| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed Jul 20 08:56:54 2005 From: joxeankoret at gmail.com (Joxean Koret) Subject: thctest Sorry i forgot another one On 7/20/05, Joxean Koret <joxeankoret@...il.com> wrote: > This is also phrack.org box (and teso and hert etc etc...), seems some > articles for the next phrack release, have been stolen: > > > regards > > On 7/20/05, netsniper <netsniper@...l.ru> wrote: > > I had some fun with The Hacker's Choice website and thought some of you > > may want to learn from their lack of proper security. THC.org hosts project > > files, source code, and many other things. It also includes pictures of > > members and CCC friends, some that seem to request anonymity from public. > > > > Anyways, here are segfault's passwd and hosts files. I'll leave it up to you > > to determine if they are legit. I have no idea... > > > > passwd: > > root:x:0:0:root:/root:/bin/bash > > daemon:x:1:1:daemon:/usr/sbin:/dev/null > > bin:x:2:2:bin:/bin:/dev/null > > sys:x:3:3:sys:/dev:/dev/null > > sync:x:4:100:sync:/bin:/bin/sync > > games:x:5:100:games:/usr/games:/dev/null > > man:x:6:100:man:/var/cache/man:/dev/null > > lp:x:7:7:lp:/var/spool/lpd:/dev/null > > mail:x:8:8:mail:/var/spool/mail:/dev/null > > news:x:9:9:news:/var/spool/news:/dev/null > > uucp:x:10:10:uucp:/var/spool/uucp:/dev/null > > proxy:x:13:13:proxy:/bin:/dev/null > > alias:x:14:12::/var/qmail/alias:/bin/true > > qmaild:x:15:12::/var/qmail:/bin/true > > qmaill:x:16:12::/var/qmail:/bin/true > > qmailp:x:17:12::/var/qmail:/bin/true > > qmailq:x:18:11::/var/qmail:/bin/true > > qmailr:x:19:11::/var/qmail:/bin/true > > qmails:x:20:11::/var/qmail:/bin/true > > lists:x:30:30::/home/crew/lists:/bin/bash > > postgres:x:31:32:postgres:/usr/local/pgsql:/dev/null > > www-data:x:33:33:www-data:/var/www:/bin/sh > > sshd:x:34:34:sshd:/var/empty:/dev/null > > mysqladm:x:36:36:database:/home/nobody:/dev/null > > ircd:x:39:39:ircd:/home/nobody:/dev/null > > phrackwww:x:40:40:phrackwww:/dev/null:/dev/null > > dnslog:x:62:62:dnslog:/home/nobody:/dev/null > > tinydnszone:x:63:63:tunydnszone:/etc/tinydns:/bin/chroot_bash > > tinydnsaxfr:x:64:64:tinydnsaxfr:/etc/djbdns:/bin/chroot_bash > > who:x:74:74:who:/home/nobody:/dev/null > > named:x:76:76:named:/dev/null:/dev/null > > lastword:x:77:77:lastword:/home/nobody:/dev/null > > tinydns:x:78:78:tinydns:/nonexistend:/dev/null > > namedop:x:89:89:named operator:/home/someone:/bin/bash > > crewuser:x:101:101:crew:/home/nobody:/dev/null > > cvs:x:85:85:cvs:/home/cvs:/dev/null > > ircs:x:86:86:ircs:/dev/null:/dev/null > > dnscache:x:90:90:dnscache:/nonexistend:/dev/null > > nobody:x:65534:65534:nobody:/home/nobody:/bin/sh > > pauthor:x:500:11:author.phrack.org:/var/qmail/alias/author.phrack.org:/nonexistend > > phrack:x:501:11:phrack.org:/var/qmail/alias/phrack.org:/nonexistend > > thccvs:x:800:800:thc,,,:/home/noshell/thccvs:/bin/chroot_cvssh > > vhcvs:x:801:800:van Hausercvs,,,:/home/noshell/vhcvs:/bin/chroot_cvssh > > tickcvs:x:802:800:tickcvs,,,:/home/noshell/tickcvs:/bin/chroot_cvssh > > dhcvs:x:803:800:doc holidaycvs,,,:/home/noshell/dhcvs:/bin/chroot_cvssh > > phrackcvs:x:804:804:phrackcvs:/home/noshell/phrackcvs:/bin/chroot_cvssh > > tesocvs:x:850:850:tesocvs,,,:/home/noshell/tesocvs:/bin/chroot_cvssh > > hertcvs:x:851:851:hertcvs:/home/noshell/hertcvs:/bin/chroot_cvssh > > tesocron:x:900:850:tesocron,,,:/home/nobody:/bin/sh > > thcadmin:x:901:901:THC Admin:/home/thc/thcadmin:/bin/bash > > thcdb:x:902:902:THC DB:/home/thc/thcdb:/bin/bash > > skyper:x:1000:1000:skyper,,,:/home/crew/skyper:/bin/bash > > gamma:x:1001:1001:gamma,,,:/home/crew/gamma:/bin/bash > > vax:x:1002:1002:vax,,,:/home/vax:/bin/bash > > muskrat:x:1005:1005:muskrat,,,:/home/crew/muskrat:/bin/bash > > rpunk:x:1006:1006:rpunk,,,:/home/rpunk:/bin/bash > > oxigen:x:1007:1007:oxigen,,,:/home/oxigen:/bin/bash > > andi:x:1009:1009:andi,,,:/home/andi:/bin/bash > > rm:x:1010:1010:Richard Miller,,,:/home/rm:/bin/bash > > helferlein:x:1013:1013:helferlein,,,:/home/chrooted/helferlein:/bin/chroot_bash > > typo:x:1014:1014:typo,,,:/home/typo:/bin/bash > > plasmoid:x:1016:1016:plasmoid,,,:/home/thc/plasmoid:/bin/bash > > pimmel:x:1016:11:pimmel.com:/var/qmail/alias/pimmel.com:/nonexistend > > wilkins:x:1018:1018:wilkins,,,:/home/thc/wilkins:/bin/bash > > thcwww:x:1020:1020:thcwww,,,:/home/thc/thcwww:/bin/bash > > stealth:x:1021:1021:stealth,,,:/home/stealth:/bin/bash > > hendy:x:1022:1022:hendy,,,:/home/hendy:/bin/bash > > jobe:x:1023:1023:jobe,,,:/home/jobe:/bin/bash > > caddis:x:1024:1024:caddis,,,:/home/caddis:/bin/bash > > mgma:x:1004:1004:gamma,,,:/home/mgma:/bin/bash > > scut:x:1025:1025:scut,,,:/home/scut:/bin/bash > > palmers:x:1026:1026:palmers,,,:/home/palmers:/bin/bash > > owen:x:1027:1027:owen,,,:/home/owen:/bin/bash > > lorian:x:1011:1011:lorian,,,:/home/lorian:/bin/bash > > paul:x:1029:1029:paul,,,:/home/paul:/bin/bash > > edi:x:1030:1030:edi,,,:/home/edi:/bin/bash > > zip:x:1031:1031:zip,,,:/home/zip:/bin/bash > > thok:x:1032:1032:thok,,,:/home/thok:/bin/bash > > tmogg:x:1034:1034:tmogg,,,:/home/tmogg:/bin/bash > > duke:x:1036:1036::/home/duke:/bin/bash > > gaius:x:1037:1037:gaius,,,:/home/gaius:/bin/bash > > ultor:x:1038:1038::/home/ultor:/bin/bash > > grugq:x:1039:1039::/home/grugq:/bin/bash > > rd:x:1040:1040::/home/thc/rd:/bin/bash > > random:x:1041:1041:random,,,:/home/random:/bin/bash > > jc:x:1042:1042:jc,,,:/home/jc:/bin/bash > > mayhem:x:1043:1043:,,,:/home/mayhem:/bin/bash > > bbp:x:1044:1044:,,,:/home/bbp:/bin/bash > > dvorak:x:1045:1045:,,,:/home/dvorak:/bin/bash > > disque:x:1046:1046:,,,:/home/disque:/bin/bash > > whyking:x:1047:1047:,,,:/home/thc/whyking:/bin/bash > > vh:x:1049:1049:,,,:/home/thc/vh:/bin/bash > > nil:x:1050:1050:,,,:/home/thc/nil:/bin/bash > > > > hosts: > > 127.0.0.1 localhost > > 213.131.229.154 segfault > > 10.1.1.1 wu.sec wu > > 62.67.59.35 www.thc.org > > > > I also ripped some nice stuff from the site, rarred it up, and posted it on > > alt.binaries.warez.quebec-hackers if you take a look. Nothing special, but > > just for fun :-) This hack was pretty lame, seriously...read the nfo > > > > netsniper > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: p63_dns_worm_covert_channel.txt Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050720/20168613/p63_dns_worm_covert_channel.txt
Powered by blists - more mailing lists