Date: Tuesday, May 1, 2018 @ 22:40:48 Author: anthraxx Revision: 318623
upgpkg: dsniff 2.4b1-27 (sec flags and new patch set) - update patch set - compile with hardening Added: dsniff/trunk/dsniff-httppostfix.patch dsniff/trunk/dsniff-macof-size-calculation.patch dsniff/trunk/dsniff-rpc.patch Modified: dsniff/trunk/PKGBUILD Deleted: dsniff/trunk/dsniff-openssl-1.1.patch -------------------------------------+ PKGBUILD | 68 ++++++--- dsniff-httppostfix.patch | 20 ++ dsniff-macof-size-calculation.patch | 11 + dsniff-openssl-1.1.patch | 243 ---------------------------------- dsniff-rpc.patch | 40 +++++ 5 files changed, 116 insertions(+), 266 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-05-01 21:18:51 UTC (rev 318622) +++ PKGBUILD 2018-05-01 22:40:48 UTC (rev 318623) @@ -1,4 +1,4 @@ -# $Id$ +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> # Maintainer: Baptiste Jonglez <archlinux at bitsofnetworks dot org> # Contributor: Sergej Pupykin <pupykin.s+a...@gmail.com> # Contributor: ViNS <gladia...@fastwebnet.it> @@ -5,38 +5,60 @@ pkgname=dsniff pkgver=2.4b1 -pkgrel=26 -pkgdesc="Collection of tools for network auditing and penetration testing" -url="https://www.monkey.org/~dugsong/dsniff/"; +pkgrel=27 +pkgdesc='Collection of tools for network auditing and penetration testing' +url='https://www.monkey.org/~dugsong/dsniff/' arch=('x86_64') license=('BSD') -depends=('libpcap' 'openssl' 'libxmu' 'glib2' 'libnet' 'libnids') -source=("https://www.monkey.org/~dugsong/${pkgname}/beta/$pkgname-$pkgver.tar.gz"; - "http://ftp.de.debian.org/debian/pool/main/d/${pkgname}/${pkgname}_2.4b1+debian-22.1.debian.tar.gz"; dsniff-openssl-1.1.patch) +depends=('glibc' 'libpcap' 'openssl' 'libxmu' 'glib2' 'libnet' 'libnids' 'libtirpc') +makedepends=('rpcsvc-proto') +options=('!makeflags') +source=(https://www.monkey.org/~dugsong/${pkgname}/beta/${pkgname}-${pkgver}.tar.gz + http://ftp.de.debian.org/debian/pool/main/d/${pkgname}/${pkgname}_2.4b1+debian-28.debian.tar.xz + dsniff-rpc.patch + dsniff-macof-size-calculation.patch + dsniff-httppostfix.patch) sha256sums=('a9803a7a02ddfe5fb9704ce86f0ffc48453c321e88db85810db411ba0841152a' - '28ddb8514c6a7a17f51f428b6fada299baf5a3efa153f77f081ac6c1e6466633' - 'cd87f75b167b2b9b6d31e158610731f1305edd7339c6456c6bcb15f0849b02eb') + 'b67866be5dca90a02165a3469db4286f43dc5ea6090b3a8cf5569863a1d3c3b9' + '21b37ba4c386aa576d6829c298bdd62df6fa227e44164d9e96675e66b93bb134' + 'd8f5cc5d14a614410a84a8eaba5a4212ee03466c4fe2fd4a634f5d7c3f688ec7' + '3efd6ca2267540016e843af3e8d7720d888fd17a73cba410e2c68022fd3a7baf') prepare() { - cd "$srcdir"/$pkgname-2.4 - for i in $(cat ../debian/patches/series); do - patch -N < "../debian/patches/$i" + cd ${pkgname}-2.4 + + # apply bundled patches via series + while IFS='' read -r patch || [[ -n "${patch}" ]]; do + msg2 "Applying patch ${patch}" + patch -Np1 < "../debian/patches/${patch}" + done < ../debian/patches/series + + # apply local patches + for _patch in "${source[@]}"; do + _patch=${_patch%%::*} + if [[ "${_patch}" =~ \.patch$ ]]; then + msg2 "Applying patch ${_patch}" + patch -Np1 < "../${_patch}" + fi done - sed -i 's|${CC-cc} -E|${CC-cc} -O2 -E|g' configure - patch -p1 -i ../dsniff-openssl-1.1.patch + + autoreconf -fiv } build() { - cd "$srcdir"/$pkgname-2.4 - LDFLAGS="-lresolv -lglib-2.0 -lgthread-2.0 $LDFLAGS" ./configure \ - --prefix=/usr --sbindir=/usr/bin - make -j1 + cd ${pkgname}-2.4 + ./configure \ + --with-libtirpc \ + --prefix=/usr \ + --sbindir=/usr/bin + make } package() { - cd "$srcdir"/$pkgname-2.4 - make install_prefix="$pkgdir" install - install -D -m0644 LICENSE "$pkgdir"/usr/share/licenses/${pkgname}/LICENSE - install -d "$pkgdir"/usr/share - mv "$pkgdir"/usr/man "$pkgdir"/usr/share/ + cd ${pkgname}-2.4 + make install_prefix="${pkgdir}" install + install -Dm 644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}" + install -Dm 644 CHANGES README -t "${pkgdir}/usr/share/doc/${pkgname}" } + +# vim: ts=2 sw=2 et: Added: dsniff-httppostfix.patch =================================================================== --- dsniff-httppostfix.patch (rev 0) +++ dsniff-httppostfix.patch 2018-05-01 22:40:48 UTC (rev 318623) @@ -0,0 +1,20 @@ +--- a/decode_http.c 2000-12-19 07:38:05.000000000 +0800 ++++ b/decode_http.c 2006-03-05 22:32:14.000000000 +0800 +@@ -139,14 +139,14 @@ + host = p; + } + else if (req[0] == 'P') { +- if (strncmp(p, "Content-type: ", 14) == 0) { +- if (strncmp(p + 14, "application/" ++ if (strncasecmp(p, "Content-type: ", 14) == 0) { ++ if (strncasecmp(p + 14, "application/" + "x-www-form-urlencoded", + 33) != 0) { + query = NULL; + } + } +- else if (strncmp(p, "Content-length: ", 16) == 0) { ++ else if (strncasecmp(p, "Content-length: ", 16) == 0) { + p += 16; + i = atoi(p); + if ((msg = buf_tok(&inbuf, NULL, i)) == NULL) Added: dsniff-macof-size-calculation.patch =================================================================== --- dsniff-macof-size-calculation.patch (rev 0) +++ dsniff-macof-size-calculation.patch 2018-05-01 22:40:48 UTC (rev 318623) @@ -0,0 +1,11 @@ +--- a/macof.c ++++ b/macof.c +@@ -134,7 +134,7 @@ main(int argc, char *argv[]) + libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, + 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); + +- libnet_build_ipv4(LIBNET_TCP_H, 0, ++ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, + libnet_get_prand(LIBNET_PRu16), 0, 64, + IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0); + Deleted: dsniff-openssl-1.1.patch =================================================================== --- dsniff-openssl-1.1.patch 2018-05-01 21:18:51 UTC (rev 318622) +++ dsniff-openssl-1.1.patch 2018-05-01 22:40:48 UTC (rev 318623) @@ -1,243 +0,0 @@ -Patch by Christoph Biedl <debian.a...@manchmal.in-ulm.de> for dsniff >= -2.4b1, which fixes building with OpenSSL 1.1.0. Adapted for compatibility -with older OpenSSL versions by Robert Scheck <rob...@fedoraproject.org>. - ---- dsniff-2.4/ssh.c 2017-02-11 22:31:54.705269813 +0100 -+++ dsniff-2.4/ssh.c.openssl_110 2017-02-11 22:45:31.193447230 +0100 -@@ -234,6 +234,10 @@ - u_char *p, cipher, cookie[8], msg[1024]; - u_int32_t num; - int i; -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ const BIGNUM *servkey_e, *servkey_n; -+ const BIGNUM *hostkey_e, *hostkey_n; -+#endif - - /* Generate anti-spoofing cookie. */ - RAND_bytes(cookie, sizeof(cookie)); -@@ -243,11 +247,23 @@ - *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ - memcpy(p, cookie, 8); p += 8; /* cookie */ - num = 768; PUTLONG(num, p); /* servkey bits */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); -+ put_bn(servkey_e, &p); /* servkey exponent */ -+ put_bn(servkey_n, &p); /* servkey modulus */ -+#else - put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ - put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ -+#endif - num = 1024; PUTLONG(num, p); /* hostkey bits */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); -+ put_bn(hostkey_e, &p); /* hostkey exponent */ -+ put_bn(hostkey_n, &p); /* hostkey modulus */ -+#else - put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ - put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ -+#endif - num = 0; PUTLONG(num, p); /* protocol flags */ - num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ - num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ -@@ -298,7 +314,11 @@ - SKIP(p, i, 4); - - /* Decrypt session key. */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ if (BN_cmp(servkey_n, hostkey_n) > 0) { -+#else - if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { -+#endif - rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); - rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); - } -@@ -318,8 +338,13 @@ - BN_clear_free(enckey); - - /* Derive real session key using session id. */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ if ((p = ssh_session_id(cookie, hostkey_n, -+ servkey_n)) == NULL) { -+#else - if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, - ssh->ctx->servkey->n)) == NULL) { -+#endif - warn("ssh_session_id"); - return (-1); - } -@@ -328,10 +353,15 @@ - } - /* Set cipher. */ - if (cipher == SSH_CIPHER_3DES) { -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ warnx("cipher 3des no longer supported"); -+ return (-1); -+#else - ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); - ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); - ssh->encrypt = des3_encrypt; - ssh->decrypt = des3_decrypt; -+#endif - } - else if (cipher == SSH_CIPHER_BLOWFISH) { - ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); -@@ -357,6 +387,10 @@ - u_char *p, cipher, cookie[8], msg[1024]; - u_int32_t num; - int i; -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ BIGNUM *servkey_n, *servkey_e; -+ BIGNUM *hostkey_n, *hostkey_e; -+#endif - - /* Get public key. */ - if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { -@@ -379,21 +413,43 @@ - - /* Get servkey. */ - ssh->ctx->servkey = RSA_new(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ servkey_n = BN_new(); -+ servkey_e = BN_new(); -+ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); -+#else - ssh->ctx->servkey->n = BN_new(); - ssh->ctx->servkey->e = BN_new(); -+#endif - - SKIP(p, i, 4); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ get_bn(servkey_e, &p, &i); -+ get_bn(servkey_n, &p, &i); -+#else - get_bn(ssh->ctx->servkey->e, &p, &i); - get_bn(ssh->ctx->servkey->n, &p, &i); -+#endif - - /* Get hostkey. */ - ssh->ctx->hostkey = RSA_new(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ hostkey_n = BN_new(); -+ hostkey_e = BN_new(); -+ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); -+#else - ssh->ctx->hostkey->n = BN_new(); - ssh->ctx->hostkey->e = BN_new(); -+#endif - - SKIP(p, i, 4); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ get_bn(hostkey_e, &p, &i); -+ get_bn(hostkey_n, &p, &i); -+#else - get_bn(ssh->ctx->hostkey->e, &p, &i); - get_bn(ssh->ctx->hostkey->n, &p, &i); -+#endif - - /* Get cipher, auth masks. */ - SKIP(p, i, 4); -@@ -405,8 +461,13 @@ - RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); - - /* Obfuscate with session id. */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ if ((p = ssh_session_id(cookie, hostkey_n, -+ servkey_n)) == NULL) { -+#else - if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, - ssh->ctx->servkey->n)) == NULL) { -+#endif - warn("ssh_session_id"); - return (-1); - } -@@ -422,7 +483,11 @@ - else BN_add_word(bn, ssh->sesskey[i]); - } - /* Encrypt session key. */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ if (BN_cmp(servkey_n, hostkey_n) < 0) { -+#else - if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { -+#endif - rsa_public_encrypt(bn, bn, ssh->ctx->servkey); - rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); - } -@@ -470,10 +535,15 @@ - ssh->decrypt = blowfish_decrypt; - } - else if (cipher == SSH_CIPHER_3DES) { -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ warnx("cipher 3des no longer supported"); -+ return (-1); -+#else - ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); - ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); - ssh->encrypt = des3_encrypt; - ssh->decrypt = des3_decrypt; -+#endif - } - /* Get server response. */ - if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { ---- dsniff-2.4/sshcrypto.c 2017-02-11 22:31:54.688270184 +0100 -+++ dsniff-2.4/sshcrypto.c.openssl_110 2017-02-11 22:35:30.594555807 +0100 -@@ -28,10 +28,12 @@ - u_char iv[8]; - }; - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - struct des3_state { - des_key_schedule k1, k2, k3; - des_cblock iv1, iv2, iv3; - }; -+#endif - - void - rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) -@@ -39,10 +41,20 @@ - u_char *inbuf, *outbuf; - int len, ilen, olen; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ const BIGNUM *n, *e; -+ RSA_get0_key(key, &n, &e, NULL); -+ if (BN_num_bits(e) < 2 || !BN_is_odd(e)) -+#else - if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) -+#endif - errx(1, "rsa_public_encrypt() exponent too small or not odd"); - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ olen = BN_num_bytes(n); -+#else - olen = BN_num_bytes(key->n); -+#endif - outbuf = malloc(olen); - - ilen = BN_num_bytes(in); -@@ -71,7 +83,13 @@ - u_char *inbuf, *outbuf; - int len, ilen, olen; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ const BIGNUM *n; -+ RSA_get0_key(key, &n, NULL, NULL); -+ olen = BN_num_bytes(n); -+#else - olen = BN_num_bytes(key->n); -+#endif - outbuf = malloc(olen); - - ilen = BN_num_bytes(in); -@@ -146,6 +164,7 @@ - swap_bytes(dst, dst, len); - } - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - /* XXX - SSH1's weirdo 3DES... */ - void * - des3_init(u_char *sesskey, int len) -@@ -194,3 +213,4 @@ - des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); - des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); - } -+#endif Added: dsniff-rpc.patch =================================================================== --- dsniff-rpc.patch (rev 0) +++ dsniff-rpc.patch 2018-05-01 22:40:48 UTC (rev 318623) @@ -0,0 +1,40 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -37,8 +37,8 @@ + X11INC = @X_CFLAGS@ + X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ + +-INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ +- -I$(srcdir)/missing +-LIBS = @LIBS@ -L$(srcdir) -lmissing ++INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) @RPC_CFLAGS@ \ ++ -I$(srcdir)/missing ++LIBS = @LIBS@ -L$(srcdir) -lmissing @RPC_LIBS@ + + INSTALL = @INSTALL@ +--- a/configure.in ++++ b/configure.in +@@ -337,4 +337,23 @@ + AC_SUBST(SSLINC) + AC_SUBST(SSLLIB) + ++AC_ARG_WITH([libtirpc], ++ AS_HELP_STRING([--with-libtirpc], [Use libtirpc as RPC implementation (instead of sunrpc)]), ++ [], [ with_libtirpc=no ]) ++ ++AS_IF([test "x$with_libtirpc" != xno], ++ [PKG_CHECK_MODULES([TIRPC], ++ [libtirpc], ++ [RPC_CFLAGS=$TIRPC_CFLAGS; RPC_LIBS=$TIRPC_LIBS;], ++ [AC_MSG_ERROR([libtirpc requested, but library not found.])] ++ )], ++ [AC_CHECK_HEADER(rpc/rpc.h, ++ [RPC_CFLAGS=""; RPC_LIBS="";], ++ [AC_MSG_ERROR([sunrpc requested, but headers are not present.])] ++ )] ++) ++ ++AC_SUBST(RPC_CFLAGS) ++AC_SUBST(RPC_LIBS) ++ + AC_OUTPUT(Makefile)
