Giters

9bie / sshdHooker

One-click injection into the SSHD process to record and send the password for ssh login

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

`/tmp/.i': Permission denied

ppuuoo opened this issue · comments

commented

target: CloudLinux release 6.10 (Final)
core:2.6.32-754.35.1.el6.x86_64 #1 SMP Sat Nov 7 12:42:14 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

beacon> shell ./sshdHooker_x64.sh
[] Tasked beacon to run: ./sshdHooker_x64.sh
[] Hello,Dog cs.
[+] host called home, sent: 50 bytes
[+] received output:
/bin/sh: ./sshdHooker_x64.sh: Permission denied

beacon> shell /bin/bash ./sshdHooker_x64.sh
[] Tasked beacon to run: /bin/bash ./sshdHooker_x64.sh
[] Hello,Dog cs.
[+] host called home, sent: 60 bytes
[+] received output:
/tmp/.g.c: In function �update_entry�:
/tmp/.g.c:215: warning: implicit declaration of function �getpagesize�
/tmp/.i.c: In function �ManualGC�:
/tmp/.i.c:367: warning: �return� with a value, in function returning void
/tmp/.i.c:373: warning: assignment makes integer from pointer without a cast
/tmp/.i.c:377: warning: �return� with a value, in function returning void
/tmp/.i.c: In function �Inject_Shellcode�:
/tmp/.i.c:491: warning: assignment makes integer from pointer without a cast
/tmp/.i.c: In function �WaitforLibPAM�:
/tmp/.i.c:560: warning: assignment makes pointer from integer without a cast
/tmp/.i.c: In function �main�:
/tmp/.i.c:621: warning: passing argument 4 of �pthread_create� makes pointer from integer without a cast
/usr/include/pthread.h:225: note: expected �void * __restrict__� but argument is of type �long int�
nohup: failed to run command `/tmp/.i': Permission denied

gcc -shared inject_got.c -ldl -fPIC -o test2.so -std=c99
inject_got.c: In function ‘update_entry’:
inject_got.c:216: warning: implicit declaration of function ‘getpagesize’

gcc sshdHooker.c shellcode.s -g -o inject -ldl -lpthread
sshdHooker.c: In function ‘ManualGC’:
sshdHooker.c:366: warning: ‘return’ with a value, in function returning void
sshdHooker.c:372: warning: assignment makes integer from pointer without a cast
sshdHooker.c:376: warning: ‘return’ with a value, in function returning void
sshdHooker.c: In function ‘Inject_Shellcode’:
sshdHooker.c:490: warning: assignment makes integer from pointer without a cast
sshdHooker.c: In function ‘WaitforLibPAM’:
sshdHooker.c:559: warning: assignment makes pointer from integer without a cast
sshdHooker.c: In function ‘main’:
sshdHooker.c:620: warning: passing argument 4 of ‘pthread_create’ makes pointer from integer without a cast
/usr/include/pthread.h:225: note: expected ‘void * restrict’ but argument is of type ‘long int’

ls
./ ../ inject* inject_got.c shellcode.s sshdHooker.c test2.so*

bash ./inject 1930
./inject: ./inject: cannot execute binary file