SJS wrote:
begin quoting David Brown as of Wed, Jan 23, 2008 at 09:13:41PM -0800:
Hmm. Well, it'd be running inside of a VM, just so I could blow it all
away when I was done.
I'd build ssh from source, and start by logging the passwords they were
trying. Then I'd hack the ssh run accept their logins, but have it invoke
my special shell instead of a normal shell. It would print a shell prompt,
but then just log. Depending on how ambitious I got, I could parse their
commands and start faking those programs as well. Then do reading to see
if I could find out about the explots, and make sure that my real machines
were current enough.
That would be a nifty standard ssh feature.
"On Wrong Password, Run Program $X."
Even if $X was "tar tf - /usr/src/kernel*", it still might be amusing.
OK, I've tried to figure this one out, but I don't have /usr/src/k*, and
I'm not all that keen on the switches and such, so, what's this do that
would be so amusing? (man tar doesn't give me enuf to get a pulse on this.)
I'm guessing that it would execute the tar command either from your
machine or his, and list to his screen the contents of each of the files
matching /usr/src/kernel* which reside either on his machine or yours.
Too many unknowns for me to know, especially since I am not even
introduced to using ssh logins (or any other remote logins).
--
Ralph
--------------------
You can't help respecting someone who can spell Tuesday even if he can't
spell it right.
--Winnie the Pooh
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
