| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat May 7 06:40:27 2005 From: khaalel at gmail.com (khaalel) Subject: Re: [VulnDiscuss] Re: [VulnWatch] KSpynix ::: the Unix version of KSpyware? (Proof Of Concept) If the user is non-priviledge the spyware will work too without using the function ifroot. khaalel > > On 5/6/05, William Warren <hescominsoon@...anuelcomputerconsulting.com> wrote: > > ok that is as rot. What if the user is non-privledged? > > > > khaalel wrote: > > > > > Since KSpyware was on the net, i received some mails of people who > > > wanted to know if spywares under Unix systems could be coded. I did > > > some search on the net to find an unix spyware, but i found nothing. > > > So i launch my freebsd box and i started to code an unix spyware : > > > like under windows systems, spywares under Unix systems can be easily > > > coded but its long (i coded KSpynix during 5 hours) because we have to > > > find the right conf files. > > > > > > So KSpynix is only a proof of concept but it work well : i tested it > > > under FreeBSD 5.3 (like i don't use Linux i can't tell you if all the > > > code work under Linux but i know it will work well under Gentoo Linux > > > that use the system of ports like the BSD systems). > > > > > > For the moment, KSpynix can list all the installed programs, can spy > > > the web sites the victim visited, can obtain a list of e-mail > > > adresses, cookies, can hijack Opera's main page and can do the things > > > you want if the victim have root powers (like copy the /etc/htpasswd > > > file). > > > > > > All the glaned informations are put in a repertory, to send the > > > repertory, the spyware could create a shell script that would use sftp > > > or other tools. > > > > > > Well, here is KSpynix's code cource (in Python) : > > > http://nzeka-labs.com/hacking/KSpynix.htm > > > > > > KSpynix is under GPL so: > > > "You may copy and distribute verbatim copies of the Program's source > > > code as you receive it, in any medium, provided that you conspicuously > > > and appropriately publish on each copy an appropriate copyright notice > > > and disclaimer of warranty; keep intact all the notices that refer to > > > this License and to the absence of any warranty; and give any other > > > recipients of the Program a copy of this License along with the > > > Program." BUT DON'T TRY IT ON THE WEB. > > > > > > > > > - Nzeka Gilbert aka Khaalel > > > - www.nzeka-labs.com > > > - Author of the french security book: "La protection des sites > > > informatique face au hacking". > > > > > > > -- > > Computer House Calls, Networks, Security, Web Design: > > http://www.emmanuelcomputerconsulting.com > > What businesses are in Brunswick, Maryland? Check Brunswick First! > > http://www.checkbrunswickfirst.com > > My "Foundation" verse: > > Isa 54:17 No weapon that is formed against thee shall prosper; > > and every tongue that shall rise against thee in judgment thou > > shalt condemn. This is the heritage of the servants of the LORD, > > and their righteousness is of me, saith the LORD. > > > > -- carpe ductum -- "Grab the tape" > > CDTT (Certified Duct Tape Technician) > > > > Linux user #322099 > > Machines: > > 206822 > > 256638 > > 276825 > > http://counter.li.org/ > > >
Powered by blists - more mailing lists