In <CAAJSdjhPY1=zvqhnrwbvdusc-yclionfbrzn3tt-zkczxup...@mail.gmail.com>, on 05/18/2013 at 03:17 PM, John McKown <[email protected]> said:
>http://mainframed767.tumblr.com/post/50574743147/big-iron-back-door-maintp-part-two Control the resources, not the tools. >basically the person must be able to ftp into a UNIX subdirectory >and to submit a job. They upload a program called "netcat" into a >data set starting with their RACF id. They then submit a job which >copies the data set into the /tmp subdirectory with a "random" name, >chmod the name to be executable, then executes does starts the >netcat in the "background" (asynchronous to the batch job) and >piping to/from the z/OS UNIX shell. The "hacker" simply connects to >the port that netcat is listening on, and presto, they have a shell >on their desktop. There are easier ways to get a shell on your desktop if you're allowed to submit jobs. Where is the security breach? -- Shmuel (Seymour J.) Metz, SysProg and JOAT Atid/2 <http://patriot.net/~shmuel> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
