Re: login -h

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Jonas Sandberg: "Re: Race conditions"
• Previous message: Walker Aumann: "Re: Race conditions"
• In reply to: Bonfield James: "login -h"

On Wed, 7 Dec 1994, Bonfield James wrote:
> ...
> Remember the "rlogin -l -froot" type bugs some time ago? At the time I
> mentioned that "-l -hhostname" could also be used to spoof hostnames in the
> wtmp files. This is still true. The reason I haven't posted again about this
> earlier is that we've been having a couple problems ourselves. Using the tcp
> wrapper helps things, but it's only just been installed (despite the fact that
> I've requested it numerous times).
>
> A typical spoof would be:
>
> rlogin targethost -l -htargethost
>
> Then type in the user and password. It'll then appear to last, who and
> probably finger, on targethost that the user has logged in from that system,
> not from remotely.
> ...

  	okay, 4.1.3_u1 works correct (read: "safe" ;-) in this case,
	but if talking about spoofing, why not to use the simple
	trick with C-shell: rsh hostname /bin/csh -bif

	it logs you in without tty, but also without any entries in
	[wu]tmp files..

		that's all..	--alex.

---

  Alexander L. Haiut		 	
  Ben-Gurion University of the Negev,
  Beer-Sheva, Israel
 ________________________________________
  e-mail : alx@cs.bgu.ac.il
  voice  : +972-7-461658

• Next message: Jonas Sandberg: "Re: Race conditions"
• Previous message: Walker Aumann: "Re: Race conditions"
• In reply to: Bonfield James: "login -h"