Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-Disclosure] Old LS Trojan?
From: Scott Renna (srennavdbmusic.com)
Date: Wed Dec 01 2004 - 17:47:42 CST
LOL. That CISSP totally rocks.
Scott Renna CISSP, GCIA, GCIH
Kevin Finisterre wrote:
> You should think a CISSP could write such a script in like 5 minutes.
> David S. Morgan wrote:
>> Hey all,
>> I am looking for an old LS trojan, with trojan being a misnomer.
>> Essentially, the scinario is that the admin (root) has a . (dot) in
>> his path. The bad-user knows this, and has crafted an LS shell script
>> (the part that I can't find) that essentially copies /sbin/sh to a
>> hidden directory and then performs some suid majik to make the sh run
>> as if they were root, without needing the root password. The file
>> then removes itself and does the real version of ls.
>> Does anyone remember this one, and have the ls script anywhere? I
>> would like to use it in a demonstration. I know that this has
>> probobly been fixed in various ways, but I have "old Unixes" for just
>> such occasions.
>> Dave Morgan
>> David S. Morgan CISSP, CCNP aka: captkrasearthlink.net
>> "When the winds of change blow hard enough, even the most tiny object
>> can become a deadly projectile"
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.