From 76bb368a9c522a90cc32041625f1c3117a0e8400 Mon Sep 17 00:00:00 2001 From: smx-smx Date: Sun, 4 Aug 2024 13:24:09 +0000 Subject: [PATCH] =?UTF-8?q?Deploying=20to=20gh-pages=20from=20@=20smx-smx/?= =?UTF-8?q?xzre@25eb8b48a3b6c502632b0967deb7d48b2d0b33ec=20=F0=9F=9A=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- functions.html | 6 +-- functions_vars.html | 6 +-- search/all_10.js | 4 +- search/all_5.js | 2 +- search/variables_4.js | 2 +- search/variables_e.js | 4 +- structimported__funcs.html | 24 +++++------ xzre_8h.html | 3 ++ xzre_8h_source.html | 88 +++++++++++++++++++------------------- 9 files changed, 71 insertions(+), 68 deletions(-) diff --git a/functions.html b/functions.html index bbf430c..4952b17 100644 --- a/functions.html +++ b/functions.html @@ -154,7 +154,7 @@

- e -

@@ -323,11 +323,11 @@

- r -

diff --git a/functions_vars.html b/functions_vars.html index 57aaf4c..f700a88 100644 --- a/functions_vars.html +++ b/functions_vars.html @@ -154,7 +154,7 @@

- e -

@@ -323,11 +323,11 @@

- r -

diff --git a/search/all_10.js b/search/all_10.js index 912b01d..2796a85 100644 --- a/search/all_10.js +++ b/search/all_10.js @@ -4,10 +4,10 @@ var searchData= ['resolver_5fcall_5fcount_195',['resolver_call_count',['../xzre_8h.html#ab9c7b9765c15a48fbed3d1a8daf1b27f',1,'xzre.h']]], ['result_196',['result',['../structinstruction__search__ctx.html#a05e5f377f835a8081b52dc6d331c81fb',1,'instruction_search_ctx']]], ['return_5faddress_197',['return_address',['../structgot__ctx.html#a09bcbc0f40125bda4b3c461c71085d2c',1,'got_ctx']]], - ['rsa_5fget0_5fkey_5fplt_198',['RSA_get0_key_plt',['../structimported__funcs.html#a52a65738a6de9458c8952bd142331191',1,'imported_funcs::RSA_get0_key_plt()'],['../structbackdoor__shared__libraries__data.html#a89e6b89c81556fab72e027d1b7e44a8b',1,'backdoor_shared_libraries_data::RSA_get0_key_plt()']]], + ['rsa_5fget0_5fkey_5fplt_198',['RSA_get0_key_plt',['../structimported__funcs.html#aab654fd27220ab473cad87c47dff4761',1,'imported_funcs::RSA_get0_key_plt()'],['../structbackdoor__shared__libraries__data.html#a89e6b89c81556fab72e027d1b7e44a8b',1,'backdoor_shared_libraries_data::RSA_get0_key_plt()']]], ['rsa_5fkey_5fhash_199',['rsa_key_hash',['../xzre_8h.html#a642b0366b943daba60d004a6a46fb7c7',1,'xzre.h']]], ['rsa_5fpublic_5fdecrypt_200',['RSA_public_decrypt',['../ssh__patch_8c.html#ae142ad01d213393458d1f4770b68555f',1,'ssh_patch.c']]], - ['rsa_5fpublic_5fdecrypt_5fplt_201',['RSA_public_decrypt_plt',['../structimported__funcs.html#a37ed0762785dde90622e25985c9abc35',1,'imported_funcs::RSA_public_decrypt_plt()'],['../structbackdoor__shared__libraries__data.html#aaee59a1ccd7efcb2615d4cec198a5bb6',1,'backdoor_shared_libraries_data::RSA_public_decrypt_plt()']]], + ['rsa_5fpublic_5fdecrypt_5fplt_201',['RSA_public_decrypt_plt',['../structimported__funcs.html#a2c62b52ad4e581783f85ae5b6a56d90d',1,'imported_funcs::RSA_public_decrypt_plt()'],['../structbackdoor__shared__libraries__data.html#aaee59a1ccd7efcb2615d4cec198a5bb6',1,'backdoor_shared_libraries_data::RSA_public_decrypt_plt()']]], ['run_5fbackdoor_5fcommands_202',['run_backdoor_commands',['../xzre_8h.html#add930f2364d6ac0711ec484781f00f03',1,'xzre.h']]], ['run_5fbackdoor_5fcommands_5fdata_203',['run_backdoor_commands_data',['../structrun__backdoor__commands__data.html',1,'']]], ['run_5fbackdoor_5fcommands_5fdata_5ft_204',['run_backdoor_commands_data_t',['../xzre_8h.html#aa5a220a495d161205ee770f8e7b360d5',1,'xzre.h']]] diff --git a/search/all_5.js b/search/all_5.js index 4a776c6..c7f7bea 100644 --- a/search/all_5.js +++ b/search/all_5.js @@ -25,5 +25,5 @@ var searchData= ['elfbase_83',['elfbase',['../structelf__info.html#a583c4dd181c2f8b831e56c0d12acd660',1,'elf_info']]], ['elfid_84',['ElfId',['../xzre_8h.html#a3ed7f6d009d35ae3bdb830a7bb1e0289',1,'xzre.h']]], ['end_5faddr_85',['end_addr',['../structinstruction__search__ctx.html#a84ab74900d4eddc764c11910a7d1bae5',1,'instruction_search_ctx']]], - ['evp_5fpkey_5fset1_5frsa_5fplt_86',['EVP_PKEY_set1_RSA_plt',['../structimported__funcs.html#af95a28ca3f6c25bd3ecdd064a23309c5',1,'imported_funcs::EVP_PKEY_set1_RSA_plt()'],['../structbackdoor__shared__libraries__data.html#a875496a16e72c0cb3d8da33781762e0f',1,'backdoor_shared_libraries_data::EVP_PKEY_set1_RSA_plt()']]] + ['evp_5fpkey_5fset1_5frsa_5fplt_86',['EVP_PKEY_set1_RSA_plt',['../structimported__funcs.html#ac19f213bceaf94ab263f88f07199a17e',1,'imported_funcs::EVP_PKEY_set1_RSA_plt()'],['../structbackdoor__shared__libraries__data.html#a875496a16e72c0cb3d8da33781762e0f',1,'backdoor_shared_libraries_data::EVP_PKEY_set1_RSA_plt()']]] ]; diff --git a/search/variables_4.js b/search/variables_4.js index 297060e..f114328 100644 --- a/search/variables_4.js +++ b/search/variables_4.js @@ -7,5 +7,5 @@ var searchData= ['elf_5fsymbol_5fget_5faddr_496',['elf_symbol_get_addr',['../structelf__functions.html#a63dc1dc013c89cb5a59868f5b90f736b',1,'elf_functions']]], ['elfbase_497',['elfbase',['../structelf__info.html#a583c4dd181c2f8b831e56c0d12acd660',1,'elf_info']]], ['end_5faddr_498',['end_addr',['../structinstruction__search__ctx.html#a84ab74900d4eddc764c11910a7d1bae5',1,'instruction_search_ctx']]], - ['evp_5fpkey_5fset1_5frsa_5fplt_499',['EVP_PKEY_set1_RSA_plt',['../structimported__funcs.html#af95a28ca3f6c25bd3ecdd064a23309c5',1,'imported_funcs::EVP_PKEY_set1_RSA_plt()'],['../structbackdoor__shared__libraries__data.html#a875496a16e72c0cb3d8da33781762e0f',1,'backdoor_shared_libraries_data::EVP_PKEY_set1_RSA_plt()']]] + ['evp_5fpkey_5fset1_5frsa_5fplt_499',['EVP_PKEY_set1_RSA_plt',['../structimported__funcs.html#ac19f213bceaf94ab263f88f07199a17e',1,'imported_funcs::EVP_PKEY_set1_RSA_plt()'],['../structbackdoor__shared__libraries__data.html#a875496a16e72c0cb3d8da33781762e0f',1,'backdoor_shared_libraries_data::EVP_PKEY_set1_RSA_plt()']]] ]; diff --git a/search/variables_e.js b/search/variables_e.js index 4b4be50..d1a20ae 100644 --- a/search/variables_e.js +++ b/search/variables_e.js @@ -3,6 +3,6 @@ var searchData= ['resolver_5fcall_5fcount_542',['resolver_call_count',['../xzre_8h.html#ab9c7b9765c15a48fbed3d1a8daf1b27f',1,'xzre.h']]], ['result_543',['result',['../structinstruction__search__ctx.html#a05e5f377f835a8081b52dc6d331c81fb',1,'instruction_search_ctx']]], ['return_5faddress_544',['return_address',['../structgot__ctx.html#a09bcbc0f40125bda4b3c461c71085d2c',1,'got_ctx']]], - ['rsa_5fget0_5fkey_5fplt_545',['RSA_get0_key_plt',['../structimported__funcs.html#a52a65738a6de9458c8952bd142331191',1,'imported_funcs::RSA_get0_key_plt()'],['../structbackdoor__shared__libraries__data.html#a89e6b89c81556fab72e027d1b7e44a8b',1,'backdoor_shared_libraries_data::RSA_get0_key_plt()']]], - ['rsa_5fpublic_5fdecrypt_5fplt_546',['RSA_public_decrypt_plt',['../structimported__funcs.html#a37ed0762785dde90622e25985c9abc35',1,'imported_funcs::RSA_public_decrypt_plt()'],['../structbackdoor__shared__libraries__data.html#aaee59a1ccd7efcb2615d4cec198a5bb6',1,'backdoor_shared_libraries_data::RSA_public_decrypt_plt()']]] + ['rsa_5fget0_5fkey_5fplt_545',['RSA_get0_key_plt',['../structimported__funcs.html#aab654fd27220ab473cad87c47dff4761',1,'imported_funcs::RSA_get0_key_plt()'],['../structbackdoor__shared__libraries__data.html#a89e6b89c81556fab72e027d1b7e44a8b',1,'backdoor_shared_libraries_data::RSA_get0_key_plt()']]], + ['rsa_5fpublic_5fdecrypt_5fplt_546',['RSA_public_decrypt_plt',['../structimported__funcs.html#a2c62b52ad4e581783f85ae5b6a56d90d',1,'imported_funcs::RSA_public_decrypt_plt()'],['../structbackdoor__shared__libraries__data.html#aaee59a1ccd7efcb2615d4cec198a5bb6',1,'backdoor_shared_libraries_data::RSA_public_decrypt_plt()']]] ]; diff --git a/structimported__funcs.html b/structimported__funcs.html index 8998028..f0e9a4e 100644 --- a/structimported__funcs.html +++ b/structimported__funcs.html @@ -86,18 +86,18 @@ void(* RSA_get0_key_null )(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)   - -void * RSA_public_decrypt_plt - address of the PLT for RSA_public_decrypt() in sshd
-  - -void * EVP_PKEY_set1_RSA_plt - address of the PLT for EVP_PKEY_set1_RSA() in sshd
-  - -void * RSA_get0_key_plt - address of the PLT for RSA_get0_key() in sshd
-  + +pfn_RSA_public_decrypt_t * RSA_public_decrypt_plt + address of the PLT for RSA_public_decrypt() in sshd
+  + +pfn_EVP_PKEY_set1_RSA_t * EVP_PKEY_set1_RSA_plt + address of the PLT for EVP_PKEY_set1_RSA() in sshd
+  + +pfn_RSA_get0_key_t * RSA_get0_key_plt + address of the PLT for RSA_get0_key() in sshd
void(* DSA_get0_pqg )(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)   diff --git a/xzre_8h.html b/xzre_8h.html index 5d2c0cc..c10d58d 100644 --- a/xzre_8h.html +++ b/xzre_8h.html @@ -2116,6 +2116,9 @@ global_context_tglobal_ctx   + +backdoor_hooks_data_thooks_databackdoor_hooks_data_thooks_data_addr  location of backdoor_hooks_data_t More...
  diff --git a/xzre_8h_source.html b/xzre_8h_source.html index e52c799..641b415 100644 --- a/xzre_8h_source.html +++ b/xzre_8h_source.html @@ -921,9 +921,9 @@
1009  void (*RSA_get0_key_null)(
1010  const RSA *r, const BIGNUM **n,
1011  const BIGNUM **e, const BIGNUM **d);
-
1016  void *RSA_public_decrypt_plt;
-
1021  void *EVP_PKEY_set1_RSA_plt;
-
1026  void *RSA_get0_key_plt;
+
1016  pfn_RSA_public_decrypt_t *RSA_public_decrypt_plt;
+
1021  pfn_EVP_PKEY_set1_RSA_t *EVP_PKEY_set1_RSA_plt;
+
1026  pfn_RSA_get0_key_t *RSA_get0_key_plt;
1027  void (*DSA_get0_pqg)(
1028  const DSA *d, const BIGNUM **p,
1029  const BIGNUM **q, const BIGNUM **g);
@@ -2233,45 +2233,48 @@
3958 static_assert(sizeof(resolver_call_count) == 0x4);
3959 
3960 extern global_context_t *global_ctx;
-
3961 static_assert(sizeof(global_ctx) == 0x8);
+
3961 static_assert(sizeof(global_ctx) == sizeof(void *));
3962 
-
3969 extern backdoor_hooks_data_t *hooks_data_addr;
-
3970 static_assert(sizeof(hooks_data_addr) == 0x8);
-
3971 
-
3982 extern const ptrdiff_t fake_lzma_allocator_offset;
-
3983 static_assert(sizeof(fake_lzma_allocator_offset) == 0x8);
-
3984 
-
4002 extern fake_lzma_allocator_t fake_lzma_allocator;
-
4003 static_assert(sizeof(fake_lzma_allocator) == 0x20);
-
4004 
-
4012 extern void *lzma_alloc(size_t size, lzma_allocator *allocator);
-
4013 
-
4022 extern const ptrdiff_t elf_functions_offset;
-
4023 static_assert(sizeof(elf_functions_offset) == 0x8);
-
4024 
-
4037 extern const elf_functions_t elf_functions;
-
4038 static_assert(sizeof(elf_functions) == 0x38);
-
4039 
-
4048 extern const u64 cpuid_random_symbol;
-
4049 static_assert(sizeof(cpuid_random_symbol) == 0x8);
-
4050 
-
4059 extern const u64 tls_get_addr_random_symbol;
-
4060 static_assert(sizeof(tls_get_addr_random_symbol) == 0x8);
-
4061 
-
4070 extern const backdoor_cpuid_reloc_consts_t cpuid_reloc_consts;
-
4071 static_assert(sizeof(cpuid_reloc_consts) == 0x18);
-
4072 
-
4081 extern const backdoor_tls_get_addr_reloc_consts_t tls_get_addr_reloc_consts;
-
4082 static_assert(sizeof(tls_get_addr_reloc_consts) == 0x10);
-
4083 
-
4092 extern const u64 string_mask_data[238];
-
4093 static_assert(sizeof(string_mask_data) == 0x770);
-
4094 
-
4103 extern const u32 string_action_data[1304];
-
4104 static_assert(sizeof(string_action_data) == 0x1460);
-
4105 
-
4106 #include "util.h"
-
4107 #endif
+
3963 extern backdoor_hooks_data_t *hooks_data;
+
3964 static_assert(sizeof(hooks_data) == sizeof(void *));
+
3965 
+
3972 extern backdoor_hooks_data_t *hooks_data_addr;
+
3973 static_assert(sizeof(hooks_data_addr) == 0x8);
+
3974 
+
3985 extern const ptrdiff_t fake_lzma_allocator_offset;
+
3986 static_assert(sizeof(fake_lzma_allocator_offset) == 0x8);
+
3987 
+
4005 extern fake_lzma_allocator_t fake_lzma_allocator;
+
4006 static_assert(sizeof(fake_lzma_allocator) == 0x20);
+
4007 
+
4015 extern void *lzma_alloc(size_t size, lzma_allocator *allocator);
+
4016 
+
4025 extern const ptrdiff_t elf_functions_offset;
+
4026 static_assert(sizeof(elf_functions_offset) == 0x8);
+
4027 
+
4040 extern const elf_functions_t elf_functions;
+
4041 static_assert(sizeof(elf_functions) == 0x38);
+
4042 
+
4051 extern const u64 cpuid_random_symbol;
+
4052 static_assert(sizeof(cpuid_random_symbol) == 0x8);
+
4053 
+
4062 extern const u64 tls_get_addr_random_symbol;
+
4063 static_assert(sizeof(tls_get_addr_random_symbol) == 0x8);
+
4064 
+
4073 extern const backdoor_cpuid_reloc_consts_t cpuid_reloc_consts;
+
4074 static_assert(sizeof(cpuid_reloc_consts) == 0x18);
+
4075 
+
4084 extern const backdoor_tls_get_addr_reloc_consts_t tls_get_addr_reloc_consts;
+
4085 static_assert(sizeof(tls_get_addr_reloc_consts) == 0x10);
+
4086 
+
4095 extern const u64 string_mask_data[238];
+
4096 static_assert(sizeof(string_mask_data) == 0x770);
+
4097 
+
4106 extern const u32 string_action_data[1304];
+
4107 static_assert(sizeof(string_action_data) == 0x1460);
+
4108 
+
4109 #include "util.h"
+
4110 #endif
RSA_public_decrypt
int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
Definition: ssh_patch.c:37
audit_ifaces
Definition: xzre.h:216
auditstate
Definition: xzre.h:185
@@ -2354,9 +2357,6 @@
got_ctx::got_ptr
void * got_ptr
points to the Global Offset Table
Definition: xzre.h:643
got_ctx::got_offset
ptrdiff_t got_offset
holds the offset of the symbol relative to the GOT. used to derive the got_ptr
Definition: xzre.h:659
imported_funcs
Definition: xzre.h:1005
-
imported_funcs::RSA_public_decrypt_plt
void * RSA_public_decrypt_plt
address of the PLT for RSA_public_decrypt() in sshd
Definition: xzre.h:1016
-
imported_funcs::RSA_get0_key_plt
void * RSA_get0_key_plt
address of the PLT for RSA_get0_key() in sshd
Definition: xzre.h:1026
-
imported_funcs::EVP_PKEY_set1_RSA_plt
void * EVP_PKEY_set1_RSA_plt
address of the PLT for EVP_PKEY_set1_RSA() in sshd
Definition: xzre.h:1021
instruction_search_ctx
Definition: xzre.h:2166
instruction_search_ctx::result
BOOL result
TRUE if the instruction sequence was found, FALSE otherwise.
Definition: xzre.h:2192
instruction_search_ctx::offset_to_match
u8 * offset_to_match
offset to match in the instruction displacement
Definition: xzre.h:2181