• 7. Solutions Remove ASH
  • 8. Limitations on the Experiment We assumed
  • 9. Conclusion We have just covered step by step how a Redhat 8.0 was backdoored
  • Finally, a root shell could be obtained using ASH




    Download 0.85 Mb.
    bet7/7
    Sana23.06.2020
    Hajmi0.85 Mb.
    1   2   3   4   5   6   7

    Finally, a root shell could be obtained using ASH (a shell). And also this is one of back door to the root access. Although this shell is not familiar to many Linux users, it is a solid root shell.
    Now let’s try to access /root directory.

    figure[ash-004]: accessing /root directory using shell back door.





    1. 7. Solutions
      Remove ASH

    - Currently a solution is to remove ASH package and not to use it.

    1. Use Patch

    - We could not allocate or find the patch available to fix this problem yet.


    8. Limitations on the Experiment
    We assumed that we had a root privilege in STEP 1.

        • We have to find a way to be a root before we create the back door.

        • So if we don’t ever had a root access very first time, this back door cannot be created.


    9. Conclusion
    We have just covered step by step how a Redhat 8.0 was backdoored, and how the attack could be initiated. The goal was to determine what kind of shell package is still vulnerable in Redhat 8.0 and get a root shell back door. By analyzing this issue, we could get a better understanding of what to expect and look for when analyzing system vulnerablity. ASH was turn out to be very dangerous still in recent version of redhat 8.0. We hope there would be more studies on this bug to find out why this is happen in more detail.


    1. References:

      http://www.hackersnews.org




    Katalog: doc

    Download 0.85 Mb.
    1   2   3   4   5   6   7




    Download 0.85 Mb.

    Bosh sahifa
    Aloqalar

        Bosh sahifa



    Finally, a root shell could be obtained using ASH

    Download 0.85 Mb.