| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <SNT149-W79585DC27FEDFCDD078E95FA1B0@phx.gbl> Date: Tue, 15 Oct 2013 04:16:02 +0000 From: yello man <yelloman7@...look.com> To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: backdoors in spamtitan a few month ago backdoors in barracuda was found https://www.schneier.com/blog/archives/2013/01/backdoors_built.html http://www.theregister.co.uk/2013/01/24/barracuda_backdoor/ apparently their competitor spamtitan was quick making fun of them http://community.spiceworks.com/topic/294951-reported-backdoors-on-barracuda-appliances without considering they had their own backdoors the security of the product is a fucking joke, containing everything from authentication bypass to root exploits. there is really no hope, the developers didnt even try. they can patch those specific vulnerabilities, but have no idea what theyre doing. i only scratched its surface. # cat /home/admin/.ssh/authorized_keys (ssh -l stadmin) ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCyREqWliqOnRZgB1B3V6b0x+bPJUfAU4dOzHCuGRI+D0r3Vv/wrs/6ssnm+AoH7/+PcICFVQdBcGxqLd8an9xOfDaEGuHd9e/Is4dR5dth8ZUp+zalC9rvrnu0nPNaQpJUlkRTEkNw0JZjHK0B6rtWjgM49Jgn3Twnl9i8g+YsjQ== ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtl1th7MBswDC2U6VTYAJ6q4+D9UtCI2gahblYC5980bI/lnyRIA84UUEgeiOfzkaB8FrSZJ12r01/bNQIEagGrCGjHyCGGK0wjpxJMggRguaIFIQzNO6y6l4ZBKh+I8PycIXr0ed918D4di4rubSOGhMEp6ZEpImQ9BsWMagrBE= sean@...er.copperfasten.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAyc5wKKYYctH7QJ7SK2+21stuziDEkBCXvrIewbq4WH557sbJ9u6/5VTD1uEbYiw8fk+JvK9uRuRiz469ZXmjoBR52hAgDPvwxRMwSbMaceE9FllA6Xg1KKSAhq9oXwHepeUNp74BgmqRxyGHiRUZqST+E8M51mVvt/ZCecvZEgc= # cat /root/master.password.orig root:$1$LaCGzmLp$2dNXQ0N7wk8oxppWNsZRT/:0:0::0:0:Charlie &:/root:/bin/csh and finally, there's a stsupport user in the web psql> SELECT * FROM USERS; id | mailbox_id | priority | policy_id | email | fullname | user_name | user_level | report_date | password ----+------------+----------+-----------+-----------+---------------+-----------+------------+---------------------+---------------------------------- 3 | 2 | 0 | 1 | stsupport | Support Admin | admin | S | 2008-01-01 00:00:00 | fc4e859ffb9f54767a0026773b0583d9 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists