[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2d7da9270505062240c199fa0@mail.gmail.com>
Date: Sat May 7 06:40:27 2005
From: khaalel at gmail.com (khaalel)
Subject: Re: [VulnDiscuss] Re: [VulnWatch] KSpynix ::: the
Unix version of KSpyware? (Proof Of Concept)
If the user is non-priviledge the spyware will work too without using
the function ifroot.
khaalel
>
> On 5/6/05, William Warren <hescominsoon@...anuelcomputerconsulting.com> wrote:
> > ok that is as rot. What if the user is non-privledged?
> >
> > khaalel wrote:
> >
> > > Since KSpyware was on the net, i received some mails of people who
> > > wanted to know if spywares under Unix systems could be coded. I did
> > > some search on the net to find an unix spyware, but i found nothing.
> > > So i launch my freebsd box and i started to code an unix spyware :
> > > like under windows systems, spywares under Unix systems can be easily
> > > coded but its long (i coded KSpynix during 5 hours) because we have to
> > > find the right conf files.
> > >
> > > So KSpynix is only a proof of concept but it work well : i tested it
> > > under FreeBSD 5.3 (like i don't use Linux i can't tell you if all the
> > > code work under Linux but i know it will work well under Gentoo Linux
> > > that use the system of ports like the BSD systems).
> > >
> > > For the moment, KSpynix can list all the installed programs, can spy
> > > the web sites the victim visited, can obtain a list of e-mail
> > > adresses, cookies, can hijack Opera's main page and can do the things
> > > you want if the victim have root powers (like copy the /etc/htpasswd
> > > file).
> > >
> > > All the glaned informations are put in a repertory, to send the
> > > repertory, the spyware could create a shell script that would use sftp
> > > or other tools.
> > >
> > > Well, here is KSpynix's code cource (in Python) :
> > > http://nzeka-labs.com/hacking/KSpynix.htm
> > >
> > > KSpynix is under GPL so:
> > > "You may copy and distribute verbatim copies of the Program's source
> > > code as you receive it, in any medium, provided that you conspicuously
> > > and appropriately publish on each copy an appropriate copyright notice
> > > and disclaimer of warranty; keep intact all the notices that refer to
> > > this License and to the absence of any warranty; and give any other
> > > recipients of the Program a copy of this License along with the
> > > Program." BUT DON'T TRY IT ON THE WEB.
> > >
> > >
> > > - Nzeka Gilbert aka Khaalel
> > > - www.nzeka-labs.com
> > > - Author of the french security book: "La protection des sites
> > > informatique face au hacking".
> > >
> >
> > --
> > Computer House Calls, Networks, Security, Web Design:
> > http://www.emmanuelcomputerconsulting.com
> > What businesses are in Brunswick, Maryland? Check Brunswick First!
> > http://www.checkbrunswickfirst.com
> > My "Foundation" verse:
> > Isa 54:17 No weapon that is formed against thee shall prosper;
> > and every tongue that shall rise against thee in judgment thou
> > shalt condemn. This is the heritage of the servants of the LORD,
> > and their righteousness is of me, saith the LORD.
> >
> > -- carpe ductum -- "Grab the tape"
> > CDTT (Certified Duct Tape Technician)
> >
> > Linux user #322099
> > Machines:
> > 206822
> > 256638
> > 276825
> > http://counter.li.org/
> >
>
Powered by blists - more mailing lists