Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Subverting eTrust Access Control on UNIX (file execution)
From: Tim Brown <tmb () 65535 com>
Date: Wed, 10 Dec 2008 16:39:16 +0000

On Wednesday 10 December 2008 16:30:30 arvind doraiswamy wrote:
Well .. Not totally related this. Alll the same you'd need to gain
access to the system someway (vuln, open share, webdav, default
password, ftp whatever) before you'd think of uploading binaries.
Unless you already gained access to those folders. And if you've got
as much access as that .. you would probably just be able to turn
things off itself or drop a rootkit in there as a POC. Just another
way of thinking - You might not need to bypass at all.

Not necessarily true, AC doesn's use OS privileges when authorising/denying 
access. One purpose of it is to neuter OS level accounts.  For example, using 
AC I could remove all privileges from the root user and reassign them to 
someone else.  That being said, disabling it is a valid point.  "secons -s" 
is your friend in this regard *assuming* you have access to an account that 
is defined as an AC admin in the local policy being enforced.

Tim Brown
<mailto:tmb () 65535 com>

This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]