|
Finally, a root shell could be obtained using ASH
|
| bet | 7/7 | | Sana | 23.06.2020 | | Hajmi | 0,66 Mb. | | #10498 |
Finally, a root shell could be obtained using ASH (a shell). And also this is one of back door to the root access. Although this shell is not familiar to many Linux users, it is a solid root shell.
Now let’s try to access /root directory.
figure[ash-004]: accessing /root directory using shell back door.
Remove ASH
- Currently a solution is to remove ASH package and not to use it.
Use Patch
- We could not allocate or find the patch available to fix this problem yet.
8. Limitations on the Experiment
| We assumed that we had a root privilege in STEP 1.
We have to find a way to be a root before we create the back door.
So if we don’t ever had a root access very first time, this back door cannot be created.
We have just covered step by step how a Redhat 8.0 was backdoored, and how the attack could be initiated. The goal was to determine what kind of shell package is still vulnerable in Redhat 8.0 and get a root shell back door. By analyzing this issue, we could get a better understanding of what to expect and look for when analyzing system vulnerablity. ASH was turn out to be very dangerous still in recent version of redhat 8.0. We hope there would be more studies on this bug to find out why this is happen in more detail.
http://www.hackersnews.org
|
| |
