Full Disclosure mailing list archives
Re: Modifying SSH to Capture Login Credentials from Attackers
From: Gichuki John Chuksjonia <chuksjonia () gmail com>
Date: Wed, 30 Sep 2009 06:54:48 +0300
Thank you for this my.hndl. There are some issues i have been having and seems your methodology may work on Fedora and others OSs. Thankx ./Chuks On 9/30/09, maxigas <maxigas () anargeek net> wrote:
From: "bodik () civ zcu cz" <bodik () civ zcu cz> Subject: Re: [Full-disclosure] Modifying SSH to Capture Login Credentials from Attackers Date: Wed, 30 Sep 2009 00:03:51 +0200All standard users have read access to /var/log/auth, so if rootthey shouldn't, at least on my default debian they don't ...On my default Ubuntu, users in "adm" group have reac access to the authentication log file: me@machine: ls -l /var/log/auth.log -rw-r----- 1 syslog adm 46774 2009-09-30 01:10 /var/log/auth.log -- ×× maxigas // villanypásztor / kiberpunk / web shepherd // -= Important communication disclaimer: by replying to my emails you are disclaiming all your disclaimers. =- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer () inbox com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Modifying SSH to Capture Login Credentials from Attackers my.hndl (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kurth Bemis (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kos (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers my.hndl (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kurth Bemis (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers bodik () civ zcu cz (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers maxigas (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Gichuki John Chuksjonia (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers jfch (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers dramacrat (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kurth Bemis (Sep 29)