok_r(uid,":",&svptrs); while(es != 0) { delovi[tok++] = es; es = (char *) strtok_r(NULL,":",&svptrs); } if (delovi[2]!=0) printf("%sOva shell ljuska nije namenjena za korisnika sa pidom %s, no moze da posluzi....Uzivajte!\n\a", RED, delovi[2]); if (argc != 1){ printf("%sV%sirtual %sM%sind %sSH%sell skripta by %sdARKmIND\n",BOLDWHITE, NORMAL,BOLDWHITE,NORMAL,BOLDWHITE,NORMAL,BOLDWHITE); printf("%s[%s%s%s] http://unix.qrac.cc/vmshell.tar.gz\n",BOLDWHITE,RED, VER,BOLDWHITE); printf("%sUsage : %s -h \n",BOLDWHITE,argv[0]); printf("\a",NORMAL); exit(1); } //malo bezbednosti log = fopen(log_fajl,"a+"); //system("stty susp ^O"); //system("stty intr ^L"); while (izadji != 1) { izadji = 0; tokc = 0; opasnost = 0; printf("%s%s# ", BOLDWHITE, VER); printf("%s", NORMAL); fgets(cmline,1024,stdin); strncpy(kcela, cmline, sizeof(kcela) - 1 ); // kcela[sizeof(kcela) != 1] = 0; // return; for(x = 0; x < 1024; x++) if (cmline[x] == '\n') cmline[x] = 0; s = (char *) strtok_r(cmline," ",&svptr); while(s != 0) { cmtok[tokc++] = s; s = (char *) strtok_r(NULL," ",&svptr); } //deli redi iz /etc/passwd na celine (:) cmtok[tokc] = 0; //moze, a i ne mora delovi[tok] = 0; //cmtok[1]=(char *)malloc(4096); if (strncmp(cmline,"quit",5) == 0) izadji = 1; if (strncmp(cmline,"exit",5) == 0) izadji = 1; //----------------kriticne komande na koje treba obratiti paznju!------------- if (strncmp(cmline,"rm",3) == 0) opasnost = 1; if (strncmp(cmline,"dd",3) == 0) opasnost = 1; if (strncmp(cmline,"reboot",7) == 0) opasnost = 1; if (strncmp(cmline,"halt",5) == 0) opasnost = 1; if (strncmp(cmline,"shutdown",9) == 0) opasnost = 1; if (strncmp(cmline,"chmod",6) == 0) opasnost = 1; if (strncmp(cmline,"chown",6) == 0) opasnost = 1; if (strncmp(cmline,"su",3) == 0) opasnost = 1; if (strncmp(cmline,"sudo",5) == 0) opasnost = 1; if (strncmp(cmline,"gcc",4) == 0) opasnost = 1; if (strncmp(cmline,"ln",3) == 0) opasnost = 1; if (strncmp(cmline,"nmap",5) == 0) opasnost = 1; if (strncmp(cmline,"kill",5) == 0) opasnost = 1; if (strncmp(cmline,"killall",8) == 0) opasnost = 1; if (strncmp(cmline,"init",5) == 0) opasnost = 1; if(strstr(kcela,"/bin/rm")!=0) opasnost = 1; if(strstr(kcela,"/bin/dd")!=0) opasnost = 1; if(strstr(kcela,"/sbin/reboot")!=0) opasnost = 1; if(strstr(kcela,"/sbin/halt")!=0) opasnost = 1; if(strstr(kcela,"/sbin/shutdown")!=0) opasnost = 1; if(strstr(kcela,"/bin/chmod")!=0) opasnost = 1; if(strstr(kcela,"/bin/chown")!=0) opasnost = 1; if(strstr(kcela,"/bin/su")!=0) opasnost = 1; if(strstr(kcela,"/usr/bin/sudo")!=0) opasnost = 1; if(strstr(kcela,"/usr/bin/gcc")!=0) opasnost = 1; if(strstr(kcela,"/usr/local/bin/gcc")!=0) opasnost = 1; if(strstr(kcela,"/bin/ln")!=0) opasnost = 1; if(strstr(kcela,"/usr/local/bin/nmap")!=0) opasnost = 1; if(strstr(kcela,"/bin/kill")!=0) opasnost = 1; if(strstr(kcela,"/bin/killall")!=0) opasnost = 1; if(strstr(kcela,"/usr/src/linux/init")!=0) opasnost = 1; if(strstr(kcela,"/sbin/init")!=0) opasnost = 1; //kraj liste. //----------------kriticni direktorijumi----------------------- struct dir_st { char *naziv; char *vlasnik; short prava; //prava za ostatak populacije :)) } dir[]={ "/etc","root",0, "/root","root",0, "/usr/sbin","root",1, "/tmp","root",0, "/dev","root",0, "/mnt","root",0, }; //kraj liste. //-----------------------lista shell ljuski--------------------------- if (strncmp(cmline,"sh",3) == 0) dozvola = 1; if (strncmp(cmline,"bash",5) == 0) dozvola = 1; if (strncmp(cmline,"zsh",4) == 0) dozvola = 1; if (strncmp(cmline,"tcsh",5) == 0) dozvola = 1; if (strncmp(cmline,"csh",4) == 0) dozvola = 1; if (strncmp(cmline,"ksh",4) == 0) dozvola = 1; if (strncmp(cmline,"ash",4) == 0) dozvola = 1; if (strncmp(cmline,"bash1",6) == 0) dozvola = 1; if (strncmp(cmline,"vmsh",5) == 0) dozvola = 1; if (strncmp(cmline,"vmshell",8) == 0) dozvola = 1; if(strstr(kcela,"sh")!=0) dozvola = 1; if(strstr(kcela,"bash")!=0) dozvola = 1; if(strstr(kcela,"zsh")!=0) dozvola = 1; if(strstr(kcela,"tcsh")!=0) dozvola = 1; if(strstr(kcela,"csh")!=0) dozvola = 1; if(strstr(kcela,"ash")!=0) dozvola = 1; if(strstr(kcela,"bash1")!=0) dozvola = 1; if(strstr(kcela,"vmsh")!=0) dozvola = 1; if(strstr(kcela,"vmshell")!=0) dozvola = 1; //---------------------sve ostale komande----------------------- if (strncmp(cmline,cmline,strlen(cmline)) == 0) { if (opasnost == 1){ if (strncmp(delovi[2], "0", 2) != 0) printf("%sNemate dozvolu za pokretanjem komande %s",BOLDWHITE, cmline); if (strncmp(delovi[2], "0", 2) != 0){ printf("Komanda %s, se moze koristiti samo uz dozvolu root-a.\n",cmline); if (strncmp(kcela, "rm -rf /",8) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Brisem vas home direktorijum.\n"); //execve("rm -rf",delovi[4],envp); if (strncmp(kcela, "rm -rf /root",12) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu da izbrisete root direktorijum. Zato cu da izbrisem vas home direktorijum.\n"); //execve("rm -rf",delovi[4],envp); if (strncmp(cmline, "reboot",7) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Rebootovanje vrsi samo korisnik root.\n"); if (strncmp(cmline, "halt",5) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu da ugasite sistem.\n"); if (strncmp(cmline, "shutdown",9) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu da ugasite sistem.\n"); if (strncmp(cmline, "chmod",6) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nema potrebe za menjanjem modova nad fajlom/direktorijumom.\n"); if (strncmp(cmline, "chown",6) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nema potrebe za menjanjem vlasnika fajla/direktorijuma.\n"); if (strncmp(cmline, "su",3) == 0) if (strncmp(delovi[2], "0", 2) != 0) if(sukorisnik==0) //proverava da li je korisnik u listi printf("Nema vas u listi sudovanih korisnika.\n"); if (strncmp(cmline, "sudo",5) == 0) if (strncmp(delovi[2], "0", 2) != 0) if(sukorisnik==0) printf("Nemate dozvolu da izvrsite komandu kao root.\n"); if (strncmp(cmline, "gcc",4) == 0) if (strncmp(delovi[2], "0", 2) != 0) if(compdozvola==0) printf("Nemate dozvolu da kompajlirate fajl.\n"); if (strncmp(cmline, "ln",3) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu za linkovanje.\n"); if (strncmp(cmline, "nmap",5) == 0) if (strncmp(delovi[2], "0", 2) != 0) if (strncmp(cmtok[1], NULL, 0) != 0) scanic(); if (strncmp(cmline, "nmap",5) == 0) if (strncmp(delovi[2], "0", 2) != 0) if (strncmp(kcela,"nmap 127.0.0.1",15) != 0) printf("Nemate dozvolu za skeniranje.\n"); if (strncmp(cmline, "kill",5) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu za gasenje procesa. Obratite se administratoru.\n"); if (strncmp(cmline, "killall",8) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu za gasenje procesa. Obratite se administratoru.\n"); if (strncmp(cmline, "init",5) == 0) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu za pokretanjem init skripti.\n"); } if (cmtok[1] != NULL) izadji = 2; /* if(strncmp(cmtok[1],"/etc",5) == 0){ printf("%sNema potrebe za bilo kakvim cackanjem po /etc direktorijumu!\a\n", BOLDWHITE); } */ if(strncmp(cmline,"cd",3)==0) if(strncmp(cmtok[1],"/etc",5) != 0) chdir(cmtok[1]); if(strncmp(cmline,"clear",6)==0) clrscr(); if (dozvola == 1) if (strncmp(delovi[2], "0", 2) != 0) printf("Nemate dozvolu da pokrenete %s shell ljusku nad ovom!\n",cmline); if (opasnost == 1) if (strncmp(delovi[2], "0", 2) == 0) if (dozvola !=1) system(kcela); if (opasnost != 1) if (dozvola != 1) system(kcela); dozvola = 2; //if (izadji=1) exit(1); if (log) fprintf(log, "UID: %i\t%s",getuid(), kcela); } if (!log) if(brojac !=1){ brojac++; printf("Nemoguce snimanje logova u %s\n\a",log_fajl); } if (izadji == 0) { if (fork() == 0) { execve(cmline,cmtok,envp); // ovo je pravo sistemsko izvrsavanje komandi if(strlen(cmline) == 0) printf("Nepostojeca komanda. \n",cmline); return 0; } else wait(0); } } printf("%sHvala na upotrebi Virtual Mind SHell ljuske!\n",BOLDWHITE); printf("%sAll Rights (c) dARKmIND 2002\n",WHITE); printf("%s",NORMAL); fclose(log); sleep(2); return 0; } void scanic(){ FILE *scanned; FILE *hostnamefajl; char hostname[80]={0}; hostnamefajl=fopen("/etc/HOSTNAME","r"); fread(hostname,78,1,hostnamefajl); scanend(hostname); scanned=fopen("/etc/scanned", "r"); if (scanned){ fread(scantext, 80, 1, scanned); printf("%s%s",NORMAL,scantext); fclose (scanned); } if (!scanned){ printf("\n"); printf("Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )\n"); printf("Interesting ports on %s (127.0.0.1):\n",hostname); printf("(The 1546 ports scanned but not shown below are in state: closed)\n"); printf("Port State Service\n"); printf("25/tcp open smtp\n"); printf("80/tcp open httpd\n"); printf("110/tcp open pop-3\n"); printf("111/tcp open sunrpc\n"); printf("\n"); printf("\n"); printf("Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds\n"); } } void scanend(char *string) { int brojac; for(brojac=0;brojac<78;brojac++) { if(string[brojac]==10) string[brojac]=0; if(string[brojac]==13) string[brojac]=0; } } void clrscr(void) { FILE *otvori; otvori=fopen("/usr/bin/clear","r+b"); int intprom; if (otvori != NULL) { fclose (otvori); system (kcela); } else for (intprom=0;intprom<25;intprom++) printf("\n"); } }