Bugtraq mailing list archives
El Programa Matador de Ascendes
From: sod () command com inter net (Scriptors of DOOM)
Date: Sat, 16 Nov 1996 03:54:32 -0700
Somehow I get the feeling that CIAC is trying to tell me something --
One of the most common indications that a machine has been compromised by these or similar vulnerabilities are links from a world writable directory (such as /tmp) to a system file (such as /.rhosts) in a directory requiring root privilege to write or create files there, and /.rhosts files with ++ at the beginning of any line.
I guess we've been laying it pretty heavy on the symlinks. Sorry. We'll apologize by skipping the symlink problem we were going to do this week and putting in something unrelated. Of course, now that our Lord & Master aleph1 has released a whole buncha good buffer-overflow stuff to Phrack, we figure now is a good time to follow that lead. /usr/diag/bin/mstm and cstm share the same stuffs in that regard, and they can both lead the unworthy to a higher purpose. So come on over to http://command.com.inter.net/~sod/ and start filling up those buffers with code that only a machine could love. They're sure to love you back sooner or later. One bug a week, just passing two months, full of piss and vinegar. God bless. SPECIAL INVITATION TO OUR FRIENDS AT HP: Vroom, vroom. What can I say other than it's been an interesting week. Yup, that's been the word for it so far: interesting. In fact, I don't think I can really say any more than that right now. Oh, except I'm supposed to say "Hi" to Frank? and Patty in Tele- communications/TND, and another "Hello" to the person who only responds to the title "Technical Lead". Oh, and I'd like to pledge my unending love to Janeane Garofalo, and I'd like to say a really big "Woof" to my dog Spot. Oh, and I should add that the quickest and easiest method of shutting us down is by paying us and not paying your lawyers. Oh, one more thing, sex may very well be an acceptable alternative to green cash money if you want us to shut up, but breast size will probably become a consideration at that point. Oh, and always remember, I love you.
Current thread:
- Possible SunOS 5.5.1 sulogin vulnerability Jason R. Mastaler (Nov 13)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Steve Blass (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Doug Hughes (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Casper Dik (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Michael Douglass (Nov 15)
- El Programa Matador de Ascendes Scriptors of DOOM (Nov 16)
- El Programa Matador de Ascendes Aleph One (Nov 16)
- This week: turn me on, dead man Aleph One (Nov 16)
- Re: El Programa Matador de Little Boys I like so much Aleph One (Nov 16)
- Apologies to Kit Knox and all Aleph One (Nov 16)
- <Possible follow-ups>
- Re: Possible SunOS 5.5.1 sulogin vulnerability Mark Graff (Nov 15)