possibility, that your ssh connection is being MITMed. If
> key reported by your ssh client is different than key reported by this
> website, then you shouldn't bother server admin with it, as the issue is in
> your network.
>
>
> --
> Ćukasz Biegaj
>
--
Jamie
conceivably provide privilege
escalation routes for medium privilege users. Depends on what you're
doing and how much you trust your users.
cheers,
Jamie
--
Jamie Riden / ja...@honeynet.org / jamie.ri...@gmail.com
http://uk.linkedin.com/in/jamieriden
us about who owned the bug, as it were.
It's not an uninteresting issue, but let's follow process a bit better
next please? Better for everyone involved.
cheers,
Jamie
--
Jamie Riden / ja...@honeynet.org / jamie.ri...@gmail.com
http://uk.linkedin.com/in/jamieriden
ode" the reality is, no one
> is going to outright replace some of these systems in these
> environments. These are not applications and or systems one can plop
> onto donated boxes. They have no choice BUT to run the code.
--
Jamie Riden / ja...@honeynet.org / jamie.ri...@gmail.com
http://uk.linkedin.com/in/jamieriden
cated at first glance, but it's just compressed
- only takes a couple of minutes to turn it into readable source.
(Just need to change ";eval($t) ?>" at the end to ";echo($t) ?>" and
run it from the CLI. Then add line breaks and formatting as required.)
cheers,
Jamie
27;root cause', or the Aussie sense of
rooted, as in 'f**ed' :)
cheers,
Jamie
--
Jamie Riden / [EMAIL PROTECTED] / [EMAIL PROTECTED]
UK Honeynet Project: http://www.ukhoneynet.org/
soning by an
attacker."
I don't think that Amit's attack has been described before.
cheers,
Jamie
--
Jamie Riden / [EMAIL PROTECTED] / [EMAIL PROTECTED]
UK Honeynet Project: http://www.ukhoneynet.org/
GHH
Hi there,
GHH is a honeypot, not a portal, and it is meant to expose this
information. The file passwd.txt is actually a PHP script which
generates a random password.
http://ghh.sourceforge.net/introduction.php describes briefly how GHH works.
cheers,
Jamie
--
Jamie Riden, CISSP / [EMAIL
are people who will try
anything to secure their networks, except design them correctly,
control the access levels within them, segment their networks,
understand their traffic, and monitor things closely." - Marcus Ranum.
Securing a network is not a black art any more, it just requires a lot
of corporate willpower to implement a useful security policy.
cheers,
Jamie
--
Jamie Riden, CISSP / [EMAIL PROTECTED] / [EMAIL PROTECTED]
UK Honeynet Project: http://www.ukhoneynet.org/
tter
is trivial to forge and has been routinely forged pretty much forever.
If Received headers show that mail has been relayed from within your
organisation, then you have a serious problem, and it's better to
learn of it by checking for outgoing spam than when someone notices
something worse s
PS. I can't see where it checks if the file is a GIF, but it's not
hard to fool some programs, and I don't like the idea of guessing file
types based on contents. It's not safe.
== foo.php ==
GIF89a!^@"^@
===
$ file foo.php
foo.php: GIF image data, version 89a, 33
pdate.symantec.com - or your local equivalent - can prove
interesting.
If it was a feature, I'd expect there to be ways to add to the list of
pass-through domains, or ways to disable it.
cheers,
Jamie
--
Jamie Riden / [EMAIL PROTECTED] / [EMAIL PROTECTED]
"Microsoft: Bringing the wor
Confirmed on XP SP2, latest greatest, etc.
"Unhandled exception at 0x7dcfa61d in iexplore.exe: 0xC005: Access
violation writing location 0x002911d8."
I had to shut all (Windows) explorer and Internet Explorer windows first though.
cheers,
Jamie
On 17/03/06, Michal Zalewski <[EMAIL PROTECTE
but doesn't any
longer. I don't whether that's a 'vulnerability', 'disadvantage' or
'feature' of PHP and other scripting languages.
cheers,
Jamie
--
Jamie Riden / [EMAIL PROTECTED] / [EMAIL PROTECTED]
On 21/02/06, Gadi Evron <[EMAIL PROTECTED]> wrote:
>
> Indeed, it has become an annoying trend everybody talks about but nobody
> writes about. Trojan horses, worms, etc. exploiting PHP bugs. Either
> vulnerabilities in know applications such as WordPress, PHPBB, Drupal,
> etc. or actually trying d
15 matches
Mail list logo
