Slaying Gould dragon with a wooden horse
#Bill.Stewart
wcs at ho95e.UUCP
Thu Oct 30 08:57:10 AEST 1986
In article <694 at ulowell.UUCP> page at ulowell.UUCP (Bob Page) writes:
>dpw at unisec.UUCP (Darryl Wagoner) wrote in article <161 at unisec.UUCP>:
>> ... Is using a trojan horse a legit way to break into a system?
>
>Any method that does the job can be considered effective. Who cares
>about being legitimate? Would you pooh-pooh a system cracker that
>just destroyed your passwd file because she didn't use a 'legitimate'
>method?
What Darryl did was perfectly legit. An alternative way to do it would be to
send mail to root saying "My %s doesn't work when I'm in my home directory; can
you take a look at it, and see if I goofed on something?" Obviously this has
some limitations in a "break my trade-show system" environment, but it's the
equivalent you'd use in real life.
Some alternatives are "I got a new version of rogue! want to try it?" if you
have a dumb system administrator. An equally legitimate approach, useful at
tradeshows, is to see what kind of terminal the administrator has. Most CRTs
have a block=transfer mode that can be exploited by a letter-bomb. Even if
they get rid of setuid and give root a useful path, they probably didn't
bomb-proof mail.
--
# Bill Stewart, AT&T Bell Labs 2G-202, Holmdel NJ 1-201-949-0705 ihnp4!ho95c!wcs
More information about the Comp.unix
mailing list