The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search
/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / hacking / unix / login_ex.txt < prev next >
Mailbox/MIME Entity | 2003-06-11 | 2.4 KB
open in:
MacOS 8.1 extracted |
Win98 extracted |
DOS extracted
view JSON data |
view as text

This file was processed as: Mailbox/MIME Entity (archive/mbox).

You can browse this item here: login_ex.txt
Confidence	Program	Detection	Match Type	Support
`100%`	dexvert	Mailbox/MIME Entity `(archive/mbox)`	magic	Supported
`1%`	dexvert	Swift 3D 3D Graphic `(poly/swift3D3DGraphic)`	ext	Unsupported
`1%`	dexvert	Boost Text serialization `(other/boostTextSerialization)`	ext	Unsupported
`1%`	dexvert	Text File `(text/txt)`	fallback	Supported
`100%`	file	ASCII text	default
`100%`	checkBytes	Printable ASCII	default
`100%`	perlTextCheck	Likely Text (Perl)	default
`100%`	siegfried	fmt/950 MIME Email (1.0)	default
`100%`	gt2	Textdatei (UNIX)	default
`100%`	detectItEasy	Format: plain text[LF]	default (weak)
hex view
+--------+-------------------------+-------------------------+--------+--------+
|00000000| 0a 46 72 6f 6d 20 74 68 | 65 2d 63 6f 6e 63 6f 75 |.From th|e-concou|
|00000010| 72 73 65 2d 6f 6e 2d 68 | 69 67 68 20 53 75 6e 20 |rse-on-h|igh Sun |
|00000020| 44 65 63 20 32 32 20 32 | 31 3a 34 34 3a 31 31 20 |Dec 22 2|1:44:11 |
|00000030| 31 39 39 36 0a 0a 58 2d | 55 52 4c 31 3a 20 20 20 |1996..X-|URL1:   |
|00000040| 68 74 74 70 3a 2f 2f 65 | 65 31 2e 62 72 61 64 6c |http://e|e1.bradl|
|00000050| 65 79 2e 65 64 75 2f 7e | 69 6d 31 34 75 32 63 2f |ey.edu/~|im14u2c/|
|00000060| 0a 58 2d 55 52 4c 32 3a | 20 20 20 68 74 74 70 3a |.X-URL2:|   http:|
|00000070| 2f 2f 65 65 31 2e 62 72 | 61 64 6c 65 79 2e 65 64 |//ee1.br|adley.ed|
|00000080| 75 2f 7e 69 6d 31 34 75 | 32 63 2f 61 73 79 6c 75 |u/~im14u|2c/asylu|
|00000090| 6d 2f 0a 50 61 6c 65 2d | 4d 75 74 65 2d 57 68 69 |m/.Pale-|Mute-Whi|
|000000a0| 74 65 2d 47 75 79 2d 56 | 65 72 73 69 6f 6e 3a 20 |te-Guy-V|ersion: |
|000000b0| 31 2e 30 0a 58 2d 4d 61 | 69 6c 65 72 3a 20 45 4c |1.0.X-Ma|iler: EL|
|000000c0| 4d 20 5b 76 65 72 73 69 | 6f 6e 20 32 2e 34 20 50 |M [versi|on 2.4 P|
|000000d0| 4c 32 35 5d 0a 4d 49 4d | 45 2d 56 65 72 73 69 6f |L25].MIM|E-Versio|
|000000e0| 6e 3a 20 31 2e 30 0a 43 | 6f 6e 74 65 6e 74 2d 54 |n: 1.0.C|ontent-T|
|000000f0| 79 70 65 3a 20 74 65 78 | 74 2f 70 6c 61 69 6e 3b |ype: tex|t/plain;|
|00000100| 20 63 68 61 72 73 65 74 | 3d 55 53 2d 41 53 43 49 | charset|=US-ASCI|
|00000110| 49 0a 43 6f 6e 74 65 6e | 74 2d 54 72 61 6e 73 66 |I.Conten|t-Transf|
|00000120| 65 72 2d 45 6e 63 6f 64 | 69 6e 67 3a 20 37 62 69 |er-Encod|ing: 7bi|
|00000130| 74 0a 41 70 70 72 6f 76 | 65 64 2d 42 79 3a 20 20 |t.Approv|ed-By:  |
|00000140| 4a 6f 65 20 5a 62 69 63 | 69 61 6b 20 3c 69 6d 31 |Joe Zbic|iak <im1|
|00000150| 34 75 32 63 40 43 45 47 | 54 32 30 31 2e 42 52 41 |4u2c@CEG|T201.BRA|
|00000160| 44 4c 45 59 2e 45 44 55 | 3e 0a 4d 65 73 73 61 67 |DLEY.EDU|>.Messag|
|00000170| 65 2d 49 44 3a 20 20 3c | 31 39 39 36 31 32 32 32 |e-ID:  <|19961222|
|00000180| 31 35 32 37 2e 4a 41 41 | 31 33 30 34 30 40 63 65 |1527.JAA|13040@ce|
|00000190| 67 74 32 30 31 2e 62 72 | 61 64 6c 65 79 2e 65 64 |gt201.br|adley.ed|
|000001a0| 75 3e 0a 44 61 74 65 3a | 20 20 20 20 20 20 20 20 |u>.Date:|        |
|000001b0| 20 53 75 6e 2c 20 32 32 | 20 44 65 63 20 31 39 39 | Sun, 22| Dec 199|
|000001c0| 36 20 30 39 3a 32 37 3a | 32 34 20 2d 30 36 30 30 |6 09:27:|24 -0600|
|000001d0| 0a 52 65 70 6c 79 2d 54 | 6f 3a 20 4a 6f 65 20 5a |.Reply-T|o: Joe Z|
|000001e0| 62 69 63 69 61 6b 20 3c | 69 6d 31 34 75 32 63 40 |biciak <|im14u2c@|
|000001f0| 63 65 67 74 32 30 31 2e | 62 72 61 64 6c 65 79 2e |cegt201.|bradley.|
|00000200| 65 64 75 3e 0a 53 65 6e | 64 65 72 3a 20 42 75 67 |edu>.Sen|der: Bug|
|00000210| 74 72 61 71 20 4c 69 73 | 74 20 3c 42 55 47 54 52 |traq Lis|t <BUGTR|
|00000220| 41 51 40 4e 45 54 53 50 | 41 43 45 2e 4f 52 47 3e |AQ@NETSP|ACE.ORG>|
|00000230| 0a 46 72 6f 6d 3a 20 4a | 6f 65 20 5a 62 69 63 69 |.From: J|oe Zbici|
|00000240| 61 6b 20 3c 69 6d 31 34 | 75 32 63 40 63 65 67 74 |ak <im14|u2c@cegt|
|00000250| 32 30 31 2e 62 72 61 64 | 6c 65 79 2e 65 64 75 3e |201.brad|ley.edu>|
|00000260| 0a 53 75 62 6a 65 63 74 | 3a 20 20 20 20 20 20 42 |.Subject|:      B|
|00000270| 75 66 66 65 72 20 6f 76 | 65 72 66 6c 6f 77 20 69 |uffer ov|erflow i|
|00000280| 6e 20 4c 69 6e 75 78 27 | 73 20 6c 6f 67 69 6e 20 |n Linux'|s login |
|00000290| 70 72 6f 67 72 61 6d 0a | 58 2d 63 63 3a 20 20 20 |program.|X-cc:   |
|000002a0| 20 20 20 20 20 20 75 74 | 69 6c 2d 6c 69 6e 75 78 |      ut|il-linux|
|000002b0| 40 6d 61 74 68 2e 75 69 | 6f 2e 6e 6f 0a 54 6f 3a |@math.ui|o.no.To:|
|000002c0| 20 4d 75 6c 74 69 70 6c | 65 20 72 65 63 69 70 69 | Multipl|e recipi|
|000002d0| 65 6e 74 73 20 6f 66 20 | 6c 69 73 74 20 42 55 47 |ents of |list BUG|
|000002e0| 54 52 41 51 20 3c 42 55 | 47 54 52 41 51 40 4e 45 |TRAQ <BU|GTRAQ@NE|
|000002f0| 54 53 50 41 43 45 2e 4f | 52 47 3e 0a 0a 48 65 6c |TSPACE.O|RG>..Hel|
|00000300| 6c 6f 20 61 6c 6c 2c 0a | 0a 49 20 77 61 73 20 62 |lo all,.|.I was b|
|00000310| 72 6f 77 73 69 6e 67 20 | 74 68 72 6f 75 67 68 20 |rowsing |through |
|00000320| 6d 79 20 6c 6f 63 61 6c | 20 63 6f 70 79 20 6f 66 |my local| copy of|
|00000330| 20 74 68 65 20 75 74 69 | 6c 2d 6c 69 6e 75 78 2d | the uti|l-linux-|
|00000340| 32 2e 5b 35 36 5d 20 73 | 6f 75 72 63 65 73 0a 61 |2.[56] s|ources.a|
|00000350| 6e 64 20 66 6f 75 6e 64 | 20 61 20 76 65 72 79 20 |nd found| a very |
|00000360| 6e 61 73 74 79 20 62 75 | 66 66 65 72 2d 6f 76 65 |nasty bu|ffer-ove|
|00000370| 72 66 6c 6f 77 20 70 72 | 6f 62 6c 65 6d 2e 20 20 |rflow pr|oblem.  |
|00000380| 41 6c 74 68 6f 75 67 68 | 20 49 20 68 61 76 65 6e |Although| I haven|
|00000390| 27 74 0a 77 72 69 74 74 | 65 6e 20 61 6e 20 65 78 |'t.writt|en an ex|
|000003a0| 70 6c 6f 69 74 20 28 6e | 6f 20 74 69 6d 65 2d 2d |ploit (n|o time--|
|000003b0| 6d 6f 76 69 6e 67 20 66 | 72 6f 6d 20 49 6c 6c 69 |moving f|rom Illi|
|000003c0| 6e 6f 69 73 20 74 6f 20 | 54 65 78 61 73 29 2c 20 |nois to |Texas), |
|000003d0| 69 74 20 61 70 70 65 61 | 72 73 0a 74 68 61 74 20 |it appea|rs.that |
|000003e0| 74 68 65 20 73 74 61 6e | 64 61 72 64 20 73 74 61 |the stan|dard sta|
|000003f0| 63 6b 2d 73 6d 61 73 68 | 69 6e 67 20 74 65 63 68 |ck-smash|ing tech|
|00000400| 6e 69 71 75 65 73 20 73 | 68 6f 75 6c 64 20 70 72 |niques s|hould pr|
|00000410| 6f 76 65 20 77 6f 72 6b | 61 62 6c 65 2e 0a 0a 54 |ove work|able...T|
|00000420| 68 65 20 22 6c 6f 67 69 | 6e 22 20 70 72 6f 67 72 |he "logi|n" progr|
|00000430| 61 6d 20 63 68 65 63 6b | 73 20 74 68 65 20 75 73 |am check|s the us|
|00000440| 65 72 6e 61 6d 65 20 6c | 65 6e 67 74 68 20 77 68 |ername l|ength wh|
|00000450| 65 6e 20 74 68 65 20 75 | 73 65 72 20 69 73 20 61 |en the u|ser is a|
|00000460| 73 6b 65 64 0a 74 6f 20 | 74 79 70 65 20 69 6e 20 |sked.to |type in |
|00000470| 74 68 65 20 6c 6f 67 69 | 6e 20 6e 61 6d 65 2e 20 |the logi|n name. |
|00000480| 20 48 6f 77 65 76 65 72 | 2c 20 69 66 20 74 68 65 | However|, if the|
|00000490| 20 75 73 65 72 20 2a 70 | 72 6f 76 69 64 65 73 2a | user *p|rovides*|
|000004a0| 20 61 20 6c 6f 67 69 6e | 0a 6e 61 6d 65 20 77 69 | a login|.name wi|
|000004b0| 74 68 20 74 68 65 20 22 | 2d 66 22 20 66 6c 61 67 |th the "|-f" flag|
|000004c0| 2c 20 6e 6f 20 73 75 63 | 68 20 63 68 65 63 6b 20 |, no suc|h check |
|000004d0| 69 73 20 6d 61 64 65 2e | 20 20 49 20 63 61 6e 20 |is made.|  I can |
|000004e0| 73 75 63 63 65 73 73 66 | 75 6c 6c 79 0a 67 65 74 |successf|ully.get|
|000004f0| 20 61 20 73 65 67 76 20 | 77 69 74 68 20 6d 79 20 | a segv |with my |
|00000500| 62 69 6e 61 72 79 20 77 | 69 74 68 20 6a 75 73 74 |binary w|ith just|
|00000510| 20 6f 76 65 72 20 31 30 | 36 34 20 63 68 61 72 61 | over 10|64 chara|
|00000520| 63 74 65 72 73 20 70 75 | 73 68 65 64 20 69 6e 74 |cters pu|shed int|
|00000530| 6f 0a 2d 66 27 73 20 61 | 72 67 75 6d 65 6e 74 2e |o.-f's a|rgument.|
|00000540| 0a 0a 48 65 72 65 27 73 | 20 61 20 73 68 6f 72 74 |..Here's| a short|
|00000550| 20 64 69 66 66 20 77 68 | 69 63 68 20 70 61 74 63 | diff wh|ich patc|
|00000560| 68 65 73 20 74 68 65 20 | 70 72 6f 62 6c 65 6d 3a |hes the |problem:|
|00000570| 0a 0a 34 30 31 63 34 30 | 31 2c 34 30 32 0a 3c 20 |..401c40|1,402.< |
|00000580| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 28 76 |        |      (v|
|00000590| 6f 69 64 29 73 74 72 63 | 70 79 28 74 62 75 66 2c |oid)strc|py(tbuf,|
|000005a0| 20 75 73 65 72 6e 61 6d | 65 29 3b 0a 2d 2d 2d 0a | usernam|e);.---.|
|000005b0| 3e 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 |>       |        |
|000005c0| 28 76 6f 69 64 29 73 74 | 72 6e 63 70 79 28 74 62 |(void)st|rncpy(tb|
|000005d0| 75 66 2c 20 75 73 65 72 | 6e 61 6d 65 2c 20 73 69 |uf, user|name, si|
|000005e0| 7a 65 6f 66 28 74 62 75 | 66 29 2d 32 29 3b 0a 3e |zeof(tbu|f)-2);.>|
|000005f0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 74 |        |       t|
|00000600| 62 75 66 5b 73 69 7a 65 | 6f 66 28 74 62 75 66 29 |buf[size|of(tbuf)|
|00000610| 2d 31 5d 3d 30 3b 0a 0a | 49 6e 74 65 72 69 6d 20 |-1]=0;..|Interim |
|00000620| 66 69 78 3a 20 20 72 65 | 6d 6f 76 65 20 53 55 49 |fix:  re|move SUI|
|00000630| 44 20 62 69 74 20 6f 6e | 20 2f 62 69 6e 2f 6c 6f |D bit on| /bin/lo|
|00000640| 67 69 6e 3a 20 20 63 68 | 6d 6f 64 20 61 2d 73 20 |gin:  ch|mod a-s |
|00000650| 2f 62 69 6e 2f 6c 6f 67 | 69 6e 0a 0a 4c 6f 6e 67 |/bin/log|in..Long|
|00000660| 2d 74 65 72 6d 20 66 69 | 78 3a 20 20 64 6f 77 6e |-term fi|x:  down|
|00000670| 6c 6f 61 64 20 75 74 69 | 6c 2d 6c 69 6e 75 78 2d |load uti|l-linux-|
|00000680| 32 2e 36 2c 20 61 6e 64 | 20 61 70 70 6c 79 20 74 |2.6, and| apply t|
|00000690| 68 65 20 61 62 6f 76 65 | 20 70 61 74 63 68 2e 0a |he above| patch..|
|000006a0| 0a 42 61 73 69 63 61 6c | 6c 79 2c 20 62 79 20 72 |.Basical|ly, by r|
|000006b0| 65 6d 6f 76 69 6e 67 20 | 74 68 65 20 53 55 49 44 |emoving |the SUID|
|000006c0| 20 62 69 74 20 6f 6e 20 | 2f 62 69 6e 2f 6c 6f 67 | bit on |/bin/log|
|000006d0| 69 6e 2c 20 75 73 65 72 | 73 20 77 6f 6e 27 74 20 |in, user|s won't |
|000006e0| 62 65 20 61 62 6c 65 0a | 74 6f 20 72 65 2d 6c 6f |be able.|to re-lo|
|000006f0| 67 69 6e 20 62 79 20 74 | 79 70 69 6e 67 20 22 65 |gin by t|yping "e|
|00000700| 78 65 63 20 6c 6f 67 69 | 6e 20 2e 2e 2e 2e 2e 2e |xec logi|n ......|
|00000710| 2e 2e 2e 22 2c 20 61 6e | 64 20 61 6c 73 6f 20 77 |...", an|d also w|
|00000720| 6f 6e 27 74 20 62 65 20 | 61 62 6c 65 0a 74 6f 20 |on't be |able.to |
|00000730| 63 6f 6d 70 72 6f 6d 69 | 73 65 20 79 6f 75 72 20 |compromi|se your |
|00000740| 68 6f 73 74 2e 20 20 4e | 6f 72 6d 61 6c 20 6c 6f |host.  N|ormal lo|
|00000750| 67 69 6e 2f 6c 6f 67 6f | 75 74 20 73 68 6f 75 6c |gin/logo|ut shoul|
|00000760| 64 20 73 74 69 6c 6c 20 | 77 6f 72 6b 2e 20 20 28 |d still |work.  (|
|00000770| 54 72 69 65 64 0a 69 74 | 20 6f 6e 20 6d 79 20 6f |Tried.it| on my o|
|00000780| 77 6e 20 73 79 73 74 65 | 6d 73 2c 20 77 6f 72 6b |wn syste|ms, work|
|00000790| 73 20 6a 75 73 74 20 66 | 69 6e 65 2e 29 0a 0a 49 |s just f|ine.)..I|
|000007a0| 20 64 6f 20 6e 6f 74 20 | 6b 6e 6f 77 20 69 66 20 | do not |know if |
|000007b0| 74 68 69 73 20 69 73 20 | 72 65 6d 6f 74 65 6c 79 |this is |remotely|
|000007c0| 20 65 78 70 6c 6f 69 74 | 61 62 6c 65 2e 20 20 4d | exploit|able.  M|
|000007d0| 79 20 67 75 65 73 73 20 | 69 73 20 6e 6f 74 3b 20 |y guess |is not; |
|000007e0| 68 6f 77 65 76 65 72 2c | 0a 6d 79 20 63 6f 6d 6d |however,|.my comm|
|000007f0| 6f 6e 20 73 65 6e 73 65 | 20 74 65 6c 6c 73 20 6d |on sense| tells m|
|00000800| 65 20 6e 6f 74 20 74 6f | 20 64 69 73 63 6f 75 6e |e not to| discoun|
|00000810| 74 20 74 68 69 73 20 6c | 69 6b 65 6c 69 68 6f 6f |t this l|ikelihoo|
|00000820| 64 2e 0a 0a 49 20 61 6d | 20 43 43 27 69 6e 67 20 |d...I am| CC'ing |
|00000830| 74 68 69 73 20 74 6f 20 | 74 68 65 20 75 74 69 6c |this to |the util|
|00000840| 2d 6c 69 6e 75 78 20 6d | 61 69 6e 74 61 69 6e 65 |-linux m|aintaine|
|00000850| 72 2e 0a 0a 2d 2d 4a 6f | 65 0a 0a 0a 2d 2d 0a 3a |r...--Jo|e...--.:|
|00000860| 3d 3d 3d 3d 3d 3d 3d 20 | 4a 6f 65 20 5a 62 69 63 |======= |Joe Zbic|
|00000870| 69 61 6b 20 3d 3d 3d 3d | 3d 3d 3d 3a 0a 3a 2d 20 |iak ====|===:.:- |
|00000880| 2d 20 69 6d 31 34 75 32 | 63 40 62 72 61 64 6c 65 |- im14u2|c@bradle|
|00000890| 79 2e 65 64 75 20 2d 20 | 2d 3a 20 20 20 20 20 20 |y.edu - |-:      |
|000008a0| 20 20 20 22 41 6e 20 6f | 75 6e 63 65 20 6f 66 20 |   "An o|unce of |
|000008b0| 69 6d 61 67 65 20 69 73 | 20 77 6f 72 74 68 0a 3a |image is| worth.:|
|000008c0| 20 2d 20 2d 20 2d 20 2d | 20 2d 20 68 74 74 70 3a | - - - -| - http:|
|000008d0| 20 2d 20 2d 20 2d 20 2d | 20 2d 20 3a 20 20 20 20 | - - - -| - :    |
|000008e0| 20 20 20 20 20 20 61 20 | 70 6f 75 6e 64 20 6f 66 |      a |pound of|
|000008f0| 20 70 65 72 66 6f 72 6d | 61 6e 63 65 2e 22 0a 3a | perform|ance.".:|
|00000900| 2f 2f 65 65 31 2e 62 72 | 61 64 6c 65 79 2e 65 64 |//ee1.br|adley.ed|
|00000910| 75 2f 7e 69 6d 31 34 75 | 32 63 2f 3a 0a 3a 3d 3d |u/~im14u|2c/:.:==|
|00000920| 3d 3d 3d 3d 3d 20 44 49 | 53 43 4c 41 49 4d 45 52 |===== DI|SCLAIMER|
|00000930| 3a 20 3d 3d 3d 3d 3d 3d | 3d 3a 20 20 20 20 20 20 |: ======|=:      |
|00000940| 20 20 20 20 20 20 20 20 | 20 20 20 20 2d 2d 20 4c |        |    -- L|
|00000950| 61 75 72 65 6e 63 65 20 | 4a 2e 20 50 65 74 65 72 |aurence |J. Peter|
|00000960| 0a 3a 20 20 20 49 74 27 | 73 20 61 6c 6c 20 72 69 |.:   It'|s all ri|
|00000970| 67 68 74 2e 2e 2e 20 2d | 20 20 2d 20 2d 2d 0a 2d |ght... -|  - --.-|
|00000980| 2d 20 2d 20 20 2d 20 20 | 20 49 20 64 69 64 6e 27 |- -  -  | I didn'|
|00000990| 74 20 64 6f 20 69 74 21 | 20 20 20 3a 0a 28 35 35 |t do it!|   :.(55|
|000009a0| 30 3a 38 33 35 20 31 31 | 3a 31 35 29 0a          |0:835 11|:15).   |
+--------+-------------------------+-------------------------+--------+--------+