Full Disclosure mailing list archives
Re: Re : Automated ssh scanning
From: Richard Verwayen <holle () ackw de>
Date: Thu, 26 Aug 2004 09:12:59 +0200
On Thu, 2004-08-26 at 01:04, Stephen Jimson wrote:
A few weeks ago there was a discussion about automated ssh scanning with user/password combinations like guest/guest or admin/admin. I set up a debian woody fully patched with both accounts activated, and got rooted some days later...look if your user/password are not listed in this page : SSH Remote Root password Brute Force Cracker Utility http://www.k-otik.com/exploits/08202004.brutessh2.c.p hp cheers
Hello Stephen! Good hint, but my root password isn*t listed there (you may consider it to be save!), but there were two known unprivileged user/password-combinations on this box. As far as I could investigate, the attacker used a guest account to get shell access, and then used a local exploit. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re : Automated ssh scanning Stephen Jimson (Aug 25)
- Re: Re : Automated ssh scanning Richard Verwayen (Aug 26)