Full Disclosure mailing list archives
ALERT ALERT plaintext passwords in linux ALERT ALERT
From: fd () rshell org (Guy Cohen)
Date: Sun, 15 Sep 2002 20:46:37 +0300
$grep "hushmail \"blackhats\" proves ones again they'er 31337 hackers" \ /proc/kcore Binary file /proc/kcore matches aren't you tired? I know I am. On Sun, Sep 15, 2002 at 09:22:15AM -0700, ppan () hushmail com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 oops, someone edited my mail .-( <-- oneeyed pirate the fix is of course: rm -rf /proc/kcoreProblem: Linux stores your passwords in plaintext See proof of concept exploit below Fix: rm -rf /dev/kmem Demonstration: ---flic--- bash$ ./passcheck.sh secret checkpass v1.5 Proves that kmem leakes your passwords Needs to be run as root By etah^etihw aka peter-pan Checking for password 'secret' Binary file /proc/kcore matches -flac- OMG!!!! it matches!!! Please don't tell anyone my root password because I cant change it because i deleted the passwd program because i thougt that it is vulnerable but I think it was not vulnerable but i cant get it because I have to port undel.exe to lunix first. Here is the 0-DAY exploit! Please do not abuse!!! ---click--- #!/bin/bash # POC exploit # shows kmem is a fscking leaker! echo "checkpass v1.5"; echo "proves that kmem leakes your passwords"; echo "needs to be run as root"; echo "by etah^etihw"; echo " "; echo "checking for password '$1'"; grep $1 /proc/kcore ---clack--- (do not forget to make 'chmod +x passcheck.sh'!!) Greets: zisss (you are the man bro!!) drater (mad resopectz to yu0!!) verb (wuz up? your a.t. owns me ass!!) jchrist (your dad > *) regards Peter Pan-----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlkEARECABkFAj2EtAYSHHBwYW5AaHVzaG1haWwuY29tAAoJECqmU44+fV7i+O4AoJ2O iOC5OdOkZEXlmeEV0V8ho+OsAJ94pIMt/I7+BXirHzlwNpheI6kI7w== =ZL7v -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- Unix Administration, | http://www.unixadmin.co.il locally and remotely. | support () unixadmin co il Planning, installation, | Phone: 972-3-6201373 support & upgrades. | Location: Unrestricted
Current thread:
- ALERT ALERT plaintext passwords in linux ALERT ALERT ppan () hushmail com (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT Ka (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT John (Sep 16)
- <Possible follow-ups>
- ALERT ALERT plaintext passwords in linux ALERT ALERT ppan () hushmail com (Sep 15)
- Re[2]: ALERT ALERT plaintext passwords in linux ALERT ALERT Mikhail Iakovlev (Sep 15)
- Re[2]: ALERT ALERT plaintext passwords in linux ALERT ALERT martin f krafft (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT silvio () big net au (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT Michal Zalewski (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT silvio () big net au (Sep 15)
- Re[2]: ALERT ALERT plaintext passwords in linux ALERT ALERT Mikhail Iakovlev (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT Guy Cohen (Sep 15)
- ALERT ALERT plaintext passwords in linux ALERT ALERT White Vampire (Sep 15)