People, how much attention are you going to get to this topic with a
subject line like "(forw)"?
On Monday, 12 July 1999 at 12:28:03 +0000, crypt0genic wrote:
>
> Have you all seen this?
> To: [EMAIL PROTECTED]
>
> Hi folks,
>
> THC released a new article dealing with FreeBSD 3.x
> Kernel modules that can attack/backdoor the
> system.
> You can find our article on http://thc.pimmel.com or
> http://r3wt.base.org.
For those of us who *hate* incorrect or approximate URLs, try
http://thc.pimmel.com/files/thc/bsdkern.html.
> Greets, pragmatic / The Hacker's Choice
On Monday, 12 July 1999 at 21:19:45 +0930, Mark Newton wrote:
> Karl Pielorz wrote:
>
>> Yes, a nice, effective - and simply way of replacing syscall's on FreeBSD...
>> Some might say a little too 'simple'?
>
> Garbage. You can do this on any OS, whether it supports loadable
> modules or not, if you've managed to win sufficient privileges through
> some other means. FreeBSD (and other OSs with loadable module support)
> merely provides a well-defined API which, like almost every other well-
> defined API, can be abused by those who harbor ill-will.
>
> Making the interface "complicated" does absolutely nothing to stop
> script-kiddies: Once a complicated interface is in an exploit script,
> who cares how arcane it is?
In fact, the most interesting thing about this (rather large) document
is that it's the best documentation I've seen on klds. I don't know
why anybody would want to use it for compromising security, since it's
a *lot* of work, and to even get as far as installing it you have to
be root already, so you would have plenty of easier alternatives.
Greg
--
See complete headers for address, home page and phone numbers
finger [EMAIL PROTECTED] for PGP public key
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
