Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Attacking Potential of sh-scripts
Special Forums Cybersecurity Attacking Potential of sh-scripts Post 302508527 by Corona688 on Monday 28th of March 2011 11:43:02 AM
Old 03-28-2011
Quote:
Originally Posted by disaster
Thanks for the answer, but you misunderstood me.
I assumed that all form of bringing executable code in the system is not possible (which is done via signature checking in the kernel)
This doesn't mean you shouldn't still think about other vectors.
Quote:
So basically all the user can do is to execute programs that are already on the system. Changing those in the system will cause them to fail to execute.
How do these executables get signed? Any vulnerabilities in that and bam, you might as well have not had it.
Quote:
Because if I understand you right you mean he would build is own executable by copying it from different locations and/or writing it new. Such executables would be hindered from execution by the kernel
Hm.

Which shell? A shell that can make network sockets, like newer bash or newer ksh, could still be used as part of a zombie net.

For that matter, they could just use existing utilities for the most part.
 

3 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Potential new user of Unix

Hi all, Complete and utter virgin Unix person here (I don't even have the OS yet) As I'm doing a "looking into it" kinda thing before I move from MS I hope my questions are not inappropriate. 1. Should I get some kind off anti virus software. I know Unix is pretty good for not getting them... (2 Replies)
Discussion started by: dhula
2 Replies

2. AIX

how to handle potential file contention

I need to change how a posting procedure currently works in order to improve load balancing but I am hitting a potential file contention problem that I was wondering if someone here could assist me with... In a directory called FilePool I would have a bunch of files that are constantly coming in... (3 Replies)
Discussion started by: philplasma
3 Replies

3. HP-UX

Potential file system contention on directory

We have an 8-processor Itanium system running HP-UX 11.23 connected to shared SAN discs. We have an application that creates files (about 10) in a specific directory. When the application terminates, these files are removed (unlink) and a few others are updated. The directory contains... (8 Replies)
Discussion started by: FDesrochers
8 Replies

LEARN ABOUT FREEBSD

gzexe

GZEXE(1)						    BSD General Commands Manual 						  GZEXE(1)

NAME

     gzexe -- create auto-decompressing executables

SYNOPSIS

     gzexe [-d] file ...

DESCRIPTION

     The gzexe utility uses gzip(1) to compress executables, producing executables that decompress on-the-fly when executed.  This saves disk
     space, at the cost of slower execution times.  The original executables are saved by copying each of them to a file with the same name with a
     '~' suffix appended.  After verifying that the compressed executables work as expected, the backup files can be removed.

     The options are as follows:

     -d      Decompress executables previously compressed by gzexe.

     The gzexe program refuses to compress non-regular or non-executable files, files with a setuid or setgid bit set, files that are already com-
     pressed using gzexe or programs it needs to perform on-the-fly decompression: sh(1), mktemp(1), rm(1), echo(1), tail(1), gzip(1), and
     chmod(1).

SEE ALSO

     gzip(1)

CAVEATS

     The gzexe utility replaces files by overwriting them with the generated compressed executable.  To be able to do this, it is required that
     the original files are writable.

BSD
								 January 26, 2007							       BSD
All times are GMT -4. The time now is 01:39 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy