search for: phrack

I was wondering if anyone here has or knows how to implement ttysnoop w/ssh ?

...1414141 0x41414141 0x809dfc8: 0x41414141 0x41414141 0x41414141 0x41414141 0x809dfd8: 0x41414141 0x41414141 >From here on, as demonstrated by Global InterSec LLC, exploitation becomes trivial. For more information on exploiting calls to free() see the excellent Phrack article "Once upon a free()" [2]. WORK AROUND - ----------- As mentioned in http://www.openssh.com/txt/preauth.adv, and as demonstrated by noir in http://www.phrack.org/phrack/60/p60-0x06.txt, "you can prevent privilege escalation if you enable UsePrivilegeSeparation in sshd_config...

There is a recent article in the German magazine C''t that may be of interest to those on this list. It describes a cracker program, Juggernaut, which can hijack telnet sessions. The program is written specifically to run under Linux. An english translation of the article is available at: http://www.ix.de/ct/english/9710142/ It also mentions that they are working on a version of the

Following Situation: Having an intranet-application that needs to know the ip-Address of the clients before running. Clients anywere in the Internet with any ip-address. So I thought about using masquerading the opposite way than normal. But then anybody could use this application. Dos anybody know how to make it a little bit more secure, like proofing the mac-address of the client, or something

> > systems which no longer seem to have this. This file contained an archive of > > the trojan''s that were inserted into the compromised system - does anybody know > > what is in these trojans? > > Check the Linux RootKit ... (LRK).. > > Typically LRK to use config-files.. (and typically LRK-users to place > files in /dev.. find /dev -type f | grep -v

[Note to R. Wolff -- thanks for the pointers and the program. As I understand its workings, it would run as root and bind a listen port to a particular program -- with a list being supplied in /etc/portadmin or other file. Basically, a listen wrapper. Hopefully this message will address your cleanup concerns in my previous message. Thanks. Also, you may want to provide a moderator''s

Here''s a neat trick for a machine running kerneld: not_root@machine$ /sbin/ifconfig isofs loads ''/lib/modules/(kernel version here)/fs/isofs.o''. /sbin/ifconfig when run as non-root queries a network interface for its configuration. However, if the interface is unknown it also tries to load the module that implements that interface using the name of the interface as

Hi. I don''t know if this one is known, but I can''t recall seeing anything about it. If it is old news I apologize. I discovered a bug in the inetd that comes with NetKit-B-0-08 and older. If a single SYN is sent to port 13 of the server, inetd will die of Broken Pipe: write(3, "Sun Jan 12 21:50:35 1997\r\n", 26) = -1 EPIPE (Broken pipe) --- SIGPIPE (Broken pipe) ---

do you mean it cant be circumvented from the perspective of syslinux or TPM? Sadly firmware exploits are rampant. Core Security has good research on this as phrack... SMM can be gotten to by far too much. Tho if you are targeted by that skill level then going to ic3 might be good idea. -------- Original message -------- From: Ian Bannerman <ian at internals.io> Date:04/29/2014 2:43 PM (GMT-05:00) To: Gene Cumm <gene.cumm at gmail.com>,"...

...----------------------------------------------------------------------+ Port name: p5-SOAP-Lite Affected: versions < p5-SOAP-Lite-0.55 Status: Fixed Client may call any procedure on server. <URL:http://use.perl.org/articles/02/04/09/000212.shtml?tid=5> <URL:http://www.phrack.com/show.php?p=58&a=9> <URL:http://www.soaplite.com/> +------------------------------------------------------------------------+ Port name: puf Affected: versions < puf-0.93.1 Status: Fixed Format string vulnerability in error output. <URL:http://puf.sourceforg...

I am not sure if I had a compromise but I am not sure I wanted some other input. I noticed in this in my daily security run output: pc1 setuid diffs: 19c19 < 365635 -rwsr-xr-x 1 root wheel 204232 Sep 27 21:23:19 2003 /usr/X11R6/bin/xscreensaver --- > 365781 -rwsr-xr-x 1 root wheel 205320 Dec 4 07:55:59 2003 /usr/X11R6/bin/xscreensaver It was the only file listed and I didn't

As halflife demonstrated in Phrack 50 with his linspy project, it is trivial to patch any system call under Linux from within a module. This means that once your system has been compromised at the root level, it is possible for an intruder to hide completely _without_ modifying any binaries or leaving any visible backdoors behind. B...