how does a hacker run remote scripts on a linux machine?

Status
Not open for further replies.
iinfi

iinfi

mekalodu
is it possible for a hacker to run malicious scripts on a linux server even without knowing the root or user password of a linux system?
any file which is copied from a remote system doesnt have execute (x) privileges! in such a scenario how do scripts get run on the remote machine?

assume i v configured iptables n left SE Linux in permissive state.
 
Garbage

Garbage

God of Mistakes...
I don't think that script can execute unless and until it has execute permission.

One way is that, you have a script which takes a file and executes it (just like system() of c), and hacker anyhow can let your program execute the script.
 
OP
iinfi

iinfi

mekalodu
@holiety
so you ran malicious scripts on a linux server ... or the chick in the pic did it?
u chinese dog...
 
L

lilovirus

Broken In
Hi,
It works in following manner.

1) remote hacker try to exploit any service running on your system
as the service normally run in privilege mode for example ping has the sticky bit on and run as root.
2) exploiting
for example in your code you have defined
char str[10];
so your string can take 10 characters including end of line NULL char at end;

but what will happen if you try to push 1000 character in this.
for experimenting you can try this.
sometime it will do coredump - segmentation fault
but after certain number of characters you will get error like unable to write
and further more you will see unable to read or read error.
although you are writing in the string but it will tale that unable to read, it is because your stack point is now corrupted.
if you do more experiment and find out that you have reached to corrupt program counter then your service will start executing it.
and here if you put your script code then it will execute.

but this scenario was in old system, now a days most of the system prevent code execution from the stack.

i hope this add a little value to your understanding.
 
OP
iinfi

iinfi

mekalodu
thanks a lot for your reply.....
i m not into coding. m working as a jr. linux admin and this is informative.
i was wondering apart from getting firewalls and OS patches rite is there any other way i can keep hackers at bay. i dont v too much exp in production env. though. i work in implementation.
 
Status
Not open for further replies.
Top Bottom