lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030615121128.23849e26.vanja@pobox.com>
From: vanja at pobox.com (Vanja Hrustic)
Subject: Infobot-backdoor

On Sat, 14 Jun 2003 21:05:03 -0700
"morning_wood" <se_cur_ity@...mail.com> wrote:

> ------------------------------------------------------------------
>           - EXPL-A-2003-007 exploitlabs.com Advisory 007
> ------------------------------------------------------------------
>                                 -= infobot =-
> 
> Vunerability:
> ----------------
> 1. Remote Access

Remote access to what?

> by default there are two user names in infobot.users not commented out
> 
> quote from from the infobot.conf file...

It is infobot.users file, actually, as you mentioned earlier.

Quote from README, at the top of the file (can't miss it, if you know how
to read):

"You will need to update your infobot.config 
and infobot.users.  See the example files."

You *really* have to be stupid in order to install default config/users
file.

> it seems the authors have provided themselves with a nifty backdoor...
> or any one who can match these credentals in the user database
> infobot.users

This list seems to be overloaded with children between 13 and 15 years of
age.

Maybe we should have 2 lists instead of 1; full-discolure and
full-disclosure-diapers

What's your next advisory?

"./configure; make; make install" copies files to predictable location !?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ