Penetration Testing mailing list archives
Re: [PEN-TEST] Linux
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Tue, 7 Nov 2000 18:06:33 -0600
Stock Red Hat 6.2 with no patches? I've had some luck with the following: The Dump and Restore vulnerabilities (local): http://packetstorm.securify.com/0011-exploits/dump.sh The SUIDPERL / Mailx mess (local): http://packetstorm.securify.com/0008-exploits/suidperlhack.pl The rpc.statd REMOTE ROOT: (url not available, I have the source though.) I think it was called "statdx2.c" and it was on www.hack.co.za, which is down right now. Maybe find an up-to-date mirror, if exists? these are all lame script-kiddie exploits that are still actively being used. Anyone who keeps up on their patches will have fixed all of these. --Noah dunker -----Original Message----- From: Adassovsky Michel [mailto:manahune () YAHOO COM] Sent: Tuesday, November 07, 2000 1:42 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Linux Hello, I am doing a penetration test for a customer of us. I have obtained user acces on a RedHat 6.2 box. Can someone tell me how can I now gain root access, or if you know any links giving exploits to gain root acces... Thank you Michel - FRANCE __________________________________________________ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one Place. http://shopping.yahoo.com/
Current thread:
- [PEN-TEST] Linux Adassovsky Michel (Nov 08)
- Re: [PEN-TEST] Linux Michel Kaempf (Nov 08)
- <Possible follow-ups>
- Re: [PEN-TEST] Linux Dunker, Noah (Nov 08)
- Re: [PEN-TEST] Linux Riley Hassell (Nov 08)
- Re: [PEN-TEST] Linux Ben Ford (Nov 08)
- Re: [PEN-TEST] Linux Miller, William T DISC4/Sytex (Nov 09)
- Re: [PEN-TEST] Linux Michel Kaempf (Nov 09)
- Re: [PEN-TEST] Linux Adassovsky Michel (Nov 10)
- Re: [PEN-TEST] Linux El Nahual (Nov 11)
- Re: [PEN-TEST] Linux j a s o n (Nov 14)