On 1/30/2022 11:11 PM, David Crayford wrote:
See my other post for details and links to the exploit source code which
sets the ACEE bits.
Thanks, I did see your post and then mentioned the source code below
which I believe is what you are talking about. That's when talk of SVC
242 came up (and how it got there), and Itschak replied, "No user SVC
was involved, not needed." so I left that out of my hacking procedure.
Not that I'm trying to create a "how-to" document :) but unless we know
what happened it's a little difficult to defend.
https://github.com/mainframed/logica/blob/master/Tfy.source.backdoor
My feeling is the ASM program was never used for a few reasons:
#1 The web site indicates they probably ran it on Hercules for testing.
#2 The program contains some joke WTO's that any hacker would have
removed before running in production.
#3 It would need the magic SVC already in place and as you mentioned,
those should all be long gone by now.
Ok, I've probably asked enough about this, so I'll stop now.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
