Gentoo Archives: gentoo-desktop

From: Lindsay Haisley <fmouse-gentoo@×××.com>
To: gentoo-desktop@l.g.o
Subject: Re: [gentoo-desktop] Vulnerabilities on an RFC-1918 masqueraded Linux box.
Date: Wed, 23 Mar 2011 22:38:11
Message-Id: 1300919801.21521.217.camel@vishnu.fmp.com
In Reply to: Re: [gentoo-desktop] Vulnerabilities on an RFC-1918 masqueraded Linux box. by Donnie Berkholz
1 On Wed, 2011-03-23 at 16:56 -0500, Donnie Berkholz wrote:
2 > It's called reverse shellcode. One would exploit a vulnerability in your
3 > web browser, email reader, or integrated apps/libraries (primarily
4 > Flash, Evince/libpoppler, or Java) that provides the ability to run
5 > arbitrary code as the local user to get the shellcode onto your system
6 > and run it. Reverse shellcode then connects from your computer to a
7 > remote server and provides them with a login shell.
8
9 Very interesting!
10
11 I did a bit of looking. This appears to be far into the realm of
12 grey-hat hacking. I found
13 <http://linux.softpedia.com/get/System/Shells/Sishell-25119.shtml> and
14 <http://projectshellcode.com/node/2>.
15
16 This looks mostly like it's theoretical, proof of concept stuff, and
17 some of it uses DNS as an intermediary agent. Do exploits based on on
18 these techniques actually exist in the wild that you know of?
19
20 Linux is unsinkable, just like the Titanic.
21
22 --
23 Lindsay Haisley | "Never expect the people who caused a problem
24 FMP Computer Services | to solve it." - Albert Einstein
25 512-259-1190 |
26 http://www.fmp.com |

Replies

Subject Author
Re: [gentoo-desktop] Vulnerabilities on an RFC-1918 masqueraded Linux box. Lindsay Haisley <fmouse-gentoo@×××.com>