Full Disclosure mailing list archives
Re: New RFID Mailing List Owner 0day
From: "Jeffrey Denton" <dentonj () gmail com>
Date: Sat, 29 Sep 2007 20:01:39 +0200
Your script assumes a few things that are not part of a default Slackware install. # This script was created for use on Slackware!
exit 5
What is the purpose of the exit status code of 5? Yes, any non-zero number indicates an error. Common exit codes are 0 (succeeded), 1 (or any non-zero number, failure), 126 (command found but not executable), 127 (command not found), and 128+N (fatal error where N is the SIGNAL that caused the exit). An exit status of 5 works, just curious as to its purpose.
chown root.staff ping
"staff" is not a default group in Slackware. Your script assumes that it has already been created.
chmod 500 ttysnoop
"ttysnoop" is not installed by Slackware.
chmod 600 inetd.conf
It would also be a good idea to remove the execute permissions from /etc/rc.d/rc.inetd and any other service in /etc/rc.d that isn't needed. Restricting the read permissions of the contents of that directory is also a good idea.
cp /root/slack/syslog.conf /etc
The file, "/root/slack/syslog.conf" does not exist by default in Slackware.
# Tighten up the log file perms now cd /var/log chmod 600 syslog log.auth log.cron log.daemon log.kern log.mail log.mark log.syslog chmod 600 log.user messages ftp.log secure.log chown root.wheel syslog log.auth log.cron log.daemon log.kern log.mail log.mark log.syslog chown root.wheel log.user messages ftp.log secure.log
Most of these files do not exist by default. I'll assume that they are the product of your custom syslog.conf.
echo "MAKE SURE YOU ADD USERS THAT YOU WANT TO BE ABLE TO SU TO ROOT" echo "TO THE ROOT AND WHEEL GROUPS OR THEY WON'T BE ABLE TO!!!!!!."
There is nothing in a default Slackware install that will restrict the use of the "su" command. Slackware does not use PAM. The "/etc/suauth" file does not exist by default. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- New RFID Mailing List Owner 0day full-disclosure (Sep 28)
- Re: New RFID Mailing List Owner 0day nocfed (Sep 28)
- Re: New RFID Mailing List Owner 0day Jeffrey Denton (Sep 29)