|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Thwarting /bin/bash, an anti-overflow concept ?
Valdis.Kletnieks
vt.edu
Date: Wed Jan 07 2004 - 13:22:27 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 07 Jan 2004 13:39:44 +0100, Alex =?iso-8859-1?Q?Sch=FCtz?= <antitrack_legendchello.at> said:
> However, if we do not have any shell, what is going to happen ? There's no
> /bin/bash to call, thus, the exploit will surely crash some application,
> but its final goal will be thwarted.
Feel free to recode /etc/inittab so it doesn't call /etc/rc.sysinit. That's a shell
script and won't work very well without a shell handy.
Running without a shell is actually doable in the embedded environment, where they
often boot with 'init=/bin/system_driver_program'. However, if you're not an
embedded system, you may need a shell :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE//FxzcC3lWbTT17ARAnbtAKDPqVP3KGzwUPscZ/Lz8fkj3GjhpACeIrMz
0k57t8nm87BSVyvqv87dD2o=
=r718
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]