☆ Yσɠƚԋσʂ ☆@lemmy.ml to Linux@lemmy.mlEnglish · 1 month agoNew Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentialsthehackernews.comexternal-linkmessage-square16fedilinkarrow-up165cross-posted to: linux@programming.dev
arrow-up165external-linkNew Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentialsthehackernews.com☆ Yσɠƚԋσʂ ☆@lemmy.ml to Linux@lemmy.mlEnglish · 1 month agomessage-square16fedilinkcross-posted to: linux@programming.dev
minus-squareblobjim [he/him]@hexbear.netlinkfedilinkEnglisharrow-up10·1 month agoHow is this a backdoor if it requires being able to install custom PAM modules???
minus-squareQuibblekrust@thelemmy.clublinkfedilinkEnglisharrow-up10·1 month agoFirst, you break into the house, then you install an invisible backdoor, and then you can come and go freely. It’s a “post-exploit” tool. It’s the persistent backdoor you install after you break in. It survives reboots, unlike most exploits.
minus-squareblobjim [he/him]@hexbear.netlinkfedilinkEnglisharrow-up1·1 month agoah I guess that’s exactly what a backdoor is. I read the headline and thought security vulnerability or privilege escalation.
How is this a backdoor if it requires being able to install custom PAM modules???
First, you break into the house, then you install an invisible backdoor, and then you can come and go freely.
It’s a “post-exploit” tool. It’s the persistent backdoor you install after you break in. It survives reboots, unlike most exploits.
ah I guess that’s exactly what a backdoor is. I read the headline and thought security vulnerability or privilege escalation.