[Full-disclosure] Plague Proof of Concept Linux backdoor
Rik Bobbaers
Rik.Bobbaers at cc.kuleuven.be
Mon Oct 23 12:03:19 BST 2006
hijacker at oldum.net wrote:
> Are you saying I just injected my system with an account with root access
> hiding somewhere? Please, clarify.
as you can tell by the subject, this is a BACKDOOR, you run it as root,
and yes, than it works and creates a "new root" account
you ran it as a normal user, so it won't work (you can't read
/etc/shadow as normal user (du'uh))
grtz,
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
Rik.Bobbaers at cc.kuleuven.be -=- http://harry.ulyssis.org
thinking always leads to conclusions... and those can be extremely dangerous
-- me ;)
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
Full-Disclosure is hosted and sponsored by Secunia.