• Table of contents: Opening Back door
  • History of shell back doors. Vulnerability found in Redhat 8.0.
  • Opening As Linux maintains and develops more complicated structures, variety of bugs are being reported. In this project we worked on back door in Redhat 8.0
  • 2 . Back Door back door
  • 4 . Various Shells in Redhat There are many kinds
  • 5 . History of Shell Back Doors Redhat series represent the modern Linux
  • 6. Vulnerability found in Redhat 8.0 General procedures on experiments
  • CASE 1
  • Creating a Back Door on Red Hat 0




    Download 0,66 Mb.
    bet1/7
    Sana23.06.2020
    Hajmi0,66 Mb.
    #10498
      1   2   3   4   5   6   7


    Creating a Back Door on Red Hat 8.0

    Experimented screen shots and analysis

    on BASH, CSH, TCSH and ASH shells.
    .

    To: Dr. Wu



    From: John Sunwoo, Adam Roberts.



    1. Table of contents:
      Opening




    1. Back door?




    1. Shell back door.




    1. Various shells in Redhat.




    1. History of shell back doors.




    1. Vulnerability found in Redhat 8.0.




    1. Solution.




    1. Limitations on the experiment.




    1. Conclusion.



    1. Opening
    As Linux maintains and develops more complicated structures, variety of bugs are being reported. In this project we worked on back door in Redhat 8.0 which is the latest version in current market. We hope this study will help to maintain secure Linux system.


    2. Back Door?
    back door: Synonym trapdoor.

    trapdoor: A hidden software or hardware mechanism, usually created for testing and troubleshooting, that may be used to circumvent computer security.( http://www.atis.org/tg2k/_back_door.html, 03-03-2003)
    Back door is usually created by a hacker in hidden place to access the system and execute critical commands. Back door usually gives a privilege to a hacker to be a root or system administrator so that the hacker can execute critical commands.



    3. Shell Back Door
    Why Shell?

    • Generally, a back door refers a back door shell.

    • Shell is an operating system command interpreter in a computer environment.

    • Shell is a software utility that reads an input specifying an operation, and that may perform, direct, or control the specified operation.

    • Shell is like a Dos Command Window in Microsoft Windows Family.

    So if hacker could get an access to a root shell or a shell with a root privilege, then the hacker could do anything vulnerable to the system.


    4. Various Shells in Redhat
    There are many kinds of shell in Unix/Linux field. We will discuss the major shells in Redhat 8.0.


      1. BASH(Bourne Again Shell):

    Bash is the shell, or command language interpreter, that will appear in the GNU operating system. Bash is an sh-compatible shell that incorporates useful features from the Korn shell (ksh) and C shell (csh). It is intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. It offers functional improvements over sh for both programming and interactive use. In addition, most sh scripts can be run by Bash without modification. (http://216.239.51.100/search?q=cache:LRbZDn_4LtcC:www.gnu.org/software/bash/bash.html+what+is+bash&hl=ko&ie=UTF-8, 02-02-2003)

      1. CSH(C Shell):


    Csh is a new command language interpreter for UNIX†systems. It incorporates good features of other shells and a history mechanism similar to the redo of INTERLISP. While incorporating many features of other shells which make writing shell programs (shell scripts) easier,most of the features unique to csh are designed more for the interac-tive UNIX user. (http://www.kitebird.com/csh-tcsh-book/csh-intro.pdf, Joy Willam, 03-03-2003)



      1. TCSH(TC Shell):


    Tcsh is an enhanced, but completely compatible version of the Berkeley UNIX C shell (csh). It is a command language interpreter usable both as an interactive login shell and a shell script command processor. It includes a command-line editor, programmable word completion, spelling correction, a history mechanism, job control and a C-like syntax. (http://www.tcsh.org/Welcome, 03-03-2003)
    .

      1. ASH(A Shell):


    The ash shell is a clone of Berkeley's Bourne shell. Ash supports all of the standard sh shell commands, but is considerably smaller than bash. The ash shell lacks some features (for example, command-line histories), but needs a lot less memory. Ash could be installed if one needs a lightweight shell with many of the same capabilities as the bash shell. (http://www.firstlinux.com/cgi-bin/package/content.cgi?ID=6425, 03-03-2003)


    5. History of Shell Back Doors
    Redhat series represent the modern Linux operating system. Redhat has been upgraded and improved through higher versions. Redhat improved the protection against vulnerable action in the latest version 8.0, however, more bugs could be found.


      1. Version lower than 7.0 VS version 7.0 or higher

        • Most hacker have harder time creating back doors in Redhat 7.0 or higher version.

        • There are various reported exploits that helps get an illegal root access for the Redhat version lower than 7.0.

    b. Linux version lower than 7.0 could be easily vulnerable because Shell back door could be created using BASH, CSH and so on.



    6. Vulnerability found in Redhat 8.0



    General procedures on experiments:

        1. Assume one already has a root privilege for once.

        2. Copy a shell package from /bin to /tmp folder with a root privilege.

        3. Set mode to 4555

        4. Log in as any user who does not have root privilege.

        5. Go to /tmp forder and execute the command shell.

        6. Check the result.



    CASE 1. General BASH (or SH) – Widely used:
    STEP 1 ~ 3:

    figure [bash-001]: Copy a shell package from /bin to /tmp folder with a root privilege.


    STEP 4:

    figure [bash-002]: The sh shell package copied to folder (High-lighted)
    STEP
    Download 0,66 Mb.
      1   2   3   4   5   6   7




    Download 0,66 Mb.