lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Jul 20 08:53:20 2005
From: joxeankoret at gmail.com (Joxean Koret)
Subject: thctest

This is also phrack.org box (and teso and hert etc etc...), seems some
articles for the next phrack release, have been stolen:


regards

On 7/20/05, netsniper <netsniper@...l.ru> wrote:
> I had some fun with The Hacker's Choice website and thought some of you
> may want to learn from their lack of proper security.  THC.org hosts project
> files, source code, and many other things.  It also includes pictures of
> members and CCC friends, some that seem to request anonymity from public.
> 
> Anyways, here are segfault's passwd and hosts files.  I'll leave it up to you
> to determine if they are legit.  I have no idea...
> 
> passwd:
> root:x:0:0:root:/root:/bin/bash
> daemon:x:1:1:daemon:/usr/sbin:/dev/null
> bin:x:2:2:bin:/bin:/dev/null
> sys:x:3:3:sys:/dev:/dev/null
> sync:x:4:100:sync:/bin:/bin/sync
> games:x:5:100:games:/usr/games:/dev/null
> man:x:6:100:man:/var/cache/man:/dev/null
> lp:x:7:7:lp:/var/spool/lpd:/dev/null
> mail:x:8:8:mail:/var/spool/mail:/dev/null
> news:x:9:9:news:/var/spool/news:/dev/null
> uucp:x:10:10:uucp:/var/spool/uucp:/dev/null
> proxy:x:13:13:proxy:/bin:/dev/null
> alias:x:14:12::/var/qmail/alias:/bin/true
> qmaild:x:15:12::/var/qmail:/bin/true
> qmaill:x:16:12::/var/qmail:/bin/true
> qmailp:x:17:12::/var/qmail:/bin/true
> qmailq:x:18:11::/var/qmail:/bin/true
> qmailr:x:19:11::/var/qmail:/bin/true
> qmails:x:20:11::/var/qmail:/bin/true
> lists:x:30:30::/home/crew/lists:/bin/bash
> postgres:x:31:32:postgres:/usr/local/pgsql:/dev/null
> www-data:x:33:33:www-data:/var/www:/bin/sh
> sshd:x:34:34:sshd:/var/empty:/dev/null
> mysqladm:x:36:36:database:/home/nobody:/dev/null
> ircd:x:39:39:ircd:/home/nobody:/dev/null
> phrackwww:x:40:40:phrackwww:/dev/null:/dev/null
> dnslog:x:62:62:dnslog:/home/nobody:/dev/null
> tinydnszone:x:63:63:tunydnszone:/etc/tinydns:/bin/chroot_bash
> tinydnsaxfr:x:64:64:tinydnsaxfr:/etc/djbdns:/bin/chroot_bash
> who:x:74:74:who:/home/nobody:/dev/null
> named:x:76:76:named:/dev/null:/dev/null
> lastword:x:77:77:lastword:/home/nobody:/dev/null
> tinydns:x:78:78:tinydns:/nonexistend:/dev/null
> namedop:x:89:89:named operator:/home/someone:/bin/bash
> crewuser:x:101:101:crew:/home/nobody:/dev/null
> cvs:x:85:85:cvs:/home/cvs:/dev/null
> ircs:x:86:86:ircs:/dev/null:/dev/null
> dnscache:x:90:90:dnscache:/nonexistend:/dev/null
> nobody:x:65534:65534:nobody:/home/nobody:/bin/sh
> pauthor:x:500:11:author.phrack.org:/var/qmail/alias/author.phrack.org:/nonexistend
> phrack:x:501:11:phrack.org:/var/qmail/alias/phrack.org:/nonexistend
> thccvs:x:800:800:thc,,,:/home/noshell/thccvs:/bin/chroot_cvssh
> vhcvs:x:801:800:van Hausercvs,,,:/home/noshell/vhcvs:/bin/chroot_cvssh
> tickcvs:x:802:800:tickcvs,,,:/home/noshell/tickcvs:/bin/chroot_cvssh
> dhcvs:x:803:800:doc holidaycvs,,,:/home/noshell/dhcvs:/bin/chroot_cvssh
> phrackcvs:x:804:804:phrackcvs:/home/noshell/phrackcvs:/bin/chroot_cvssh
> tesocvs:x:850:850:tesocvs,,,:/home/noshell/tesocvs:/bin/chroot_cvssh
> hertcvs:x:851:851:hertcvs:/home/noshell/hertcvs:/bin/chroot_cvssh
> tesocron:x:900:850:tesocron,,,:/home/nobody:/bin/sh
> thcadmin:x:901:901:THC Admin:/home/thc/thcadmin:/bin/bash
> thcdb:x:902:902:THC DB:/home/thc/thcdb:/bin/bash
> skyper:x:1000:1000:skyper,,,:/home/crew/skyper:/bin/bash
> gamma:x:1001:1001:gamma,,,:/home/crew/gamma:/bin/bash
> vax:x:1002:1002:vax,,,:/home/vax:/bin/bash
> muskrat:x:1005:1005:muskrat,,,:/home/crew/muskrat:/bin/bash
> rpunk:x:1006:1006:rpunk,,,:/home/rpunk:/bin/bash
> oxigen:x:1007:1007:oxigen,,,:/home/oxigen:/bin/bash
> andi:x:1009:1009:andi,,,:/home/andi:/bin/bash
> rm:x:1010:1010:Richard Miller,,,:/home/rm:/bin/bash
> helferlein:x:1013:1013:helferlein,,,:/home/chrooted/helferlein:/bin/chroot_bash
> typo:x:1014:1014:typo,,,:/home/typo:/bin/bash
> plasmoid:x:1016:1016:plasmoid,,,:/home/thc/plasmoid:/bin/bash
> pimmel:x:1016:11:pimmel.com:/var/qmail/alias/pimmel.com:/nonexistend
> wilkins:x:1018:1018:wilkins,,,:/home/thc/wilkins:/bin/bash
> thcwww:x:1020:1020:thcwww,,,:/home/thc/thcwww:/bin/bash
> stealth:x:1021:1021:stealth,,,:/home/stealth:/bin/bash
> hendy:x:1022:1022:hendy,,,:/home/hendy:/bin/bash
> jobe:x:1023:1023:jobe,,,:/home/jobe:/bin/bash
> caddis:x:1024:1024:caddis,,,:/home/caddis:/bin/bash
> mgma:x:1004:1004:gamma,,,:/home/mgma:/bin/bash
> scut:x:1025:1025:scut,,,:/home/scut:/bin/bash
> palmers:x:1026:1026:palmers,,,:/home/palmers:/bin/bash
> owen:x:1027:1027:owen,,,:/home/owen:/bin/bash
> lorian:x:1011:1011:lorian,,,:/home/lorian:/bin/bash
> paul:x:1029:1029:paul,,,:/home/paul:/bin/bash
> edi:x:1030:1030:edi,,,:/home/edi:/bin/bash
> zip:x:1031:1031:zip,,,:/home/zip:/bin/bash
> thok:x:1032:1032:thok,,,:/home/thok:/bin/bash
> tmogg:x:1034:1034:tmogg,,,:/home/tmogg:/bin/bash
> duke:x:1036:1036::/home/duke:/bin/bash
> gaius:x:1037:1037:gaius,,,:/home/gaius:/bin/bash
> ultor:x:1038:1038::/home/ultor:/bin/bash
> grugq:x:1039:1039::/home/grugq:/bin/bash
> rd:x:1040:1040::/home/thc/rd:/bin/bash
> random:x:1041:1041:random,,,:/home/random:/bin/bash
> jc:x:1042:1042:jc,,,:/home/jc:/bin/bash
> mayhem:x:1043:1043:,,,:/home/mayhem:/bin/bash
> bbp:x:1044:1044:,,,:/home/bbp:/bin/bash
> dvorak:x:1045:1045:,,,:/home/dvorak:/bin/bash
> disque:x:1046:1046:,,,:/home/disque:/bin/bash
> whyking:x:1047:1047:,,,:/home/thc/whyking:/bin/bash
> vh:x:1049:1049:,,,:/home/thc/vh:/bin/bash
> nil:x:1050:1050:,,,:/home/thc/nil:/bin/bash
> 
> hosts:
> 127.0.0.1       localhost
> 213.131.229.154     segfault
> 10.1.1.1        wu.sec wu
> 62.67.59.35     www.thc.org
> 
> I also ripped some nice stuff from the site, rarred it up, and posted it on
> alt.binaries.warez.quebec-hackers if you take a look.  Nothing special, but
> just for fun :-)  This hack was pretty lame, seriously...read the nfo
> 
> netsniper
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: p63_Exploiting non_classical	format_string_vulnerability.txt
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050720/ea94ec25/p63_Exploitingnon_classicalformat_string_vulnerability-0001.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ