Paul wrote:
> I discovered this program and found it interesting
If you found this on a system hosting real applications:
- Don't wait until Monday morning to pick up the phone and raise alarms. No
one else who has replied so far is overstating the risk; it is Most Grave.
- "Kill it before it br
embler List On
Behalf Of Peter Relson Sent: Sunday, October 31, 2021 9:11 AM To:
ASSEMBLER-LIST@LISTSERV.UGA.EDU Subject: Re: A question about an Authorizing
PC Service Routine IBM-Main would have been a better home for the post. I
discovered this program Curious: did you discover this program's loadm
IBM-Main would have been a better home for the post.
I discovered this program
Curious: did you discover this program's loadmod installed on your system,
or did you just discover the source for the program?
If the former, you should alert your support staff (and likely upper
management) imm
Sometimes you hear of certain types of hacks on PCs (personal
computers), where they insert some code that allows them to control the
machine but most of the time lies there silently and un-noticed. That
is what this is on z/OS. If a person can get this code into a system
unnoticed and untraced,
On 10/30/2021 1:13 PM, Charles Mills wrote:
Seriously, your note reminded me of those virus scare SPAMs that we used to get back in
the nineties: "Bill Gates says this is the worst virus ever. It will totally destroy
your hard drive ..."
Haha! Excellent point, Charles!
Some bad actors won't
From: IBM Mainframe Assembler List [mailto:ASSEMBLER-LIST@LISTSERV.UGA.EDU] On
Behalf Of Ed Jaffe
Sent: Saturday, October 30, 2021 12:29 PM
To: ASSEMBLER-LIST@LISTSERV.UGA.EDU
Subject: Re: A question about an Authorizing PC Service Routine
On 10/30/2021 11:50 AM, Charles Mills wrote:
> The gen
On 10/30/2021 11:50 AM, Charles Mills wrote:
The general term for this sort of thing is "magic PC routine."
If you have one installed then your system is potentially toast.
Unless the system runs under z/VM, a "magic" SVC or PC on any system
(even a sandbox) is a Trojan Horse some bad actor c
y, October 30, 2021 7:29 AM
To: ASSEMBLER-LIST@LISTSERV.UGA.EDU
Subject: A question about an Authorizing PC Service Routine
.
Hello
.
I discovered this program and found it interesting.
When invoked from a Non Authorized program it will switch the
calling routine into supervisor state.
.
This is th
Hi Paul
Yes, anybody can call this PC and it will branch to the address in R1 with Psw
Key 0.
The target code probably is expected to issue a PR to return to the instruction
following the PC .
The System is basically compromised and unsecured
Regards,
Keven Hall
> On Oct 30, 2021, at 09:31
.
Hello
.
I discovered this program and found it interesting.
When invoked from a Non Authorized program it will switch the
calling routine into supervisor state.
.
This is the complete PC Service Routine.
*
LCLC &CSECT
10 matches
Mail list logo