2 comments

[ 2.8 ms ] story [ 11.4 ms ] thread
Great story. As a developer-but-not-sysadmin, it's interesting to read how someone more knowledgeable does this sort of analysis and remediation.
"Let's execute command 382 to see what it does."

Oy. Not the best idea, generally speaking.

Edit: I used to read the localized paper version of http://xakep.ru/ several years ago, and practically every hacking story/tool roundup they had mentioned the annoying problem with ls --color, it was apparently present in almost every public rootkit at the time. It's kinda interesting to see that idiots still use outdated tools years later.