Page 1 of 2

Re: Irrelevant?

Posted: Thu Jul 26, 2007 7:40 am
by phiber
does anybody remember the phf bug back from the... ninetees? :)
it is still out there, although some servers have it faked on purpose.

But to stay on-topic... for ex.: linux kernels lately have local privilege escalation vulnerabilities. The nature of this vulnerabilities is that they are harder to exploit, therefore... security has been tightened. Firefox is widely-used-professionally-developed software which in version 2.0.0.4 allows a malicious site to read stored passwords.

I'm sure nobody will get my 2 cents :-)

Re: Irrelevant?

Posted: Thu Jul 26, 2007 4:07 pm
by phiber
Quaon wrote:Like I said before, since there are a million different combinations for the different versions, wouldnt it be impossible to write a virus for any of the linux machines? Assuming the kernal is completely protected of course.
Got your point but it all comes down to what one would define as "virus".

Re: Irrelevant?

Posted: Wed Aug 08, 2007 8:02 pm
by G-Brain
Quaon wrote:In this case, lets assume the purpose of the virus is to erase your hard drive from a remote location. On a windows it would be standard, since all the Windows users are using the exact same thing. But wouldn't a virus have to written for a specific machine if it was using Linux?
Yes it would, Unix's power and security is in it's ability to be able to be customized. - What a sentence.

Re: Irrelevant?

Posted: Tue Oct 23, 2007 11:53 am
by phiber
you mean, like the way you could do that with malformed gif and jpegs?

Re: Irrelevant?

Posted: Fri Oct 31, 2008 6:15 pm
by muto
Well, if they're running a unix webserver, you can often see what addons they've got. Other than that, you can't really find out much about a unix box remotly. nmap might show you what they're running.

However, although *NIX systems can be highly customized, the core of the system is always going to be simllar. The main reason for *NIX being virus free is not the fact that each install is different, but from the fact it was built with security in mind. Almost no-one runs as root, which massivly limits what a virus can do from the start, and combined with the fact that need to chmod stuff to +x before it'll even execute also helps.

THC's amap might also be useful in enumeration...

Re: Irrelevant?

Posted: Sun Nov 02, 2008 12:31 pm
by jd2kuk
amap?

Re: Irrelevant?

Posted: Sun Nov 02, 2008 4:35 pm
by muto
http://freeworld.thc.org/thc-amap/

Code: Select all

Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if they are running on a different port than normal. It also identifies non-ascii based applications. This is achieved by sending trigger packets, and looking up the responses in a list of response strings.

Re: Irrelevant?

Posted: Sun Nov 02, 2008 8:09 pm
by jd2kuk
Ahh cool :)

Might have to give it a try...

Re: Irrelevant?

Posted: Sat May 02, 2009 6:23 pm
by Todd91
hahahahaha quaon is a noob! why is he a mod if he doesnt even know a simple question like the one he just asked? hahahaha

Re: Irrelevant?

Posted: Thu May 07, 2009 2:16 am
by ICT Tech
Todd91 wrote:hahahahaha quaon is a noob! why is he a mod if he doesnt even know a simple question like the one he just asked? hahahaha
SHUT UP!

No one likes you so calling people on Xatrix noobs won't exactly help! :evil:
Got it? *Sarcastic Smile*