Irrelevant?

Security issue related to Unix and Unix applications

Moderator: Community Moderators

User avatar
phiber
Site Admin
Posts: 260
Joined: Sun Oct 13, 2002 11:26 pm
Location: Cakovec, Croatia

Re: Irrelevant?

Post by phiber » Thu Jul 26, 2007 7:40 am

does anybody remember the phf bug back from the... ninetees? :)
it is still out there, although some servers have it faked on purpose.

But to stay on-topic... for ex.: linux kernels lately have local privilege escalation vulnerabilities. The nature of this vulnerabilities is that they are harder to exploit, therefore... security has been tightened. Firefox is widely-used-professionally-developed software which in version 2.0.0.4 allows a malicious site to read stored passwords.

I'm sure nobody will get my 2 cents :-)

User avatar
phiber
Site Admin
Posts: 260
Joined: Sun Oct 13, 2002 11:26 pm
Location: Cakovec, Croatia

Re: Irrelevant?

Post by phiber » Thu Jul 26, 2007 4:07 pm

Quaon wrote:Like I said before, since there are a million different combinations for the different versions, wouldnt it be impossible to write a virus for any of the linux machines? Assuming the kernal is completely protected of course.
Got your point but it all comes down to what one would define as "virus".

G-Brain
Posts: 82
Joined: Tue Aug 07, 2007 11:21 am
Location: The Netherlands
Contact:

Re: Irrelevant?

Post by G-Brain » Wed Aug 08, 2007 8:02 pm

Quaon wrote:In this case, lets assume the purpose of the virus is to erase your hard drive from a remote location. On a windows it would be standard, since all the Windows users are using the exact same thing. But wouldn't a virus have to written for a specific machine if it was using Linux?
Yes it would, Unix's power and security is in it's ability to be able to be customized. - What a sentence.

User avatar
phiber
Site Admin
Posts: 260
Joined: Sun Oct 13, 2002 11:26 pm
Location: Cakovec, Croatia

Re: Irrelevant?

Post by phiber » Tue Oct 23, 2007 11:53 am

you mean, like the way you could do that with malformed gif and jpegs?

muto
Posts: 417
Joined: Sat Mar 29, 2008 12:46 pm

Re: Irrelevant?

Post by muto » Fri Oct 31, 2008 6:15 pm

Well, if they're running a unix webserver, you can often see what addons they've got. Other than that, you can't really find out much about a unix box remotly. nmap might show you what they're running.

However, although *NIX systems can be highly customized, the core of the system is always going to be simllar. The main reason for *NIX being virus free is not the fact that each install is different, but from the fact it was built with security in mind. Almost no-one runs as root, which massivly limits what a virus can do from the start, and combined with the fact that need to chmod stuff to +x before it'll even execute also helps.

THC's amap might also be useful in enumeration...

jd2kuk
Posts: 1537
Joined: Fri Mar 16, 2007 12:19 am
Location: UK

Re: Irrelevant?

Post by jd2kuk » Sun Nov 02, 2008 12:31 pm

amap?
Some people are like Slinkies: completely useless but fun to watch when you push them down stairs.

muto
Posts: 417
Joined: Sat Mar 29, 2008 12:46 pm

Re: Irrelevant?

Post by muto » Sun Nov 02, 2008 4:35 pm

http://freeworld.thc.org/thc-amap/

Code: Select all

Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if they are running on a different port than normal. It also identifies non-ascii based applications. This is achieved by sending trigger packets, and looking up the responses in a list of response strings.

jd2kuk
Posts: 1537
Joined: Fri Mar 16, 2007 12:19 am
Location: UK

Re: Irrelevant?

Post by jd2kuk » Sun Nov 02, 2008 8:09 pm

Ahh cool :)

Might have to give it a try...
Some people are like Slinkies: completely useless but fun to watch when you push them down stairs.

Todd91
Posts: 29
Joined: Sat May 02, 2009 4:51 am

Re: Irrelevant?

Post by Todd91 » Sat May 02, 2009 6:23 pm

hahahahaha quaon is a noob! why is he a mod if he doesnt even know a simple question like the one he just asked? hahahaha

User avatar
ICT Tech
Community Master Admin
Posts: 1415
Joined: Thu Jul 26, 2007 6:33 pm
Location: In my chair!

Re: Irrelevant?

Post by ICT Tech » Thu May 07, 2009 2:16 am

Todd91 wrote:hahahahaha quaon is a noob! why is he a mod if he doesnt even know a simple question like the one he just asked? hahahaha
SHUT UP!

No one likes you so calling people on Xatrix noobs won't exactly help! :evil:
Got it? *Sarcastic Smile*
ICT Tech
Senior Community Admin

Post Reply