Linux polon 4.19.0-27-amd64 #1 SMP Debian 4.19.316-1 (2024-06-25) x86_64
Apache/2.4.59 (Debian)
: 10.2.73.233 | : 18.219.12.88
Cant Read [ /etc/named.conf ]
5.6.40-64+0~20230107.71+debian10~1.gbp673146
www-data
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
src /
xtables-addons-2.12 /
extensions /
[ HOME SHELL ]
Name
Size
Permission
Action
ACCOUNT
[ DIR ]
drwxr-xr-x
pknock
[ DIR ]
drwxr-xr-x
Kbuild
1020
B
-rw-r--r--
Makefile
14.31
KB
-rw-r--r--
Makefile.am
910
B
-rw-r--r--
Makefile.in
13.55
KB
-rw-r--r--
Mbuild
989
B
-rw-r--r--
compat_skbuff.h
325
B
-rw-r--r--
compat_user.h
262
B
-rw-r--r--
compat_xtables.c
1.18
KB
-rw-r--r--
compat_xtables.h
2.52
KB
-rw-r--r--
compat_xtnu.h
1.97
KB
-rw-r--r--
libxt_CHAOS.c
2.56
KB
-rw-r--r--
libxt_CHAOS.man
1
KB
-rw-r--r--
libxt_DELUDE.c
1.11
KB
-rw-r--r--
libxt_DELUDE.man
286
B
-rw-r--r--
libxt_DHCPMAC.c
2.55
KB
-rw-r--r--
libxt_DHCPMAC.man
1.2
KB
-rw-r--r--
libxt_DNETMAP.c
6.62
KB
-rw-r--r--
libxt_DNETMAP.man
7.71
KB
-rw-r--r--
libxt_ECHO.c
1.03
KB
-rw-r--r--
libxt_ECHO.man
141
B
-rw-r--r--
libxt_IPMARK.c
4.71
KB
-rw-r--r--
libxt_IPMARK.man
1.99
KB
-rw-r--r--
libxt_LOGMARK.c
3.27
KB
-rw-r--r--
libxt_LOGMARK.man
312
B
-rw-r--r--
libxt_SYSRQ.c
844
B
-rw-r--r--
libxt_SYSRQ.man
3.67
KB
-rw-r--r--
libxt_TARPIT.c
2.75
KB
-rw-r--r--
libxt_TARPIT.man
2.55
KB
-rw-r--r--
libxt_condition.c
2.5
KB
-rw-r--r--
libxt_condition.man
175
B
-rw-r--r--
libxt_dhcpmac.c
2.52
KB
-rw-r--r--
libxt_dhcpmac.man
207
B
-rw-r--r--
libxt_fuzzy.c
3.37
KB
-rw-r--r--
libxt_fuzzy.man
263
B
-rw-r--r--
libxt_geoip.c
8.21
KB
-rw-r--r--
libxt_geoip.man
1
KB
-rw-r--r--
libxt_gradm.c
2.3
KB
-rw-r--r--
libxt_gradm.man
225
B
-rw-r--r--
libxt_iface.c
7.21
KB
-rw-r--r--
libxt_iface.man
1.39
KB
-rw-r--r--
libxt_ipp2p.c
7.36
KB
-rw-r--r--
libxt_ipp2p.man
1.52
KB
-rw-r--r--
libxt_ipv4options.c
4.32
KB
-rw-r--r--
libxt_ipv4options.man
1.44
KB
-rw-r--r--
libxt_length2.c
4.69
KB
-rw-r--r--
libxt_length2.man
695
B
-rw-r--r--
libxt_lscan.c
2.64
KB
-rw-r--r--
libxt_lscan.man
1.58
KB
-rw-r--r--
libxt_psd.c
5.34
KB
-rw-r--r--
libxt_psd.man
720
B
-rw-r--r--
libxt_quota2.c
4.06
KB
-rw-r--r--
libxt_quota2.man
1.6
KB
-rw-r--r--
mac.c
572
B
-rw-r--r--
xt_CHAOS.c
6.29
KB
-rw-r--r--
xt_CHAOS.h
249
B
-rw-r--r--
xt_DELUDE.c
4.96
KB
-rw-r--r--
xt_DHCPMAC.c
4.18
KB
-rw-r--r--
xt_DHCPMAC.h
311
B
-rw-r--r--
xt_DNETMAP.c
25.22
KB
-rw-r--r--
xt_DNETMAP.h
402
B
-rw-r--r--
xt_ECHO.c
6.98
KB
-rw-r--r--
xt_IPMARK.c
2.75
KB
-rw-r--r--
xt_IPMARK.h
252
B
-rw-r--r--
xt_LOGMARK.c
3.96
KB
-rw-r--r--
xt_LOGMARK.h
209
B
-rw-r--r--
xt_SYSRQ.c
9.75
KB
-rw-r--r--
xt_TARPIT.c
14.94
KB
-rw-r--r--
xt_TARPIT.h
258
B
-rw-r--r--
xt_condition.c
6.75
KB
-rw-r--r--
xt_condition.h
276
B
-rw-r--r--
xt_fuzzy.c
4.65
KB
-rw-r--r--
xt_fuzzy.h
397
B
-rw-r--r--
xt_geoip.c
8.73
KB
-rw-r--r--
xt_geoip.h
1.34
KB
-rw-r--r--
xt_gradm.h
108
B
-rw-r--r--
xt_iface.c
3.32
KB
-rw-r--r--
xt_iface.h
596
B
-rw-r--r--
xt_ipp2p.c
23.63
KB
-rw-r--r--
xt_ipp2p.h
995
B
-rw-r--r--
xt_ipv4options.c
1.96
KB
-rw-r--r--
xt_ipv4options.h
581
B
-rw-r--r--
xt_length2.c
6.99
KB
-rw-r--r--
xt_length2.h
457
B
-rw-r--r--
xt_lscan.c
7.85
KB
-rw-r--r--
xt_lscan.h
200
B
-rw-r--r--
xt_psd.c
14.2
KB
-rw-r--r--
xt_psd.h
792
B
-rw-r--r--
xt_quota2.c
9
KB
-rw-r--r--
xt_quota2.h
478
B
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : xt_SYSRQ.c
/* * "SYSRQ" target extension for Xtables * Copyright Jan Engelhardt, 2016 * * Based upon the ipt_SYSRQ idea by Marek Zalem <marek [at] terminus sk> * * Security additions John Haxby <john.haxby [at] oracle com> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * version 2 or 3 as published by the Free Software Foundation. */ #include <linux/in.h> #include <linux/ip.h> #include <linux/ipv6.h> #include <linux/module.h> #include <linux/skbuff.h> #include <linux/sysrq.h> #include <linux/udp.h> #include <linux/version.h> #include <linux/netfilter_ipv4/ip_tables.h> #include <linux/netfilter_ipv6/ip6_tables.h> #include <linux/netfilter/x_tables.h> #include <crypto/hash.h> #include <net/ip.h> #include <net/ipv6.h> #include "compat_xtables.h" #if defined(CONFIG_CRYPTO) || defined(CONFIG_CRYPTO_MODULE) # define WITH_CRYPTO 1 #endif #if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE) # define WITH_IPV6 1 #endif static bool sysrq_once; static char sysrq_password[64]; static char sysrq_hash[16] = "sha1"; static long sysrq_seqno; static int sysrq_debug; module_param_string(password, sysrq_password, sizeof(sysrq_password), S_IRUSR | S_IWUSR); module_param_string(hash, sysrq_hash, sizeof(sysrq_hash), S_IRUSR); module_param_named(seqno, sysrq_seqno, long, S_IRUSR | S_IWUSR); module_param_named(debug, sysrq_debug, int, S_IRUSR | S_IWUSR); MODULE_PARM_DESC(password, "password for remote sysrq"); MODULE_PARM_DESC(hash, "hash algorithm, default sha1"); MODULE_PARM_DESC(seqno, "sequence number for remote sysrq"); MODULE_PARM_DESC(debug, "debugging: 0=off, 1=on"); #ifdef WITH_CRYPTO static struct crypto_shash *sysrq_tfm; static int sysrq_digest_size; static unsigned char *sysrq_digest_password; static unsigned char *sysrq_digest; static char *sysrq_hexdigest; /* * The data is of the form "<requests>,<seqno>,<salt>,<hash>" where <requests> * is a series of sysrq requests; <seqno> is a sequence number that must be * greater than the last sequence number; <salt> is some random bytes; and * <hash> is the hash of everything up to and including the preceding "," * together with "<dstaddr>,<password>". * * For example * * salt=$RANDOM * req="s,$(date +%s),$salt" * echo "$req,$(echo -n $req,10.10.25.1,secret | sha1sum | cut -c1-40)" * * You will want a better salt and password than that though :-) */ static unsigned int sysrq_tg(const void *pdata, uint16_t len) { const char *data = pdata; int i, n; struct shash_desc desc; int ret; long new_seqno = 0; if (*sysrq_password == '\0') { if (!sysrq_once) printk(KERN_INFO KBUILD_MODNAME ": No password set\n"); sysrq_once = true; return NF_DROP; } if (len == 0) return NF_DROP; for (i = 0; sysrq_password[i] != '\0' && sysrq_password[i] != '\n'; ++i) /* loop */; sysrq_password[i] = '\0'; i = 0; for (n = 0; n < len - 1; ++n) { if (i == 1 && '0' <= data[n] && data[n] <= '9') new_seqno = 10L * new_seqno + data[n] - '0'; if (data[n] == ',' && ++i == 3) break; } ++n; if (i != 3) { if (sysrq_debug) printk(KERN_WARNING KBUILD_MODNAME ": badly formatted request\n"); return NF_DROP; } if (sysrq_seqno >= new_seqno) { if (sysrq_debug) printk(KERN_WARNING KBUILD_MODNAME ": old sequence number ignored\n"); return NF_DROP; } desc.tfm = sysrq_tfm; desc.flags = 0; ret = crypto_shash_init(&desc); if (ret != 0) goto hash_fail; if (crypto_shash_update(&desc, data, n) != 0) goto hash_fail; if (crypto_shash_update(&desc, sysrq_digest_password, strlen(sysrq_digest_password)) != 0) goto hash_fail; if (crypto_shash_final(&desc, sysrq_digest) != 0) goto hash_fail; for (i = 0; i < sysrq_digest_size; ++i) { sysrq_hexdigest[2*i] = "0123456789abcdef"[(sysrq_digest[i] >> 4) & 0xf]; sysrq_hexdigest[2*i+1] = "0123456789abcdef"[sysrq_digest[i] & 0xf]; } sysrq_hexdigest[2*sysrq_digest_size] = '\0'; if (len - n < sysrq_digest_size * 2) { if (sysrq_debug) printk(KERN_INFO KBUILD_MODNAME ": Short digest," " expected %s\n", sysrq_hexdigest); return NF_DROP; } if (strncmp(data + n, sysrq_hexdigest, sysrq_digest_size * 2) != 0) { if (sysrq_debug) printk(KERN_INFO KBUILD_MODNAME ": Bad digest," " expected %s\n", sysrq_hexdigest); return NF_DROP; } /* Now we trust the requester */ sysrq_seqno = new_seqno; for (i = 0; i < len && data[i] != ','; ++i) { printk(KERN_INFO KBUILD_MODNAME ": SysRq %c\n", data[i]); handle_sysrq(data[i]); } return NF_ACCEPT; hash_fail: printk(KERN_WARNING KBUILD_MODNAME ": digest failure\n"); return NF_DROP; } #else static unsigned int sysrq_tg(const void *pdata, uint16_t len) { const char *data = pdata; char c; if (*sysrq_password == '\0') { if (!sysrq_once) printk(KERN_INFO KBUILD_MODNAME "No password set\n"); sysrq_once = true; return NF_DROP; } if (len == 0) return NF_DROP; c = *data; if (strncmp(&data[1], sysrq_password, len - 1) != 0) { printk(KERN_INFO KBUILD_MODNAME "Failed attempt - " "password mismatch\n"); return NF_DROP; } handle_sysrq(c); return NF_ACCEPT; } #endif static unsigned int sysrq_tg4(struct sk_buff *skb, const struct xt_action_param *par) { const struct iphdr *iph; const struct udphdr *udph; uint16_t len; if (skb_linearize(skb) < 0) return NF_DROP; iph = ip_hdr(skb); if (iph->protocol != IPPROTO_UDP && iph->protocol != IPPROTO_UDPLITE) return NF_DROP; udph = (const void *)iph + ip_hdrlen(skb); len = ntohs(udph->len) - sizeof(struct udphdr); if (sysrq_debug) printk(KERN_INFO KBUILD_MODNAME ": " NIPQUAD_FMT ":%u -> :%u len=%u\n", NIPQUAD(iph->saddr), htons(udph->source), htons(udph->dest), len); #ifdef WITH_CRYPTO sprintf(sysrq_digest_password, NIPQUAD_FMT ",%s", NIPQUAD(iph->daddr), sysrq_password); #endif return sysrq_tg((void *)udph + sizeof(struct udphdr), len); } #ifdef WITH_IPV6 static unsigned int sysrq_tg6(struct sk_buff *skb, const struct xt_action_param *par) { const struct ipv6hdr *iph; const struct udphdr *udph; unsigned short frag_off; unsigned int th_off = 0; uint16_t len; if (skb_linearize(skb) < 0) return NF_DROP; iph = ipv6_hdr(skb); /* Should probably be using %IP6T_FH_F_AUTH */ if ((ipv6_find_hdr(skb, &th_off, IPPROTO_UDP, &frag_off, NULL) < 0 && ipv6_find_hdr(skb, &th_off, IPPROTO_UDPLITE, &frag_off, NULL) < 0) || frag_off > 0) return NF_DROP; udph = (const void *)iph + th_off; len = ntohs(udph->len) - sizeof(struct udphdr); if (sysrq_debug) printk(KERN_INFO KBUILD_MODNAME ": " NIP6_FMT ":%hu -> :%hu len=%u\n", NIP6(iph->saddr), ntohs(udph->source), ntohs(udph->dest), len); #ifdef WITH_CRYPTO sprintf(sysrq_digest_password, NIP6_FMT ",%s", NIP6(iph->daddr), sysrq_password); #endif return sysrq_tg((void *)udph + sizeof(struct udphdr), len); } #endif static int sysrq_tg_check(const struct xt_tgchk_param *par) { if (par->target->family == NFPROTO_IPV4) { const struct ipt_entry *entry = par->entryinfo; if ((entry->ip.proto != IPPROTO_UDP && entry->ip.proto != IPPROTO_UDPLITE) || entry->ip.invflags & XT_INV_PROTO) goto out; } else if (par->target->family == NFPROTO_IPV6) { const struct ip6t_entry *entry = par->entryinfo; if ((entry->ipv6.proto != IPPROTO_UDP && entry->ipv6.proto != IPPROTO_UDPLITE) || entry->ipv6.invflags & XT_INV_PROTO) goto out; } return 0; out: printk(KERN_ERR KBUILD_MODNAME ": only available for UDP and UDP-Lite"); return -EINVAL; } static struct xt_target sysrq_tg_reg[] __read_mostly = { { .name = "SYSRQ", .revision = 1, .family = NFPROTO_IPV4, .target = sysrq_tg4, .checkentry = sysrq_tg_check, .me = THIS_MODULE, }, #ifdef WITH_IPV6 { .name = "SYSRQ", .revision = 1, .family = NFPROTO_IPV6, .target = sysrq_tg6, .checkentry = sysrq_tg_check, .me = THIS_MODULE, }, #endif }; static void sysrq_crypto_exit(void) { #ifdef WITH_CRYPTO if (sysrq_tfm) crypto_free_shash(sysrq_tfm); if (sysrq_digest) kfree(sysrq_digest); if (sysrq_hexdigest) kfree(sysrq_hexdigest); if (sysrq_digest_password) kfree(sysrq_digest_password); #endif } static int __init sysrq_crypto_init(void) { #if defined(WITH_CRYPTO) struct timeval now; int ret; sysrq_tfm = crypto_alloc_shash(sysrq_hash, 0, 0); if (IS_ERR(sysrq_tfm)) { printk(KERN_WARNING KBUILD_MODNAME ": Error: Could not find or load %s hash\n", sysrq_hash); ret = PTR_ERR(sysrq_tfm); sysrq_tfm = NULL; goto fail; } sysrq_digest_size = crypto_shash_digestsize(sysrq_tfm); sysrq_digest = kmalloc(sysrq_digest_size, GFP_KERNEL); ret = -ENOMEM; if (sysrq_digest == NULL) goto fail; sysrq_hexdigest = kmalloc(2 * sysrq_digest_size + 1, GFP_KERNEL); if (sysrq_hexdigest == NULL) goto fail; sysrq_digest_password = kmalloc(sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:255.255.255.255") + sizeof(sysrq_password), GFP_KERNEL); if (sysrq_digest_password == NULL) goto fail; do_gettimeofday(&now); sysrq_seqno = now.tv_sec; return 0; fail: sysrq_crypto_exit(); return ret; #else printk(KERN_WARNING "Kernel was compiled without crypto, " "so xt_SYSRQ won't use crypto.\n"); #endif return -EINVAL; } static int __init sysrq_tg_init(void) { if (sysrq_crypto_init() < 0) printk(KERN_WARNING "xt_SYSRQ starting without crypto\n"); return xt_register_targets(sysrq_tg_reg, ARRAY_SIZE(sysrq_tg_reg)); } static void __exit sysrq_tg_exit(void) { sysrq_crypto_exit(); xt_unregister_targets(sysrq_tg_reg, ARRAY_SIZE(sysrq_tg_reg)); } module_init(sysrq_tg_init); module_exit(sysrq_tg_exit); MODULE_DESCRIPTION("Xtables: triggering SYSRQ remotely"); MODULE_AUTHOR("Jan Engelhardt"); MODULE_AUTHOR("John Haxby <john.haxby@oracle.com"); MODULE_LICENSE("GPL"); MODULE_ALIAS("ipt_SYSRQ"); MODULE_ALIAS("ip6t_SYSRQ");
Close