[ILUG] Fwd: RedHat: Buffer Overflow in "ls" and "mkdir"
Chris Higgins
chris.higgins at darach.ie
Sat Oct 23 14:06:44 IST 2004
On Sat, 23 Oct 2004 13:59:05 +0100
kevin lyda <kevin+dated+1098968359.a4c78f at ie.suberic.net> wrote:
> On Sat, Oct 23, 2004 at 01:21:39PM +0100, fuzzbucket wrote:
> > It's a strange one. Who'd fall for it? Are there Linux admins out
> > there with the Win admin way of doing things? They know how to
> > compile software because it's written down for them? Strange.
>
> isn't there a saying along the lines of, "no one has ever gone brok
> underestimating people's stupidity."
>
> > So, the classic Linux virus scenario has come true: get tarball
> > virus, extract, check deps, compile, make executable, install, su,
> > run. I tried having a read of the source, but my C is rustier than
> > the Titanic and it's too damn early :)
>
> pathetic that it's written in c. perl, python or shell would be
> better.
It seems to be a shell script compiled into C[1] to obscure it,
I just don't have the time at the moment to bother reversing
the process.
[1] apt-cache show shc 'description'
Description: Shell script compiler
shc creates a stripped binary executable version of the
script specified with -f on the command line.
The binary version will get a .x extension appended and will
usually be a bit larger in size than the original ascii
code. Generated C source code is saved in a file with the
extension .x.c.
>
> kevin
>
> --
> us citizen anywhere on the planet? :| election coverage:
> ****** REGISTER TO VOTE! ****** |:
> http://www.campaigndesk.com/
> * http://declareyourself.com/ * :| http://campaigndesk.org/
> ****** REGISTER TO VOTE! ****** |: http://dailyhowler.com/
> --
> Irish Linux Users' Group
> http://www.linux.ie/mailman/listinfo/ilug/
>
--
Chris Higgins
Darach Technology Ltd tel: +353-1-6204370
email: chris.higgins at darach.ie fax: +353-1-6204371
http://www.darach.ie
More information about the ILUG
mailing list