Re: hack that changes root to Root
From: Mike Shaw (mshaw@wwisp.com)Date: 02/26/02
- Previous message: Michael Sutton: "Wave of Nimda-like hits this morning?"
- In reply to: James: "hack that changes root to Root"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Feb 2002 15:00:22 -0600 To: "James" <jamesh@cybermesa.com>, <incidents@securityfocus.com> From: Mike Shaw <mshaw@wwisp.com>
I've seen a sophisticated Trojan horse program that does this.
It basically tricks me into hitting the insert key in vi which capitalizes
the letter. This is particularly on the very first letter on the very
first line where the cursor starts (like "root" in etc/passwd). So far I
haven't seen a publicly available exploit, so I have no idea how it knows
I'm in a hurry and been living in notepad all day. ; )
-Mike
At 05:49 PM 2/25/2002 -0700, James wrote:
>Anyone know of a hack that changes root (user name) to Root ?
>
>James Edwards
>jamesh@cybermesa.com
>At the Santa Fe Office: Internet at Cyber Mesa
>Store hours: 9-6 Monday through Friday
>Phone support 365 days till 10 pm via the Santa Fe office:
>505-988-9200 or Toll Free: 888-988-2700
>
>
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus ARIS analyzer service.
>For more information on this free incident handling, management
>and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Michael Sutton: "Wave of Nimda-like hits this morning?"
- In reply to: James: "hack that changes root to Root"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
