[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]


..[ Phrack Magazine ]..
.:: Juggernaut 1.0 - 1.2 patchfile ::.

Issues: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ] [ 23 ] [ 24 ] [ 25 ] [ 26 ] [ 27 ] [ 28 ] [ 29 ] [ 30 ] [ 31 ] [ 32 ] [ 33 ] [ 34 ] [ 35 ] [ 36 ] [ 37 ] [ 38 ] [ 39 ] [ 40 ] [ 41 ] [ 42 ] [ 43 ] [ 44 ] [ 45 ] [ 46 ] [ 47 ] [ 48 ] [ 49 ] [ 50 ] [ 51 ] [ 52 ] [ 53 ] [ 54 ] [ 55 ] [ 56 ] [ 57 ] [ 58 ] [ 59 ] [ 60 ] [ 61 ] [ 62 ] [ 63 ] [ 64 ] [ 65 ] [ 66 ] [ 67 ] [ 68 ] [ 69 ] [ 70 ] [ 71 ]
Current issue : #51 | Release date : 1997-09-01 | Editor : route
IntroductionPhrack Staff
Phrack LoopbackPhrack Staff
Line Noisevarious
Phrack Prophile on Swamp RattePhrack Staff
File Descriptor Hijackingorabidoo
LOKI2 (the implementation)route
Juggernaut 1.0 - 1.2 patchfileroute
Shared Library Redirectionhalflife
Bypassing Integrity Checking Systemshalflife
Stealth RPC scanninghalflife
The Art of ScanningFyodor
The Eternity ServiceAdam Back
Monoalphabetic cipher cryptanalysismythrandir
Phrack Magazine Article Index Guideguyver
A Brief introduction to CCS7Narbo
Phrack World Newsdisorder
extract.cPhrack Staff
Title : Juggernaut 1.0 - 1.2 patchfile
Author : route
---[  Phrack Magazine   Volume 7, Issue 51 September 01, 1997, article 07 of 17


-------------------------[  Juggernaut 1.2 update


--------[  route <[email protected]>
                                         


	Well, Juggernaut went out, and the bug reports came in...  
Juggernaut, the robust network tool for Linux, originally went out in Phrack 
50.  This patchfile updates Juggernaut 1.0 (the version in P50-06) to version 
1.2.  It offers the following:

    - Nonfunctional things like nomenclature and cosmetics.
    - The IFF_PROMISC flag is unset upon exit.  Previously the program would 
      leave the network interface in promiscuous mode.
    - We no longer are interested in HTTP connections (unless -DGREED is 
      defined).
    - Connection Spying now works properly.
    - Connection RSTing and Automated connection RSTing now work better.


		Please keep the bug reports coming in!

    To extract this patchfile, use the included extraction utility to remove 
the patchfile from the article.  Then simply copy it into the Juggernaut 
directory and `patch <  juggernaut_1.0-1.2_patch`

<++> juggernaut_1.0-1.2_patch

--- NumberOneCrush/main.c	Thu May  8 15:37:02 1997
+++ NumberOneCrush/main.c	Fri Jun  6 01:33:42 1997
@@ -1,7 +1,7 @@
 /*
  *
  *			            Juggernaut
- *				    Version b2
+ *				    Version 1.2
  *
  *                            1996/7 Guild productions
  *			     daemon9[guild|phrack|r00t]
@@ -42,7 +42,7 @@
 #define DEVICE "eth0"
 #define LOGFILE "./juggernaut.log.spy"
 
-char version[]="1.0\0";
+char version[]="1.2";
 int sigsentry=1;		    /* Signal sentry */
 int ripsock=0;			    /* RIP socket */
 int linksock=0;			    /* SOCK PACKET socket */
@@ -96,8 +96,8 @@
     char buf[MINIBUF]={0};
     char token[2*MINIBUF]={0};
     int c;
-                                
-    if(geteuid()||getuid()){	            /* r00t? */
+
+    if(geteuid()||getuid()){                /* r00t? */
         fprintf(stderr,"UID or EUID of 0 needed...\n");
         exit(0);
         }
@@ -279,7 +279,7 @@
     	fgets(buf,sizeof(buf),stdin);
     	if(buf[0]==0x0a||buf[0]=='q')return;
     	if(!(int)(val=atoi(buf)))continue;
-    	if(!(target=checkc(val)))fprintf(stderr,"Connection not in queue.\n");	
+    	if(!(target=checkc(val)))fprintf(stderr,"Connection not in database.\n");
     	else break;
     }
     fprintf(stderr,"\nDo you wish to log to a file as well? [y/N] >");
@@ -324,7 +324,7 @@
 	fgets(buf,sizeof(buf),stdin);
 	if(buf[0]==0x0a||buf[0]=='q')return;
    	if(!(int)(val=atoi(buf)))continue;
-	if(!(target=checkc(val)))fprintf(stderr,"Connection not in queue.\n");
+	if(!(target=checkc(val)))fprintf(stderr,"Connection not in database.\n");
 	else break;
     }
     signal(SIGINT,convulsion);
@@ -440,7 +440,7 @@
 
     fprintf(stderr,"Juggernaut %s [email protected] [guild 1996/7]\n",version);
 
-    fprintf(stderr,"\nJuggernaut compiled with the following options:\n");
+    fprintf(stderr,"\nBuilt on %s %s with the following options:\n",__DATE__,__TIME__);
 #ifdef MULTI_P
     fprintf(stderr," Multi-processing\n");
 #endif
@@ -501,7 +501,7 @@
     	fgets(buf,sizeof(buf),stdin);
     	if(buf[0]==0x0a||buf[0]=='q')return;
     	if(!(int)(val=atoi(buf)))continue;
-    	if(!(target=checkc(val)))fprintf(stderr,"Connection not in queue.\n");	
+    	if(!(target=checkc(val)))fprintf(stderr,"Connection not in database.\n");
     	else break;
     }
     if(ntohs(target->dport)!=23){
@@ -547,7 +547,7 @@
     	fgets(buf,sizeof(buf),stdin);
     	if(buf[0]==0x0a||buf[0]=='q')return;
         if(!(int)(val=atoi(buf)))continue;
-        if(!(target=checkc(val)))fprintf(stderr,"Connection not in queue.\n");	
+        if(!(target=checkc(val)))fprintf(stderr,"Connection not in database.\n");
     	else break;
     }
     if(ntohs(target->dport)!=23){
--- NumberOneCrush/mem.c	Thu May  8 15:37:02 1997
+++ NumberOneCrush/mem.c	Fri Jun  6 01:33:09 1997
@@ -1,7 +1,7 @@
 /*
  *
  *                                  Juggernaut
- *                                  Version b1
+ *                                  Version 1.2
  *
  *                            1996/7 Guild productions
  *                           daemon9[guild|phrack|r00t]
--- NumberOneCrush/menu.c	Thu May  8 15:37:02 1997
+++ NumberOneCrush/menu.c	Fri Jun  6 01:33:32 1997
@@ -1,7 +1,7 @@
 /*
  *
  *                                  Juggernaut
- *                                  Version b2
+ *                                  Version 1.2
  *
  *                            1996/7 Guild productions
  *                           daemon9[guild|phrack|r00t]
--- NumberOneCrush/net.c	Thu May  8 15:37:02 1997
+++ NumberOneCrush/net.c	Fri Jun  6 01:32:56 1997
@@ -1,7 +1,7 @@
 /*
  *
  *                                  Juggernaut
- *                                  Version b1
+ *                                  Version 1.2
  *
  *                            1996/7 Guild productions
  *                           daemon9[guild|phrack|r00t]
@@ -92,13 +92,14 @@
  *  mode.
  */
 
-int tap(device)
+int tap(device,mode)
 char *device;
+int mode;
 {
 	
     int fd;				
     struct ifreq ifr;   /* Link-layer interface request structure */
-                        /* Ethernet code for IP 0x800==ETH_P_IP */
+                        /* Ethernet code for IP 0x0800==ETH_P_IP */
     if((fd=socket(AF_INET,SOCK_PACKET,htons(ETH_P_IP)))<0){	
         if(verbosity)perror("(tap) SOCK_PACKET allocation problems [fatal]");
         exit(1);					           
@@ -109,16 +110,22 @@
         close(fd);
       	exit(1);
     }
-    ifr.ifr_flags|=IFF_PROMISC;	            /* Set promiscuous mode */
+    if(!mode)ifr.ifr_flags^=IFF_PROMISC;    /* Unset promiscuous mode */
+    else ifr.ifr_flags|=IFF_PROMISC;        /* Set promiscuous mode */
     if((ioctl(fd,SIOCSIFFLAGS,&ifr))<0){    /* Set flags */
-        if(verbosity)perror("(tap) Can't set promiscuous mode [fatal]");
+        if(verbosity)perror("(tap) Can't set/unset promiscuous mode [fatal]");
         close(fd);
 	exit(1);
     }
-    return(fd);
+    if(!mode){
+        close(fd);
+        return(0);
+    }
+    else return(fd);
 }
 
 
+
 /*
  *  Gimme a raw-IP socket.  Use of IP_HDRINCL is automatic with 2.0.x
  *  kernels.  Not sure about 1.2.x
@@ -197,7 +204,6 @@
         case 22:
         case 23:
         case 25:
-        case 80:
         case 513:
         case 6667:
             if(((int)msg=addc(iphp,tcphp)))if(verbosity)fprintf(stderr,"%c%s",0x08,msg);
@@ -235,7 +241,6 @@
         case 22:
         case 23:
         case 25:
-        case 80:
         case 513:
         case 6667:
             if(((int)msg=delc(iphp,tcphp)))if(verbosity)fprintf(stderr,"%c%s",0x08,msg);
@@ -261,7 +266,7 @@
     void dumpp(char *,int,FILE *);
 
     extern int sigsentry;
-    int tlinksock=tap(DEVICE);	/* Spying tap.  XXX- Really dumb way to do this... */
+    int tlinksock=tap(DEVICE,1);    /* Spying tap.  XXX- Really dumb way to do this... */
     time_t tp;
 
     ALIGNNETPOINTERS();
@@ -272,20 +277,14 @@
         time(&tp);
         fprintf(fp,": Log started:\t\t%s---------------------------------------------------------------------\n",ctime(&tp));
     }
-		    /* NO alaram timeout here.  SIGINT kills our spy session */
-    while(sigsentry)if(recv(tlinksock,&epack,sizeof(epack),0))if(iphp->protocol==IPPROTO_TCP)if(iphp->saddr==target->daddr&&tcphp->source==target->dport)dumpp(epack.payload-2,htons(iphp->tot_len)-sizeof(epack.ip)-sizeof(epack.tcp),fp);
+		    /* NO alarm timeout here.  SIGINT kills our spy session */
+    while(sigsentry)if(recv(tlinksock,&epack,sizeof(epack),0))if(iphp->protocol==IPPROTO_TCP)if(iphp->saddr==target->daddr && iphp->daddr==target->saddr && tcphp->dest==target->sport)dumpp(epack.payload-2,htons(iphp->tot_len)-sizeof(epack.ip)-sizeof(epac








k
+
+.tcp),fp);
 	
     if(fp){
         fprintf(fp,"\n---------------------------------------------------------------------\n: Juggernaut connection spy log trailer\n: %s [%d]\t-->\t %s [%d]\n",hostLookup(target->saddr),ntohs(target->sport),hostLookup(target->daddr),ntohs(target->dport








)
 
-
-
-
-
-
-
-
-
 );
         time(&tp);
         fprintf(fp,": Log ended:\t\t%s---------------------------------------------------------------------\n",ctime(&tp));
@@ -347,8 +346,8 @@
         unsigned short tlen;
     }*ppheader;
  		
-    static int moot=0;
-    int tlinksock=tap(DEVICE);
+    int moot=0;
+    int tlinksock=tap(DEVICE,1);
 
     ALIGNNETPOINTERS();
 
@@ -451,7 +450,7 @@
     extern int ripsock;	
     extern int acrstpid;
     char *tempBuf=0;
-    int tlinksock=tap(DEVICE);
+    int tlinksock=tap(DEVICE,1);
 
     switch((acrstpid=fork())){ 	/* Drop a child to backround, return the 
                                    parent to continue */
@@ -570,7 +569,7 @@
     extern int netreadtimeout;
     static int len;
     char *tempBuf;
-    int tlinksock=tap(DEVICE);
+    int tlinksock=tap(DEVICE,1);
 
     ALIGNNETPOINTERS();
 
@@ -675,7 +674,7 @@
     extern int netreadtimeout;
     extern int sigsentry;
     static int len;
-    int tlinksock=tap(DEVICE);			
+    int tlinksock=tap(DEVICE,1);			
     
     ALIGNNETPOINTERS();
 
@@ -799,7 +798,7 @@
     int grabflag=0;                     /* Time to grab some packets */
     unsigned long targetsourceip=0;
     unsigned short targetsourceport=0;
-    int tlinksock=tap(DEVICE);          
+    int tlinksock=tap(DEVICE,1);          
 
     if(!(fp=fopen(SNIFLOG,"a+"))){      /* Log to file */
         if(verbosity){
--- NumberOneCrush/prometheus.c	Thu May  8 15:37:03 1997
+++ NumberOneCrush/prometheus.c	Fri Jun  6 01:33:17 1997
@@ -1,7 +1,7 @@
 /*
  *
  *                                  Juggernaut
- *                                  Version b2
+ *                                  Version 1.2
  *
  *                            1996/7 Guild productions
  *                           daemon9[guild|phrack|r00t]
--- NumberOneCrush/surplus.c	Thu May  8 15:37:03 1997
+++ NumberOneCrush/surplus.c	Fri Jun  6 01:33:03 1997
@@ -1,7 +1,7 @@
 /*
  *
  *                                  Juggernaut
- *                                  Version b2
+ *                                  Version 1.2
  *
  *                            1996/7 Guild productions
  *                           daemon9[guild|phrack|r00t]
@@ -29,6 +29,7 @@
 #define HELPFILE    "./ClothLikeGauze/.help"
 #define FBUFSIZE     80
 #define MINIBUF      10
+#define DEVICE      "eth0"
 
 extern int verbosity;    
 
@@ -346,6 +347,7 @@
 void cleanexit(){
 
     void powerdown();
+    int tap(char *,int);
 
     extern int ripsock;
     extern int hpid;
@@ -353,6 +355,7 @@
 
     close(ripsock);
     powerdown();
+    tap(DEVICE,0);                          /* Unset promisc mode on the interface */
     if(kill(hpid,SIGUSR1))if(verbosity){    /* Send signal to the hunter */
         perror("(cleanexit) Could not signal hunter");
         fprintf(stderr,"[cr]");
<-->



----[  EOF

[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]
© Copyleft 1985-2024, Phrack Magazine.