Name: !L33tUKZj5I 2012-06-15 16:24
Remember when nc came with -DGAPING_SECURITY_HOLE enabled by default on ubuntu? Meant you could just get netcat to open itself on a port with the -e flag as /bin/sh and a shell was there.
This was obviously too insecure, as malicious scripts or unsuspecting users might run this command without fully understanding it. So the -e flag was removed from the nc binary in ubuntu.
Now, instead the only thing the user can do is get nc to listen then pipe it into a shell.
This is perfectly safe and not a security hole whatsoever, because if anyone connects to the port, although any commandes they type in will be run, they won't see them echo on their terminal. What possible damage could anyone do to a machine if they were allowed to execute commands on it without seeing the outcome?
TRUE LINUX SECURITY
Windows fags don't know the rigorous security testing that goes into linux to close subtle holes like these.
This was obviously too insecure, as malicious scripts or unsuspecting users might run this command without fully understanding it. So the -e flag was removed from the nc binary in ubuntu.
Now, instead the only thing the user can do is get nc to listen then pipe it into a shell.
nc -l 65535|/bin/shThis is perfectly safe and not a security hole whatsoever, because if anyone connects to the port, although any commandes they type in will be run, they won't see them echo on their terminal. What possible damage could anyone do to a machine if they were allowed to execute commands on it without seeing the outcome?
TRUE LINUX SECURITY
Windows fags don't know the rigorous security testing that goes into linux to close subtle holes like these.