The mobile partner for Linux comes with most modems that have been released this year for ZTE and Huawei , it doesn't actually run like the the linux in-built modem-manager process which helps linux use usb-switch (Look it up) to not mistake The modem for a storage device as did with modems in the past. The next step is that modem-manager gets information of the modem and stuff. Now here is the risky part.
This process runs as a super user since it needs to access the modem via a device instance /dev/ttyUSB0 or whatever it comes up with, The bad news is that well, this is a possible exploit for a hacker with good working knowledge on device access, and if i recall correctly, when i was studying how to program for the video devices in the video4Linux book, i realized that if you have any of these devices in your control, The machine is pretty much toast [If your a good C programmer] , Sorry i think you don't have to imagine much about CIA and NSA, If you can use modem-manager via it's sms utility , i guess you can dump your payload . Then again, it is just a theory. like most things. On Sun, Aug 18, 2013 at 10:50 PM, Benjamin Tayehanpour < [email protected]> wrote: > On 18 August 2013 20:56, kizito Mudambo <[email protected]> wrote: > > @ william Kibira, for the linux part, i dont think it would be as easy > as > > that given the fact that linux handles executables or any thing that can > be > > excuted in a different manner... > > If I have to take a guess at how the exploit works, it's probably some > buffer overflow exploit in the parsing. The problem here is that since > the code is injected into an already-running process, the usual Linux > failsafes at the file system level (requiring executable bit to run, > etc.) are bypassed. As you say, the rogue code *should* not be able to > do anything a normal unprivileged user cannot do, but that's still a > lot. Think about it. The user's home directory is compromised. > Documents, saved passwords, session cookies... AND, notice the word > "should". Since the mobile partner needs to access a hardware device, > it does need some privileges a normal user doesn't have. The proper > way to do it is to add the user to the dial-out group, and have the > device nodes owned by the same. The less proper way is to start the > program with root privileges, grab access to the dongle, and then drop > all privileges. The horribly improper way would be simply to run the > whole thing as root altogether. > > Since I don't use the mobile partner software for Linux, I don't know > under which category this software falls. It does sound like a badly > designed piece of software, though, so I'm not hopeful... In either > case, the home directory is at risk, and there are loads of things an > attacker could do there. It would be a simple matter for an attacker > to edit .bashrc, prepend a path to the exec environment, and then > write a replacement sudo script which intercepts the password and > sends it back to the attacker. It would be an even simpler matter to > install a malicious browser add-on which intercepts every password > entered. The possibilities are endless, given a careless user. > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. >
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
