Unix Shell Scripting Malware

    Date27 Jul 2002
    3150
    Posted ByAnthony Pell
    Unix/Linux binary malware can be very dependent upon distribution flavour and kernel version. Furthermore, the use of binary files as a starting point for virus infection may not always be very successful - starting off with a coredump will result in a rapid failure.. . . Unix/Linux binary malware can be very dependent upon distribution flavour and kernel version. Furthermore, the use of binary files as a starting point for virus infection may not always be very successful - starting off with a coredump will result in a rapid failure.

    In the past we have seen worms (for example Linux/Adore) make use of a combination of ELF binary files and scripts. Usually scripts are independent of distribution flavour and kernel version, and most are likely to have few problems running on the target machine.

    For some worm packages, scripts act as the 'fire-starters' on the target PC. The scripts may execute directly, or may call other script files and binaries. Sometimes local files are replaced by compromised ones that are included in the worm package.

    So what are the possibilities in the Unix world for malicious code using scripting?

    You are not authorised to post comments.

    LinuxSecurity Poll

    In your opinion, what is the biggest advantage associated with choosing open-source software/technology?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote
    16
    radio
    [{"id":"61","title":"High levels of security","votes":"1","type":"x","order":"1","pct":16.67,"resources":[]},{"id":"62","title":"High levels of quality ","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"63","title":"Cost-effectiveness ","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"64","title":"Freedom and flexibility ","votes":"5","type":"x","order":"4","pct":83.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.