The Wily Hacker
Charlie Miller
cmiller at sunspot.UUCP
Wed Jul 27 00:56:58 AEST 1988
Earlier I posted an article on the subject of passwords and system
security that referenced an article in Communications of the acm.
The acm issue date was in error, the article was in the May 1988 issue.
This is very good reading on the subject of security; "Stalking the
Wily Hacker". This guy had broken to the MILNET computer network.
The systems were then baited with files of fictitious text about
SDI etc...
The intruder used common account names like root, guest, system or
field. He also tried default or common passwords and sometimes found
valid account names by using who and finger on currently logged-in
accounts. The article goes on to say that although these methods were
primitive, he gained access on about 5 percent of the machines
attempted and sometimes actually gained system manager privileges as
well. He also exploited a bug in the Gnu-Emacs editor: using the
built in mail system, allowing users to forward a file to another
user, Emacs uses the UNIX set user ID root feature. He used this
program to put a shell script (to execute a root level) into the
systems area that when executed would grant him system privileges.
Good reading!
=======================================================================
-Charlie Miller Believe it if you need it...
USPS Mail: National Solar Observatory, Sunspot, NM 88349
Phone: (505)434-1390, FTS: 571-0238
UUCP: {arizona,decvax,hao,ihnp4}!noao!sunspot!cmiller
=======================================================================
More information about the Comp.unix.questions
mailing list