Bootparamd Client for Linux

See this blog post for download link and installation instructions.

Rexd Client For Linux

Full details about “on”, the rexd client can be found on this blog post.

Rexd Client For Linux

I recently encountered the rexd service running on a host I was testing.  This is a really old-school UNIX service which you don’t see much on modern networks (in my experience at least).  It’s well know that it’s insecure: It basically lets you run any command on the host as any user you like with […]

Getting RSH on Linux to work like RSH on Solaris

If you’ve tried setting up rsh/rlogin based hacker challenges on Linux over the last few years you’ve probably noticed that Linux (I tried Redhat and Debian) doesn’t behave like Solaris.  This makes either for really bad hacker challenges, or for ones involving lots of Solaris boxes. I finally found the answer recently so thought I’d […]

Linux Local Privilege Escalation for x86_64

Wojciech Purczynski found an interesting vulnerability which allows non-priv users on Linux x86_64 systems to escalate privileges to root: user@linux64 /tmp $ uname -a Linux ws 2.6.22-gentoo-r5 #1 SMP Mon Sep 24 00:24:36 BST 2007 x86_64 Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz GenuineIntel GNU/Linux user@linux64 /tmp $ gcc -o 4460 4460.c user@linux64 /tmp $ […]