Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkit Packaged for Debian

Posted by CmdrTaco on from the simplifying-the-0wnzing-process dept.

Erich writes "Debian Developer Simon Richter announced in this posting to debian-devel that he Intends to Package (ITP) a R00tk1t for Debian Linux. The rootkit will make use of debian mechanisms such as diversions to divert the original /bin/ls commands and replace them cleanly by the modified versions. Even reinstalling or upgrading the file-utils package (containing /bin/ls) will then not remove the modified /bin/ls and the rootkit will stay active, being probably the first upgrade-resistant rootkit! This rootkit will then be easy to install by doing "apt-get install rootkit" - a major useability aspect for our fellow wannabe-hackers, making Debian the premier choice for them."

18 of 125 comments (clear)

  1. afp? by NoInfo · · Score: 4, Informative

    April First Post. ;)

    --
    bug.gd: error search engine. Humanity working together to solve all errors.
  2. D00D! by Em+Emalb · · Score: 4, Funny

    D00d, this is so c00l. I heard aboot this on alt.pigeon-fisting. It's the real deal. Hard to uninstall though.

    --
    Sent from your iPad.
    1. Re:D00D! by fabiolrs · · Score: 3, Funny

      Pigeon Fisting? :)))

      God damn slashdot april fool news affected our minds! :)))

      --
      Fabio - Sumare/Sao Paulo/Brazil/South America/Earth/Solar System/Milky Way/Universe
      http://www.morroida.com.br
  3. C'mon everybody, sing along! by Geekboy(Wizard) · · Score: 4, Funny

    Sell out! With me oh, yea! Sell out! With me tonight. The record company is gonna give me lots of money and everything will be alright!

    Apologies to Reel Big Fish

  4. About time. by RavenDarkholme · · Score: 5, Funny

    It's about time. As usual, Debian shows the great leadership that we have all come to expect from the project. The addition of a r00tk1t is yet another brilliant aid to remote administration, and well worth waiting for. RedHat and other so-called "commercial" distributions will, one can only hope, wake up soon and attempt to emulate Debian's ground-breaking innovation in this area, in order to gain market share in the vastly untapped script kiddie market.

    I also understand that Debian will be adopting a new motto for the project: "Relax: we understand j00".

  5. MS Even Getting Into It... by bahtama · · Score: 5, Funny
    Well, you have to give Microsoft credit, even they have a sense of humor today! They have an April Fools webpage up at: http://www.microsoft.com/security/
    Just look at all those jokes, almost every link!

    ;)

    --

    =-=-=-=-=-=-=-=-=
    Oh bother.

  6. Linux only, though by YU+Nicks+NE+Way · · Score: 3, Funny

    How come there's no Windows version of this? I demand a Windows port of this feature! It just shows you how strong a monopoly Linux has among the skript k1dd13z, that this was released without ANY Windows support!

  7. Who needs Debian? by Helevius · · Score: 3, Funny

    I'm waiting for the BSD version:

    cd /usr/ports/security/rootkit

    make && make install

  8. finally! by w4r3z_d00d · · Score: 4, Funny

    finally a linux company is taking a step in the right direction to offer the kind of quality and service that millions have enjoyed with windows.

  9. Re:april by ChazeFroy · · Score: 4, Insightful

    This is almost as bad as the isonews.com story about warez being declared as legal. A little tact, ala The Onion circa 1998, would help immensely with these posts, guys.

  10. MS already did this... by HeavensTrash · · Score: 5, Funny

    Duh, just another example of Linux trying to copy Windows. Microsoft released this a long time ago, only it was called IIS.

  11. Offtopic but funnier than this crap by Commienst · · Score: 3, Informative

    You should check out the Open Directory Project they have a nice April Fool's joke waiting for you.

    "Monopolies do it better."

    --

    I am into the copy and paste.
  12. Almost up to par with Microsoft by wizman · · Score: 3, Funny

    Microsoft products have had this form of remote administration available in various forms for many years. I for one am glad that a Linux distribution is finally striving to achieve the same robust remote management facilities that have always been a major selling point for the NT platform.

  13. Re:This may be great and all... by coyote-san · · Score: 3, Interesting

    Or compromise the servers where you get your .debs.

    Remember, a lot of people have cron jobs that update their system. It's intended to ensure security patches are applied soon after they're made available, but for practical reasons some sites use local repositories that might not have the same level of security.

    Compromise that, and every other system that updates against it also compromised.

    Obviously nobody would have installed (and be updating) a package called "rootkit," but the scripts could be piggybacked on any security update.

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  14. Woody Is Released! by MBCook · · Score: 5, Funny

    That would have made a MUCH better April Fool's Post.

    --
    Comment forecast: Bits of genius surrounded by a sea of mediocrity.
  15. cr4ckerZ choice by octogen · · Score: 3, Funny

    Two hours ago, RedHat has finished development of the b0mbk1t tool.

    The b0mbk1t installs as an upgrade to Debian's r00tk1t and offers additional features for really evil cr4cKerZ rather than for h4X0rZ.

    It can be installed by running the following install-script:

    #!/bin/sh
    echo "Installing RedHat b0mbk1t... \c"
    chmod u+s /bin/rm
    ln -s /bin/rm /bin/ls
    echo "done."

  16. If /. ran on Debian by r_j_prahad · · Score: 4, Funny

    # apt-get humor
    connection refused
    #

  17. Re:I HATE April Fool's Day by The+Ape+With+No+Name · · Score: 3, Funny

    It's a holiday dedicated to increasing the entropy of people's minds - just what I spend my whole life fighting.

    Really? What color is your cape? Teal?

    --
    Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.