lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: measl at mfn.org (J.A. Terranson) Subject: Old LS Trojan? > David S. Morgan wrote: > > Hey all, > > > > I am looking for an old LS trojan, with trojan being a misnomer. > > Essentially, the scinario is that the admin (root) has a . (dot) in > > his path. The bad-user knows this, and has crafted an LS shell script > > (the part that I can't find) that essentially copies /sbin/sh to a > > hidden directory and then performs some suid majik to make the sh run > > as if they were root, without needing the root password. The file > > then removes itself and does the real version of ls. > > > > Does anyone remember this one, and have the ls script anywhere? I remember this: "SUSHI" (Super User Shell, Interactive). An old, *really old* *nix shell intro book, IIRC. Try the older Hayden books. -- Yours, J.A. Terranson sysadmin@....org 0xBD4A95BF Civilization is in a tailspin - everything is backwards, everything is upside down- doctors destroy health, psychiatrists destroy minds, lawyers destroy justice, the major media destroy information, governments destroy freedom and religions destroy spirituality - yet it is claimed to be healthy, just, informed, free and spiritual. We live in a social system whose community, wealth, love and life is derived from alienation, poverty, self-hate and medical murder - yet we tell ourselves that it is biologically and ecologically sustainable. The Bush plan to screen whole US population for mental illness clearly indicates that mental illness starts at the top. Rev Dr Michael Ellner
Powered by blists - more mailing lists