does anybody remember the phf bug back from the... ninetees?
it is still out there, although some servers have it faked on purpose.
But to stay on-topic... for ex.: linux kernels lately have local privilege escalation vulnerabilities. The nature of this vulnerabilities is that they are harder to exploit, therefore... security has been tightened. Firefox is widely-used-professionally-developed software which in version 2.0.0.4 allows a malicious site to read stored passwords.
Quaon wrote:Like I said before, since there are a million different combinations for the different versions, wouldnt it be impossible to write a virus for any of the linux machines? Assuming the kernal is completely protected of course.
Got your point but it all comes down to what one would define as "virus".
Quaon wrote:In this case, lets assume the purpose of the virus is to erase your hard drive from a remote location. On a windows it would be standard, since all the Windows users are using the exact same thing. But wouldn't a virus have to written for a specific machine if it was using Linux?
Yes it would, Unix's power and security is in it's ability to be able to be customized. - What a sentence.
Well, if they're running a unix webserver, you can often see what addons they've got. Other than that, you can't really find out much about a unix box remotly. nmap might show you what they're running.
However, although *NIX systems can be highly customized, the core of the system is always going to be simllar. The main reason for *NIX being virus free is not the fact that each install is different, but from the fact it was built with security in mind. Almost no-one runs as root, which massivly limits what a virus can do from the start, and combined with the fact that need to chmod stuff to +x before it'll even execute also helps.
Amap is a next-generation scanning tool for pentesters. It attempts to identify applications even if they are running on a different port than normal. It also identifies non-ascii based applications. This is achieved by sending trigger packets, and looking up the responses in a list of response strings.
