Re: hack that changes root to Root

From: Yotam Rubin (yotam@makif.omer.k12.il)
Date: 02/26/02

Previous message: Glenn Forbes Fleming Larratt: "Re: Determining the country of orgin for IP address(es)"
In reply to: James: "hack that changes root to Root"
Next in thread: james: "Re: hack that changes root to Root"
Next in thread: Mike Shaw: "Re: hack that changes root to Root"
Reply: james: "Re: hack that changes root to Root"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 26 Feb 2002 21:17:27 +0200
To: incidents@securityfocus.com
From: Yotam Rubin <yotam@makif.omer.k12.il>

On Mon, Feb 25, 2002 at 05:49:05PM -0700, James wrote:
> Anyone know of a hack that changes root (user name) to Root ?

The login name or the real name? The former is abstractly achieved by
"cat /etc/{passwd,shadow} | sed 's/^root:/Root/'". This may break some
scripts you currently use, and well, the security gain is insignificant.

Regards, Yotam Rubin

>
> James Edwards
> jamesh@cybermesa.com
> At the Santa Fe Office: Internet at Cyber Mesa
> Store hours: 9-6 Monday through Friday
> Phone support 365 days till 10 pm via the Santa Fe office:
> 505-988-9200 or Toll Free: 888-988-2700
>
>
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Previous message: Glenn Forbes Fleming Larratt: "Re: Determining the country of orgin for IP address(es)"
In reply to: James: "hack that changes root to Root"
Next in thread: james: "Re: hack that changes root to Root"
Next in thread: Mike Shaw: "Re: hack that changes root to Root"
Reply: james: "Re: hack that changes root to Root"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: PDL anti-spam blacklist
... >:> This list is provided by the SecurityFocus ARIS analyzer service. ... >:> For more information on this free incident handling, management ... >:> and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
Re: Linux Kernel Exploits / ABFrag
... There have been lots of rumors ... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
Re: Bind 9.2.X exploit???
... >>> This list is provided by the SecurityFocus ARIS analyzer service. ... >>> For more information on this free incident handling, management ... >>> and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
RE: "Code Red" worm questions
... but from other research we think the worm only tries to attack ... > This list is provided by the SecurityFocus ARIS analyzer service. ... > For more information on this free incident handling, management ... > and tracking system please see: ...
(Incidents)
RE: Ip spoof from 0.0.0.0
... > This list is provided by the SecurityFocus ARIS analyzer service. ... For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ...
(Incidents)