In order to demonstrate that the vulnerability discussed in my previous post is exploitable, I have built a live Debian CD. The first beta is available here:
kalmah-Beta-01-amd64.iso
This CD should be burned no faster than 8x and in DAO mode if possible.
The live CD will make no changes to any existing operating system(s) and is provided merely to demonstrate the level of risk certain Internet service providers have imposed upon their customers. The scripts provided with this live system are the most primitive form I can provide and still demonstrate the practical (rather than theoretical) nature of the vulnerability; the kalmah script as provided is not self-replicating, runs as a single instance, provides minimal logging, uses a flat text target list and is provided with an outdated list of I.P. addresses. All of these "flaws" can and will be easily rectified by those who would use this vulnerability for malicious purposes.
Update: 1/14/2012
I've tweaked my build system a bit (I've shifted from debootstrap to cdebootstrap) and now I'm able to produce multiple architectures.
For 32 bit users: http://www.it-huntsville.com/pub/kalmah-Beta-09-i386.iso
This version will run on just about any PC compatible hardware and does not run from RAM by default - performance has been slightly reduced to increase hardware compatibility drastically.
For 64 bit users: http://www.it-huntsville.com/pub/kalmah-Beta-09-amd64.iso
This is for more modern machines and will copy itself to RAM on boot - allowing for full utilization of memory resources over 4 gigabytes and providing a more responsive desktop experience.
Monday, January 9, 2012
Subscribe to:
Posts (Atom)