search for: mongoloid

...em is. I am using the default sshd_config installed by the port. I can authenticate, copy files, and start processes, but sshd fails to create a tty session. This happens from remote machines and creating a session from the host machine. I find the following under messages. Aug 8 19:32:16 mongoloid sshd[44626]: fatal: mm_send_fd: sendmsg(4): Bad file descriptor Aug 8 19:32:16 mongoloid sshd[44626]: error: close(s->ptymaster/0): Bad file descriptor Aug 8 19:32:16 mongoloid sshd[44629]: fatal: mm_receive_fd: recvmsg: expected received 1 got 0 And here is a debug script from sshd. Scri...

...es (nosuid,noexec,nodev) /home (nosuid,nodev) Alex ------- Forwarded Message Return-Path: owner-bugtraq@netspace.org Reply-To: C0WZ1LL4@netspace.org Sender: Bugtraq List <BUGTRAQ@netspace.org> From: C0WZ1LL4@netspace.org Approved: alex@yuriev.com To: BUGTRAQ@netspace.org Hello fellow mongoloids Try this: Make hard link of /etc/passwd to /var/tmp/dead.letter Telnet to port 25, send mail from some bad email address to some unreacheable hoost. Watch your message get appended to passwd. ie: cowzilla::0:0:c0wz1ll4 0wns u:/:/bin/sh This is not good. Worked with my 8.8.4, will probably also w...

As halflife demonstrated in Phrack 50 with his linspy project, it is trivial to patch any system call under Linux from within a module. This means that once your system has been compromised at the root level, it is possible for an intruder to hide completely _without_ modifying any binaries or leaving any visible backdoors behind. Because such tools are likely to be in use within the hacker