Bugtraq mailing list archives
Announcement: Solaris loadable kernel module backdoor
From: plasmoid () PIMMEL COM (plasmoid)
Date: Mon, 20 Dec 1999 23:43:46 +0100
I'd like to announce in addition to the two THC articles covering Linux and FreeBSD loadable kernel module backdoors the first public loadable kernel module backdoor for Solaris. The module features: - File hiding - File content and directory hiding - Switch to toggle file content and directory hiding - Process hiding (structured proc) - Promiscous flag hiding - Converting magic uid to root uid - Execution redirecting It has been successfully tested on the following operating systems: Solaris7 x86 / sparc / ultrasparc Solaris 2.6 ultrasparc The module can be directly downloaded from --- http://www.infowar.co.uk/thc/files/thc/slkm-1.0.tar.gz A complete documentation of the kernel module's functions can be found in my article "Attacking Solaris with loadable kernel modules" at --- http://www.infowar.co.uk/thc Regards, Plasmoid / THC http://www.infowar.co.uk/thc http://www.pimmel.com
Current thread:
- Re: sshd1 allows unencrypted sessions regardless of server policy, (continued)
- Re: sshd1 allows unencrypted sessions regardless of server policy David Schwartz (Dec 15)
- SSH-1.2.27 & RSAREF2 exploit Iván Arce (Dec 14)
- SSH 1 Why? Daniel P. Zepeda (Dec 14)
- Re: SSH 1 Why? Emiliano Kargieman (Dec 15)
- Re: SSH 1 Why? Emiel Kollof (Dec 15)
- Re: SSH 1 Why? Iván Arce (Dec 16)
- Re: SSH 1 Why? R. J. Wysocki (Dec 18)
- Groupewise Web Interface Sacha Faust Bourque (Dec 19)
- Re: Groupewise Web Interface Raymond Dijkxhoorn (Dec 20)
- Re: Groupewise Web Interface Bayard G. Bell (Dec 21)
- Announcement: Solaris loadable kernel module backdoor plasmoid (Dec 20)
- Re: Announcement: Solaris loadable kernel module backdoor pedward () WEBCOM COM (Dec 21)
- Re: Announcement: Solaris loadable kernel module backdoor Marc Esipovich (Dec 22)
- Re: Announcement: Solaris loadable kernel module backdoor Steven Alexander (Dec 23)
- Re: Announcement: Solaris loadable kernel module backdoor Rainer Link (Dec 22)
- Re: Announcement: Solaris loadable kernel module backdoor Keith Owens (Dec 22)
- Re: Groupewise Web Interface satherrl () MAILPOINT DSSRG CURTIN EDU AU (Dec 21)
- Norton Email Protection Remote Overflow (Addendum) Matt Conover (Dec 20)
- procmail / Sendmail - five bugs Michal Zalewski (Dec 23)
- Re: procmail / Sendmail - five bugs Rob Jones (Dec 20)
- Re: procmail / Sendmail - five bugs Michal Zalewski (Dec 22)