lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ef0cde3a0909292054jcd4224fs88a34c6179bb266d@mail.gmail.com>
Date: Wed, 30 Sep 2009 06:54:48 +0300
From: Gichuki John Chuksjonia <chuksjonia@...il.com>
To: maxigas <maxigas@...rgeek.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Modifying SSH to Capture Login Credentials
	from Attackers

Thank you for this my.hndl. There are some issues i have been having
and seems your methodology may work on Fedora and others OSs.

Thankx

./Chuks

On 9/30/09, maxigas <maxigas@...rgeek.net> wrote:
> From: "bodik@....zcu.cz" <bodik@....zcu.cz>
> Subject: Re: [Full-disclosure] Modifying SSH to Capture Login Credentials
> from Attackers
> Date: Wed, 30 Sep 2009 00:03:51 +0200
>
>>> All standard users have read access to /var/log/auth, so if root
>>
>> they shouldn't, at least on my default debian they don't ...
>
> On my default Ubuntu, users in "adm" group have reac access to the
> authentication log file:
>
> me@...hine: ls -l /var/log/auth.log
> -rw-r----- 1 syslog adm 46774 2009-09-30 01:10 /var/log/auth.log
>
> --
> ×× maxigas
> // villanypásztor / kiberpunk / web shepherd //
>
> -= Important communication disclaimer: by replying to my emails you are
> disclaiming all your disclaimers. =-
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


-- 
-- 
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosigmer@...ox.com

{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ