Full Disclosure mailing list archives

Re: Putty Proxy login/password discolsure....

From: nocfed <nocfed () gmail com>
Date: Fri, 3 Nov 2006 01:44:53 -0600

On 11/2/06, Tonnerre Lombard <tonnerre.lombard () sygroup ch> wrote:

Salut,

On Thu, 2006-11-02 at 01:15 -0600, nocfed wrote:

And if you have physical access then you can simply use a floppy, usb
dongle, or any other type of removable media to boot from.  Once
physical access is obtained then you pretty much have full access,
barring full disk encryption.  Personally I see linux's password for
single user mode to be like a screen door infront of an old door with
a combination lock on it.  It takes VERY little effort to punch a
whole through it, even if you only have 1 minute alone with the
server.


If you have physical access, just plug in your iPod with UNIX and enjoy
full memory access to the host machine...


I've always enjoyed the idea of throwing a tiny rogue pxe
server(soekris) under the raised floor in a datacenter, vampire tapped
into the uplink ethernet, and having it set to pxe once into a hacked
up pxelinux that boots the server(s) one time into its own OS,
installs a rootkit, and reboot it again into its own media.  Setting
this up may require a bit more time as you would have to remove the
sheath, punch the wires making sure to not cut them, and tap in.
Using a simple environment like busybox you can have this type of
system mount just about any type of filesystem(regardless of OS),
figure out which OS it is and install the appropriate rootkit. This
would require that the servers be set to PXE before their normal boot
media but could cause all sorts of havok.  Most DC's will utilize a
PXE environment in order to (re)deploy servers on the fly.  I'm sure
you all get the point.

Another idea would be another type of vampire tap/wap combo so you can
have the network as your own little playground.  I think that I read
about a tiny one a while back, but did not find it with a simple
search.  Maybe someone knows what I am referring to?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Putty Proxy login/password discolsure.... nocfed (Nov 01)
- Re: Putty Proxy login/password discolsure.... Tonnerre Lombard (Nov 02)
  - Re: Putty Proxy login/password discolsure.... nocfed (Nov 03)
- Re: Putty Proxy login/password discolsure.... Valdis . Kletnieks (Nov 02)
  - Re: Putty Proxy login/password discolsure.... Brian Dessent (Nov 02)
    - Re: Putty Proxy login/password discolsure.... Valdis . Kletnieks (Nov 02)
    - Re: Putty Proxy login/password discolsure.... Michael Holstein (Nov 02)
  - Re: Putty Proxy login/password discolsure.... Dude VanWinkle (Nov 02)
  - Re: Putty Proxy login/password discolsure.... stany (Nov 03)