Reach the root! How to gain privileges in Linux?

As you can remember ( and as a must to remember for each good administrator) it is not a good idea to work as a root user on Linux. In a perfect world you should use it only to configure a server, to install or to update software, by and large, only for purely administrative purposes. The problem is that we live in the real world that is, actually, quite far away from a perfect one. So, the situation is quite common and, generally, because of negligence, wherefore, the Linux users had no choice but to figure out how does their software works. However, if you know how does the system work and understand its safety mechanisms then you will never work as a root user. Anyway, today we are going to review the ways of raising authorities up from the unprivileged user to a root one, unlike the situation with Windows where we were considering the ways of running with administrative privileges. So, let’s start.

Read full article →


Let’s get rid of default settings!

Apache

Let’s start with the configuration of the Indian who gained recognition on many servers on the web. The first setting we select is the one that prevents an attacker from recognizing the version of Apache. To do this, you can use two directives that have to be set to the following values:

Separate user and group

The second step is to make sure that Apache runs under its own separate user and group. If the same user also manages something else, e.g. DBMS, an attacker who manages to compromise the web server can have access to the database as well.

Read full article →


SharePoint Serving the Hacker

One of the few interesting exploits that I could find includes the ability to download the source code of ASPX pages whose address is known in advance and accessible from outside. This vulnerability exists only in SharePoint 2007, and the exploit is quite simple:

This could be useful, if the website has proprietary code. But you still need to know the address of specific page.

Read full article →


Pwn Plug R2

Now, when everyone is obsessed with encryption, cryptocontainers and other methods of fighting with “software attacks” such seemingly obsolete things like intrusion bugs are regarded as artifacts from James Bond movies rather than a real threat. As a consequence, a network that is physically isolated from the Internet is considered to be almost invulnerable to hackers. Even if the length of the network is many kilometers, and there are no security people to protect many of its components, which are literally accessible to anyone, sometimes just open to anyone, the network is still considered to be absolutely secure. Actually, it is not, as experience has shown.

Read full article →


The Smallest Trojan of Modern Age

It all started two years ago, when many antivirus companies tried to outdo each other with reports on catching a new malware with full-fledged functionality aimed at taking away cash from users of different online banking systems while fitting just in 19968 bytes of code.

Read full article →


Spam with viruses

Despite the fact that Russia (surprise!) is not among the leaders in computer infectioning by this method (three leaders are traditionally USA, Germany and the UK), we suppose it will be still useful to find out what makes many users in different corners of the world click on attachments in messages from unknown senders. Off we go!

Read full article →