Penetration Testing mailing list archives
Re: [PEN-TEST] Linux
From: El Nahual <nahual () S0D SAL ITESM MX>
Date: Fri, 10 Nov 2000 07:47:21 -0900
Actually there is a method ... you can bruteforce directories when ya have no read permission to them or the parent, its a bug based on umask, the code SHOULD be up on www.s0d.org today or tomorrow tops, its basic and proof of concept (as usual) .... With that maybe you can get some nice files and then able to gain further access ..... I promise to get more tools in there but Am3ntiA our web main guy has ben sick (hope you get better) so he hasn't been able to put some stuff I already sent him there .. but I'll give him a call .... El Nahual On Thu, 9 Nov 2000, Adassovsky Michel wrote:
First of all, thanks to HD for considering me as an amateur ... I did not mentionned it in my first mail because it seemd obvious to me that the Redhat I am talking about is not a stock RedHat. Let me be more precise : Redhat 6.2 with patches Minimal services installation. No unecessary packages installed No Xfree nor X manager installed No unecessary users Shadow-MD5 passwords I have a user level-access. What i'd liked to know is if there is acvanced techniques (even agressives techniques) to gain root access. Before to send those mails to the list, I've tried the exploits recensed on : Security Focus Seuriteam PacketStorm And others .... Bye Michel __________________________________________________ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one Place. http://shopping.yahoo.com/
Current thread:
- [PEN-TEST] Linux Adassovsky Michel (Nov 08)
- Re: [PEN-TEST] Linux Michel Kaempf (Nov 08)
- <Possible follow-ups>
- Re: [PEN-TEST] Linux Dunker, Noah (Nov 08)
- Re: [PEN-TEST] Linux Riley Hassell (Nov 08)
- Re: [PEN-TEST] Linux Ben Ford (Nov 08)
- Re: [PEN-TEST] Linux Miller, William T DISC4/Sytex (Nov 09)
- Re: [PEN-TEST] Linux Michel Kaempf (Nov 09)
- Re: [PEN-TEST] Linux Adassovsky Michel (Nov 10)
- Re: [PEN-TEST] Linux El Nahual (Nov 11)
- Re: [PEN-TEST] Linux j a s o n (Nov 14)