LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-17-2014, 07:25 PM   #1
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 12,286

Rep: Reputation: 1029Reputation: 1029Reputation: 1029Reputation: 1029Reputation: 1029Reputation: 1029Reputation: 1029Reputation: 1029
mayhem for *nix


Cute, very cute - read it and weep.

https://www.virusbtn.com/virusbullet...b201407-Mayhem
 
Old 07-18-2014, 12:52 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,310
Blog Entries: 54

Rep: Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860
Quote:
Originally Posted by syg00 View Post
read it and weep.
Not really, no.

Same story as always: know what you run, harden, audit regularly.
 
Old 07-18-2014, 04:17 PM   #3
qlue
Member
 
Registered: Aug 2009
Location: Umzinto, South Africa
Distribution: Crunchbang
Posts: 613
Blog Entries: 1

Rep: Reputation: 140Reputation: 140
Well at least they call it "malware" and not a "virus."
I didn't understand more than ten percent of what's on that page but it doesn't seem to indicate a mode of propagation.

And to suggest that the lack of updating is specific to the *nix world is pure nonsense. I've never seen anything to suggest that Linux sys-admins are less likely to use auto-update features than Windows sys-admins.

PHP scripting seems like a pretty poor way to write malware. If you're going to write malware for Linux, wouldn't it make more sense to use Python which is installed by default in almost every distro? (I'm not really much of a programmer so maybe there's something I just don't understand here?)
 
Old 07-19-2014, 04:04 AM   #4
aus9
Guru
 
Registered: Oct 2003
Posts: 5,056

Rep: Reputation: Disabled
unSpawn

Thanks for your advice
 
Old 07-19-2014, 07:57 AM   #5
coralfang
Member
 
Registered: Nov 2010
Location: Bristol, UK
Distribution: Slackware, FreeBSD
Posts: 278

Rep: Reputation: 75
Quote:
Originally Posted by qlue View Post
PHP scripting seems like a pretty poor way to write malware. If you're going to write malware for Linux, wouldn't it make more sense to use Python which is installed by default in almost every distro? (I'm not really much of a programmer so maybe there's something I just don't understand here?)
I imagine it's down to the vast majority of website software using php, and it's convenient that most php software is public facing (wordpress, phpbb, etc). I may be wrong, but from what i gather it's looking for flaws in web software (php applications), again, convenient if the script is written in php also. Once the php script is uploaded/injected into another application, it will then try to elevate privileges by scanning for flaws in other software on the local machine (mostly local root exploits). That is the case with most malware scripts anyway.

There's more web software using php as the backend than there is python (generally). Of course, once you get a mallicious php script onto a linux box, as you say python is installed on almost all distros, it could easily contain payloads that are written in python.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iPAQ Synchronizing mayhem Vorik Linux - Laptop and Netbook 9 09-17-2006 04:55 PM
make config mayhem Larry O Mandriva 3 01-18-2005 10:45 PM
Sound mayhem laurentbon Slackware 11 10-22-2003 04:30 PM
Mouse mayhem richardharwood Linux - Hardware 9 05-11-2003 12:20 PM
monitor mayhem cshaigh Linux - Software 3 08-27-2001 03:19 PM


All times are GMT -5. The time now is 11:23 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration