Gentoo Linux -- List Archive: gentoo-security

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647

List Archive: gentoo-security

Navigation:

Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >

Headers:

To:	gentoo-security@g.o
From:	Alex Schultz <aschultz@...>
Subject:	Re: [Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]
Date:	Thu, 29 Jul 2004 15:29:23 -0700

I'm not 100% sure, but after a quick look it appears that sshf opens up 
the uniq.txt and then procedes to connect to every ip using test:test or 
guest:guest.  It then dumps out which of those accounts:ip worked to 
vuln.txt.  Then a person can just go through the vuln.txt and ssh and 
perform whatever rooting they so choose.

I wonder what the "ss" program does.  It's got libpcap compiled into it 
so maybe it's some sort of sniffer and/or ip generator (creates bios.txt?).

Br0mGreV wrote:

> Hi,
>
> Does anyone started to reverse-ingineer that damn soft 'sshf'? I'm 
> sure we can learn some information about the exploit, if we
> look at this file.
> I'll start that tommorow. Hope to give you some informations from that 
> soon.
>
> GD
>
> -- 
> gentoo-security@g.o mailing list
>
>

--
gentoo-security@g.o mailing list

Replies:

Re: [Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]
-- Br0mGreV

Re: [Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]
-- Dan Margolis

Re: [Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]
-- Alex Schultz

References:

[Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]
-- Dan Margolis

Re: [Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]
-- Br0mGreV

Navigation:

Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >

Previous by thread:

Re: [Fwd: [Full-Disclosure] Re: Automated SSH login attempts?]

Next by thread: