Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rcj
From: rcj@clyde.UUCP
Newsgroups: comp.misc
Subject: Re: Trojan Horse a Myth?
Message-ID: <18010@clyde.ATT.COM>
Date: Sun, 6-Dec-87 14:27:53 EST
Article-I.D.: clyde.18010
Posted: Sun Dec  6 14:27:53 1987
Date-Received: Sat, 12-Dec-87 03:40:38 EST
References: <459@gtx.com> <4810@spool.wisc.edu>
Sender: nuucp@clyde.ATT.COM
Reply-To: rcj@moss.UUCP (Curtis Jackson)
Organization: AT&T Bell Laboratories, Whippany NJ
Lines: 23

In article <4810@spool.wisc.edu> dave@spool.wisc.edu (Dave Cohrs) writes:
}> Can anyone relate a
}> first-hand account of damage done to his/her system by a malicious
}> Trojan Horse?

Sure.  If I wanted to get into someone's files to pull a prank, I would
write a program to give me a shell, put it in an unprotected directory,
and change ownership to the person whose files I wanted to get into.

Then I would send them mail that had embedded in it commands to enter
the necessary command to make my program setuid into the memory of their
HP terminal and then send the entered sequence to Unix.  Most of the time
it wasn't even noticed if it was buried properly.  Now all I had to do
was run the setuid program and I was them.

I was never malicious, but it was fun to do things like cpio all a person's
files to a safe place and then put a clear screen command followed by an
"rm -rf *" in their .profile and watch the fireworks...

The MAD Programmer -- 201-386-6409 (Cornet 232)
			      ^^^^ new extension
alias: Curtis Jackson	...![ ihnp4 ulysses cbosgd allegra ]!moss!rcj
			...![ ihnp4 cbosgd akgua watmath  ]!clyde!rcj