search

matricali / cbrutekrag

Penetration tests on SSH servers using brute force or dictionary attacks. Written in C.
MIT License
173 stars 28 forks source link

Implement Fake Process #8

Closed notoxxia closed 2 months ago

notoxxia commented 5 years ago

Hello ! A Fake Process will be awesome. This is an example of a fake process command line :

trcpy(argv[0],FAKE); // fake the proccess name. while(fgets(buff,sizeof(buff),fp)) { c=strchr(buff,'n'); if(c!=NULL) *c='.'; if (!(fork())) { where=0; // printf("--> attacking %s",buff); for (i=0; i<count; i=i+2){ // printf("--> Trying %s:%s %sn",a[i],a[i+1],buff); checkauth(a[i],a[i+1],buff); // try to auth } exit(0);

this is taken from https://github.com/MrMugiwara/against-cracker/blob/master/against.py Of course, this is py, but i guess this can also be done in C. Thank you, Brother !

matricali commented 5 years ago

Hello ! A Fake Process will be awesome. This is an example of a fake process command line :

trcpy(argv[0],FAKE); // fake the proccess name. while(fgets(buff,sizeof(buff),fp)) { c=strchr(buff,'n'); if(c!=NULL) *c='.'; if (!(fork())) { where=0; // printf("--> attacking %s",buff); for (i=0; i<count; i=i+2){ // printf("--> Trying %s:%s %sn",a[i],a[i+1],buff); checkauth(a[i],a[i+1],buff); // try to auth } exit(0);

this is taken from https://github.com/MrMugiwara/against-cracker/blob/master/against.py Of course, this is py, but i guess this can also be done in C. Thank you, Brother !

Your code is ANSI C, not Python :laughing: But yes, the way to change the process name on UNIX systems are writing on memory where argv[0] is allocated. :+1:

I guess that your code has a missing "s", should be: strcpy(argv[0], FAKE); <--- Basically it's copying memory from FAKE to address where argv[0] is allocated. This single line covers your request :D

matricali commented 5 years ago

Other Linux-standard possible solutions:

notoxxia commented 5 years ago

prctl(PR_SET_NAME, (unsigned long)"newName", 0, 0, 0);

First, thank you for the quick response. Second, where should i place this line ? "prctl(PR_SET_NAME, (unsigned long)"newName", 0, 0, 0);"

_<

notoxxia commented 5 years ago

Other Linux-standard possible solutions:

* [`pthread_setname_np`](https://linux.die.net/man/3/pthread_setname_np)(pthread_self(), "newName"); is probably the better method, it comes from `glibc` and might be portable to other non-Linux systems

* [`prctl`](https://linux.die.net/man/2/prctl)(PR_SET_NAME, (unsigned long)"newName", 0, 0, 0);

Hello again, Brother! As above, I'm asking you about those lines :D where should i place them ? cbrutekrag.c ? is there anything else to insert ? can you give me an example ? Thank you so much brother ! Note: my coding skills are horrible :))))

notoxxia commented 5 years ago

I also got plenty of errors when i tried to add prctl or pthread_setname_np