Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: pgp passphrase

From: Tomasz Konefal <twkonefal () compt com>
Date: Mon, 22 Mar 2004 12:03:05 -0500
Jim Richardson wrote:

On Sun, Mar 21, 2004 at 09:49:29AM +0100, Cedric Blancher wrote:

Le dim 21/03/2004 à 02:04, Jim Richardson a écrit :


>Keylogger ?
Installed how?

With the worm...

Where? /home is mounted noexec.


no problem, see here:

http://lists.netsys.com/pipermail/full-disclosure/2004-January/015143.html
"The ability to load a new process image without the direct aid of the kernel is important in many scenarios. For example: a program (e.g. shellcode) could load a binary off the wire and execute it without first creating a copy on disk; or, a program could extract a binary from an encrypted data store and execute it without creating a plain text image on the disk. Userland exec is useful for any situation where it is preferable not to create a file on the disk when executing a program." 

cheers,
  twkonefal


--
Tomasz Konefal
Systems Administrator
Command Post and Transfer Corp.
416-585-9995 x.349

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: