| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Nov 2006 01:44:53 -0600 From: nocfed <nocfed@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Putty Proxy login/password discolsure.... On 11/2/06, Tonnerre Lombard <tonnerre.lombard@...roup.ch> wrote: > Salut, > > On Thu, 2006-11-02 at 01:15 -0600, nocfed wrote: > > And if you have physical access then you can simply use a floppy, usb > > dongle, or any other type of removable media to boot from. Once > > physical access is obtained then you pretty much have full access, > > barring full disk encryption. Personally I see linux's password for > > single user mode to be like a screen door infront of an old door with > > a combination lock on it. It takes VERY little effort to punch a > > whole through it, even if you only have 1 minute alone with the > > server. > > If you have physical access, just plug in your iPod with UNIX and enjoy > full memory access to the host machine... > I've always enjoyed the idea of throwing a tiny rogue pxe server(soekris) under the raised floor in a datacenter, vampire tapped into the uplink ethernet, and having it set to pxe once into a hacked up pxelinux that boots the server(s) one time into its own OS, installs a rootkit, and reboot it again into its own media. Setting this up may require a bit more time as you would have to remove the sheath, punch the wires making sure to not cut them, and tap in. Using a simple environment like busybox you can have this type of system mount just about any type of filesystem(regardless of OS), figure out which OS it is and install the appropriate rootkit. This would require that the servers be set to PXE before their normal boot media but could cause all sorts of havok. Most DC's will utilize a PXE environment in order to (re)deploy servers on the fly. I'm sure you all get the point. Another idea would be another type of vampire tap/wap combo so you can have the network as your own little playground. I think that I read about a tiny one a while back, but did not find it with a simple search. Maybe someone knows what I am referring to? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists