Entry 18720 (Berkeley CSUA MOTD)

Berkeley CSUA MOTD:Entry 18720
WIKI \| FAQ \| Tech FAQ
`http://csua.com/feed/`
2025/05/25 [General] UID:1000 Activity:popular
5/25
2000/7/19-20 [Computer/SW/OS/FreeBSD, Computer/SW/OS/OsX] UID:18720 Activity:very high
7/19    "Our only hope is to make an antivirus email that uses the hole to
        install the patch and then forwards itself off."
                --Fixing MS Outlook hole
                \_ man outlook
        \_ Somebody, please, get off your ass, code up an exploit, and have it
           install a real OS. Any real OS. Whichever one you like. Or at least
           put in some minimal bootstrapping mechanism that'll let the user
           pick an OS later. Once and for all get rid of all this M$ crap. I
           wish I could code x86 assembly, I'd do it myself...
                 \_ that's right folks, hurry and get your copy of
                    Mac OS X and a G4 to go along with it this winter
           \_ i can code x86 asembly.  please dfinge the problem better
              and i'll fuck shit up when i get time.
              \_ Using the recently-announced buffer overflow in Outlook
                 via the date field, create a self-replicating (via forward)
                 payload which causes the following behavior:
                 1) show, say, a "virus detected. stand by while we clean it
                    up"
                 2) start up a stealthified installer for some really-trimmed
                    distribution of linux or *bsd (don't know of any mini
                    ports for the latter); this has to be small and fast.
                 3) alter the boot record to boot into the new os by default,
                    perhaps letting the user change to windows from inside
                    the new os.
                 4) put up a lot of obviously-visible first links to
                    newbie docs, so that the user is motivated to try and
                    experiment
                 \_ dont forget to
                    2.0) check for at least 250 megs in free or "reclaimable"
                        disk space. This is the tricky bit.
                    \_ No. Use a compact linux distro; the lower end of
                       the range fits nicely within 4M or so. The rest of
                       the bloat can be bootstrapped later if the coder/victim
                       wants it. Maybe check for >=32M of memory so that
                       0 swap space won't become a fatal problem.
                \_ 5) Hire a good lawyer or prepare to join Kevin Mitnick
                      in computer exile.
                      \_ If you have the guts to not brag about it, ever,
                         this won't be a problem. Not that hard to cover all
                         tracks to a virus source; it's morons who leave
                         there name in the .doc headers that get busted (and
                         people like Mitnick who spend a lot of time doing
                         a lot of this; a singular incident is very difficult
                         to trace)
                         \_ But this is an e-mail virus, so the FBI just has
                            to check the carnivore logs for the first time they
                            saw it and track back from there.
                \_ 6) Start making "Free Me" web sites based on the "Free
                      Kevin" ones.
           \_ Formatting fixed. -motd formatting god-in-training