lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: ggilliss at netpublishing.com (Gregory A. Gilliss)
Subject: SSH Exploit Request

How would updating ssh bring down a production system?

http://www.gilliss.com/cgi-bin/presentation?title=Building+a+Backdoor+Binary&
name=Backdoor&total=49&rank=1

When I was writing this, I found *lots* of instances where the coding 
(mine, unfortunately) left the daemon(s) lying around doing gawd knows
what on the system (and you hung your session besides). Console was the
only reason that I got the code working so that I could do the presentation
(not that I'd ever trojan an sshd on a system, for educational purposes
only, ...)

G

On or about 2003.11.14 21:10:04 +0000, Valdis.Kletnieks@...edu (Valdis.Kletnieks@...edu) said:

> Well, *that* particular one is unlikely.  But I've seen it happen.
> 
> You install a borked build of ssh (shared lib dependencies are FUN),
> restart it, your session goes bye-bye, and you can't get back in to
> fix the runaway sshd that's chewing all the resources....
> 
> The more generic point is that in larger shops, you usually need to get
> *everything* planned and OK'ed in advance, including backout plans. And
> even then things go wrong.
> 
> I'm sure I'm not the only sysadmin who's SSH'ed in to an ill box, decided
> a reboot was needed, and typed 'shutdown -i6 -g0 -y' (runlevel 6 to reboot,
> zero seconds grace, and don't prompt me), and instead realized 7 seconds
> later that what the other end *received* was '-i0 -g6 -y' (poweroff with
> 6 seconds warning), and made a bad situation worse.
> 
> What *I*'d like to know is how the transposition gremlins know that it's
> 2AM on a major holiday, or a snowstorm, or other reason that the NOC is
> running lights-out and nobody's there to push the button to power it back on..

-- 
Gregory A. Gilliss, CISSP                              E-mail: greg@...liss.com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ