Bugtraq mailing list archives

Re: brute force

From: gmaor () techunix technion ac il (Ze'ev Maor)
Date: Tue, 4 Jun 1996 23:21:55 +0300


Consider the following...
        Almost 99% of ftpd's installed around the net enable anonymous
logins to d/l the /etc/passwd file. Just get the file and re-code the
login source (VERY simple) to try all combinations on the root password
from the file you just d/l on YOUR OWN MACHINE - result:

        A. MUCH MUCH faster then doing it on the actual target machine.

        B. Completely safe - everything is done on your machine - I.E. no
logging is done anywhere!!!!

--------------------------------------------------------------------------
-                           |                                             |
- Ze'ev Maor                | "We all have a little Daemon inside...      |
- gmaor () tx technion ac il   |  ...Waiting to come out and become a kernel"|
-                           |                                             |
--------------------------------------------------------------------------


On Tue, 4 Jun 1996, *Hobbit* wrote:

Pop3 isn't the only thing with that problem.  Stock rexec, for example, never
logs anything and is another good way to hammer on password guesses from the
outside.  [See "rservice.c" to make this easier...]  Several other daemons,
particularly the vendor-supplied variety, are similarly lame.  That's what tcp
wrappers and logdaemon are for..

_H*

Current thread:

Re: Linux rlogin hole with libc 5.x, (continued)
- - - Re: Linux rlogin hole with libc 5.x Alan Brown (Jun 06)
    - Re: Linux rlogin hole with libc 5.x Pablo Idiaquez (Jun 06)
    - help TaeJin Hong (Jun 07)
    - HP-UX B.10.01 vulnerability Aleph One (Jun 07)
    - Strange changes - any ideas? Fred Cohen (Jun 08)
    - Re: Strange changes - any ideas? dsiebert () icaen uiowa edu (Jun 09)
    - Re: Strange changes - any ideas? Andrew V. Kovalev (Jun 09)
    - Digital Unix, daemons and the SIA authentication library. Paul C Leyland (Jun 10)
    - Re: Strange changes - any ideas? Darren Reed (Jun 10)
    - Vulnerability Database Christopher Klaus (Jun 10)
    - Re: brute force Ze'ev Maor (Jun 04)
    - Re: brute force simes () tcp co uk (Jun 04)
  - Re: Not so much a bug as a warning of new brute force attack Bill Broadley (Jun 03)
  - Re: Not so much a bug as a warning of new brute force attack Brian Tao (Jun 08)
    - Re: Not so much a bug as a warning of new brute force attack Paul D. Robertson (Jun 09)
- Re: Not so much a bug as a warning of new brute force attack Stefan Hudson (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Seguridad (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Thomas Roessler (Jun 03)
- Re: Not so much a bug as a warning of new brute force attack Andrew Macpherson (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack John Orthoefer (Jun 04)
- Re: Not so much a bug as a warning of new brute force attack Don Lewis (Jun 04)

(Thread continues...)