Re: Logging failed SSH users and the passwords they typed

[raven]

On Tue, Apr 22, 2008 at 08:29:19PM -0600, Theo de Raadt wrote:
> > This is a hack, I didn't test it. (Apply against OpenBSD 4.2+PATCHES.)
> > 
> > --- /usr/src/usr.bin/ssh/sshconnect2.c      Mon Jun 18 16:34:35 2007
> > +++ /usr/src/usr.bin/ssh/sshconnect2.c      Tue Apr 22 21:58:13 2008
> > @@ -743,6 +743,10 @@
> >     snprintf(prompt, sizeof(prompt), "[EMAIL PROTECTED]'s password: ",
> >         authctxt->server_user, authctxt->host);
> >     password = read_passphrase(prompt, 0);
> > +   if(password == NULL) {
> > +           logit("Warning: User %.30s entered an incorrect password %s",
> > +               authctxt->server_user, password);
> > +   }
> >     packet_start(SSH2_MSG_USERAUTH_REQUEST);
> >     packet_put_cstring(authctxt->server_user);
> >     packet_put_cstring(authctxt->service);
> 
> Wow.
>
Yes,it's amazing... he can log NULL values...Or i'm wrong?