|
Vulnerability Development
mailing list archives
Re: Thwarting /bin/bash, an anti-overflow concept ?
From: Valdis.Kletnieks () vt edu
Date: Wed, 07 Jan 2004 14:22:27 -0500
On Wed, 07 Jan 2004 13:39:44 +0100, Alex =?iso-8859-1?Q?Sch=FCtz?= <antitrack_legend () chello at> said:
However, if we do not have any shell, what is going to happen ? There's no
/bin/bash to call, thus, the exploit will surely crash some application,
but its final goal will be thwarted.
Feel free to recode /etc/inittab so it doesn't call /etc/rc.sysinit. That's a shell
script and won't work very well without a shell handy.
Running without a shell is actually doable in the embedded environment, where they
often boot with 'init=/bin/system_driver_program'. However, if you're not an
embedded system, you may need a shell :)
Attachment:
_bin
Description:
 By Date 
By Thread
Current thread:
- Re: Thwarting /bin/bash, an anti-overflow concept ?, (continued)
|
Intro
