[Full-Disclosure] Old LS Trojan?
Scott Renna
srenna at vdbmusic.com
Wed Dec 1 23:47:42 GMT 2004
LOL. That CISSP totally rocks.
Scott Renna CISSP, GCIA, GCIH
Kevin Finisterre wrote:
> You should think a CISSP could write such a script in like 5 minutes.
>
>
> David S. Morgan wrote:
>
>> Hey all,
>>
>> I am looking for an old LS trojan, with trojan being a misnomer.
>> Essentially, the scinario is that the admin (root) has a . (dot) in
>> his path. The bad-user knows this, and has crafted an LS shell script
>> (the part that I can't find) that essentially copies /sbin/sh to a
>> hidden directory and then performs some suid majik to make the sh run
>> as if they were root, without needing the root password. The file
>> then removes itself and does the real version of ls.
>>
>> Does anyone remember this one, and have the ls script anywhere? I
>> would like to use it in a demonstration. I know that this has
>> probobly been fixed in various ways, but I have "old Unixes" for just
>> such occasions.
>>
>> Dave Morgan
>>
>> David S. Morgan CISSP, CCNP aka: captkras at earthlink.net
>>
>> "When the winds of change blow hard enough, even the most tiny object
>> can become a deadly projectile"
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure is hosted and sponsored by Secunia.