[ILUG] Porting MyDoom to Linux
colm at stdlib.net
Tue Feb 3 22:03:20 GMT 2004
On Tue, Feb 03, 2004 at 10:01:22AM -0800, Rick Moen wrote:
> This is why we sysadmins teach people to say "/bin/su" when su'ing to
> root. Eh, you never learned that? Sorry to hear.
Exec to a new shell that ignores that, whatever, it doesn't matter.
The principle remains the same, once you have compromised a root
holders account, root is next, in pretty short order. It's not
hard, there are many many trivial ways.
> Produce a working example, and we'll talk.
I once used that very example to root a server whilst on lunch, as part of
a penetration test.
> You'll find that there are lots of little difficulties that you never
> anticipated. Hint: Those difficulties aren't there by accident.
There are *no* serious difficulties. Once you have a root users account,
you're there. Replace their shell, replace their binaries, invade their
memory, LD_PRELOAD, whatever you like. There are zero barriers to you
getting access to everything they do.
Colm MacCárthaigh Public Key: colm+pgp at stdlib.net
More information about the ILUG