On Sat, 18 May 2013 15:17:22 -0500, John McKown <[email protected]> wrote:
>http://mainframed767.tumblr.com/post/50574743147/big-iron-back-door-maintp-part-two > >basically the person must be able to ftp into a UNIX subdirectory and >to submit a job. They upload a program called "netcat" into a data set >starting with their RACF id. They then submit a job which copies the >data set into the /tmp subdirectory with a "random" name, chmod the >name to be executable, then executes does starts the netcat in the >"background" (asynchronous to the batch job) and piping to/from the >z/OS UNIX shell. The "hacker" simply connects to the port that netcat >is listening on, and presto, they have a shell on their desktop. True, but they anything they can do using that shell they could have done directly within the batch job that they submitted. If the administrators did not want them running batch jobs, they could have prevented that quite easily. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
