New Windows exploit: "Shatter"

russotto · 08-08-2002, 01:59 PM

Well, it's true that it's NOT an entirely new class of attack. It's somewhat similar to the old TIOCSTI/TIOCNOTTY (a.k.a ttydev) attack on UNIX, and related attacks against x-windows (ask a certain UMCP sysadmin about xhost -- I think his systems were rooted by every hacker at the place)

This one's even broader in scope, though -- those only gave you control of the running program. This gives you full access AS the running program.

08-08-2002, 01:59 PM	#21
russotto Professor Join Date: Jan 2001 Posts: 1,788	'Entirely new class' Well, it's true that it's NOT an entirely new class of attack. It's somewhat similar to the old TIOCSTI/TIOCNOTTY (a.k.a ttydev) attack on UNIX, and related attacks against x-windows (ask a certain UMCP sysadmin about xhost -- I think his systems were rooted by every hacker at the place) This one's even broader in scope, though -- those only gave you control of the running program. This gives you full access AS the running program.

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Switch to Hybrid Mode Threaded Mode

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)