Vulnerability Development mailing list archives
Re: Kill the DOG and win 100 000 DM
From: John Herron <john.herron () RRC STATE TX US>
Date: Tue, 7 Nov 2000 08:37:07 -0600
Sort of interesting thing I found last night. Even though you can't ping the machine and if I try to load the machines webpage it will take a few minutes and usually fail (once and a while it will load) but if you telnet to the machine (23, 25, 80) it will connect no problem (even on 80.. which is what's strange). Ironically enough a few days before I heard about this contest I was also trying to find out what commands internet browsers use to load webpages. I didn't find that information unfortunatly, but am still curious if anyone knows these commands (if you telnet to a machine:80 you connect, but all the commands I've tried just result in a "501 Method Not Implemented" error. Also odd that no matter what I put in their machines port 80 it wouldn't ever talk back to me ::sniffle:: heh. But does anyone have a list of those commands to use on port 80? Also, just curious, but how did (forgot name) check the relaying rules?
James Cox <james () IMAJES CO UK> 11/06/00 03:52PM >>>i tried alot , but the connection always failed. even telnetting to port
80
didnt work. i have 2 (legal) shells very very close to the system, so i think you have to catch a lucky moment to get the / page. <joke> i could mirror the site if anyone send me an apropriate .tgz hehe </joke>
It seems as if the box is pretty ok right now. I have seen the two pages hosted there - no more info than hacking-contest.com...
port 25 and 23 ( try root/toor maybe it works haha ) work like a charm.
Hmm, I am not sure if I see what I should: SunOS 5.7 login: nobody Password: (nobody) Login incorrect login: root Password: (toor) Login incorrect I can keep going like this - it doesn't kick me off :)
only thing i could do was checking their relaying rules (relaying denied) and looking for some user accs: 550 www... User unknown 250 nobody... Recipient ok 250 root... Recipient ok 550 ftp... User unknown 250 nobody4... Recipient ok 250 uucp... Recipient ok [...] 550 admin... User unknown 550 administrator... User unknown 550 gast... User unknown 550 guest... User unknown 550 toor... User unknown 550 argus... User unknown 550 argusadmin... User unknown [...] 550 bla... User unknown 550 blabla... User unknown
I wonder if there is anymore info from that..
so i just sit and wait for some login info ...
Yup, don't we all. :) James Cox re.vulns () imajes co uk
Current thread:
- Re: Kill the DOG and win 100 000 DM, (continued)
- Re: Kill the DOG and win 100 000 DM Shawn Badolian (Nov 07)
- Re: Kill the DOG and win 100 000 DM Ken Pfeil (Nov 07)
- Re: Kill the DOG and win 100 000 DM John Herron (Nov 07)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM James Cox (Nov 07)
- Re: Kill the DOG and win 100 000 DM Fabio Pietrosanti (naif) (Nov 08)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM Ben Grubin (Nov 07)
- Re: Kill the DOG and win 100 000 DM Matthias Krawutschke (Nov 07)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 08)
- Fw: Re: Kill the DOG and win 100 000 DM Guilherme Mesquita (Nov 07)
- Re: Kill the DOG and win 100 000 DM John Herron (Nov 08)
- Re: Kill the DOG and win 100 000 DM Mark (Nov 08)
- Re: Kill the DOG and win 100 000 DM Robert Collins (Nov 08)
- Re: Kill the DOG and win 100 000 DM Scott Fagg (Nov 08)
- Re: Kill the DOG and win 100 000 DM Jon Larimer (Nov 09)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 09)
- Re: Kill the DOG and win 100 000 DM Michael Wojcik (Nov 09)
- Re: Kill the DOG and win 100 000 DM Sherrod, Andrew (Nov 09)
- Re: Kill the DOG and win 100 000 DM Ghory, Zeshan A (Nov 09)
- Re: Kill the DOG and win 100 000 DM Jeffrey W. Thompson (Nov 10)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 11)
(Thread continues...)