[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Plague Proof of Concept Linux backdoor
- To: hijacker@xxxxxxxxx
- Subject: Re: [Full-disclosure] Plague Proof of Concept Linux backdoor
- From: Rik Bobbaers <Rik.Bobbaers@xxxxxxxxxxxxxx>
- Date: Mon, 23 Oct 2006 14:15:40 +0200
hijacker@xxxxxxxxx wrote:
> Hello Rik,
> and how on earth can you make "root" run that piece of code? Do you have
> to specify it in the README section that it is mandatory to run that as
> root in order the "new" application root will be installing to run as
> expected?
<snip>
very simple, YOU own the box and place the backdoor like that
or you make root execute your code one way or another.
point was: it looks rather ... normal, doesn't immediately catch the eye
as being a backdoor
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
Rik.Bobbaers@xxxxxxxxxxxxxx -=- http://harry.ulyssis.org
thinking always leads to conclusions... and those can be extremely dangerous
-- me ;)
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/